> ## Documentation Index > Fetch the complete documentation index at: https://docs.getunbound.ai/llms.txt > Use this file to discover all available pages before exploring further. # Policy Management > Create, list, and manage all four Unbound policy types from the CLI Unbound has four policy types: **Cost**, **Model**, **Security**, and **Tool**. Each has its own subcommand for type-specific creation. Generic commands (list, get, delete) work across Cost, Model, and Security; Tool policies use a separate `policy tool` subcommand. ## Reference data Before creating policies, pull the available user groups, models, guardrails, and tool types: ```bash theme={null} unbound policy form-data ``` ## Generic commands (Cost / Model / Security) ```bash theme={null} unbound policy list # List all policies unbound policy list --type COST # Filter by type: COST, MODEL, SECURITY unbound policy get # View a policy's full config unbound policy delete # Delete a policy unbound policy effective # Effective policies for a user or group ``` *** ## Cost policies Set a monthly spend limit per user group: ```bash theme={null} unbound policy cost create \ --name "Engineering Budget" \ --monthly-budget 1000 \ --group engg ``` See [Cost Policies](/policies/cost-policies) for all configuration options. *** ## Model policies Control which AI models are available to a group: ```bash theme={null} # Allow all models except one: unbound policy model create \ --name "No Opus" \ --all-models \ --excluded anthropic/claude-3-opus-20240229 # Allow only a specific model: unbound policy model create \ --name "GPT-4o only" \ --model openai/gpt-4o ``` See [Model Policies](/policies/model-policies) for all configuration options. *** ## Security policies Apply guardrails for PII, secrets detection, and model routing: ```bash theme={null} # Block requests containing PII: unbound policy security create \ --name "Block PII" \ --sub-type guardrails \ --guardrail PII:BLOCK # Redact secrets before they leave the gateway: unbound policy security create \ --name "Redact Secrets" \ --sub-type guardrails \ --guardrail SECRETS:REDACT ``` See [Security Policies](/policies/security-policies) for all configuration options. *** ## Tool policies Tool policies control shell commands and MCP tool calls. They use a separate backend and are reached via `unbound policy tool`. ### List and inspect ```bash theme={null} unbound policy tool list unbound policy tool get unbound policy tool delete ``` ### Discover available targets ```bash theme={null} unbound policy tool families # Terminal command families and the fields they accept unbound policy tool mcp-servers # Known MCP servers and their available tools ``` ### Create a terminal command policy ```bash theme={null} unbound policy tool create-terminal \ --name "Block rm -rf" \ --command-family filesystem \ --field command='rm -rf*' \ --action BLOCK \ --custom-message "Destructive command blocked by policy." ``` ### Create an MCP tool policy ```bash theme={null} # Match by action type (e.g. all write operations on a server): unbound policy tool create-mcp \ --name "Audit Linear writes" \ --mcp-server Linear \ --mcp-action-type write \ --action AUDIT # Match a specific tool: unbound policy tool create-mcp \ --name "Block PR creation" \ --mcp-server GitHub \ --mcp-tool create_pull_request \ --action BLOCK ``` Available actions: `BLOCK`, `WARN`, `AUDIT`, `REQUIRE_SLACK_APPROVAL` ### Update a tool policy ```bash theme={null} unbound policy tool update --action WARN ``` Only the fields you provide are changed. *** See [Tool Policies](/policies/tool-policies) for the full list of actions, NL rules, and canonical group targeting. All commands support `--json` for machine-readable output. Dashboard reference for actions, NL rules, and Slack approvals Dashboard reference for budget limits and spend controls