check_action_policy
Check a proposed remediation action against your FinOps policy to get an allow, escalate, or block verdict before manual application.
Instructions
Advisory policy gate: should a proposed remediation action proceed?
The request-path guardrail, advisory. Describe a remediation action you are considering (action_type), optionally with the change to cost (a Terraform plan, a helm diff, or a known monthly delta), and nable returns a machine verdict against your human-authored policy:
allow: reversible, allowlisted, and within budget. A human can apply it.
escalate: a one-way door (delete, terminate, buy a commitment) or an over-budget / large-cost change. A human must review it first.
block: the action type is not in your allowlist.
ADVICE ONLY. nable never applies the action, a human does. This is the propose-only guardrail; nable does not auto-execute anything.
action_type examples: rightsizing, tag_fix, stop_idle, spot_migration, ticket (reversible); idle_cleanup, purchase_commitment, terminate_instance, delete_resource (one-way). Policy knobs via env: FINOPS_POLICY_MAX_AUTO_USD, FINOPS_POLICY_ALLOWED_ACTIONS (comma-separated). Read-only.
Good triggers: "can the agent do X", "is this action within policy", "should I apply this fix", "is it safe to auto-apply this".
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| tf_dir | No | ||
| helm_diff | No | ||
| action_type | Yes | ||
| budget_name | No | ||
| monthly_delta_usd | No | ||
| terraform_plan_file | No | ||
| terraform_plan_json | No |