Prose2Policy (P2P): A Practical LLM Pipeline for Translating Natural-Language Access Policies into Executable Rego

TL;DR

Prose2Policy (P2P) is an end-to-end system that translates natural-language access policies into executable Rego code, ensuring reliable deployment and compliance through validation, testing, and linting.

Contribution

It introduces a practical, modular pipeline that automates the translation of natural-language policies into robust, testable Rego code, bridging human policies and machine enforcement.

Findings

Achieved 95.3% policy compile success rate.

Automated testing passed 82.2% of positive tests.

Negative tests passed 98.9%, indicating high policy robustness.

Abstract

Prose2Policy (P2P) is a LLM-based practical tool that translates natural-language access control policies (NLACPs) into executable Rego code (the policy language of Open Policy Agent, OPA). It provides a modular, end-to-end pipeline that performs policy detection, component extraction, schema validation, linting, compilation, automatic test generation and execution. Prose2Policy is designed to bridge the gap between human-readable access requirements and machine-enforceable policy-as-code (PaC) while emphasizing deployment reliability and auditability. We evaluated Prose2Policy on the ACRE dataset and demonstrated a 95.3\% compile rate for accepted policies, with automated testing achieving a 82.2\% positive-test pass rate and a 98.9\% negative-test pass rate. These results indicate that Prose2Policy produces syntactically robust and behaviorally consistent Rego policies suitable for Zero Trust and compliance-driven environments.