Add concepts doc for Intelligent Assessment guardrail (#360)

Author: SumitPopat

docs/concepts/guardrails/index.md

@@ -21,6 +21,7 @@ there are many guardrails that are common and consistent across resources.
 | [Discovery](concepts/guardrails/discovery)                         | Mechanism by which Guardrails initially adds a resource to the CMDB.                                                                                                |
 | [Encryption at Rest](concepts/guardrails/encryption-at-rest)       | A mechanism to manage data encryption at rest (i.e. AWS S3 Buckets).                                                                                                |
 | [Encryption in Transit](concepts/guardrails/encryption-in-transit) | A mechanism to manage data encryption in transit (i.e. AWS S3 Buckets).                                                                                             |
+| [Intelligent Assessment](concepts/guardrails/intelligent-assessment) | AI-powered resource assessment to evaluate compliance using natural language.
 | [Public Access](concepts/guardrails/public-access)                 | Configure public access settings on cloud resources.                                                                                                                |
 | [Scheduling](concepts/guardrails/scheduling)                       | Define schedules to control cloud resource usage.                                                                                                                   |
 | [Stacks/ Configured](concepts/guardrails/configured)               | [DEPRECATED] Manage resource configuration using Terraform.                                                                                                                      |

docs/concepts/guardrails/intelligent-assessment.md

@@ -0,0 +1,79 @@
+---
+title: Intelligent Assessment Guardrails
+sidebar_label: Intelligent Assessment
+---
+
+# Intelligent Assessment Guardrails
+
+## Overview
+
+**Intelligent Assessment** introduces an AI-powered way to define and evaluate governance policies in Turbot Guardrails.  
+
+Instead of crafting complex calculated policies, you can describe the check you want — in plain natural language — and let Guardrails interpret and check it.  
+
+This unlocks flexible, free-form compliance use cases that would otherwise require significant coding or multiple traditional guardrails.
+
+Intelligent Assessment is complementary to existing controls (e.g., **Approved** and **Active**).  
+
+Where those controls rely on structured sub-policies, Intelligent Assessment excels when you need bespoke logic, conditional checks, or multi-step reasoning.
+
+The primary Intelligent Assessment policy has a consistent form:
+`{provider} > {service} > {resource} > Intelligent Assessment`
+
+<div className="example">
+  <ul>
+    <li><code>AWS > S3 > Bucket > Intelligent Assessment</code></li>
+    <li><code>AWS > SNS > Topic > Intelligent Assessment</code></li>
+    <li><code>AWS > EC2 > Instance > Intelligent Assessment</code></li>
+  </ul>
+</div>
+
+The Intelligent Assessment guardrail and policy have a number of sub-settings to determine the
+attributes of the assessment. The format of these policy types is
+`{provider} > {service} > {resource} > Intelligent Assessment > {Items}`:
+
+```
+{provider} > {service} > {resource} > Intelligent Assessment > Context
+{provider} > {service} > {resource} > Intelligent Assessment > User Prompt
+```
+
+The `Context` sub-policy includes the resource metadata by default but can be updated to include additional data.
+The `User Prompt` sub-policy is where you would define a prompt to assess the resource.
+
+As part of the evaluation, the AI provider will respond with `State` and `Reason`.
+
+The `State` attribute is either:
+
+- `OK` - Evaluation matches the given user prompt
+- `Alarm` - Evaluation does not match the given user prompt
+- `Error` - User prompt is empty or AI cannot determine the outcome based on the user prompt and context
+
+### Example Guardrail: AWS > S3 > Bucket > Intelligent Assessment
+
+The `AWS > S3 > Bucket > Intelligent Assessment` policy determines the action to take on a resource. You can set the policy to skip (don't run at all), or to check whether the resource is compliant per the user prompt.
+
+The Intelligent Assessment sub-policies allow you to set the context and the user prompt:
+
+<div className="example">
+  <ul>
+    <li><code>AWS > S3 > Bucket > Intelligent Assessment > Context</code></li>
+    <li><code>AWS > S3 > Bucket > Intelligent Assessment > User Prompt</code></li>
+  </ul>
+</div>
+
+Let's assume that an S3 bucket has tags `"Environment": "Non-Compliant Tag"`, and has versioning disabled.
+
+```yaml
+Tags:
+  - Key: Environment
+    Value: Non-Compliant Tag
+Versioning:
+  MFADelete: Disabled
+  Status: Suspended
+```
+
+To check if the bucket has the correct `Environment` tag value and has versioning enabled:
+
+- Set `AWS > S3 > Bucket > Intelligent Assessment > User Prompt`: `The bucket must have an Environment tag value of staging and versioning must be enabled`
+
+The control will then evaluate the result using AI, and go to alarm with the response `The current tag Environment has a value of Non-Compliant Tag which is incorrect. Versioning is not enabled and set to Suspended`.

docs/sidebar.json

@@ -124,6 +124,7 @@
           "concepts/guardrails/discovery",
           "concepts/guardrails/encryption-at-rest",
           "concepts/guardrails/encryption-in-transit",
+          "concepts/guardrails/intelligent-assessment",
           "concepts/guardrails/public-access",
           "concepts/guardrails/scheduling",
           "concepts/guardrails/stacks",