This is the new AWS CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the AWS CloudFormation User Guide.
AWS::Bedrock::Guardrail
Creates a guardrail to detect and filter harmful content in your generative AI application.
Amazon Bedrock Guardrails provides the following safeguards (also known as policies) to detect and filter harmful content:
-
Content filters - Detect and filter harmful text or image content in input prompts or model responses. Filtering is done based on detection of certain predefined harmful content categories: Hate, Insults, Sexual, Violence, Misconduct and Prompt Attack. You also can adjust the filter strength for each of these categories.
-
Denied topics - Define a set of topics that are undesirable in the context of your application. The filter will help block them if detected in user queries or model responses.
-
Word filters - Configure filters to help block undesirable words, phrases, and profanity (exact match). Such words can include offensive terms, competitor names, etc.
-
Sensitive information filters - Configure filters to help block or mask sensitive information, such as personally identifiable information (PII), or custom regex in user inputs and model responses. Blocking or masking is done based on probabilistic detection of sensitive information in standard formats in entities such as SSN number, Date of Birth, address, etc. This also allows configuring regular expression based detection of patterns for identifiers.
-
Contextual grounding check - Help detect and filter hallucinations in model responses based on grounding in a source and relevance to the user query.
For more information, see How Amazon Bedrock Guardrails works.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::Bedrock::Guardrail", "Properties" : { "BlockedInputMessaging" :String, "BlockedOutputsMessaging" :String, "ContentPolicyConfig" :ContentPolicyConfig, "ContextualGroundingPolicyConfig" :ContextualGroundingPolicyConfig, "CrossRegionConfig" :GuardrailCrossRegionConfig, "Description" :String, "KmsKeyArn" :String, "Name" :String, "SensitiveInformationPolicyConfig" :SensitiveInformationPolicyConfig, "Tags" :[ Tag, ... ], "TopicPolicyConfig" :TopicPolicyConfig, "WordPolicyConfig" :WordPolicyConfig} }
YAML
Type: AWS::Bedrock::Guardrail Properties: BlockedInputMessaging:StringBlockedOutputsMessaging:StringContentPolicyConfig:ContentPolicyConfigContextualGroundingPolicyConfig:ContextualGroundingPolicyConfigCrossRegionConfig:GuardrailCrossRegionConfigDescription:StringKmsKeyArn:StringName:StringSensitiveInformationPolicyConfig:SensitiveInformationPolicyConfigTags:- TagTopicPolicyConfig:TopicPolicyConfigWordPolicyConfig:WordPolicyConfig
Properties
BlockedInputMessaging-
The message to return when the guardrail blocks a prompt.
Required: Yes
Type: String
Minimum:
1Maximum:
500Update requires: No interruption
BlockedOutputsMessaging-
The message to return when the guardrail blocks a model response.
Required: Yes
Type: String
Minimum:
1Maximum:
500Update requires: No interruption
ContentPolicyConfig-
The content filter policies to configure for the guardrail.
Required: No
Type: ContentPolicyConfig
Update requires: No interruption
ContextualGroundingPolicyConfigProperty description not available.
Required: No
Type: ContextualGroundingPolicyConfig
Update requires: No interruption
CrossRegionConfigProperty description not available.
Required: No
Type: GuardrailCrossRegionConfig
Update requires: No interruption
Description-
A description of the guardrail.
Required: No
Type: String
Minimum:
1Maximum:
200Update requires: No interruption
KmsKeyArn-
The ARN of the AWS KMS key that you use to encrypt the guardrail.
Required: No
Type: String
Pattern:
^arn:aws(-[^:]+)?:kms:[a-zA-Z0-9-]*:[0-9]{12}:key/[a-zA-Z0-9-]{36}$Minimum:
1Maximum:
2048Update requires: No interruption
Name-
The name of the guardrail.
Required: Yes
Type: String
Pattern:
^[0-9a-zA-Z-_]+$Minimum:
1Maximum:
50Update requires: No interruption
SensitiveInformationPolicyConfig-
The sensitive information policy to configure for the guardrail.
Required: No
Type: SensitiveInformationPolicyConfig
Update requires: No interruption
-
The tags that you want to attach to the guardrail.
Required: No
Type: Array of Tag
Minimum:
0Maximum:
200Update requires: No interruption
TopicPolicyConfig-
The topic policies to configure for the guardrail.
Required: No
Type: TopicPolicyConfig
Update requires: No interruption
WordPolicyConfig-
The word policy you configure for the guardrail.
Required: No
Type: WordPolicyConfig
Update requires: No interruption
Return values
Ref
Fn::GetAtt
The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.
CreatedAt-
The date and time at which the guardrail was created.
FailureRecommendations-
Appears if the
statusof the guardrail isFAILED. A list of recommendations to carry out before retrying the request. GuardrailArn-
The ARN of the guardrail.
GuardrailId-
The unique identifier of the guardrail.
Status-
The status of the guardrail.
StatusReasons-
Appears if the
statusisFAILED. A list of reasons for why the guardrail failed to be created, updated, versioned, or deleted. UpdatedAt-
The date and time at which the guardrail was last updated.
Version-
The version of the guardrail that was created. This value will always be
DRAFT.
