Use the ApplyGuardrail API in your application
Guardrails is used to implement safeguards for your generative AI applications that are customized for your use cases and
aligned with your responsible AI policies. Guardrails allows you to configure denied topics, filter harmful content, and remove sensitive information.
You can use the ApplyGuardrail API to assess any text using your pre-configured
Amazon Bedrock Guardrails, without invoking the foundation models.
Feature of the ApplyGuardrail API:
-
Content Validation – You can send any text input or output to the ApplyGuardrail API to compare it with
your defined topic avoidance rules, content filters, PII detectors, and word block lists. You can evaluate user inputs and FM
generated outputs independently.
-
Flexible Deployment – You can integrate the ApplyGuardrail API anywhere in your application flow to validate
data before processing or serving results to the user. For example, if you are using a RAG application, you can now evaluate the
user input prior to performing the retrieval, instead of waiting until the final response generation.
-
Decoupled from FMs. – ApplyGuardrail API is decoupled from foundational models. You can now use Guardrails
without invoking Foundation Models. You can use the assessment results to design the experience on your generative AI application.
Calling the ApplyGuardrail API in your app flow
The request allows customer to pass all their content that should be guarded using their
defined Guardrails. The source field should be set to “INPUT” when the content to evaluated
is from a user, typically the LLM prompt. The source should be set to “OUTPUT” when the model
output Guardrails should be enforced, typically an LLM response.
You specify configuration information for the guardrail in the
guardrailConfig input parameter. The configuration includes the ID
and the version of the guardrail that you want to use. You can also enable tracing
for the guardrail, which provides information about the content that the guardrail
blocked.
- ApplyGuardrail API Request
-
POST /guardrail/{guardrailIdentifier}/version/{guardrailVersion}/apply HTTP/1.1
{
"source": "INPUT" | "OUTPUT",
"content": [
{
"text": {
"text": "string",
}
},
]
}
- ApplyGuardrail API Response
-
{
"usage": {
"topicPolicyUnits": "integer",
"contentPolicyUnits": "integer",
"wordPolicyUnits": "integer",
"sensitiveInformationPolicyUnits": "integer",
"sensitiveInformationPolicyFreeUnits": "integer",
"contextualGroundingPolicyUnits": "integer"
},
"action": "GUARDRAIL_INTERVENED" | "NONE",
"output": [
// if guardrail intervened and output is masked we return request in same format
// with masking
// if guardrail intervened and blocked, output is a single text with canned message
// if guardrail did not intervene, output is empty array
{
"text": "string",
},
],
"assessments": [{
"topicPolicy": {
"topics": [{
"name": "string",
"type": "DENY",
"action": "BLOCKED",
}]
},
"contentPolicy": {
"filters": [{
"type": "INSULTS | HATE | SEXUAL | VIOLENCE | MISCONDUCT |PROMPT_ATTACK",
"confidence": "NONE" | "LOW" | "MEDIUM" | "HIGH",
"filterStrength": "NONE" | "LOW" | "MEDIUM" | "HIGH",
"action": "BLOCKED"
}]
},
"wordPolicy": {
"customWords": [{
"match": "string",
"action": "BLOCKED"
}],
"managedWordLists": [{
"match": "string",
"type": "PROFANITY",
"action": "BLOCKED"
}]
},
"sensitiveInformationPolicy": {
"piiEntities": [{
// for all types see: https://docs.aws.amazon.com/bedrock/latest/APIReference/API_GuardrailPiiEntityConfig.html#bedrock-Type-GuardrailPiiEntityConfig-type
"type": "ADDRESS" | "AGE" | ...,
"match": "string",
"action": "BLOCKED" | "ANONYMIZED"
}],
"regexes": [{
"name": "string",
"regex": "string",
"match": "string",
"action": "BLOCKED" | "ANONYMIZED"
}],
"contextualGroundingPolicy": {
"filters": [{
"type": "GROUNDING | RELEVANCE",
"threshold": "double",
"score": "double",
"action": "BLOCKED | NONE"
}]
},
"invocationMetrics": {
"guardrailProcessingLatency": "integer",
"usage": {
"topicPolicyUnits": "integer",
"contentPolicyUnits": "integer",
"wordPolicyUnits": "integer",
"sensitiveInformationPolicyUnits": "integer",
"sensitiveInformationPolicyFreeUnits": "integer",
"contextualGroundingPolicyUnits": "integer"
},
"guardrailCoverage": {
"textCharacters": {
"guarded":"integer",
"total": "integer"
}
}
}
},
"guardrailCoverage": {
"textCharacters": {
"guarded": "integer",
"total": "integer"
}
}
]
}
Examples of ApplyGuardrail API use cases
The outputs of the ApplyGuardrail request depends on the action guardrail took on the passed content.
-
If guardrail intervened where the content is only masked, the exact content is returned with masking applied.
-
If guardrail intervened and blocked the request content, the outputs field will be a single text, which is the canned message based on guardrail configuration.
-
If no guardrail action was taken on the request content, the outputs array is empty.
- No guardrail intervention
-
Request example
{
"source": "OUTPUT",
"content": [
"text": {
"text": "Hi, my name is Zaid. Which car brand is reliable?",
}
]
}
Response if Guardrails did not intervene
{
"usage": {
"topicPolicyUnitsProcessed": 1,
"contentPolicyUnitsProcessed": 1,
"wordPolicyUnitsProcessed": 0,
"sensitiveInformationPolicyFreeUnits": 0
},
"action": "NONE",
"outputs": [],
"assessments": [{}]
}
- Guardrails intervened with BLOCKED action
-
Response example
{
"usage": {
"topicPolicyUnitsProcessed": 1,
"contentPolicyUnitsProcessed": 1,
"wordPolicyUnitsProcessed": 0,
"sensitiveInformationPolicyFreeUnits": 0
},
"action": "GUARDRAIL_INTERVENED",
"outputs": [{
"text": "Configured guardrial canned message, i.e cannot respond",
}],
"assessments": [{
"topicPolicy": {
"topics": [{
"name": "Cars",
"type": "DENY",
"action": "BLOCKED"
}]
},
"sensitiveInformationPolicy": {
"piiEntities": [{
"type": "NAME",
"match": "ZAID",
"action": "ANONYMIZED"
}],
"regexes": []
}
}]
}
- Guardrails intervened with MASKED action
-
Response example
Guardrails intervened with name masking (name is masked)
{
"usage": {
"topicPolicyUnitsProcessed": 1,
"contentPolicyUnitsProcessed": 1,
"wordPolicyUnitsProcessed": 0,
"sensitiveInformationPolicyFreeUnits": 0
},
"action": "GUARDRAIL_INTERVENED",
"outputs": [
{
"text": "Hi, my name is {NAME}. Which car brand is reliable?"
},
{
"text": "Hello {NAME}, ABC Cars are reliable..",
}
],
"assessments": [{
"sensitiveInformationPolicy": {
"piiEntities": [{
"type": "NAME",
"match": "ZAID",
"action": "MASKED"
}],
"regexes": []
}
}]
}
- AWS CLI Example
-
Input example
# Make sure preview CLI is downloaded and setup
aws bedrock-runtime apply-guardrail \
--cli-input-json '{
"guardrailIdentifier": "someGuardrailId",
"guardrailVersion": "DRAFT",
"source": "INPUT",
"content": [
{
"text": {
"text": "How should I invest for my retirement? I want to be able to generate $5,000 a month"
}
}
]
}' \
--region us-east-1 \
--output json
Output example
{
"usage": {
"topicPolicyUnits": 1,
"contentPolicyUnits": 1,
"wordPolicyUnits": 1,
"sensitiveInformationPolicyUnits": 1,
"sensitiveInformationPolicyFreeUnits": 0
},
"action": "GUARDRAIL_INTERVENED",
"outputs": [
{
"text": "I apologize, but I am not able to provide fiduciary advice. ="
}
],
"assessments": [
{
"topicPolicy": {
"topics": [
{
"name": "Fiduciary Advice",
"type": "DENY",
"action": "BLOCKED"
}
]
}
}
]
}
