AWS::Bedrock::Guardrail

Creates a guardrail to block topics and to implement safeguards for your generative AI applications.

You can configure the following policies in a guardrail to avoid undesirable and harmful content, filter out denied topics and words, and remove sensitive information for privacy protection.

Content filters - Adjust filter strengths to block input prompts or model responses containing harmful content.
Denied topics - Define a set of topics that are undesirable in the context of your application. These topics will be blocked if detected in user queries or model responses.
Word filters - Configure filters to block undesirable words, phrases, and profanity. Such words can include offensive terms, competitor names etc.
Sensitive information filters - Block or mask sensitive information such as personally identifiable information (PII) or custom regex in user inputs and model responses.

In addition to the above policies, you can also configure the messages to be returned to the user if a user input or model response is in violation of the policies defined in the guardrail.

For more information, see Amazon Bedrock Guardrails in the Amazon Bedrock User Guide.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "Type" : "AWS::Bedrock::Guardrail",
  "Properties" : {
      "BlockedInputMessaging" : String,
      "BlockedOutputsMessaging" : String,
      "ContentPolicyConfig" : ContentPolicyConfig,
      "ContextualGroundingPolicyConfig" : ContextualGroundingPolicyConfig,
      "Description" : String,
      "KmsKeyArn" : String,
      "Name" : String,
      "SensitiveInformationPolicyConfig" : SensitiveInformationPolicyConfig,
      "Tags" : [ Tag, ... ],
      "TopicPolicyConfig" : TopicPolicyConfig,
      "WordPolicyConfig" : WordPolicyConfig
    }
}

YAML


Type: AWS::Bedrock::Guardrail
Properties:
  BlockedInputMessaging: String
  BlockedOutputsMessaging: String
  ContentPolicyConfig: 
    ContentPolicyConfig
  ContextualGroundingPolicyConfig: 
    ContextualGroundingPolicyConfig
  Description: String
  KmsKeyArn: String
  Name: String
  SensitiveInformationPolicyConfig: 
    SensitiveInformationPolicyConfig
  Tags: 
    - Tag
  TopicPolicyConfig: 
    TopicPolicyConfig
  WordPolicyConfig: 
    WordPolicyConfig

Properties

BlockedInputMessaging

The message to return when the guardrail blocks a prompt.

Required: Yes

Type: String

Minimum: 1

Maximum: 500

Update requires: No interruption

BlockedOutputsMessaging

The message to return when the guardrail blocks a model response.

Required: Yes

Type: String

Minimum: 1

Maximum: 500

Update requires: No interruption

ContentPolicyConfig

The content filter policies to configure for the guardrail.

Required: No

Type: ContentPolicyConfig

Update requires: No interruption

ContextualGroundingPolicyConfig

Property description not available.

Required: No

Type: ContextualGroundingPolicyConfig

Update requires: No interruption

Description

A description of the guardrail.

Required: No

Type: String

Minimum: 1

Maximum: 200

Update requires: No interruption

KmsKeyArn

The ARN of the AWS KMS key that you use to encrypt the guardrail.

Required: No

Type: String

Pattern: ^arn:aws(-[^:]+)?:kms:[a-zA-Z0-9-]*:[0-9]{12}:key/[a-zA-Z0-9-]{36}$

Minimum: 1

Maximum: 2048

Update requires: No interruption

Name

The name of the guardrail.

Required: Yes

Type: String

Pattern: ^[0-9a-zA-Z-_]+$

Minimum: 1

Maximum: 50

Update requires: No interruption

SensitiveInformationPolicyConfig

The sensitive information policy to configure for the guardrail.

Required: No

Type: SensitiveInformationPolicyConfig

Update requires: No interruption

Tags

The tags that you want to attach to the guardrail.

Required: No

Type: Array of Tag

Minimum: 0

Maximum: 200

Update requires: No interruption

TopicPolicyConfig

The topic policies to configure for the guardrail.

Required: No

Type: TopicPolicyConfig

Update requires: No interruption

WordPolicyConfig

The word policy you configure for the guardrail.

Required: No

Type: WordPolicyConfig

Update requires: No interruption

Return values

Ref

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

CreatedAt: The date and time at which the guardrail was created.
FailureRecommendations: Appears if the status of the guardrail is FAILED. A list of recommendations to carry out before retrying the request.
GuardrailArn: The ARN of the guardrail.
GuardrailId: The unique identifier of the guardrail.
Status: The status of the guardrail.
StatusReasons: Appears if the status is FAILED. A list of reasons for why the guardrail failed to be created, updated, versioned, or deleted.
UpdatedAt: The date and time at which the guardrail was last updated.
Version: The version of the guardrail that was created. This value will always be DRAFT.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

TextPromptTemplateConfiguration

ContentFilterConfig