AWS bedrock documentation change
Summary
Enhanced explanations of sensitive data handling modes (block/mask), added 'anonymize' terminology, and improved formatting for placeholder examples
Security assessment
Clarifies existing security controls for PII handling but does not address new vulnerabilities. Changes improve documentation of existing security features rather than introducing new ones.
Diff
diff --git a/bedrock/latest/userguide/guardrails-sensitive-filters.md b/bedrock/latest/userguide/guardrails-sensitive-filters.md index 9137b57a7..45991bbde 100644 --- a//bedrock/latest/userguide/guardrails-sensitive-filters.md +++ b//bedrock/latest/userguide/guardrails-sensitive-filters.md @@ -9 +9 @@ Amazon Bedrock Guardrails helps detect sensitive information, such as personally -After the sensitive information is detected by guardrails, you can configure the following modes of handling the information: +You can configure the following modes for handling sensitive information that guardrails detects: @@ -11 +11 @@ After the sensitive information is detected by guardrails, you can configure the - * **Block** — Sensitive information filter policies can block requests for sensitive information. Examples of such applications may include general question and answer applications based on public documents. If sensitive information is detected in the prompt or response, the guardrail blocks all the content and returns a message that you configure. + * **Block** — Sensitive information filter policies can block requests or responses that include sensitive information. Examples of such applications might include general question and answer applications based on public documents. If sensitive information is detected in the prompt or response, the guardrail blocks all the content and returns a message that you configure. @@ -13 +13 @@ After the sensitive information is detected by guardrails, you can configure the - * **Mask** — Sensitive information filter policies can _mask_ or redact information from model responses. For example, guardrails will mask PIIs while generating summaries of conversations between users and customer service agents. If sensitive information is detected in the model response, the guardrail masks it with an identifier, the sensitive information is masked and replaced with identifier tags (for example: [NAME-1], [NAME-2], [EMAIL-1], etc.). + * **Mask** — Sensitive information filter policies can anonymize or redact information from model responses. For example, guardrails mask PIIs while generating summaries of conversations between users and customer service agents. If sensitive information is detected in the model response, the guardrail masks it with an identifier, the sensitive information is masked and replaced with identifier tags (for example, `{NAME-1}`, `{NAME-2}`, `{EMAIL-1}`, etc.). @@ -18 +18 @@ After the sensitive information is detected by guardrails, you can configure the -Amazon Bedrock Guardrails offers the following PIIs to block or mask sensitive information: +Amazon Bedrock Guardrails offers the following PIIs to block or anonymize: