AWS bedrock documentation change
Summary
Expanded documentation for guardrail components, including code-related content filtering, denied topics, code domain support, and resource-based policies
Security assessment
The updates clarify and expand security features (e.g., code-domain content filtering, resource-based policies) but do not indicate fixes for existing vulnerabilities. These changes enhance documentation of security controls for generative AI applications.
Diff
diff --git a/bedrock/latest/userguide/guardrails-components.md b/bedrock/latest/userguide/guardrails-components.md index bdbc9b0e9..ee6e1372d 100644 --- a//bedrock/latest/userguide/guardrails-components.md +++ b//bedrock/latest/userguide/guardrails-components.md @@ -11 +11 @@ You can configure the following policies in a guardrail: - * **Content filters** — You can configure thresholds to help block input prompts or model responses in natural language for text and separately for images containing harmful content such as: hate, insults, sexual, violence, misconduct (including criminal activity), and prompt attacks (prompt injection and jailbreaks). For example, an e-commerce site can design its online assistant to avoid using inappropriate language and/or images such as hate or violence. + * **Content filters** — Detect and filter harmful text or image content in input prompts or model responses. Filtering is done based on detection of certain predefined harmful content categories: Hate, Insults, Sexual, Violence, Misconduct and Prompt Attack. You also can adjust the filter strength for each of these categories. With [Standard tier](./guardrails-tiers.html), content filters extend to the code-related content. @@ -15 +15 @@ You can configure the following policies in a guardrail: - * **Denied topics** — You can define a set of topics to avoid within your generative AI application. For example, a banking assistant application can be designed to help avoid topics related to illegal investment advice. + * **Denied topics** — You can define a set of topics to avoid within your generative AI application. For example, a banking assistant application can be designed to help avoid topics related to illegal investment advice. With [Standard tier](./guardrails-tiers.html), content filters extend to the code-related content. @@ -49,0 +50,2 @@ A guardrail must contain at least one filter and messaging for when prompts and + * [Code domain support](./guardrails-code-domain.html) + @@ -59 +61 @@ To use the Amazon Web Services Documentation, Javascript must be enabled. Please -Permissions for using cross-Region inference +Using resource-based policies for guardrails