AWS bedrock documentation change
Summary
Enhanced sensitive filter documentation: clarified ML-based PII detection, added regex customization, and improved handling modes.
Security assessment
Expands documentation for security feature (PII detection guardrails) but doesn't address a vulnerability. Improves guidance on data protection controls.
Diff
diff --git a/bedrock/latest/userguide/guardrails-sensitive-filters.md b/bedrock/latest/userguide/guardrails-sensitive-filters.md index a449f51b8..75a1e1e84 100644 --- a//bedrock/latest/userguide/guardrails-sensitive-filters.md +++ b//bedrock/latest/userguide/guardrails-sensitive-filters.md @@ -9 +9 @@ Configure sensitive information policy for your guardrail -Amazon Bedrock Guardrails helps detect sensitive information, such as personally identifiable information (PIIs), in standard format in input prompts or model responses. You can also configure sensitive information specific to your use case or organization by defining it with regular expressions (regex). +Amazon Bedrock Guardrails helps detect sensitive information, such as personally identifiable information (PII), in input prompts or model responses using sensitive information filters. This filter is a probabilistic machine learning (ML) based solution that is context-dependent and detects sensitive information based on the context within input prompts or model responses. You can configure by selecting from a set of built-in PIIs offered by Amazon Bedrock Guardrails specific to your use case or organization by defining it along with regular expressions (custom regex) that work based on pattern matching to block or mask PII data. @@ -11 +11 @@ Amazon Bedrock Guardrails helps detect sensitive information, such as personally -Sensitive information detection works across both natural language and code domain, including code syntax, comments, string literals, and hybrid content. This helps identify PII embedded in code elements such as variable names, hardcoded credentials, or code documentation. +Sensitive information detection works across both natural language and code domains, including code syntax, comments, string literals, and hybrid content. This helps identify PII embedded in code elements such as variable names, hardcoded credentials, or code documentation. @@ -15 +15 @@ You can configure the following modes for handling sensitive information that gu - * **Block** — Sensitive information filter policies can block requests or responses that include sensitive information. Examples of such applications might include general question and answer applications based on public documents. If sensitive information is detected in the prompt or response, the guardrail blocks all the content and returns a message that you configure. + * **Block** — Sensitive information filter policies can block requests or responses that include sensitive information. Examples of such applications might include general questions and answers based on public documents. If sensitive information is detected in the prompt or response, the guardrail blocks all the content and returns a message that you configure. @@ -170 +170 @@ A UK Unique Taxpayer Reference (UTR) is a 10-digit number that identifies a taxp -You can use a regular expressions to define patterns for a guardrail to recognize and act upon such as serial number, or booking ID. +You can use regular expressions to define patterns for a guardrail to recognize and act upon such as serial number, booking ID, or other custom patterns.