Mengonfigurasi setelan lantai

Dokumen ini menjelaskan cara melihat dan memperbarui setelan lantai Model Armor dan memberikan contoh pelanggaran setelan lantai.

Setelan minimum memiliki dua tujuan utama:

Kesesuaian template: Pastikan template baru setidaknya sama ketatnya dengan template yang ditentukan dalam setelan minimum. Kesesuaian template ditentukan di tingkat organisasi dan folder.
Penegakan inline: Terapkan perlindungan Model Armor ke model Gemini dan server MCP Google Cloud. Penerapan inline dikonfigurasi di level project. Jika Anda menggunakan setelan lantai untuk penerapan inline, kepatuhan template diperlukan.

Sebelum memulai

Sebelum memulai, selesaikan tugas berikut.

Mendapatkan izin yang diperlukan

Guna mendapatkan izin yang diperlukan untuk mengelola setelan batas bawah, minta administrator untuk memberi Anda peran IAM Model Armor Floor Setting Admin (roles/modelarmor.floorSettingsAdmin) di setelan batas bawah Model Armor. Untuk mengetahui informasi selengkapnya tentang cara memberikan peran, lihat Mengelola akses ke project, folder, dan organisasi.

Anda mungkin juga bisa mendapatkan izin yang diperlukan melalui peran khusus atau peran bawaan lainnya.

Mengaktifkan API

Anda harus mengaktifkan Model Armor API sebelum dapat menggunakan Model Armor.

Konsol

Enable the Model Armor API.
Roles required to enable APIs
To enable APIs, you need the Service Usage Admin IAM role (roles/serviceusage.serviceUsageAdmin), which contains the serviceusage.services.enable permission. Learn how to grant roles.
Enable the API
Pilih project tempat Anda ingin mengaktifkan Model Armor.

gcloud

Sebelum memulai, ikuti langkah-langkah berikut menggunakan Google Cloud CLI dengan Model Armor API:

In the Google Cloud console, activate Cloud Shell.

Activate Cloud Shell

At the bottom of the Google Cloud console, a Cloud Shell session starts and displays a command-line prompt. Cloud Shell is a shell environment with the Google Cloud CLI already installed and with values already set for your current project. It can take a few seconds for the session to initialize.

Jalankan perintah berikut untuk menggunakan endpoint API global:

gcloud config set api_endpoint_overrides/modelarmor "https://modelarmor.googleapis.com/"

Aplikasi setelan lantai

Setelan lokal selalu diterapkan. Misalnya, jika setelan minimum bertentangan, setelan yang lebih rendah dalam hierarki resource akan lebih diutamakan. Demikian pula, setelan lantai tingkat project akan menggantikan setelan lantai tingkat folder yang bertentangan.

Tabel berikut mencantumkan cara setelan lantai diterapkan di berbagai lokasi:

Lokasi setelan minimum	Aplikasi
Tingkat organisasi	Berlaku untuk semua hal dalam organisasi.
Tingkat folder	Berlaku untuk semua project di dalam folder tertentu tersebut.
Level project	Hanya berlaku untuk satu project tertentu tersebut.

Untuk menggambarkan cara setelan minimum diterapkan saat ditetapkan di berbagai tingkat, pertimbangkan contoh skenario berikut. Misalnya, Anda menetapkan setelan lantai sebagai berikut:

Setelan minimum tingkat folder (kurang spesifik): Semua konten dalam folder ini harus mengaktifkan filter URI berbahaya.
Setelan lantai tingkat project (lebih spesifik): Project Anda di folder harus menggunakan deteksi serangan prompt dan jailbreak dengan keyakinan sedang.

Dalam skenario ini, setelan akan menghasilkan hal berikut:

Setiap template yang Anda buat di project harus menyertakan filter deteksi pembobolan dan injeksi perintah karena setelan level project selalu lebih diutamakan daripada setelan level folder.
Template yang dibuat di project atau folder lain tidak terpengaruh oleh aturan filter URI berbahaya dari folder pertama.

Setelan lantai hanya berlaku dalam lokasi tertentu di hierarki, kecuali jika ditetapkan di tingkat organisasi, yang dalam hal ini, setelan tersebut berlaku di seluruh organisasi.

Kesesuaian template dan setelan minimum

Saat template Model Armor dibuat atau diperbarui, Model Armor akan memeriksa apakah konfigurasi template sesuai dengan setelan minimum. Anda tidak dapat membuat atau memperbarui template yang kurang ketat daripada setelan minimum.

Anda dapat menetapkan setelan minimum di tingkat organisasi, folder, dan project. Antarmuka pengguna hanya tersedia di tingkat project dan memungkinkan Anda mewarisi setelan tingkat organisasi atau tingkat folder. Untuk menetapkan setelan minimum di tingkat organisasi atau folder, Anda harus menggunakan API.

Kesesuaian template memvalidasi konfigurasi template. Pemeriksaan data menggunakan konfigurasi yang ditentukan dalam template yang sesuai untuk menganalisis perintah atau respons selama runtime. Tabel berikut menjelaskan cara penerapan kepatuhan template dan pemeriksaan data pada template dan setelan lantai.

Cek	Setelan minimum	Template
Kesesuaian template	Dikonfigurasi di tingkat organisasi, folder, atau project. Catatan: Sensitive Data Protection dapat disetel untuk menerapkan kebijakan keamanan data pada template. Namun, hal ini tidak memvalidasi kesesuaian template.	Hanya dikonfigurasi di level project.
Pemeriksaan data	Diterapkan hanya di tingkat project menggunakan mode periksa dan blokir.	Diterapkan menggunakan REST API, Ekstensi Layanan, Gemini Enterprise, dan Vertex AI.

Integrasi dengan server MCP Google Cloud dan Vertex AI

Model Armor terintegrasi dengan server MCP Google Cloud dan Vertex AI untuk menyaring permintaan dan respons dari model Gemini dan server MCP jarak jauh berdasarkan setelan batas bawah yang Anda tentukan.Google Cloud Anda harus mengaktifkan Cloud Logging untuk melihat perintah dan respons. Untuk mengetahui informasi selengkapnya, lihat Integrasi Model Armor dengan Vertex AI dan Integrasi Model Armor dengan server MCP Google Cloud

Mengonfigurasi setelan minimum

Konfigurasi setelan minimum untuk menentukan batas deteksi minimum untuk template Model Armor. Setelan ini memastikan bahwa semua template baru dan yang diubah memenuhi persyaratan tertentu.

Untuk mengonfigurasi setelan lantai, lakukan hal berikut:

Di konsol Google Cloud , buka halaman Model Armor.
Buka Model Armor
Pilih project.
Di halaman Model Armor, buka tab Setelan batas bawah, lalu klik Konfigurasi setelan batas bawah.
Di halaman Konfigurasi setelan lantai, pilih opsi konfigurasi.
Di bagian Deteksi, konfigurasi setelan deteksi.
Opsional: Jika Anda memilih deteksi Sensitive Data Protection, konfigurasikan setelan Sensitive Data Protection.
Di bagian Responsible AI, tetapkan tingkat keyakinan untuk setiap filter konten.

Catatan: Jika Anda tidak menentukan tingkat keyakinan, nilai defaultnya adalah Sedang ke atas.
Di bagian Layanan, pilih layanan tempat setelan lantai ini berlaku.
Di bagian Logs, pilih Enable Cloud Logging untuk mencatat semua perintah pengguna, respons model, dan hasil detektor setelan lantai.
Pilih Aktifkan dukungan multi-bahasa untuk menggunakan setelan deteksi multi-bahasa.
Klik Simpan setelan lantai.

Tunggu beberapa menit agar perubahan pada setelan lantai diterapkan.

Menentukan cara setelan minimum diwariskan

Saat mengonfigurasi setelan lantai, pilih opsi konfigurasi.

Mewarisi setelan minimum induk: Mewarisi setelan minimum yang ditetapkan sebelumnya dalam hierarki resource. Klik Simpan setelan lantai dan lewati langkah-langkah lainnya. Untuk melihat setelan yang diwariskan, buka tab Setelan lantai.

Catatan: Saat Anda mengaktifkan pewarisan, setelan yang diwariskan akan menggantikan setelan lantai yang ada.
Kustom: Tentukan setelan minimum untuk project ini. Setelan kustom yang Anda tentukan untuk project akan menggantikan setelan minimum yang diwarisi.
Nonaktifkan: Menonaktifkan setelan lantai yang diwariskan. Artinya, tidak ada aturan deteksi yang berlaku untuk template Model Armor dan Vertex AI untuk beban kerja Gemini Anda. Klik Simpan setelan lantai dan lewati langkah-langkah yang tersisa. Lihat status dinonaktifkan di tab Setelan lantai.

Menentukan tempat setelan lantai diterapkan

Pilih salah satu layanan berikut tempat setelan lantai yang dikonfigurasi diterapkan.

Model Armor - Pembuatan & pembaruan template: Model Armor memeriksa setiap template Model Armor baru dan yang diubah dalam project untuk memastikan bahwa setelan minimum sesuai dengan setelan minimum.

Catatan: Setelan lantai tidak memeriksa kesesuaian template dengan Perlindungan Data Sensitif.
Server MCP Google: Permintaan pemeriksaan setelan lantai yang dikirim ke atau dari server MCP jarak jauh Google atau Google Cloud untuk memastikan permintaan tersebut memenuhi nilai minimum setelan lantai. Untuk mengetahui informasi selengkapnya, lihat Integrasi Model Armor dengan server MCP Google Cloud (Pratinjau).
Vertex AI: Memeriksa permintaan yang dikirim ke model Gemini, lalu mencatat atau memblokir permintaan yang memenuhi nilai minimum setelan.

Jika Anda memilih Vertex AI, bagian Vertex AI akan muncul tempat Anda memilih cara penerapan setelan batas minimum.
- Hanya periksa: Mendeteksi permintaan yang tidak memenuhi setelan minimum, tetapi tidak memblokirnya.
- Periksa dan blokir pelanggaran: Mendeteksi dan memblokir permintaan yang tidak memenuhi setelan minimum.

Melihat setelan lantai Model Armor

Lihat setelan minimum Model Armor untuk memverifikasi setelan yang ada, mengidentifikasi persyaratan minimum untuk aplikasi AI Anda, atau memecahkan masalah saat template tidak berfungsi seperti yang diharapkan.

Jalankan perintah berikut untuk melihat setelan lantai Model Armor.

Konsol

Di konsol Google Cloud , buka halaman Model Armor.

Buka Model Armor
Pastikan Anda melihat project tempat Anda mengaktifkan Model Armor.
Di halaman Perlindungan Model, buka tab Setelan batas bawah. Jika setelan lantai ditetapkan di tingkat organisasi, Anda dapat melihatnya. Jika setelan lantai tidak ditentukan, Anda harus mengonfigurasinya. Untuk mengetahui informasi selengkapnya, lihat Mengonfigurasi setelan lantai.

gcloud

Melihat setelan minimum Model Armor untuk project.

  gcloud model-armor floorsettings describe \
      --full-uri='projects/PROJECT_ID/locations/global/floorSetting'

Melihat setelan minimum Model Armor untuk organisasi.

  gcloud model-armor floorsettings describe \
      --full-uri='organizations/ORGANIZATION_ID/locations/global/floorSetting'

Melihat setelan minimum Model Armor untuk folder.
```
   gcloud model-armor floorsettings describe \
       --full-uri='folders/FOLDER_ID/locations/global/floorSetting'
```
Ganti kode berikut:
- ID project untuk setelan lantai.
- ID folder untuk setelan lantai.
- ID organisasi untuk setelan lantai.

REST

Melihat setelan minimum Model Armor untuk project.

curl -X GET \
  -H "Authorization: Bearer $(gcloud auth print-access-token)" \
  -H "Content-Type: application/json" \
  "https://modelarmor.googleapis.com/v1/projects/PROJECT_ID/locations/global/floorSetting"

Melihat setelan minimum Model Armor untuk folder.

curl -X GET \
  -H "Authorization: Bearer $(gcloud auth print-access-token)" \
  -H "Content-Type: application/json" \
  "https://modelarmor.googleapis.com/v1/folders/FOLDER_ID/locations/global/floorSetting"

Melihat setelan minimum Model Armor untuk organisasi.

curl -X GET \
  -H "Authorization: Bearer $(gcloud auth print-access-token)" \
  -H "Content-Type: application/json" \
  "https://modelarmor.googleapis.com/v1/organizations/ORGANIZATION_ID/locations/global/floorSetting"

Ganti kode berikut:

ID project untuk setelan lantai.
ID folder untuk setelan lantai.
ID organisasi untuk setelan lantai.

C#

Untuk menjalankan kode ini, pertama-tama siapkan lingkungan pengembangan C# dan instal Model Armor C# SDK.

Melihat setelan minimum Model Armor untuk project tertentu.

using Google.Cloud.ModelArmor.V1;
using System;

public class GetProjectFloorSettings
{
    public FloorSetting GetProjectFloorSetting(string projectId)
    {
        // Initialize client
        ModelArmorClient client = ModelArmorClient.Create();

        // Construct the resource name
        string name = $"projects/{projectId}/locations/global/floorSetting";

        // Create the request
        GetFloorSettingRequest request = new GetFloorSettingRequest { Name = name };

        // Make the request
        FloorSetting response = client.GetFloorSetting(request);

        Console.WriteLine($"Floor settings retrieved successfully: {response}");

        return response;
    }
}

Melihat setelan minimum Model Armor untuk folder tertentu.

using Google.Cloud.ModelArmor.V1;
using System;

public class GetFolderFloorSettings
{
    public FloorSetting GetFolderFloorSetting(string folderId)
    {
        // Initialize client.
        ModelArmorClient client = ModelArmorClient.Create();

        // Construct the resource name.
        string name = $"folders/{folderId}/locations/global/floorSetting";

        // Create the request.
        GetFloorSettingRequest request = new GetFloorSettingRequest { Name = name };

        // Make the request.
        FloorSetting response = client.GetFloorSetting(request);

        return response;
    }
}

Melihat setelan minimum Model Armor untuk organisasi tertentu.

using Google.Cloud.ModelArmor.V1;
using System;

public class GetOrganizationFloorSettings
{
    public FloorSetting GetOrganizationFloorSetting(string organizationId)
    {
        // Initialize client
        ModelArmorClient client = ModelArmorClient.Create();

        // Construct the resource name
        string name = $"organizations/{organizationId}/locations/global/floorSetting";

        // Create the request
        GetFloorSettingRequest request = new GetFloorSettingRequest { Name = name };

        // Make the request
        FloorSetting response = client.GetFloorSetting(request);

        Console.WriteLine($"Floor settings retrieved successfully: {response}");

        return response;
    }
}

Go

Untuk menjalankan kode ini, siapkan lingkungan pengembangan Go terlebih dahulu dan instal Model Armor Go SDK.

Melihat setelan minimum Model Armor untuk project tertentu.


import (
	"context"
	"fmt"
	"io"

	modelarmor "cloud.google.com/go/modelarmor/apiv1"
	modelarmorpb "cloud.google.com/go/modelarmor/apiv1/modelarmorpb"
)

// getProjectFloorSettings gets details of a single floor setting of a project.
//
// This method retrieves the details of a single floor setting of a project.
//
// w io.Writer: The writer to use for logging.
// projectID string: The ID of the project.
func getProjectFloorSettings(w io.Writer, projectID string) error {
	ctx := context.Background()

	// Create the Model Armor client.
	client, err := modelarmor.NewClient(ctx)
	if err != nil {
		return fmt.Errorf("failed to create client: %w", err)
	}
	defer client.Close()

	floorSettingsName := fmt.Sprintf("projects/%s/locations/global/floorSetting", projectID)

	// Get the project floor setting.
	req := &modelarmorpb.GetFloorSettingRequest{
		Name: floorSettingsName,
	}

	response, err := client.GetFloorSetting(ctx, req)
	if err != nil {
		return fmt.Errorf("failed to get floor setting: %w", err)
	}

	// Print the retrieved floor setting using fmt.Fprintf with the io.Writer.
	fmt.Fprintf(w, "Retrieved floor setting: %v\n", response)

	return nil
}

Melihat setelan minimum Model Armor untuk folder tertentu.


import (
	"context"
	"fmt"
	"io"

	modelarmor "cloud.google.com/go/modelarmor/apiv1"
	modelarmorpb "cloud.google.com/go/modelarmor/apiv1/modelarmorpb"
)

// getFolderFloorSettings gets details of a single floor setting of a folder.
//
// This method retrieves the details of a single floor setting of a folder.
//
// w io.Writer: The writer to use for logging.
// folderID string: The ID of the folder.
func getFolderFloorSettings(w io.Writer, folderID string) error {
	ctx := context.Background()

	// Create the Model Armor client.
	client, err := modelarmor.NewClient(ctx)
	if err != nil {
		return fmt.Errorf("failed to create client: %w", err)
	}
	defer client.Close()

	// Prepare folder floor setting path/name
	floorSettingsName := fmt.Sprintf("folders/%s/locations/global/floorSetting", folderID)

	// Get the folder floor setting.
	req := &modelarmorpb.GetFloorSettingRequest{
		Name: floorSettingsName,
	}

	response, err := client.GetFloorSetting(ctx, req)
	if err != nil {
		return fmt.Errorf("failed to get floor setting: %w", err)
	}

	// Print the retrieved floor setting using fmt.Fprintf with the io.Writer.
	fmt.Fprintf(w, "Retrieved folder floor setting: %v\n", response)

	return nil
}

Melihat setelan minimum Model Armor untuk organisasi tertentu.


import (
	"context"
	"fmt"
	"io"

	modelarmor "cloud.google.com/go/modelarmor/apiv1"
	modelarmorpb "cloud.google.com/go/modelarmor/apiv1/modelarmorpb"
)

// getOrganizationFloorSettings gets details of a single floor setting of an organization.
//
// This method retrieves the details of a single floor setting of an organization.
//
// w io.Writer: The writer to use for logging.
// organizationID string: The ID of the organization.
func getOrganizationFloorSettings(w io.Writer, organizationID string) error {
	ctx := context.Background()

	// Create the Model Armor client.
	client, err := modelarmor.NewClient(ctx)
	if err != nil {
		return fmt.Errorf("failed to create client: %w", err)
	}
	defer client.Close()

	floorSettingsName := fmt.Sprintf("organizations/%s/locations/global/floorSetting", organizationID)

	// Get the organization floor setting.
	req := &modelarmorpb.GetFloorSettingRequest{
		Name: floorSettingsName,
	}

	response, err := client.GetFloorSetting(ctx, req)
	if err != nil {
		return fmt.Errorf("failed to get floor setting: %w", err)
	}

	// Print the retrieved floor setting using fmt.Fprintf with the io.Writer.
	fmt.Fprintf(w, "Retrieved org floor setting: %v\n", response)

	return nil
}

Java

Untuk menjalankan kode ini, pertama-tama siapkan lingkungan pengembangan Java dan instal Model Armor Java SDK.

Melihat setelan minimum Model Armor untuk project tertentu.


import com.google.cloud.modelarmor.v1.FloorSetting;
import com.google.cloud.modelarmor.v1.FloorSettingName;
import com.google.cloud.modelarmor.v1.GetFloorSettingRequest;
import com.google.cloud.modelarmor.v1.ModelArmorClient;
import java.io.IOException;

public class GetProjectFloorSetting {

  public static void main(String[] args) throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    String projectId = "your-project-id";

    getProjectFloorSetting(projectId);
  }

  public static FloorSetting getProjectFloorSetting(String projectId) throws IOException {

    // Initialize client that will be used to send requests. This client only
    // needs to be created once, and can be reused for multiple requests.
    try (ModelArmorClient client = ModelArmorClient.create()) {
      String name = FloorSettingName.of(projectId, "global").toString();

      GetFloorSettingRequest request = GetFloorSettingRequest.newBuilder().setName(name).build();

      FloorSetting floorSetting = client.getFloorSetting(request);
      System.out.println("Fetched floor setting for project: " + projectId);

      return floorSetting;
    }
  }
}

Melihat setelan minimum Model Armor untuk folder tertentu.


import com.google.cloud.modelarmor.v1.FloorSetting;
import com.google.cloud.modelarmor.v1.FloorSettingName;
import com.google.cloud.modelarmor.v1.GetFloorSettingRequest;
import com.google.cloud.modelarmor.v1.ModelArmorClient;
import java.io.IOException;

public class GetFolderFloorSetting {

  public static void main(String[] args) throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    String folderId = "your-folder-id";

    getFolderFloorSetting(folderId);
  }

  public static FloorSetting getFolderFloorSetting(String folderId) throws IOException {

    // Initialize client that will be used to send requests. This client only
    // needs to be created once, and can be reused for multiple requests.
    try (ModelArmorClient client = ModelArmorClient.create()) {
      String name = FloorSettingName.ofFolderLocationName(folderId, "global").toString();

      GetFloorSettingRequest request = GetFloorSettingRequest.newBuilder().setName(name).build();

      FloorSetting floorSetting = client.getFloorSetting(request);
      System.out.println("Fetched floor setting for folder: " + folderId);

      return floorSetting;
    }
  }
}

Melihat setelan minimum Model Armor untuk organisasi tertentu.


import com.google.cloud.modelarmor.v1.FloorSetting;
import com.google.cloud.modelarmor.v1.FloorSettingName;
import com.google.cloud.modelarmor.v1.GetFloorSettingRequest;
import com.google.cloud.modelarmor.v1.ModelArmorClient;
import java.io.IOException;

public class GetOrganizationFloorSetting {

  public static void main(String[] args) throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    String organizationId = "your-organization-id";

    getOrganizationFloorSetting(organizationId);
  }

  public static FloorSetting getOrganizationFloorSetting(String organizationId) throws IOException {

    // Initialize client that will be used to send requests. This client only
    // needs to be created once, and can be reused for multiple requests.
    try (ModelArmorClient client = ModelArmorClient.create()) {
      String name = FloorSettingName.ofOrganizationLocationName(organizationId, "global")
          .toString();

      GetFloorSettingRequest request = GetFloorSettingRequest.newBuilder().setName(name).build();

      FloorSetting floorSetting = client.getFloorSetting(request);
      System.out.println("Fetched floor setting for organization: " + organizationId);

      return floorSetting;
    }
  }
}

Node.js

Untuk menjalankan kode ini, siapkan lingkungan pengembangan Node.js terlebih dahulu dan instal Model Armor Node.js SDK.

Melihat setelan minimum Model Armor untuk project tertentu.

/**
 * TODO(developer): Uncomment these variables before running the sample.
 */
// const projectId = 'your-project-id';

const name = `projects/${projectId}/locations/global/floorSetting`;

// Imports the Modelarmor library
const {ModelArmorClient} = require('@google-cloud/modelarmor').v1;

// Instantiates a client
const modelarmorClient = new ModelArmorClient();

async function getProjectFloorSettings() {
  // Construct request
  const request = {
    name,
  };

  // Run request
  const [response] = await modelarmorClient.getFloorSetting(request);
  return response;
}

return await getProjectFloorSettings();

Melihat setelan minimum Model Armor untuk folder tertentu.

/**
 * TODO(developer): Uncomment these variables before running the sample.
 */
// const folderId = 'your-folder-id';

const name = `folders/${folderId}/locations/global/floorSetting`;

// Imports the Modelarmor library
const {ModelArmorClient} = require('@google-cloud/modelarmor').v1;

// Instantiates a client
const modelarmorClient = new ModelArmorClient();

async function getFolderFloorSettings() {
  // Construct request
  const request = {
    name,
  };

  const [response] = await modelarmorClient.getFloorSetting(request);
  return response;
}

return await getFolderFloorSettings();

Melihat setelan minimum Model Armor untuk organisasi tertentu.

/**
 * TODO(developer): Uncomment these variables before running the sample.
 */
// const organizationId = 'your-organization-id';
const name = `organizations/${organizationId}/locations/global/floorSetting`;

// Imports the Modelarmor library
const {ModelArmorClient} = require('@google-cloud/modelarmor').v1;

// Instantiates a client
const modelarmorClient = new ModelArmorClient();

async function getOrganizationFloorSettings() {
  // Construct request
  const request = {
    name,
  };

  // Run request
  const [response] = await modelarmorClient.getFloorSetting(request);
  return response;
}

return await getOrganizationFloorSettings();

PHP

Untuk menjalankan kode ini, pertama-tama siapkan lingkungan pengembangan PHP dan instal Model Armor PHP SDK.

Melihat setelan minimum Model Armor untuk project tertentu.

use Google\Cloud\ModelArmor\V1\Client\ModelArmorClient;
use Google\Cloud\ModelArmor\V1\GetFloorSettingRequest;

/**
 * Gets the floor settings for a given project.
 *
 * @param string $projectId The project Id for which the floor settings is to be retrieved.
 *
 */
function get_project_floor_settings(string $projectId): void
{
    $client = new ModelArmorClient();

    $floorSettingsName = sprintf('projects/%s/locations/global/floorSetting', $projectId);

    $response = $client->getFloorSetting((new GetFloorSettingRequest())->setName($floorSettingsName));

    printf("Floor settings retrieved successfully: %s\n", $response->serializeToJsonString());
}

Melihat setelan minimum Model Armor untuk folder tertentu.

use Google\Cloud\ModelArmor\V1\Client\ModelArmorClient;
use Google\Cloud\ModelArmor\V1\GetFloorSettingRequest;

/**
 * Gets the floor settings for a given folder.
 *
 * @param string $folderId The folder Id for which the floor settings is to be retrieved.
 *
 */
function get_folder_floor_settings(string $folderId): void
{
    $client = new ModelArmorClient();

    $floorSettingsName = sprintf('folders/%s/locations/global/floorSetting', $folderId);

    $response = $client->getFloorSetting((new GetFloorSettingRequest())->setName($floorSettingsName));

    printf("Floor settings retrieved successfully: %s\n", $response->serializeToJsonString());
}

Melihat setelan minimum Model Armor untuk organisasi tertentu.

use Google\Cloud\ModelArmor\V1\Client\ModelArmorClient;
use Google\Cloud\ModelArmor\V1\GetFloorSettingRequest;

/**
 * Gets the floor settings for a given organization.
 *
 * @param string $organizationId The organization Id for which the floor settings is to be retrieved.
 *
 */
function get_organization_floor_settings(string $organizationId): void
{
    $client = new ModelArmorClient();

    $floorSettingsName = sprintf('organizations/%s/locations/global/floorSetting', $organizationId);

    $response = $client->getFloorSetting((new GetFloorSettingRequest())->setName($floorSettingsName));

    printf("Floor settings retrieved successfully: %s\n", $response->serializeToJsonString());
}

Python

Untuk menjalankan kode ini, siapkan lingkungan pengembangan Python terlebih dahulu dan instal Model Armor Python SDK.

Melihat setelan minimum Model Armor untuk project tertentu.


from google.cloud import modelarmor_v1

# Create the Model Armor client.
client = modelarmor_v1.ModelArmorClient(transport="rest")

# TODO(Developer): Uncomment below variable.
# project_id = "YOUR_PROJECT_ID"

floor_settings_name = f"projects/{project_id}/locations/global/floorSetting"

# Get the project floor setting.
response = client.get_floor_setting(
    request=modelarmor_v1.GetFloorSettingRequest(name=floor_settings_name)
)

# Print the retrieved floor setting.
print(response)

Melihat setelan minimum Model Armor untuk folder tertentu.


from google.cloud import modelarmor_v1

# Create the Model Armor client.
client = modelarmor_v1.ModelArmorClient(transport="rest")

# TODO(Developer): Uncomment below variable.
# folder_id = "YOUR_FOLDER_ID"

# Prepare folder floor setting path/name
floor_settings_name = f"folders/{folder_id}/locations/global/floorSetting"

# Get the folder floor setting.
response = client.get_floor_setting(
    request=modelarmor_v1.GetFloorSettingRequest(name=floor_settings_name)
)

# Print the retrieved floor setting.
print(response)

Melihat setelan minimum Model Armor untuk organisasi tertentu.


from google.cloud import modelarmor_v1

# Create the Model Armor client.
client = modelarmor_v1.ModelArmorClient(transport="rest")

# TODO(Developer): Uncomment below variable.
# organization_id = "YOUR_ORGANIZATION_ID"

floor_settings_name = (
    f"organizations/{organization_id}/locations/global/floorSetting"
)

# Get the organization floor setting.
response = client.get_floor_setting(
    request=modelarmor_v1.GetFloorSettingRequest(name=floor_settings_name)
)

# Print the retrieved floor setting.
print(response)

Memperbarui setelan batas bawah Model Armor

Perbarui setelan minimum Model Armor untuk mengubah persyaratan minimum template, mencerminkan perubahan dalam kebijakan keamanan, memperbaiki kesalahan konfigurasi, atau menyelesaikan konflik antara setelan minimum.

Jalankan perintah berikut untuk memperbarui setelan lantai Model Armor.

Konsol

Di konsol Google Cloud , buka halaman Model Armor.

Buka Model Armor
Pastikan Anda melihat project tempat Anda mengaktifkan Model Armor.
Di halaman Model Armor, buka tab Setelan minimum, lalu klik Konfigurasi setelan minimum.
Perbarui kolom yang wajib diisi, lalu klik Simpan setelan lantai.

gcloud

   gcloud model-armor floorsettings update --full-uri=<full-uri-of-the-floorsetting>

Contoh perintah:

       gcloud model-armor floorsettings update \
           --malicious-uri-filter-settings-enforcement=ENABLED \
           --pi-and-jailbreak-filter-settings-enforcement=DISABLED \
           --pi-and-jailbreak-filter-settings-confidence-level=LOW_AND_ABOVE \
           --basic-config-filter-enforcement=ENABLED \
           --add-rai-settings-filters='[{"confidenceLevel": "low_and_above", "filterType": "HARASSMENT"}, {"confidenceLevel": "high", "filterType": "SEXUALLY_EXPLICIT"}]'
           --full-uri='folders/FOLDER_ID/locations/global/floorSetting' \
           --enable-floor-setting-enforcement=true

Untuk mengonfigurasi setelan lantai dengan deteksi multi-bahasa diaktifkan, jalankan perintah berikut:

    gcloud model-armor floorsettings update \
        --full-uri=projects/PROJECT_ID/locations/global/floorSetting \
        --enable-multi-language-detection

Ganti kode berikut:

PROJECT_ID: ID project untuk setelan lantai.
FOLDER_ID: ID folder untuk setelan lantai.

REST

Memperbarui setelan lantai Model Armor untuk project tertentu.

curl -X PATCH
  -d '{"filterConfig" :{"piAndJailbreakFilterSettings": { "filterEnforcement": "ENABLED"}, "maliciousUriFilterSettings": { "filterEnforcement": "ENABLED" }, "rai_settings":{"rai_filters":{"filter_type":"DANGEROUS", "confidence_level":"LOW_AND_ABOVE" }, \
  "rai_filters":{"filter_type":"HATE_SPEECH", "confidence_level":"LOW_AND_ABOVE" }, "rai_filters":{"filter_type":"HARASSMENT", "confidence_level":"LOW_AND_ABOVE" }, "rai_filters":{"filter_type":"SEXUALLY_EXPLICIT", "confidence_level":"LOW_AND_ABOVE" }}},"enableFloorSettingEnforcement":"true"}' \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $(gcloud auth print-access-token) \
  "https://modelarmor.googleapis.com/v1/projects/PROJECT_ID/locations/global/floorSetting"

Memperbarui setelan lantai Model Armor untuk folder tertentu.

curl -X PATCH \
  -d '{"filterConfig" :{"piAndJailbreakFilterSettings": { "filterEnforcement": "ENABLED"}, "maliciousUriFilterSettings": {"filterEnforcement": "ENABLED" }},"enableFloorSettingEnforcement":"true"}' \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $(gcloud auth print-access-token)" \
  "https://modelarmor.googleapis.com/v1/folders/FOLDER_ID/locations/global/floorSetting"

Memperbarui setelan lantai Model Armor untuk organisasi tertentu.

curl -X PATCH \
  -d '{"filterConfig" :{"piAndJailbreakFilterSettings": { "filterEnforcement": "ENABLED"}, "maliciousUriFilterSettings": {
      "filterEnforcement": "ENABLED" }},"enableFloorSettingEnforcement":"true"}' \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $(gcloud auth print-access-token)" \
      "https://modelarmor.googleapis.com/v1/organizations/ORGANIZATION_ID/locations/global/floorSetting"

Ganti kode berikut:

PROJECT_ID: ID project untuk setelan lantai.
FOLDER_ID: ID folder untuk setelan lantai.
ORGANIZATION_ID: ID organisasi untuk setelan lantai.

Perintah update menampilkan respons berikut:

{
"name": "projects/PROJECT_ID/locations/global/floorSetting",
"updateTime": "2024-12-19T15:36:21.318191Z",
"filterConfig": {
  "piAndJailbreakFilterSettings": {
    "filterEnforcement": "ENABLED"
  },
"maliciousUriFilterSettings": {
  "filterEnforcement": "ENABLED"
 }
}
}

C#

Untuk menjalankan kode ini, pertama-tama siapkan lingkungan pengembangan C# dan instal Model Armor C# SDK.

Memperbarui setelan lantai Model Armor untuk project tertentu.

using Google.Cloud.ModelArmor.V1;
using System;

public class UpdateProjectFloorSettings
{
    public FloorSetting UpdateProjectFloorSetting(string projectId)
    {
        // Create the client
        ModelArmorClient client = ModelArmorClient.Create();

        // Construct the floor settings name
        string floorSettingsName = $"projects/{projectId}/locations/global/floorSetting";

        // Build the floor settings with your preferred filters
        // For more details on filters, please refer to the following doc:
        // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
        var raiFilter = new RaiFilterSettings.Types.RaiFilter
        {
            FilterType = RaiFilterType.HateSpeech,
            ConfidenceLevel = DetectionConfidenceLevel.High,
        };

        var raiFilterSettings = new RaiFilterSettings();
        raiFilterSettings.RaiFilters.Add(raiFilter);

        var filterConfig = new FilterConfig { RaiSettings = raiFilterSettings };

        var floorSetting = new FloorSetting
        {
            Name = floorSettingsName,
            FilterConfig = filterConfig,
            EnableFloorSettingEnforcement = true,
        };

        // Create the update request
        var updateRequest = new UpdateFloorSettingRequest { FloorSetting = floorSetting };

        // Update the floor settings
        FloorSetting response = client.UpdateFloorSetting(updateRequest);

        Console.WriteLine($"Floor setting updated: {response.Name}");

        return response;
    }
}

Memperbarui setelan lantai Model Armor untuk folder tertentu.

using Google.Cloud.ModelArmor.V1;
using System;

public class UpdateFolderFloorSettings
{
    public FloorSetting UpdateFolderFloorSetting(string folderId)
    {
        // Create the client
        ModelArmorClient client = ModelArmorClient.Create();

        // Construct the floor settings name
        string floorSettingsName = $"folders/{folderId}/locations/global/floorSetting";

        // Build the floor settings with your preferred filters
        // For more details on filters, please refer to the following doc:
        // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
        var raiFilter = new RaiFilterSettings.Types.RaiFilter
        {
            FilterType = RaiFilterType.HateSpeech,
            ConfidenceLevel = DetectionConfidenceLevel.High,
        };

        var raiFilterSettings = new RaiFilterSettings();
        raiFilterSettings.RaiFilters.Add(raiFilter);

        var filterConfig = new FilterConfig { RaiSettings = raiFilterSettings };

        var floorSetting = new FloorSetting
        {
            Name = floorSettingsName,
            FilterConfig = filterConfig,
            EnableFloorSettingEnforcement = true,
        };

        // Create the update request
        var updateRequest = new UpdateFloorSettingRequest { FloorSetting = floorSetting };

        // Update the floor settings
        FloorSetting response = client.UpdateFloorSetting(updateRequest);

        Console.WriteLine($"Floor setting updated: {response.Name}");

        return response;
    }
}

Memperbarui setelan lantai Model Armor untuk organisasi tertentu.

using Google.Cloud.ModelArmor.V1;
using System;

public class UpdateOrganizationFloorSettings
{
    public FloorSetting UpdateOrganizationFloorSetting(string organizationId)
    {
        // Create the client
        ModelArmorClient client = ModelArmorClient.Create();

        // Construct the floor settings name
        string floorSettingsName = $"organizations/{organizationId}/locations/global/floorSetting";

        // Build the floor settings with your preferred filters
        // For more details on filters, please refer to the following doc:
        // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
        var raiFilter = new RaiFilterSettings.Types.RaiFilter
        {
            FilterType = RaiFilterType.HateSpeech,
            ConfidenceLevel = DetectionConfidenceLevel.High,
        };

        var raiFilterSettings = new RaiFilterSettings();
        raiFilterSettings.RaiFilters.Add(raiFilter);

        var filterConfig = new FilterConfig { RaiSettings = raiFilterSettings };

        var floorSetting = new FloorSetting
        {
            Name = floorSettingsName,
            FilterConfig = filterConfig,
            EnableFloorSettingEnforcement = true,
        };

        // Create the update request
        var updateRequest = new UpdateFloorSettingRequest { FloorSetting = floorSetting };

        // Update the floor settings
        FloorSetting response = client.UpdateFloorSetting(updateRequest);

        Console.WriteLine($"Floor setting updated: {response.Name}");

        return response;
    }
}

Go

Untuk menjalankan kode ini, siapkan lingkungan pengembangan Go terlebih dahulu dan instal Model Armor Go SDK.

Memperbarui setelan lantai Model Armor untuk project tertentu.


import (
	"context"
	"fmt"
	"io"

	modelarmor "cloud.google.com/go/modelarmor/apiv1"
	modelarmorpb "cloud.google.com/go/modelarmor/apiv1/modelarmorpb"
)

// updateProjectFloorSettings updates the floor settings of a project.
//
// This method updates the floor settings of a project.
//
// w io.Writer: The writer to use for logging.
// projectID string: The ID of the project.
func updateProjectFloorSettings(w io.Writer, projectID string) error {
	ctx := context.Background()

	// Create the Model Armor client.
	client, err := modelarmor.NewClient(ctx)
	if err != nil {
		return fmt.Errorf("failed to create client: %w", err)
	}
	defer client.Close()

	// Prepare project floor setting path/name
	floorSettingsName := fmt.Sprintf("projects/%s/locations/global/floorSetting", projectID)

	// Update the project floor setting
	// For more details on filters, please refer to the following doc:
	// [https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters](https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters)
	enableEnforcement := true
	req := &modelarmorpb.UpdateFloorSettingRequest{
		FloorSetting: &modelarmorpb.FloorSetting{
			Name: floorSettingsName,
			FilterConfig: &modelarmorpb.FilterConfig{
				RaiSettings: &modelarmorpb.RaiFilterSettings{
					RaiFilters: []*modelarmorpb.RaiFilterSettings_RaiFilter{
						{
							FilterType:      modelarmorpb.RaiFilterType_HATE_SPEECH,
							ConfidenceLevel: modelarmorpb.DetectionConfidenceLevel_HIGH,
						},
					},
				},
			},
			EnableFloorSettingEnforcement: &enableEnforcement,
		},
	}

	response, err := client.UpdateFloorSetting(ctx, req)
	if err != nil {
		return fmt.Errorf("failed to update floor setting: %w", err)
	}

	// Print the updated config
	fmt.Fprintf(w, "Updated project floor setting: %+v\n", response)

	return nil
}

Memperbarui setelan lantai Model Armor untuk folder tertentu.


import (
	"context"
	"fmt"
	"io"

	modelarmor "cloud.google.com/go/modelarmor/apiv1"
	modelarmorpb "cloud.google.com/go/modelarmor/apiv1/modelarmorpb"
)

// updateFolderFloorSettings updates floor settings of a folder.
//
// This method updates the floor settings of a folder.
//
// w io.Writer: The writer to use for logging.
// folderID string: The ID of the folder.
func updateFolderFloorSettings(w io.Writer, folderID string) error {
	ctx := context.Background()

	// Create the Model Armor client.
	client, err := modelarmor.NewClient(ctx)
	if err != nil {
		return fmt.Errorf("failed to create client: %w", err)
	}
	defer client.Close()

	// Prepare folder floor settings path/name
	floorSettingsName := fmt.Sprintf("folders/%s/locations/global/floorSetting", folderID)

	// Prepare the floor setting update
	enableEnforcement := true
	floorSetting := &modelarmorpb.FloorSetting{
		Name: floorSettingsName,
		FilterConfig: &modelarmorpb.FilterConfig{
			RaiSettings: &modelarmorpb.RaiFilterSettings{
				RaiFilters: []*modelarmorpb.RaiFilterSettings_RaiFilter{
					{
						FilterType:      modelarmorpb.RaiFilterType_HATE_SPEECH,
						ConfidenceLevel: modelarmorpb.DetectionConfidenceLevel_HIGH,
					},
				},
			},
		},
		EnableFloorSettingEnforcement: &enableEnforcement,
	}

	// Prepare request for updating the floor setting.
	req := &modelarmorpb.UpdateFloorSettingRequest{
		FloorSetting: floorSetting,
	}

	// Update the floor setting.
	response, err := client.UpdateFloorSetting(ctx, req)
	if err != nil {
		return fmt.Errorf("failed to update floor setting: %w", err)
	}

	// Print the updated config
	fmt.Fprintf(w, "Updated folder floor setting: %v\n", response)

	return nil

}

Memperbarui setelan lantai Model Armor untuk organisasi tertentu.


import (
	"context"
	"fmt"
	"io"

	modelarmor "cloud.google.com/go/modelarmor/apiv1"
	modelarmorpb "cloud.google.com/go/modelarmor/apiv1/modelarmorpb"
)

// updateOrganizationFloorSettings updates floor settings of an organization.
//
// This method updates the floor settings of an organization.
//
// w io.Writer: The writer to use for logging.
// organizationID string: The ID of the organization.
func updateOrganizationFloorSettings(w io.Writer, organizationID string) error {
	ctx := context.Background()

	// Create the Model Armor client.
	client, err := modelarmor.NewClient(ctx)
	if err != nil {
		return fmt.Errorf("failed to create client: %w", err)
	}
	defer client.Close()

	// Prepare organization floor setting path/name
	floorSettingsName := fmt.Sprintf("organizations/%s/locations/global/floorSetting", organizationID)

	// Update the organization floor setting
	// For more details on filters, please refer to the following doc:
	// [https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters](https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters)
	enableEnforcement := true
	req := &modelarmorpb.UpdateFloorSettingRequest{
		FloorSetting: &modelarmorpb.FloorSetting{
			Name: floorSettingsName,
			FilterConfig: &modelarmorpb.FilterConfig{
				RaiSettings: &modelarmorpb.RaiFilterSettings{
					RaiFilters: []*modelarmorpb.RaiFilterSettings_RaiFilter{
						{
							FilterType:      modelarmorpb.RaiFilterType_HATE_SPEECH,
							ConfidenceLevel: modelarmorpb.DetectionConfidenceLevel_HIGH,
						},
					},
				},
			},
			EnableFloorSettingEnforcement: &enableEnforcement,
		},
	}

	response, err := client.UpdateFloorSetting(ctx, req)
	if err != nil {
		return fmt.Errorf("failed to update floor setting: %w", err)
	}

	// Print the updated config
	fmt.Fprintf(w, "Updated org floor setting: %+v\n", response)

Java

Untuk menjalankan kode ini, pertama-tama siapkan lingkungan pengembangan Java dan instal Model Armor Java SDK.

Memperbarui setelan lantai Model Armor untuk project tertentu.


import com.google.cloud.modelarmor.v1.DetectionConfidenceLevel;
import com.google.cloud.modelarmor.v1.FilterConfig;
import com.google.cloud.modelarmor.v1.FloorSetting;
import com.google.cloud.modelarmor.v1.FloorSettingName;
import com.google.cloud.modelarmor.v1.ModelArmorClient;
import com.google.cloud.modelarmor.v1.RaiFilterSettings;
import com.google.cloud.modelarmor.v1.RaiFilterSettings.RaiFilter;
import com.google.cloud.modelarmor.v1.RaiFilterType;
import com.google.cloud.modelarmor.v1.UpdateFloorSettingRequest;
import com.google.protobuf.FieldMask;
import java.io.IOException;
import java.util.List;

public class UpdateProjectFloorSetting {

  public static void main(String[] args) throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    String projectId = "your-project-id";

    updateProjectFloorSetting(projectId);
  }

  public static FloorSetting updateProjectFloorSetting(String projectId)
      throws IOException {

    // Initialize client that will be used to send requests. This client only
    // needs to be created once, and can be reused for multiple requests.
    try (ModelArmorClient client = ModelArmorClient.create()) {
      String name = FloorSettingName.of(projectId, "global").toString();

      // For more details on filters, please refer to the following doc:
      // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
      RaiFilterSettings raiFilterSettings =
          RaiFilterSettings.newBuilder()
              .addAllRaiFilters(
                  List.of(
                      RaiFilter.newBuilder()
                          .setFilterType(RaiFilterType.HARASSMENT)
                          .setConfidenceLevel(DetectionConfidenceLevel.LOW_AND_ABOVE)
                          .build(),
                      RaiFilter.newBuilder()
                          .setFilterType(RaiFilterType.SEXUALLY_EXPLICIT)
                          .setConfidenceLevel(DetectionConfidenceLevel.HIGH)
                          .build()))
              .build();

      FilterConfig modelArmorFilter = FilterConfig.newBuilder()
          .setRaiSettings(raiFilterSettings)
          .build();

      // Create a field mask to specify which fields to update.
      // Ref: https://protobuf.dev/reference/protobuf/google.protobuf/#field-mask
      FieldMask updateMask = FieldMask.newBuilder().addPaths("filter_config.rai_settings").build();

      FloorSetting floorSetting = FloorSetting.newBuilder()
          .setName(name)
          .setFilterConfig(modelArmorFilter)
          .setEnableFloorSettingEnforcement(true)
          .build();

      UpdateFloorSettingRequest request = UpdateFloorSettingRequest.newBuilder()
          .setFloorSetting(floorSetting)
          .setUpdateMask(updateMask)
          .build();

      FloorSetting updatedFloorSetting = client.updateFloorSetting(request);
      System.out.println("Updated floor setting for project: " + projectId);

      return updatedFloorSetting;
    }
  }
}

Memperbarui setelan lantai Model Armor untuk folder tertentu.


import com.google.cloud.modelarmor.v1.DetectionConfidenceLevel;
import com.google.cloud.modelarmor.v1.FilterConfig;
import com.google.cloud.modelarmor.v1.FloorSetting;
import com.google.cloud.modelarmor.v1.FloorSettingName;
import com.google.cloud.modelarmor.v1.ModelArmorClient;
import com.google.cloud.modelarmor.v1.RaiFilterSettings;
import com.google.cloud.modelarmor.v1.RaiFilterSettings.RaiFilter;
import com.google.cloud.modelarmor.v1.RaiFilterType;
import com.google.cloud.modelarmor.v1.UpdateFloorSettingRequest;
import com.google.protobuf.FieldMask;
import java.io.IOException;
import java.util.List;

public class UpdateFolderFloorSetting {

  public static void main(String[] args) throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    String folderId = "your-folder-id";

    updateFolderFloorSetting(folderId);
  }

  public static FloorSetting updateFolderFloorSetting(String folderId)
      throws IOException {

    // Initialize client that will be used to send requests. This client only
    // needs to be created once, and can be reused for multiple requests.
    try (ModelArmorClient client = ModelArmorClient.create()) {
      String name = FloorSettingName.ofFolderLocationName(folderId, "global").toString();

      // For more details on filters, please refer to the following doc:
      // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
      RaiFilterSettings raiFilterSettings =
          RaiFilterSettings.newBuilder()
              .addAllRaiFilters(
                  List.of(
                      RaiFilter.newBuilder()
                          .setFilterType(RaiFilterType.HARASSMENT)
                          .setConfidenceLevel(DetectionConfidenceLevel.LOW_AND_ABOVE)
                          .build(),
                      RaiFilter.newBuilder()
                          .setFilterType(RaiFilterType.SEXUALLY_EXPLICIT)
                          .setConfidenceLevel(DetectionConfidenceLevel.HIGH)
                          .build()))
              .build();

      FilterConfig modelArmorFilter = FilterConfig.newBuilder()
          .setRaiSettings(raiFilterSettings)
          .build();

      // Create a field mask to specify which fields to update.
      // Ref: https://protobuf.dev/reference/protobuf/google.protobuf/#field-mask
      FieldMask updateMask = FieldMask.newBuilder().addPaths("filter_config.rai_settings").build();

      FloorSetting floorSetting = FloorSetting.newBuilder()
          .setName(name)
          .setFilterConfig(modelArmorFilter)
          .setEnableFloorSettingEnforcement(true)
          .build();

      UpdateFloorSettingRequest request = UpdateFloorSettingRequest.newBuilder()
          .setFloorSetting(floorSetting)
          .setUpdateMask(updateMask)
          .build();

      FloorSetting updatedFloorSetting = client.updateFloorSetting(request);
      System.out.println("Updated floor setting for folder: " + folderId);

      return updatedFloorSetting;
    }
  }
}

Memperbarui setelan lantai Model Armor untuk organisasi tertentu.


import com.google.cloud.modelarmor.v1.DetectionConfidenceLevel;
import com.google.cloud.modelarmor.v1.FilterConfig;
import com.google.cloud.modelarmor.v1.FloorSetting;
import com.google.cloud.modelarmor.v1.FloorSettingName;
import com.google.cloud.modelarmor.v1.ModelArmorClient;
import com.google.cloud.modelarmor.v1.RaiFilterSettings;
import com.google.cloud.modelarmor.v1.RaiFilterSettings.RaiFilter;
import com.google.cloud.modelarmor.v1.RaiFilterType;
import com.google.cloud.modelarmor.v1.UpdateFloorSettingRequest;
import com.google.protobuf.FieldMask;
import java.io.IOException;
import java.util.List;

public class UpdateOrganizationsFloorSetting {

  public static void main(String[] args) throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    String organizationId = "your-organization-id";

    updateOrganizationFloorSetting(organizationId);
  }

  public static FloorSetting updateOrganizationFloorSetting(String organizationId)
      throws IOException {

    // Initialize client that will be used to send requests. This client only
    // needs to be created once, and can be reused for multiple requests.
    try (ModelArmorClient client = ModelArmorClient.create()) {
      String name = FloorSettingName.ofOrganizationLocationName(organizationId, "global")
          .toString();

      // For more details on filters, please refer to the following doc:
      // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
      RaiFilterSettings raiFilterSettings =
          RaiFilterSettings.newBuilder()
              .addAllRaiFilters(
                  List.of(
                      RaiFilter.newBuilder()
                          .setFilterType(RaiFilterType.HARASSMENT)
                          .setConfidenceLevel(DetectionConfidenceLevel.LOW_AND_ABOVE)
                          .build(),
                      RaiFilter.newBuilder()
                          .setFilterType(RaiFilterType.SEXUALLY_EXPLICIT)
                          .setConfidenceLevel(DetectionConfidenceLevel.HIGH)
                          .build()))
              .build();

      FilterConfig modelArmorFilter = FilterConfig.newBuilder()
          .setRaiSettings(raiFilterSettings)
          .build();

      // Create a field mask to specify which fields to update.
      // Ref: https://protobuf.dev/reference/protobuf/google.protobuf/#field-mask
      FieldMask updateMask = FieldMask.newBuilder()
          .addPaths("filter_config.rai_settings")
          .build();

      FloorSetting floorSetting = FloorSetting.newBuilder()
          .setName(name)
          .setFilterConfig(modelArmorFilter)
          .setEnableFloorSettingEnforcement(true)
          .build();

      UpdateFloorSettingRequest request = UpdateFloorSettingRequest.newBuilder()
          .setFloorSetting(floorSetting)
          .setUpdateMask(updateMask)
          .build();

      FloorSetting updatedFloorSetting = client.updateFloorSetting(request);
      System.out.println("Updated floor setting for organization: " + organizationId);

      return updatedFloorSetting;
    }
  }
}

Node.js

Untuk menjalankan kode ini, siapkan lingkungan pengembangan Node.js terlebih dahulu dan instal Model Armor Node.js SDK.

Memperbarui setelan lantai Model Armor untuk project tertentu.

/**
 * TODO(developer): Uncomment these variables before running the sample.
 */
// const projectId = 'your-project-id';

const modelarmor = require('@google-cloud/modelarmor');
const {ModelArmorClient} = modelarmor.v1;
const {protos} = modelarmor;

// Initiate client
const client = new ModelArmorClient();

async function updateProjectFloorSettings() {
  const floorSettingsName = `projects/${projectId}/locations/global/floorSetting`;

  // Build the floor settings with your preferred filters
  // For more details on filters, please refer to the following doc:
  // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
  const floorSetting = {
    name: floorSettingsName,
    filterConfig: {
      raiSettings: {
        raiFilters: [
          {
            filterType:
              protos.google.cloud.modelarmor.v1.RaiFilterType.HARASSMENT,
            confidenceLevel:
              protos.google.cloud.modelarmor.v1.DetectionConfidenceLevel
                .LOW_AND_ABOVE,
          },
          {
            filterType:
              protos.google.cloud.modelarmor.v1.RaiFilterType
                .SEXUALLY_EXPLICIT,
            confidenceLevel:
              protos.google.cloud.modelarmor.v1.DetectionConfidenceLevel
                .LOW_AND_ABOVE,
          },
        ],
      },
    },
    enableFloorSettingEnforcement: true,
  };

  const request = {
    floorSetting: floorSetting,
  };

  const [response] = await client.updateFloorSetting(request);
  return response;
}

return await updateProjectFloorSettings();

Memperbarui setelan lantai Model Armor untuk folder tertentu.

/**
 * TODO(developer): Uncomment these variables before running the sample.
 */
// const folderId = 'your-folder-id';

// Imports the Model Armor library
const modelarmor = require('@google-cloud/modelarmor');
const {ModelArmorClient} = modelarmor.v1;
const {protos} = modelarmor;

// Instantiates a client
const client = new ModelArmorClient();

async function updateFolderFloorSettings() {
  const floorSettingsName = `folders/${folderId}/locations/global/floorSetting`;

  // Build the floor settings with your preferred filters
  // For more details on filters, please refer to the following doc:
  // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
  const floorSetting = {
    name: floorSettingsName,
    filterConfig: {
      raiSettings: {
        raiFilters: [
          {
            filterType:
              protos.google.cloud.modelarmor.v1.RaiFilterType.HARASSMENT,
            confidenceLevel:
              protos.google.cloud.modelarmor.v1.DetectionConfidenceLevel
                .LOW_AND_ABOVE,
          },
          {
            filterType:
              protos.google.cloud.modelarmor.v1.RaiFilterType
                .SEXUALLY_EXPLICIT,
            confidenceLevel:
              protos.google.cloud.modelarmor.v1.DetectionConfidenceLevel
                .LOW_AND_ABOVE,
          },
        ],
      },
    },
    enableFloorSettingEnforcement: true,
  };

  const request = {
    floorSetting: floorSetting,
  };

  const [response] = await client.updateFloorSetting(request);
  return response;
}

return await updateFolderFloorSettings();

Memperbarui setelan lantai Model Armor untuk organisasi tertentu.

/**
 * TODO(developer): Uncomment these variables before running the sample.
 */
// const organizationId = 'your-organization-id';

const modelarmor = require('@google-cloud/modelarmor');
const {ModelArmorClient} = modelarmor.v1;
const {protos} = modelarmor;

const client = new ModelArmorClient();

async function updateOrganizationFloorSettings() {
  const floorSettingsName = `organizations/${organizationId}/locations/global/floorSetting`;

  // Build the floor settings with your preferred filters
  // For more details on filters, please refer to the following doc:
  // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
  const floorSetting = {
    name: floorSettingsName,
    filterConfig: {
      raiSettings: {
        raiFilters: [
          {
            filterType:
              protos.google.cloud.modelarmor.v1.RaiFilterType.HARASSMENT,
            confidenceLevel:
              protos.google.cloud.modelarmor.v1.DetectionConfidenceLevel
                .LOW_AND_ABOVE,
          },
          {
            filterType:
              protos.google.cloud.modelarmor.v1.RaiFilterType
                .SEXUALLY_EXPLICIT,
            confidenceLevel:
              protos.google.cloud.modelarmor.v1.DetectionConfidenceLevel
                .LOW_AND_ABOVE,
          },
        ],
      },
    },
    enableFloorSettingEnforcement: true,
  };

  const request = {
    floorSetting: floorSetting,
  };

  const [response] = await client.updateFloorSetting(request);
  return response;
}

return await updateOrganizationFloorSettings();

PHP

Untuk menjalankan kode ini, pertama-tama siapkan lingkungan pengembangan PHP dan instal Model Armor PHP SDK.

Memperbarui setelan lantai Model Armor untuk project tertentu.

use Google\Cloud\ModelArmor\V1\Client\ModelArmorClient;
use Google\Cloud\ModelArmor\V1\RaiFilterType;
use Google\Cloud\ModelArmor\V1\DetectionConfidenceLevel;
use Google\Cloud\ModelArmor\V1\UpdateFloorSettingRequest;
use Google\Cloud\ModelArmor\V1\FilterConfig;
use Google\Cloud\ModelArmor\V1\FloorSetting;
use Google\Cloud\ModelArmor\V1\RaiFilterSettings;
use Google\Cloud\ModelArmor\V1\RaiFilterSettings\RaiFilter;

/**
 * Updates the floor settings for a given project.
 *
 * @param string $projectId The project Id for which the floor settings is to be updated.
 *
 */
function update_project_floor_settings(string $projectId): void
{
    $client = new ModelArmorClient();

    $floorSettingsName = sprintf('projects/%s/locations/global/floorSetting', $projectId);

    // Build the floor settings with your preferred filters
    // For more details on filters, please refer to the following doc:
    // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters

    $raiFilterSetting = (new RaiFilterSettings())
        ->setRaiFilters([
            (new RaiFilter())
                ->setFilterType(RaiFilterType::HATE_SPEECH)
                ->setConfidenceLevel(DetectionConfidenceLevel::HIGH)
        ]);

    $filterConfig = (new FilterConfig())->setRaiSettings($raiFilterSetting);
    $floorSetting = (new FloorSetting())
        ->setName($floorSettingsName)
        ->setFilterConfig($filterConfig)
        ->setEnableFloorSettingEnforcement(true);

    $updateRequest = (new UpdateFloorSettingRequest())->setFloorSetting($floorSetting);

    $response = $client->updateFloorSetting($updateRequest);

    printf("Floor setting updated: %s\n", $response->getName());
}

Memperbarui setelan lantai Model Armor untuk folder tertentu.

use Google\Cloud\ModelArmor\V1\Client\ModelArmorClient;
use Google\Cloud\ModelArmor\V1\RaiFilterType;
use Google\Cloud\ModelArmor\V1\DetectionConfidenceLevel;
use Google\Cloud\ModelArmor\V1\UpdateFloorSettingRequest;
use Google\Cloud\ModelArmor\V1\FilterConfig;
use Google\Cloud\ModelArmor\V1\FloorSetting;
use Google\Cloud\ModelArmor\V1\RaiFilterSettings;
use Google\Cloud\ModelArmor\V1\RaiFilterSettings\RaiFilter;

/**
 * Updates the floor settings for a given folder.
 *
 * @param string $folderId The folder Id for which the floor settings is to be updated.
 *
 */
function update_folder_floor_settings(string $folderId): void
{
    $client = new ModelArmorClient();

    $floorSettingsName = sprintf('folders/%s/locations/global/floorSetting', $folderId);

    // Build the floor settings with your preferred filters
    // For more details on filters, please refer to the following doc:
    // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters

    $raiFilterSetting = (new RaiFilterSettings())
        ->setRaiFilters([
            (new RaiFilter())
                ->setFilterType(RaiFilterType::HATE_SPEECH)
                ->setConfidenceLevel(DetectionConfidenceLevel::HIGH)
        ]);

    $filterConfig = (new FilterConfig())->setRaiSettings($raiFilterSetting);
    $floorSetting = (new FloorSetting())
        ->setName($floorSettingsName)
        ->setFilterConfig($filterConfig)
        ->setEnableFloorSettingEnforcement(true);

    $updateRequest = (new UpdateFloorSettingRequest())->setFloorSetting($floorSetting);

    $response = $client->updateFloorSetting($updateRequest);

    printf("Floor setting updated: %s\n", $response->getName());
}

Memperbarui setelan lantai Model Armor untuk organisasi tertentu.

use Google\Cloud\ModelArmor\V1\Client\ModelArmorClient;
use Google\Cloud\ModelArmor\V1\RaiFilterType;
use Google\Cloud\ModelArmor\V1\DetectionConfidenceLevel;
use Google\Cloud\ModelArmor\V1\UpdateFloorSettingRequest;
use Google\Cloud\ModelArmor\V1\FilterConfig;
use Google\Cloud\ModelArmor\V1\FloorSetting;
use Google\Cloud\ModelArmor\V1\RaiFilterSettings;
use Google\Cloud\ModelArmor\V1\RaiFilterSettings\RaiFilter;

/**
 * Updates the floor settings for a given organization.
 *
 * @param string $organizationId The organization Id for which the floor settings is to be updated.
 *
 */
function update_organization_floor_settings(string $organizationId)
{
    $client = new ModelArmorClient();

    $floorSettingsName = sprintf('organizations/%s/locations/global/floorSetting', $organizationId);

    // Build the floor settings with your preferred filters
    // For more details on filters, please refer to the following doc:
    // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters

    $raiFilterSetting = (new RaiFilterSettings())
        ->setRaiFilters([
            (new RaiFilter())
                ->setFilterType(RaiFilterType::HATE_SPEECH)
                ->setConfidenceLevel(DetectionConfidenceLevel::HIGH)
        ]);

    $filterConfig = (new FilterConfig())->setRaiSettings($raiFilterSetting);
    $floorSetting = (new FloorSetting())
        ->setName($floorSettingsName)
        ->setFilterConfig($filterConfig)
        ->setEnableFloorSettingEnforcement(true);

    $updateRequest = (new UpdateFloorSettingRequest())->setFloorSetting($floorSetting);

    $response = $client->updateFloorSetting($updateRequest);

    printf("Floor setting updated: %s\n", $response->getName());
}

Python

Untuk menjalankan kode ini, siapkan lingkungan pengembangan Python terlebih dahulu dan instal Model Armor Python SDK.

Memperbarui setelan lantai Model Armor untuk project tertentu.


from google.cloud import modelarmor_v1

# Create the Model Armor client.
client = modelarmor_v1.ModelArmorClient(transport="rest")

# TODO(Developer): Uncomment these variables.
# project_id = "YOUR_PROJECT_ID"

# Prepare project floor setting path/name
floor_settings_name = f"projects/{project_id}/locations/global/floorSetting"

# Update the project floor setting
# For more details on filters, please refer to the following doc:
# https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
response = client.update_floor_setting(
    request=modelarmor_v1.UpdateFloorSettingRequest(
        floor_setting=modelarmor_v1.FloorSetting(
            name=floor_settings_name,
            filter_config=modelarmor_v1.FilterConfig(
                rai_settings=modelarmor_v1.RaiFilterSettings(
                    rai_filters=[
                        modelarmor_v1.RaiFilterSettings.RaiFilter(
                            filter_type=modelarmor_v1.RaiFilterType.HATE_SPEECH,
                            confidence_level=modelarmor_v1.DetectionConfidenceLevel.HIGH,
                        )
                    ]
                ),
            ),
            enable_floor_setting_enforcement=True,
        )
    )
)
# Print the updated config
print(response)

Memperbarui setelan lantai Model Armor untuk folder tertentu.


from google.cloud import modelarmor_v1

# Create the Model Armor client.
client = modelarmor_v1.ModelArmorClient(transport="rest")

# TODO (Developer): Uncomment these variables and initialize
# folder_id = "YOUR_FOLDER_ID"

# Prepare folder floor settings path/name
floor_settings_name = f"folders/{folder_id}/locations/global/floorSetting"

# Update the folder floor setting
# For more details on filters, please refer to the following doc:
# https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
response = client.update_floor_setting(
    request=modelarmor_v1.UpdateFloorSettingRequest(
        floor_setting=modelarmor_v1.FloorSetting(
            name=floor_settings_name,
            filter_config=modelarmor_v1.FilterConfig(
                rai_settings=modelarmor_v1.RaiFilterSettings(
                    rai_filters=[
                        modelarmor_v1.RaiFilterSettings.RaiFilter(
                            filter_type=modelarmor_v1.RaiFilterType.HATE_SPEECH,
                            confidence_level=modelarmor_v1.DetectionConfidenceLevel.HIGH,
                        )
                    ]
                ),
            ),
            enable_floor_setting_enforcement=True,
        )
    )
)
# Print the updated config
print(response)

Memperbarui setelan lantai Model Armor untuk organisasi tertentu.


from google.cloud import modelarmor_v1

# Create the Model Armor client.
client = modelarmor_v1.ModelArmorClient(transport="rest")

# TODO (Developer): Uncomment these variables and initialize
# organization_id = "YOUR_ORGANIZATION_ID"

# Prepare organization floor setting path/name
floor_settings_name = (
    f"organizations/{organization_id}/locations/global/floorSetting"
)

# Update the organization floor setting
# For more details on filters, please refer to the following doc:
# https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
response = client.update_floor_setting(
    request=modelarmor_v1.UpdateFloorSettingRequest(
        floor_setting=modelarmor_v1.FloorSetting(
            name=floor_settings_name,
            filter_config=modelarmor_v1.FilterConfig(
                rai_settings=modelarmor_v1.RaiFilterSettings(
                    rai_filters=[
                        modelarmor_v1.RaiFilterSettings.RaiFilter(
                            filter_type=modelarmor_v1.RaiFilterType.HATE_SPEECH,
                            confidence_level=modelarmor_v1.DetectionConfidenceLevel.HIGH,
                        )
                    ]
                ),
            ),
            enable_floor_setting_enforcement=True,
        )
    )
)
# Print the updated config
print(response)

Meninjau temuan tentang pelanggaran setelan minimum

Setiap temuan Model Armor mengidentifikasi pelanggaran setelan lantai. Pelanggaran terjadi saat template Model Armor gagal memenuhi standar keamanan minimum yang ditentukan oleh setelan minimum hierarki resource. Setelan minimum menentukan persyaratan minimum untuk template.

Temuan dibuat saat salah satu pelanggaran setelan lantai berikut terjadi:

Template dengan setelan yang tidak terlalu ketat dibuat sebelum Anda mengonfigurasi setelan minimum.
Template tidak memiliki filter yang diperlukan.
Template tidak memenuhi tingkat keyakinan minimum untuk filter.

Saat sistem mendeteksi pelanggaran, sistem akan menghasilkan temuan tingkat keparahan tinggi di Security Command Center (jika Anda menggunakan tingkat layanan Premium atau Enterprise Security Command Center). Temuan ini menentukan setelan lantai yang dilanggar, template yang tidak mematuhi, dan detail tentang pelanggaran.

Contoh berikut menunjukkan kolom sourceProperties temuan. Pelanggaran ini, yang terkait dengan filter URI berbahaya, terjadi karena setelan template untuk maliciousUriFilterSettings adalah DINONAKTIFKAN, tetapi setelan minimum mengharuskannya DIAKTIFKAN.

{
  "filterConfig": {
    "raiSettings": {
      "raiFilters": [
        {
          "filterType": "HATE_SPEECH",
          "confidenceLevel": {
            "floorSettings": "LOW_AND_ABOVE",
            "template": "MEDIUM_AND_ABOVE"
          }
        },
        {
          "filterType": "HARASSMENT",
          "confidenceLevel": {
            "floorSettings": "MEDIUM_AND_ABOVE",
            "template": "HIGH"
          }
        }
      ]
    },
    "piAndJailbreakFilterSettings": {
      "confidenceLevel": {
        "floorSettings": "LOW_AND_ABOVE",
        "template": "HIGH"
      }
    },
    "maliciousUriFilterSettings": {
      "floorSettings": "ENABLED",
      "template": "DISABLED"
    }
  }
}

Mengonfigurasi setelan lantai Tetap teratur dengan koleksi Simpan dan kategorikan konten berdasarkan preferensi Anda.

Sebelum memulai

Mendapatkan izin yang diperlukan

Mengaktifkan API

Konsol

gcloud

Aplikasi setelan lantai

Kesesuaian template dan setelan minimum

Integrasi dengan server MCP Google Cloud dan Vertex AI

Mengonfigurasi setelan minimum

Menentukan cara setelan minimum diwariskan

Menentukan tempat setelan lantai diterapkan

Melihat setelan lantai Model Armor

Konsol

gcloud

REST

C#

Go

Java

Node.js

PHP

Python

Memperbarui setelan batas bawah Model Armor

Konsol

gcloud

REST

C#

Go

Java

Node.js

PHP

Python

Meninjau temuan tentang pelanggaran setelan minimum

Langkah berikutnya

Mengonfigurasi setelan lantai