Mengonfigurasi setelan lantai

Dokumen ini menjelaskan cara melihat dan memperbarui setelan lantai Model Armor dan memberikan contoh pelanggaran setelan lantai.

Setelan minimum memiliki dua tujuan utama:

Kesesuaian template: Pastikan template baru setidaknya sama membatasinya dengan yang ditentukan dalam setelan minimum. Kesesuaian template ditentukan di tingkat organisasi dan folder.
Penegakan inline: Terapkan perlindungan Model Armor ke model Gemini dan server MCP Google Cloud. Penerapan inline dikonfigurasi di level project. Saat menggunakan setelan lantai untuk penegakan inline, kepatuhan template diperlukan.

Sebelum memulai

Sebelum memulai, selesaikan tugas berikut.

Mendapatkan izin yang diperlukan

Guna mendapatkan izin yang diperlukan untuk mengelola setelan batas bawah, minta administrator untuk memberi Anda peran IAM Model Armor Floor Setting Admin (roles/modelarmor.floorSettingsAdmin) di setelan batas bawah Model Armor. Untuk mengetahui informasi selengkapnya tentang cara memberikan peran, lihat Mengelola akses ke project, folder, dan organisasi.

Anda mungkin juga bisa mendapatkan izin yang diperlukan melalui peran khusus atau peran bawaan lainnya.

Mengaktifkan API

Anda harus mengaktifkan Model Armor API sebelum dapat menggunakan Model Armor.

Konsol

Enable the Model Armor API.
Roles required to enable APIs
To enable APIs, you need the Service Usage Admin IAM role (roles/serviceusage.serviceUsageAdmin), which contains the serviceusage.services.enable permission. Learn how to grant roles.
Enable the API
Pilih project tempat Anda ingin mengaktifkan Model Armor.

gcloud

Sebelum memulai, ikuti langkah-langkah berikut menggunakan Google Cloud CLI dengan Model Armor API:

In the Google Cloud console, activate Cloud Shell.

Activate Cloud Shell

At the bottom of the Google Cloud console, a Cloud Shell session starts and displays a command-line prompt. Cloud Shell is a shell environment with the Google Cloud CLI already installed and with values already set for your current project. It can take a few seconds for the session to initialize.

Jalankan perintah berikut untuk menggunakan endpoint API global:

gcloud config set api_endpoint_overrides/modelarmor "https://modelarmor.googleapis.com/"

Aplikasi setelan lantai

Setelan lokal selalu diterapkan. Misalnya, jika setelan minimum bertentangan, setelan yang lebih rendah dalam hierarki resource akan lebih diutamakan. Demikian pula, setelan minimum yang ditetapkan di tingkat project akan menggantikan setelan minimum yang bertentangan yang ditetapkan di tingkat folder di atasnya.

Tabel berikut mencantumkan cara setelan lantai diterapkan di berbagai lokasi:

Lokasi setelan minimum	Aplikasi
Tingkat organisasi	Berlaku untuk semua hal dalam organisasi.
Tingkat folder	Berlaku untuk semua project di dalam folder tertentu tersebut.
Level project	Hanya berlaku untuk satu project tertentu tersebut.

Untuk menggambarkan cara setelan minimum diterapkan saat ditetapkan di berbagai tingkat, pertimbangkan contoh skenario berikut. Misalkan Anda menetapkan setelan minimum yang mirip dengan berikut ini:

Setelan minimum tingkat folder (kurang spesifik): Semua konten dalam folder ini harus mengaktifkan filter URI berbahaya.
Setelan lantai tingkat project (lebih spesifik): Project Anda, yang berada di folder, harus menggunakan deteksi prompt injection dan jailbreak, yang ditetapkan ke keyakinan sedang.

Dalam skenario ini, setelan yang Anda tetapkan akan menyebabkan hal berikut terjadi:

Setiap template yang Anda buat di project harus menyertakan filter deteksi pembobolan dan injeksi perintah karena setelan level project selalu lebih diutamakan daripada setelan level folder.
Template yang dibuat di project lain, bahkan template yang dibuat di folder lain, tidak terpengaruh oleh aturan filter URI berbahaya dari folder pertama.

Setelan lantai hanya berlaku di tempat tertentu dalam hierarki, kecuali jika ditetapkan di tingkat organisasi, yang dalam hal ini setelan tersebut berlaku di seluruh organisasi.

Kesesuaian template dan setelan minimum

Saat template Model Armor dibuat atau diperbarui, Model Armor akan memeriksa apakah konfigurasi template sesuai dengan setelan minimum. Anda tidak dapat membuat atau memperbarui template yang kurang ketat daripada setelan minimum.

Setelan minimum dapat ditetapkan di tingkat organisasi, folder, dan project. Antarmuka pengguna hanya tersedia untuk level project dan memungkinkan Anda mewarisi setelan level organisasi atau folder. Untuk menetapkan setelan batas bawah di tingkat organisasi atau folder, Anda harus menggunakan API.

Integrasi dengan server MCP Google Cloud dan Vertex AI

Model Armor terintegrasi dengan server MCP Google Cloud dan Vertex AI untuk menyaring permintaan dan respons dari model Gemini dan server MCP jarak jauh berdasarkan setelan batas bawah yang Anda tentukan.Google Cloud Anda harus mengaktifkan Cloud Logging untuk mendapatkan visibilitas ke dalam perintah dan respons. Untuk mengetahui informasi selengkapnya, lihat Integrasi Model Armor dengan Vertex AI dan Integrasi Model Armor dengan server MCP Google Cloud

Mengonfigurasi setelan minimum

Anda menggunakan setelan minimum untuk mengonfigurasi nilai minimum deteksi untuk template Model Armor. Setelan ini memverifikasi bahwa semua template baru dan yang diubah memenuhi persyaratan tertentu.

Untuk mengonfigurasi setelan lantai, lakukan hal berikut:

Di konsol Google Cloud , buka halaman Model Armor.
Buka Model Armor
Pilih project.
Di halaman Model Armor, buka tab Setelan batas bawah, lalu klik Konfigurasi setelan batas bawah.
Di halaman Konfigurasi setelan lantai, pilih opsi konfigurasi.
Di bagian Deteksi, konfigurasi setelan deteksi.
Opsional: Jika Anda memilih deteksi Sensitive Data Protection, Anda harus mengonfigurasi setelan Sensitive Data Protection.
Di bagian Responsible AI, tetapkan tingkat keyakinan untuk setiap filter konten.

Catatan: Jika Anda tidak menentukan tingkat keyakinan, nilai defaultnya adalah Sedang ke atas.
Di bagian Layanan, pilih layanan tempat setelan lantai ini akan diterapkan.
Di bagian Logs, pilih Enable Cloud Logging untuk mencatat semua perintah pengguna, respons model, dan hasil detektor setelan lantai.
Pilih Aktifkan dukungan multi-bahasa untuk menggunakan setelan deteksi multi-bahasa.
Klik Simpan setelan lantai.

Tunggu beberapa menit hingga perubahan pada setelan lantai diterapkan.

Menentukan cara setelan minimum diwariskan

Saat mengonfigurasi setelan lantai, pilih opsi konfigurasi.

Mewarisi setelan minimum induk: Mewarisi setelan minimum yang ditetapkan lebih tinggi dalam hierarki resource. Klik Simpan setelan minimum dan lewati langkah-langkah berikutnya. Untuk melihat setelan yang diwariskan, buka tab Setelan lantai.

Catatan: Jika Anda mengaktifkan pewarisan, setelan lantai yang ada akan digantikan oleh setelan yang diwariskan.
Kustom: Tentukan setelan minimum untuk project ini. Setelan kustom yang Anda tentukan untuk project akan menggantikan setelan lantai yang diwarisi.
Nonaktifkan: Menonaktifkan setelan batas bawah yang diwariskan, yang berarti tidak ada aturan deteksi yang diterapkan ke template Model Armor dan Vertex AI untuk beban kerja Gemini Anda. Klik Simpan setelan lantai dan lewati langkah-langkah berikutnya. Lihat status dinonaktifkan di tab Setelan lantai.

Menentukan tempat setelan lantai diterapkan

Pilih salah satu layanan berikut tempat setelan lantai yang dikonfigurasi diterapkan.

Model Armor - Pembuatan & pembaruan template: Setiap template Model Armor baru dan yang diubah dalam project diperiksa untuk memastikan bahwa setelan minimum ditentukan sesuai dengan setelan minimum.

Catatan: Setelan lantai tidak memeriksa kesesuaian template dengan Perlindungan Data Sensitif.
Server MCP Google: Permintaan yang dikirim ke atau dari server MCP jarak jauh Google atau diperiksa untuk memastikan bahwa permintaan tersebut memenuhi nilai minimum setelan lantai. Google Cloud Untuk mengetahui informasi selengkapnya, lihat Integrasi Model Armor dengan server MCP Google Cloud (Pratinjau).
Vertex AI: Memeriksa permintaan yang dikirim ke model Gemini dan mencatat atau memblokir permintaan yang memenuhi nilai minimum setelan.

Jika Anda memilih Vertex AI, bagian Vertex AI akan ditampilkan tempat Anda dapat memilih cara penerapan setelan batas minimum.
- Hanya periksa: Mendeteksi permintaan yang tidak memenuhi setelan minimum, tetapi tidak memblokirnya.
- Periksa dan blokir pelanggaran: Mendeteksi dan memblokir permintaan yang tidak memenuhi setelan minimum.

Melihat setelan lantai Model Armor

Lihat setelan minimum Model Armor untuk memverifikasi setelan yang ada, untuk mengidentifikasi persyaratan minimum untuk aplikasi AI Anda, atau untuk memecahkan masalah saat template tidak berfungsi seperti yang diharapkan.

Jalankan perintah berikut untuk melihat setelan lantai Model Armor.

Konsol

Di konsol Google Cloud , buka halaman Model Armor.

Buka Model Armor
Pastikan Anda melihat project tempat Anda mengaktifkan Model Armor.
Di halaman Perlindungan Model, buka tab Setelan batas bawah. Jika setelan lantai ditetapkan di tingkat organisasi, Anda dapat melihatnya di sini. Jika setelan lantai tidak ditentukan, Anda harus mengonfigurasinya. Untuk mengetahui informasi selengkapnya, lihat Mengonfigurasi setelan lantai.

gcloud

Melihat setelan minimum Model Armor untuk project tertentu.

  gcloud model-armor floorsettings describe \
      --full-uri='projects/PROJECT_ID/locations/global/floorSetting'

Melihat setelan minimum Model Armor untuk organisasi tertentu.

  gcloud model-armor floorsettings describe \
      --full-uri='organizations/ORGANIZATION_ID/locations/global/floorSetting'

Melihat setelan minimum Model Armor untuk folder tertentu.
```
   gcloud model-armor floorsettings describe \
       --full-uri='folders/FOLDER_ID/locations/global/floorSetting'
```
Ganti kode berikut:
- PROJECT_ID: ID project untuk setelan lantai.
- FOLDER_ID: ID folder untuk setelan lantai.
- ORGANIZATION_ID: ID organisasi untuk setelan lantai.

REST

Melihat setelan minimum Model Armor untuk project tertentu.

curl -X GET \
  -H "Authorization: Bearer $(gcloud auth print-access-token)" \
  -H "Content-Type: application/json" \
  "https://modelarmor.googleapis.com/v1/projects/PROJECT_ID/locations/global/floorSetting"

Melihat setelan minimum Model Armor untuk folder tertentu.

curl -X GET \
  -H "Authorization: Bearer $(gcloud auth print-access-token)" \
  -H "Content-Type: application/json" \
  "https://modelarmor.googleapis.com/v1/folders/FOLDER_ID/locations/global/floorSetting"

Melihat setelan minimum Model Armor untuk organisasi tertentu.

curl -X GET \
  -H "Authorization: Bearer $(gcloud auth print-access-token)" \
  -H "Content-Type: application/json" \
  "https://modelarmor.googleapis.com/v1/organizations/ORGANIZATION_ID/locations/global/floorSetting"

Ganti kode berikut:

PROJECT_ID: ID project untuk setelan lantai.
FOLDER_ID: ID folder untuk setelan lantai.
ORGANIZATION_ID: ID organisasi untuk setelan lantai.

C#

Untuk menjalankan kode ini, pertama-tama siapkan lingkungan pengembangan C# dan instal Model Armor C# SDK.

Melihat setelan minimum Model Armor untuk project tertentu.

using Google.Cloud.ModelArmor.V1;
using System;

public class GetProjectFloorSettings
{
    public FloorSetting GetProjectFloorSetting(string projectId)
    {
        // Initialize client
        ModelArmorClient client = ModelArmorClient.Create();

        // Construct the resource name
        string name = $"projects/{projectId}/locations/global/floorSetting";

        // Create the request
        GetFloorSettingRequest request = new GetFloorSettingRequest { Name = name };

        // Make the request
        FloorSetting response = client.GetFloorSetting(request);

        Console.WriteLine($"Floor settings retrieved successfully: {response}");

        return response;
    }
}

Melihat setelan minimum Model Armor untuk folder tertentu.

using Google.Cloud.ModelArmor.V1;
using System;

public class GetFolderFloorSettings
{
    public FloorSetting GetFolderFloorSetting(string folderId)
    {
        // Initialize client.
        ModelArmorClient client = ModelArmorClient.Create();

        // Construct the resource name.
        string name = $"folders/{folderId}/locations/global/floorSetting";

        // Create the request.
        GetFloorSettingRequest request = new GetFloorSettingRequest { Name = name };

        // Make the request.
        FloorSetting response = client.GetFloorSetting(request);

        return response;
    }
}

Melihat setelan minimum Model Armor untuk organisasi tertentu.

using Google.Cloud.ModelArmor.V1;
using System;

public class GetOrganizationFloorSettings
{
    public FloorSetting GetOrganizationFloorSetting(string organizationId)
    {
        // Initialize client
        ModelArmorClient client = ModelArmorClient.Create();

        // Construct the resource name
        string name = $"organizations/{organizationId}/locations/global/floorSetting";

        // Create the request
        GetFloorSettingRequest request = new GetFloorSettingRequest { Name = name };

        // Make the request
        FloorSetting response = client.GetFloorSetting(request);

        Console.WriteLine($"Floor settings retrieved successfully: {response}");

        return response;
    }
}

Go

Untuk menjalankan kode ini, siapkan lingkungan pengembangan Go terlebih dahulu dan instal Model Armor Go SDK.

Melihat setelan minimum Model Armor untuk project tertentu.


import (
	"context"
	"fmt"
	"io"

	modelarmor "cloud.google.com/go/modelarmor/apiv1"
	modelarmorpb "cloud.google.com/go/modelarmor/apiv1/modelarmorpb"
)

// getProjectFloorSettings gets details of a single floor setting of a project.
//
// This method retrieves the details of a single floor setting of a project.
//
// w io.Writer: The writer to use for logging.
// projectID string: The ID of the project.
func getProjectFloorSettings(w io.Writer, projectID string) error {
	ctx := context.Background()

	// Create the Model Armor client.
	client, err := modelarmor.NewClient(ctx)
	if err != nil {
		return fmt.Errorf("failed to create client: %w", err)
	}
	defer client.Close()

	floorSettingsName := fmt.Sprintf("projects/%s/locations/global/floorSetting", projectID)

	// Get the project floor setting.
	req := &modelarmorpb.GetFloorSettingRequest{
		Name: floorSettingsName,
	}

	response, err := client.GetFloorSetting(ctx, req)
	if err != nil {
		return fmt.Errorf("failed to get floor setting: %w", err)
	}

	// Print the retrieved floor setting using fmt.Fprintf with the io.Writer.
	fmt.Fprintf(w, "Retrieved floor setting: %v\n", response)

	return nil
}

Melihat setelan minimum Model Armor untuk folder tertentu.


import (
	"context"
	"fmt"
	"io"

	modelarmor "cloud.google.com/go/modelarmor/apiv1"
	modelarmorpb "cloud.google.com/go/modelarmor/apiv1/modelarmorpb"
)

// getFolderFloorSettings gets details of a single floor setting of a folder.
//
// This method retrieves the details of a single floor setting of a folder.
//
// w io.Writer: The writer to use for logging.
// folderID string: The ID of the folder.
func getFolderFloorSettings(w io.Writer, folderID string) error {
	ctx := context.Background()

	// Create the Model Armor client.
	client, err := modelarmor.NewClient(ctx)
	if err != nil {
		return fmt.Errorf("failed to create client: %w", err)
	}
	defer client.Close()

	// Prepare folder floor setting path/name
	floorSettingsName := fmt.Sprintf("folders/%s/locations/global/floorSetting", folderID)

	// Get the folder floor setting.
	req := &modelarmorpb.GetFloorSettingRequest{
		Name: floorSettingsName,
	}

	response, err := client.GetFloorSetting(ctx, req)
	if err != nil {
		return fmt.Errorf("failed to get floor setting: %w", err)
	}

	// Print the retrieved floor setting using fmt.Fprintf with the io.Writer.
	fmt.Fprintf(w, "Retrieved folder floor setting: %v\n", response)

	return nil
}

Melihat setelan minimum Model Armor untuk organisasi tertentu.


import (
	"context"
	"fmt"
	"io"

	modelarmor "cloud.google.com/go/modelarmor/apiv1"
	modelarmorpb "cloud.google.com/go/modelarmor/apiv1/modelarmorpb"
)

// getOrganizationFloorSettings gets details of a single floor setting of an organization.
//
// This method retrieves the details of a single floor setting of an organization.
//
// w io.Writer: The writer to use for logging.
// organizationID string: The ID of the organization.
func getOrganizationFloorSettings(w io.Writer, organizationID string) error {
	ctx := context.Background()

	// Create the Model Armor client.
	client, err := modelarmor.NewClient(ctx)
	if err != nil {
		return fmt.Errorf("failed to create client: %w", err)
	}
	defer client.Close()

	floorSettingsName := fmt.Sprintf("organizations/%s/locations/global/floorSetting", organizationID)

	// Get the organization floor setting.
	req := &modelarmorpb.GetFloorSettingRequest{
		Name: floorSettingsName,
	}

	response, err := client.GetFloorSetting(ctx, req)
	if err != nil {
		return fmt.Errorf("failed to get floor setting: %w", err)
	}

	// Print the retrieved floor setting using fmt.Fprintf with the io.Writer.
	fmt.Fprintf(w, "Retrieved org floor setting: %v\n", response)

	return nil
}

Java

Untuk menjalankan kode ini, pertama-tama siapkan lingkungan pengembangan Java dan instal Model Armor Java SDK.

Melihat setelan minimum Model Armor untuk project tertentu.


import com.google.cloud.modelarmor.v1.FloorSetting;
import com.google.cloud.modelarmor.v1.FloorSettingName;
import com.google.cloud.modelarmor.v1.GetFloorSettingRequest;
import com.google.cloud.modelarmor.v1.ModelArmorClient;
import java.io.IOException;

public class GetProjectFloorSetting {

  public static void main(String[] args) throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    String projectId = "your-project-id";

    getProjectFloorSetting(projectId);
  }

  public static FloorSetting getProjectFloorSetting(String projectId) throws IOException {

    // Initialize client that will be used to send requests. This client only
    // needs to be created once, and can be reused for multiple requests.
    try (ModelArmorClient client = ModelArmorClient.create()) {
      String name = FloorSettingName.of(projectId, "global").toString();

      GetFloorSettingRequest request = GetFloorSettingRequest.newBuilder().setName(name).build();

      FloorSetting floorSetting = client.getFloorSetting(request);
      System.out.println("Fetched floor setting for project: " + projectId);

      return floorSetting;
    }
  }
}

Melihat setelan minimum Model Armor untuk folder tertentu.


import com.google.cloud.modelarmor.v1.FloorSetting;
import com.google.cloud.modelarmor.v1.FloorSettingName;
import com.google.cloud.modelarmor.v1.GetFloorSettingRequest;
import com.google.cloud.modelarmor.v1.ModelArmorClient;
import java.io.IOException;

public class GetFolderFloorSetting {

  public static void main(String[] args) throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    String folderId = "your-folder-id";

    getFolderFloorSetting(folderId);
  }

  public static FloorSetting getFolderFloorSetting(String folderId) throws IOException {

    // Initialize client that will be used to send requests. This client only
    // needs to be created once, and can be reused for multiple requests.
    try (ModelArmorClient client = ModelArmorClient.create()) {
      String name = FloorSettingName.ofFolderLocationName(folderId, "global").toString();

      GetFloorSettingRequest request = GetFloorSettingRequest.newBuilder().setName(name).build();

      FloorSetting floorSetting = client.getFloorSetting(request);
      System.out.println("Fetched floor setting for folder: " + folderId);

      return floorSetting;
    }
  }
}

Melihat setelan minimum Model Armor untuk organisasi tertentu.


import com.google.cloud.modelarmor.v1.FloorSetting;
import com.google.cloud.modelarmor.v1.FloorSettingName;
import com.google.cloud.modelarmor.v1.GetFloorSettingRequest;
import com.google.cloud.modelarmor.v1.ModelArmorClient;
import java.io.IOException;

public class GetOrganizationFloorSetting {

  public static void main(String[] args) throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    String organizationId = "your-organization-id";

    getOrganizationFloorSetting(organizationId);
  }

  public static FloorSetting getOrganizationFloorSetting(String organizationId) throws IOException {

    // Initialize client that will be used to send requests. This client only
    // needs to be created once, and can be reused for multiple requests.
    try (ModelArmorClient client = ModelArmorClient.create()) {
      String name = FloorSettingName.ofOrganizationLocationName(organizationId, "global")
          .toString();

      GetFloorSettingRequest request = GetFloorSettingRequest.newBuilder().setName(name).build();

      FloorSetting floorSetting = client.getFloorSetting(request);
      System.out.println("Fetched floor setting for organization: " + organizationId);

      return floorSetting;
    }
  }
}

Node.js

Untuk menjalankan kode ini, siapkan lingkungan pengembangan Node.js terlebih dahulu dan instal Model Armor Node.js SDK.

Melihat setelan minimum Model Armor untuk project tertentu.

/**
 * TODO(developer): Uncomment these variables before running the sample.
 */
// const projectId = 'your-project-id';

const name = `projects/${projectId}/locations/global/floorSetting`;

// Imports the Modelarmor library
const {ModelArmorClient} = require('@google-cloud/modelarmor').v1;

// Instantiates a client
const modelarmorClient = new ModelArmorClient();

async function getProjectFloorSettings() {
  // Construct request
  const request = {
    name,
  };

  // Run request
  const [response] = await modelarmorClient.getFloorSetting(request);
  return response;
}

return await getProjectFloorSettings();

Melihat setelan minimum Model Armor untuk folder tertentu.

/**
 * TODO(developer): Uncomment these variables before running the sample.
 */
// const folderId = 'your-folder-id';

const name = `folders/${folderId}/locations/global/floorSetting`;

// Imports the Modelarmor library
const {ModelArmorClient} = require('@google-cloud/modelarmor').v1;

// Instantiates a client
const modelarmorClient = new ModelArmorClient();

async function getFolderFloorSettings() {
  // Construct request
  const request = {
    name,
  };

  const [response] = await modelarmorClient.getFloorSetting(request);
  return response;
}

return await getFolderFloorSettings();

Melihat setelan minimum Model Armor untuk organisasi tertentu.

/**
 * TODO(developer): Uncomment these variables before running the sample.
 */
// const organizationId = 'your-organization-id';
const name = `organizations/${organizationId}/locations/global/floorSetting`;

// Imports the Modelarmor library
const {ModelArmorClient} = require('@google-cloud/modelarmor').v1;

// Instantiates a client
const modelarmorClient = new ModelArmorClient();

async function getOrganizationFloorSettings() {
  // Construct request
  const request = {
    name,
  };

  // Run request
  const [response] = await modelarmorClient.getFloorSetting(request);
  return response;
}

return await getOrganizationFloorSettings();

PHP

Untuk menjalankan kode ini, pertama-tama siapkan lingkungan pengembangan PHP dan instal Model Armor PHP SDK.

Melihat setelan minimum Model Armor untuk project tertentu.

use Google\Cloud\ModelArmor\V1\Client\ModelArmorClient;
use Google\Cloud\ModelArmor\V1\GetFloorSettingRequest;

/**
 * Gets the floor settings for a given project.
 *
 * @param string $projectId The project Id for which the floor settings is to be retrieved.
 *
 */
function get_project_floor_settings(string $projectId): void
{
    $client = new ModelArmorClient();

    $floorSettingsName = sprintf('projects/%s/locations/global/floorSetting', $projectId);

    $response = $client->getFloorSetting((new GetFloorSettingRequest())->setName($floorSettingsName));

    printf("Floor settings retrieved successfully: %s\n", $response->serializeToJsonString());
}

Melihat setelan minimum Model Armor untuk folder tertentu.

use Google\Cloud\ModelArmor\V1\Client\ModelArmorClient;
use Google\Cloud\ModelArmor\V1\GetFloorSettingRequest;

/**
 * Gets the floor settings for a given folder.
 *
 * @param string $folderId The folder Id for which the floor settings is to be retrieved.
 *
 */
function get_folder_floor_settings(string $folderId): void
{
    $client = new ModelArmorClient();

    $floorSettingsName = sprintf('folders/%s/locations/global/floorSetting', $folderId);

    $response = $client->getFloorSetting((new GetFloorSettingRequest())->setName($floorSettingsName));

    printf("Floor settings retrieved successfully: %s\n", $response->serializeToJsonString());
}

Melihat setelan minimum Model Armor untuk organisasi tertentu.

use Google\Cloud\ModelArmor\V1\Client\ModelArmorClient;
use Google\Cloud\ModelArmor\V1\GetFloorSettingRequest;

/**
 * Gets the floor settings for a given organization.
 *
 * @param string $organizationId The organization Id for which the floor settings is to be retrieved.
 *
 */
function get_organization_floor_settings(string $organizationId): void
{
    $client = new ModelArmorClient();

    $floorSettingsName = sprintf('organizations/%s/locations/global/floorSetting', $organizationId);

    $response = $client->getFloorSetting((new GetFloorSettingRequest())->setName($floorSettingsName));

    printf("Floor settings retrieved successfully: %s\n", $response->serializeToJsonString());
}

Python

Untuk menjalankan kode ini, siapkan lingkungan pengembangan Python terlebih dahulu dan instal Model Armor Python SDK.

Melihat setelan minimum Model Armor untuk project tertentu.


from google.cloud import modelarmor_v1

# Create the Model Armor client.
client = modelarmor_v1.ModelArmorClient(transport="rest")

# TODO(Developer): Uncomment below variable.
# project_id = "YOUR_PROJECT_ID"

floor_settings_name = f"projects/{project_id}/locations/global/floorSetting"

# Get the project floor setting.
response = client.get_floor_setting(
    request=modelarmor_v1.GetFloorSettingRequest(name=floor_settings_name)
)

# Print the retrieved floor setting.
print(response)

Melihat setelan minimum Model Armor untuk folder tertentu.


from google.cloud import modelarmor_v1

# Create the Model Armor client.
client = modelarmor_v1.ModelArmorClient(transport="rest")

# TODO(Developer): Uncomment below variable.
# folder_id = "YOUR_FOLDER_ID"

# Prepare folder floor setting path/name
floor_settings_name = f"folders/{folder_id}/locations/global/floorSetting"

# Get the folder floor setting.
response = client.get_floor_setting(
    request=modelarmor_v1.GetFloorSettingRequest(name=floor_settings_name)
)

# Print the retrieved floor setting.
print(response)

Melihat setelan minimum Model Armor untuk organisasi tertentu.


from google.cloud import modelarmor_v1

# Create the Model Armor client.
client = modelarmor_v1.ModelArmorClient(transport="rest")

# TODO(Developer): Uncomment below variable.
# organization_id = "YOUR_ORGANIZATION_ID"

floor_settings_name = (
    f"organizations/{organization_id}/locations/global/floorSetting"
)

# Get the organization floor setting.
response = client.get_floor_setting(
    request=modelarmor_v1.GetFloorSettingRequest(name=floor_settings_name)
)

# Print the retrieved floor setting.
print(response)

Memperbarui setelan batas bawah Model Armor

Perbarui setelan minimum Model Armor untuk mengubah persyaratan minimum template agar mencerminkan perubahan dalam kebijakan keamanan, memperbaiki kesalahan konfigurasi, atau menyelesaikan konflik antara setelan minimum.

Jalankan perintah berikut untuk memperbarui setelan lantai Model Armor.

Konsol

Di konsol Google Cloud , buka halaman Model Armor.

Buka Model Armor
Pastikan Anda melihat project tempat Anda mengaktifkan Model Armor.
Di halaman Model Armor, buka tab Setelan minimum, lalu klik Konfigurasi setelan minimum.
Perbarui kolom yang wajib diisi, lalu klik Simpan setelan lantai.

gcloud

   gcloud model-armor floorsettings update --full-uri=<full-uri-of-the-floorsetting>

Contoh perintah:

       gcloud model-armor floorsettings update \
           --malicious-uri-filter-settings-enforcement=ENABLED \
           --pi-and-jailbreak-filter-settings-enforcement=DISABLED \
           --pi-and-jailbreak-filter-settings-confidence-level=LOW_AND_ABOVE \
           --basic-config-filter-enforcement=ENABLED \
           --add-rai-settings-filters='[{"confidenceLevel": "low_and_above", "filterType": "HARASSMENT"}, {"confidenceLevel": "high", "filterType": "SEXUALLY_EXPLICIT"}]'
           --full-uri='folders/FOLDER_ID/locations/global/floorSetting' \
           --enable-floor-setting-enforcement=true

Untuk mengonfigurasi setelan lantai dengan deteksi multi-bahasa diaktifkan, jalankan perintah berikut:

    gcloud model-armor floorsettings update \
        --full-uri=projects/PROJECT_ID/locations/global/floorSetting \
        --enable-multi-language-detection

Ganti kode berikut:

PROJECT_ID: ID project untuk setelan lantai.
FOLDER_ID: ID folder untuk setelan lantai.

REST

Memperbarui setelan lantai Model Armor untuk project tertentu.

curl -X PATCH
  -d '{"filterConfig" :{"piAndJailbreakFilterSettings": { "filterEnforcement": "ENABLED"}, "maliciousUriFilterSettings": { "filterEnforcement": "ENABLED" }, "rai_settings":{"rai_filters":{"filter_type":"DANGEROUS", "confidence_level":"LOW_AND_ABOVE" }, \
  "rai_filters":{"filter_type":"HATE_SPEECH", "confidence_level":"LOW_AND_ABOVE" }, "rai_filters":{"filter_type":"HARASSMENT", "confidence_level":"LOW_AND_ABOVE" }, "rai_filters":{"filter_type":"SEXUALLY_EXPLICIT", "confidence_level":"LOW_AND_ABOVE" }}},"enableFloorSettingEnforcement":"true"}' \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $(gcloud auth print-access-token) \
  "https://modelarmor.googleapis.com/v1/projects/PROJECT_ID/locations/global/floorSetting"

Memperbarui setelan lantai Model Armor untuk folder tertentu.

curl -X PATCH \
  -d '{"filterConfig" :{"piAndJailbreakFilterSettings": { "filterEnforcement": "ENABLED"}, "maliciousUriFilterSettings": {"filterEnforcement": "ENABLED" }},"enableFloorSettingEnforcement":"true"}' \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $(gcloud auth print-access-token)" \
  "https://modelarmor.googleapis.com/v1/folders/FOLDER_ID/locations/global/floorSetting"

Memperbarui setelan lantai Model Armor untuk organisasi tertentu.

curl -X PATCH \
  -d '{"filterConfig" :{"piAndJailbreakFilterSettings": { "filterEnforcement": "ENABLED"}, "maliciousUriFilterSettings": {
      "filterEnforcement": "ENABLED" }},"enableFloorSettingEnforcement":"true"}' \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $(gcloud auth print-access-token)" \
      "https://modelarmor.googleapis.com/v1/organizations/ORGANIZATION_ID/locations/global/floorSetting"

Ganti kode berikut:

PROJECT_ID: ID project untuk setelan lantai.
FOLDER_ID: ID folder untuk setelan lantai.
ORGANIZATION_ID: ID organisasi untuk setelan lantai.

Perintah update menampilkan respons berikut:

{
"name": "projects/PROJECT_ID/locations/global/floorSetting",
"updateTime": "2024-12-19T15:36:21.318191Z",
"filterConfig": {
"piAndJailbreakFilterSettings": {
  "filterEnforcement": "ENABLED"
},
"maliciousUriFilterSettings": {
"filterEnforcement": "ENABLED"
}
}
}

C#

Untuk menjalankan kode ini, pertama-tama siapkan lingkungan pengembangan C# dan instal Model Armor C# SDK.

Memperbarui setelan lantai Model Armor untuk project tertentu.

using Google.Cloud.ModelArmor.V1;
using System;

public class UpdateProjectFloorSettings
{
    public FloorSetting UpdateProjectFloorSetting(string projectId)
    {
        // Create the client
        ModelArmorClient client = ModelArmorClient.Create();

        // Construct the floor settings name
        string floorSettingsName = $"projects/{projectId}/locations/global/floorSetting";

        // Build the floor settings with your preferred filters
        // For more details on filters, please refer to the following doc:
        // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
        var raiFilter = new RaiFilterSettings.Types.RaiFilter
        {
            FilterType = RaiFilterType.HateSpeech,
            ConfidenceLevel = DetectionConfidenceLevel.High,
        };

        var raiFilterSettings = new RaiFilterSettings();
        raiFilterSettings.RaiFilters.Add(raiFilter);

        var filterConfig = new FilterConfig { RaiSettings = raiFilterSettings };

        var floorSetting = new FloorSetting
        {
            Name = floorSettingsName,
            FilterConfig = filterConfig,
            EnableFloorSettingEnforcement = true,
        };

        // Create the update request
        var updateRequest = new UpdateFloorSettingRequest { FloorSetting = floorSetting };

        // Update the floor settings
        FloorSetting response = client.UpdateFloorSetting(updateRequest);

        Console.WriteLine($"Floor setting updated: {response.Name}");

        return response;
    }
}

Memperbarui setelan lantai Model Armor untuk folder tertentu.

using Google.Cloud.ModelArmor.V1;
using System;

public class UpdateFolderFloorSettings
{
    public FloorSetting UpdateFolderFloorSetting(string folderId)
    {
        // Create the client
        ModelArmorClient client = ModelArmorClient.Create();

        // Construct the floor settings name
        string floorSettingsName = $"folders/{folderId}/locations/global/floorSetting";

        // Build the floor settings with your preferred filters
        // For more details on filters, please refer to the following doc:
        // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
        var raiFilter = new RaiFilterSettings.Types.RaiFilter
        {
            FilterType = RaiFilterType.HateSpeech,
            ConfidenceLevel = DetectionConfidenceLevel.High,
        };

        var raiFilterSettings = new RaiFilterSettings();
        raiFilterSettings.RaiFilters.Add(raiFilter);

        var filterConfig = new FilterConfig { RaiSettings = raiFilterSettings };

        var floorSetting = new FloorSetting
        {
            Name = floorSettingsName,
            FilterConfig = filterConfig,
            EnableFloorSettingEnforcement = true,
        };

        // Create the update request
        var updateRequest = new UpdateFloorSettingRequest { FloorSetting = floorSetting };

        // Update the floor settings
        FloorSetting response = client.UpdateFloorSetting(updateRequest);

        Console.WriteLine($"Floor setting updated: {response.Name}");

        return response;
    }
}

Memperbarui setelan lantai Model Armor untuk organisasi tertentu.

using Google.Cloud.ModelArmor.V1;
using System;

public class UpdateOrganizationFloorSettings
{
    public FloorSetting UpdateOrganizationFloorSetting(string organizationId)
    {
        // Create the client
        ModelArmorClient client = ModelArmorClient.Create();

        // Construct the floor settings name
        string floorSettingsName = $"organizations/{organizationId}/locations/global/floorSetting";

        // Build the floor settings with your preferred filters
        // For more details on filters, please refer to the following doc:
        // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
        var raiFilter = new RaiFilterSettings.Types.RaiFilter
        {
            FilterType = RaiFilterType.HateSpeech,
            ConfidenceLevel = DetectionConfidenceLevel.High,
        };

        var raiFilterSettings = new RaiFilterSettings();
        raiFilterSettings.RaiFilters.Add(raiFilter);

        var filterConfig = new FilterConfig { RaiSettings = raiFilterSettings };

        var floorSetting = new FloorSetting
        {
            Name = floorSettingsName,
            FilterConfig = filterConfig,
            EnableFloorSettingEnforcement = true,
        };

        // Create the update request
        var updateRequest = new UpdateFloorSettingRequest { FloorSetting = floorSetting };

        // Update the floor settings
        FloorSetting response = client.UpdateFloorSetting(updateRequest);

        Console.WriteLine($"Floor setting updated: {response.Name}");

        return response;
    }
}

Go

Untuk menjalankan kode ini, siapkan lingkungan pengembangan Go terlebih dahulu dan instal Model Armor Go SDK.

Memperbarui setelan lantai Model Armor untuk project tertentu.


import (
	"context"
	"fmt"
	"io"

	modelarmor "cloud.google.com/go/modelarmor/apiv1"
	modelarmorpb "cloud.google.com/go/modelarmor/apiv1/modelarmorpb"
)

// updateProjectFloorSettings updates the floor settings of a project.
//
// This method updates the floor settings of a project.
//
// w io.Writer: The writer to use for logging.
// projectID string: The ID of the project.
func updateProjectFloorSettings(w io.Writer, projectID string) error {
	ctx := context.Background()

	// Create the Model Armor client.
	client, err := modelarmor.NewClient(ctx)
	if err != nil {
		return fmt.Errorf("failed to create client: %w", err)
	}
	defer client.Close()

	// Prepare project floor setting path/name
	floorSettingsName := fmt.Sprintf("projects/%s/locations/global/floorSetting", projectID)

	// Update the project floor setting
	// For more details on filters, please refer to the following doc:
	// [https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters](https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters)
	enableEnforcement := true
	req := &modelarmorpb.UpdateFloorSettingRequest{
		FloorSetting: &modelarmorpb.FloorSetting{
			Name: floorSettingsName,
			FilterConfig: &modelarmorpb.FilterConfig{
				RaiSettings: &modelarmorpb.RaiFilterSettings{
					RaiFilters: []*modelarmorpb.RaiFilterSettings_RaiFilter{
						{
							FilterType:      modelarmorpb.RaiFilterType_HATE_SPEECH,
							ConfidenceLevel: modelarmorpb.DetectionConfidenceLevel_HIGH,
						},
					},
				},
			},
			EnableFloorSettingEnforcement: &enableEnforcement,
		},
	}

	response, err := client.UpdateFloorSetting(ctx, req)
	if err != nil {
		return fmt.Errorf("failed to update floor setting: %w", err)
	}

	// Print the updated config
	fmt.Fprintf(w, "Updated project floor setting: %+v\n", response)

	return nil
}

Memperbarui setelan lantai Model Armor untuk folder tertentu.


import (
	"context"
	"fmt"
	"io"

	modelarmor "cloud.google.com/go/modelarmor/apiv1"
	modelarmorpb "cloud.google.com/go/modelarmor/apiv1/modelarmorpb"
)

// updateFolderFloorSettings updates floor settings of a folder.
//
// This method updates the floor settings of a folder.
//
// w io.Writer: The writer to use for logging.
// folderID string: The ID of the folder.
func updateFolderFloorSettings(w io.Writer, folderID string) error {
	ctx := context.Background()

	// Create the Model Armor client.
	client, err := modelarmor.NewClient(ctx)
	if err != nil {
		return fmt.Errorf("failed to create client: %w", err)
	}
	defer client.Close()

	// Prepare folder floor settings path/name
	floorSettingsName := fmt.Sprintf("folders/%s/locations/global/floorSetting", folderID)

	// Prepare the floor setting update
	enableEnforcement := true
	floorSetting := &modelarmorpb.FloorSetting{
		Name: floorSettingsName,
		FilterConfig: &modelarmorpb.FilterConfig{
			RaiSettings: &modelarmorpb.RaiFilterSettings{
				RaiFilters: []*modelarmorpb.RaiFilterSettings_RaiFilter{
					{
						FilterType:      modelarmorpb.RaiFilterType_HATE_SPEECH,
						ConfidenceLevel: modelarmorpb.DetectionConfidenceLevel_HIGH,
					},
				},
			},
		},
		EnableFloorSettingEnforcement: &enableEnforcement,
	}

	// Prepare request for updating the floor setting.
	req := &modelarmorpb.UpdateFloorSettingRequest{
		FloorSetting: floorSetting,
	}

	// Update the floor setting.
	response, err := client.UpdateFloorSetting(ctx, req)
	if err != nil {
		return fmt.Errorf("failed to update floor setting: %w", err)
	}

	// Print the updated config
	fmt.Fprintf(w, "Updated folder floor setting: %v\n", response)

	return nil

}

Memperbarui setelan lantai Model Armor untuk organisasi tertentu.


import (
	"context"
	"fmt"
	"io"

	modelarmor "cloud.google.com/go/modelarmor/apiv1"
	modelarmorpb "cloud.google.com/go/modelarmor/apiv1/modelarmorpb"
)

// updateOrganizationFloorSettings updates floor settings of an organization.
//
// This method updates the floor settings of an organization.
//
// w io.Writer: The writer to use for logging.
// organizationID string: The ID of the organization.
func updateOrganizationFloorSettings(w io.Writer, organizationID string) error {
	ctx := context.Background()

	// Create the Model Armor client.
	client, err := modelarmor.NewClient(ctx)
	if err != nil {
		return fmt.Errorf("failed to create client: %w", err)
	}
	defer client.Close()

	// Prepare organization floor setting path/name
	floorSettingsName := fmt.Sprintf("organizations/%s/locations/global/floorSetting", organizationID)

	// Update the organization floor setting
	// For more details on filters, please refer to the following doc:
	// [https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters](https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters)
	enableEnforcement := true
	req := &modelarmorpb.UpdateFloorSettingRequest{
		FloorSetting: &modelarmorpb.FloorSetting{
			Name: floorSettingsName,
			FilterConfig: &modelarmorpb.FilterConfig{
				RaiSettings: &modelarmorpb.RaiFilterSettings{
					RaiFilters: []*modelarmorpb.RaiFilterSettings_RaiFilter{
						{
							FilterType:      modelarmorpb.RaiFilterType_HATE_SPEECH,
							ConfidenceLevel: modelarmorpb.DetectionConfidenceLevel_HIGH,
						},
					},
				},
			},
			EnableFloorSettingEnforcement: &enableEnforcement,
		},
	}

	response, err := client.UpdateFloorSetting(ctx, req)
	if err != nil {
		return fmt.Errorf("failed to update floor setting: %w", err)
	}

	// Print the updated config
	fmt.Fprintf(w, "Updated org floor setting: %+v\n", response)

Java

Untuk menjalankan kode ini, pertama-tama siapkan lingkungan pengembangan Java dan instal Model Armor Java SDK.

Memperbarui setelan lantai Model Armor untuk project tertentu.


import com.google.cloud.modelarmor.v1.DetectionConfidenceLevel;
import com.google.cloud.modelarmor.v1.FilterConfig;
import com.google.cloud.modelarmor.v1.FloorSetting;
import com.google.cloud.modelarmor.v1.FloorSettingName;
import com.google.cloud.modelarmor.v1.ModelArmorClient;
import com.google.cloud.modelarmor.v1.RaiFilterSettings;
import com.google.cloud.modelarmor.v1.RaiFilterSettings.RaiFilter;
import com.google.cloud.modelarmor.v1.RaiFilterType;
import com.google.cloud.modelarmor.v1.UpdateFloorSettingRequest;
import com.google.protobuf.FieldMask;
import java.io.IOException;
import java.util.List;

public class UpdateProjectFloorSetting {

  public static void main(String[] args) throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    String projectId = "your-project-id";

    updateProjectFloorSetting(projectId);
  }

  public static FloorSetting updateProjectFloorSetting(String projectId)
      throws IOException {

    // Initialize client that will be used to send requests. This client only
    // needs to be created once, and can be reused for multiple requests.
    try (ModelArmorClient client = ModelArmorClient.create()) {
      String name = FloorSettingName.of(projectId, "global").toString();

      // For more details on filters, please refer to the following doc:
      // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
      RaiFilterSettings raiFilterSettings =
          RaiFilterSettings.newBuilder()
              .addAllRaiFilters(
                  List.of(
                      RaiFilter.newBuilder()
                          .setFilterType(RaiFilterType.HARASSMENT)
                          .setConfidenceLevel(DetectionConfidenceLevel.LOW_AND_ABOVE)
                          .build(),
                      RaiFilter.newBuilder()
                          .setFilterType(RaiFilterType.SEXUALLY_EXPLICIT)
                          .setConfidenceLevel(DetectionConfidenceLevel.HIGH)
                          .build()))
              .build();

      FilterConfig modelArmorFilter = FilterConfig.newBuilder()
          .setRaiSettings(raiFilterSettings)
          .build();

      // Create a field mask to specify which fields to update.
      // Ref: https://protobuf.dev/reference/protobuf/google.protobuf/#field-mask
      FieldMask updateMask = FieldMask.newBuilder().addPaths("filter_config.rai_settings").build();

      FloorSetting floorSetting = FloorSetting.newBuilder()
          .setName(name)
          .setFilterConfig(modelArmorFilter)
          .setEnableFloorSettingEnforcement(true)
          .build();

      UpdateFloorSettingRequest request = UpdateFloorSettingRequest.newBuilder()
          .setFloorSetting(floorSetting)
          .setUpdateMask(updateMask)
          .build();

      FloorSetting updatedFloorSetting = client.updateFloorSetting(request);
      System.out.println("Updated floor setting for project: " + projectId);

      return updatedFloorSetting;
    }
  }
}

Memperbarui setelan lantai Model Armor untuk folder tertentu.


import com.google.cloud.modelarmor.v1.DetectionConfidenceLevel;
import com.google.cloud.modelarmor.v1.FilterConfig;
import com.google.cloud.modelarmor.v1.FloorSetting;
import com.google.cloud.modelarmor.v1.FloorSettingName;
import com.google.cloud.modelarmor.v1.ModelArmorClient;
import com.google.cloud.modelarmor.v1.RaiFilterSettings;
import com.google.cloud.modelarmor.v1.RaiFilterSettings.RaiFilter;
import com.google.cloud.modelarmor.v1.RaiFilterType;
import com.google.cloud.modelarmor.v1.UpdateFloorSettingRequest;
import com.google.protobuf.FieldMask;
import java.io.IOException;
import java.util.List;

public class UpdateFolderFloorSetting {

  public static void main(String[] args) throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    String folderId = "your-folder-id";

    updateFolderFloorSetting(folderId);
  }

  public static FloorSetting updateFolderFloorSetting(String folderId)
      throws IOException {

    // Initialize client that will be used to send requests. This client only
    // needs to be created once, and can be reused for multiple requests.
    try (ModelArmorClient client = ModelArmorClient.create()) {
      String name = FloorSettingName.ofFolderLocationName(folderId, "global").toString();

      // For more details on filters, please refer to the following doc:
      // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
      RaiFilterSettings raiFilterSettings =
          RaiFilterSettings.newBuilder()
              .addAllRaiFilters(
                  List.of(
                      RaiFilter.newBuilder()
                          .setFilterType(RaiFilterType.HARASSMENT)
                          .setConfidenceLevel(DetectionConfidenceLevel.LOW_AND_ABOVE)
                          .build(),
                      RaiFilter.newBuilder()
                          .setFilterType(RaiFilterType.SEXUALLY_EXPLICIT)
                          .setConfidenceLevel(DetectionConfidenceLevel.HIGH)
                          .build()))
              .build();

      FilterConfig modelArmorFilter = FilterConfig.newBuilder()
          .setRaiSettings(raiFilterSettings)
          .build();

      // Create a field mask to specify which fields to update.
      // Ref: https://protobuf.dev/reference/protobuf/google.protobuf/#field-mask
      FieldMask updateMask = FieldMask.newBuilder().addPaths("filter_config.rai_settings").build();

      FloorSetting floorSetting = FloorSetting.newBuilder()
          .setName(name)
          .setFilterConfig(modelArmorFilter)
          .setEnableFloorSettingEnforcement(true)
          .build();

      UpdateFloorSettingRequest request = UpdateFloorSettingRequest.newBuilder()
          .setFloorSetting(floorSetting)
          .setUpdateMask(updateMask)
          .build();

      FloorSetting updatedFloorSetting = client.updateFloorSetting(request);
      System.out.println("Updated floor setting for folder: " + folderId);

      return updatedFloorSetting;
    }
  }
}

Memperbarui setelan lantai Model Armor untuk organisasi tertentu.


import com.google.cloud.modelarmor.v1.DetectionConfidenceLevel;
import com.google.cloud.modelarmor.v1.FilterConfig;
import com.google.cloud.modelarmor.v1.FloorSetting;
import com.google.cloud.modelarmor.v1.FloorSettingName;
import com.google.cloud.modelarmor.v1.ModelArmorClient;
import com.google.cloud.modelarmor.v1.RaiFilterSettings;
import com.google.cloud.modelarmor.v1.RaiFilterSettings.RaiFilter;
import com.google.cloud.modelarmor.v1.RaiFilterType;
import com.google.cloud.modelarmor.v1.UpdateFloorSettingRequest;
import com.google.protobuf.FieldMask;
import java.io.IOException;
import java.util.List;

public class UpdateOrganizationsFloorSetting {

  public static void main(String[] args) throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    String organizationId = "your-organization-id";

    updateOrganizationFloorSetting(organizationId);
  }

  public static FloorSetting updateOrganizationFloorSetting(String organizationId)
      throws IOException {

    // Initialize client that will be used to send requests. This client only
    // needs to be created once, and can be reused for multiple requests.
    try (ModelArmorClient client = ModelArmorClient.create()) {
      String name = FloorSettingName.ofOrganizationLocationName(organizationId, "global")
          .toString();

      // For more details on filters, please refer to the following doc:
      // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
      RaiFilterSettings raiFilterSettings =
          RaiFilterSettings.newBuilder()
              .addAllRaiFilters(
                  List.of(
                      RaiFilter.newBuilder()
                          .setFilterType(RaiFilterType.HARASSMENT)
                          .setConfidenceLevel(DetectionConfidenceLevel.LOW_AND_ABOVE)
                          .build(),
                      RaiFilter.newBuilder()
                          .setFilterType(RaiFilterType.SEXUALLY_EXPLICIT)
                          .setConfidenceLevel(DetectionConfidenceLevel.HIGH)
                          .build()))
              .build();

      FilterConfig modelArmorFilter = FilterConfig.newBuilder()
          .setRaiSettings(raiFilterSettings)
          .build();

      // Create a field mask to specify which fields to update.
      // Ref: https://protobuf.dev/reference/protobuf/google.protobuf/#field-mask
      FieldMask updateMask = FieldMask.newBuilder()
          .addPaths("filter_config.rai_settings")
          .build();

      FloorSetting floorSetting = FloorSetting.newBuilder()
          .setName(name)
          .setFilterConfig(modelArmorFilter)
          .setEnableFloorSettingEnforcement(true)
          .build();

      UpdateFloorSettingRequest request = UpdateFloorSettingRequest.newBuilder()
          .setFloorSetting(floorSetting)
          .setUpdateMask(updateMask)
          .build();

      FloorSetting updatedFloorSetting = client.updateFloorSetting(request);
      System.out.println("Updated floor setting for organization: " + organizationId);

      return updatedFloorSetting;
    }
  }
}

Node.js

Untuk menjalankan kode ini, siapkan lingkungan pengembangan Node.js terlebih dahulu dan instal Model Armor Node.js SDK.

Memperbarui setelan lantai Model Armor untuk project tertentu.

/**
 * TODO(developer): Uncomment these variables before running the sample.
 */
// const projectId = 'your-project-id';

const modelarmor = require('@google-cloud/modelarmor');
const {ModelArmorClient} = modelarmor.v1;
const {protos} = modelarmor;

// Initiate client
const client = new ModelArmorClient();

async function updateProjectFloorSettings() {
  const floorSettingsName = `projects/${projectId}/locations/global/floorSetting`;

  // Build the floor settings with your preferred filters
  // For more details on filters, please refer to the following doc:
  // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
  const floorSetting = {
    name: floorSettingsName,
    filterConfig: {
      raiSettings: {
        raiFilters: [
          {
            filterType:
              protos.google.cloud.modelarmor.v1.RaiFilterType.HARASSMENT,
            confidenceLevel:
              protos.google.cloud.modelarmor.v1.DetectionConfidenceLevel
                .LOW_AND_ABOVE,
          },
          {
            filterType:
              protos.google.cloud.modelarmor.v1.RaiFilterType
                .SEXUALLY_EXPLICIT,
            confidenceLevel:
              protos.google.cloud.modelarmor.v1.DetectionConfidenceLevel
                .LOW_AND_ABOVE,
          },
        ],
      },
    },
    enableFloorSettingEnforcement: true,
  };

  const request = {
    floorSetting: floorSetting,
  };

  const [response] = await client.updateFloorSetting(request);
  return response;
}

return await updateProjectFloorSettings();

Memperbarui setelan lantai Model Armor untuk folder tertentu.

/**
 * TODO(developer): Uncomment these variables before running the sample.
 */
// const folderId = 'your-folder-id';

// Imports the Model Armor library
const modelarmor = require('@google-cloud/modelarmor');
const {ModelArmorClient} = modelarmor.v1;
const {protos} = modelarmor;

// Instantiates a client
const client = new ModelArmorClient();

async function updateFolderFloorSettings() {
  const floorSettingsName = `folders/${folderId}/locations/global/floorSetting`;

  // Build the floor settings with your preferred filters
  // For more details on filters, please refer to the following doc:
  // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
  const floorSetting = {
    name: floorSettingsName,
    filterConfig: {
      raiSettings: {
        raiFilters: [
          {
            filterType:
              protos.google.cloud.modelarmor.v1.RaiFilterType.HARASSMENT,
            confidenceLevel:
              protos.google.cloud.modelarmor.v1.DetectionConfidenceLevel
                .LOW_AND_ABOVE,
          },
          {
            filterType:
              protos.google.cloud.modelarmor.v1.RaiFilterType
                .SEXUALLY_EXPLICIT,
            confidenceLevel:
              protos.google.cloud.modelarmor.v1.DetectionConfidenceLevel
                .LOW_AND_ABOVE,
          },
        ],
      },
    },
    enableFloorSettingEnforcement: true,
  };

  const request = {
    floorSetting: floorSetting,
  };

  const [response] = await client.updateFloorSetting(request);
  return response;
}

return await updateFolderFloorSettings();

Memperbarui setelan lantai Model Armor untuk organisasi tertentu.

/**
 * TODO(developer): Uncomment these variables before running the sample.
 */
// const organizationId = 'your-organization-id';

const modelarmor = require('@google-cloud/modelarmor');
const {ModelArmorClient} = modelarmor.v1;
const {protos} = modelarmor;

const client = new ModelArmorClient();

async function updateOrganizationFloorSettings() {
  const floorSettingsName = `organizations/${organizationId}/locations/global/floorSetting`;

  // Build the floor settings with your preferred filters
  // For more details on filters, please refer to the following doc:
  // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
  const floorSetting = {
    name: floorSettingsName,
    filterConfig: {
      raiSettings: {
        raiFilters: [
          {
            filterType:
              protos.google.cloud.modelarmor.v1.RaiFilterType.HARASSMENT,
            confidenceLevel:
              protos.google.cloud.modelarmor.v1.DetectionConfidenceLevel
                .LOW_AND_ABOVE,
          },
          {
            filterType:
              protos.google.cloud.modelarmor.v1.RaiFilterType
                .SEXUALLY_EXPLICIT,
            confidenceLevel:
              protos.google.cloud.modelarmor.v1.DetectionConfidenceLevel
                .LOW_AND_ABOVE,
          },
        ],
      },
    },
    enableFloorSettingEnforcement: true,
  };

  const request = {
    floorSetting: floorSetting,
  };

  const [response] = await client.updateFloorSetting(request);
  return response;
}

return await updateOrganizationFloorSettings();

PHP

Untuk menjalankan kode ini, pertama-tama siapkan lingkungan pengembangan PHP dan instal Model Armor PHP SDK.

Memperbarui setelan lantai Model Armor untuk project tertentu.

use Google\Cloud\ModelArmor\V1\Client\ModelArmorClient;
use Google\Cloud\ModelArmor\V1\RaiFilterType;
use Google\Cloud\ModelArmor\V1\DetectionConfidenceLevel;
use Google\Cloud\ModelArmor\V1\UpdateFloorSettingRequest;
use Google\Cloud\ModelArmor\V1\FilterConfig;
use Google\Cloud\ModelArmor\V1\FloorSetting;
use Google\Cloud\ModelArmor\V1\RaiFilterSettings;
use Google\Cloud\ModelArmor\V1\RaiFilterSettings\RaiFilter;

/**
 * Updates the floor settings for a given project.
 *
 * @param string $projectId The project Id for which the floor settings is to be updated.
 *
 */
function update_project_floor_settings(string $projectId): void
{
    $client = new ModelArmorClient();

    $floorSettingsName = sprintf('projects/%s/locations/global/floorSetting', $projectId);

    // Build the floor settings with your preferred filters
    // For more details on filters, please refer to the following doc:
    // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters

    $raiFilterSetting = (new RaiFilterSettings())
        ->setRaiFilters([
            (new RaiFilter())
                ->setFilterType(RaiFilterType::HATE_SPEECH)
                ->setConfidenceLevel(DetectionConfidenceLevel::HIGH)
        ]);

    $filterConfig = (new FilterConfig())->setRaiSettings($raiFilterSetting);
    $floorSetting = (new FloorSetting())
        ->setName($floorSettingsName)
        ->setFilterConfig($filterConfig)
        ->setEnableFloorSettingEnforcement(true);

    $updateRequest = (new UpdateFloorSettingRequest())->setFloorSetting($floorSetting);

    $response = $client->updateFloorSetting($updateRequest);

    printf("Floor setting updated: %s\n", $response->getName());
}

Memperbarui setelan lantai Model Armor untuk folder tertentu.

use Google\Cloud\ModelArmor\V1\Client\ModelArmorClient;
use Google\Cloud\ModelArmor\V1\RaiFilterType;
use Google\Cloud\ModelArmor\V1\DetectionConfidenceLevel;
use Google\Cloud\ModelArmor\V1\UpdateFloorSettingRequest;
use Google\Cloud\ModelArmor\V1\FilterConfig;
use Google\Cloud\ModelArmor\V1\FloorSetting;
use Google\Cloud\ModelArmor\V1\RaiFilterSettings;
use Google\Cloud\ModelArmor\V1\RaiFilterSettings\RaiFilter;

/**
 * Updates the floor settings for a given folder.
 *
 * @param string $folderId The folder Id for which the floor settings is to be updated.
 *
 */
function update_folder_floor_settings(string $folderId): void
{
    $client = new ModelArmorClient();

    $floorSettingsName = sprintf('folders/%s/locations/global/floorSetting', $folderId);

    // Build the floor settings with your preferred filters
    // For more details on filters, please refer to the following doc:
    // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters

    $raiFilterSetting = (new RaiFilterSettings())
        ->setRaiFilters([
            (new RaiFilter())
                ->setFilterType(RaiFilterType::HATE_SPEECH)
                ->setConfidenceLevel(DetectionConfidenceLevel::HIGH)
        ]);

    $filterConfig = (new FilterConfig())->setRaiSettings($raiFilterSetting);
    $floorSetting = (new FloorSetting())
        ->setName($floorSettingsName)
        ->setFilterConfig($filterConfig)
        ->setEnableFloorSettingEnforcement(true);

    $updateRequest = (new UpdateFloorSettingRequest())->setFloorSetting($floorSetting);

    $response = $client->updateFloorSetting($updateRequest);

    printf("Floor setting updated: %s\n", $response->getName());
}

Memperbarui setelan lantai Model Armor untuk organisasi tertentu.

use Google\Cloud\ModelArmor\V1\Client\ModelArmorClient;
use Google\Cloud\ModelArmor\V1\RaiFilterType;
use Google\Cloud\ModelArmor\V1\DetectionConfidenceLevel;
use Google\Cloud\ModelArmor\V1\UpdateFloorSettingRequest;
use Google\Cloud\ModelArmor\V1\FilterConfig;
use Google\Cloud\ModelArmor\V1\FloorSetting;
use Google\Cloud\ModelArmor\V1\RaiFilterSettings;
use Google\Cloud\ModelArmor\V1\RaiFilterSettings\RaiFilter;

/**
 * Updates the floor settings for a given organization.
 *
 * @param string $organizationId The organization Id for which the floor settings is to be updated.
 *
 */
function update_organization_floor_settings(string $organizationId)
{
    $client = new ModelArmorClient();

    $floorSettingsName = sprintf('organizations/%s/locations/global/floorSetting', $organizationId);

    // Build the floor settings with your preferred filters
    // For more details on filters, please refer to the following doc:
    // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters

    $raiFilterSetting = (new RaiFilterSettings())
        ->setRaiFilters([
            (new RaiFilter())
                ->setFilterType(RaiFilterType::HATE_SPEECH)
                ->setConfidenceLevel(DetectionConfidenceLevel::HIGH)
        ]);

    $filterConfig = (new FilterConfig())->setRaiSettings($raiFilterSetting);
    $floorSetting = (new FloorSetting())
        ->setName($floorSettingsName)
        ->setFilterConfig($filterConfig)
        ->setEnableFloorSettingEnforcement(true);

    $updateRequest = (new UpdateFloorSettingRequest())->setFloorSetting($floorSetting);

    $response = $client->updateFloorSetting($updateRequest);

    printf("Floor setting updated: %s\n", $response->getName());
}

Python

Untuk menjalankan kode ini, siapkan lingkungan pengembangan Python terlebih dahulu dan instal Model Armor Python SDK.

Memperbarui setelan lantai Model Armor untuk project tertentu.


from google.cloud import modelarmor_v1

# Create the Model Armor client.
client = modelarmor_v1.ModelArmorClient(transport="rest")

# TODO(Developer): Uncomment these variables.
# project_id = "YOUR_PROJECT_ID"

# Prepare project floor setting path/name
floor_settings_name = f"projects/{project_id}/locations/global/floorSetting"

# Update the project floor setting
# For more details on filters, please refer to the following doc:
# https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
response = client.update_floor_setting(
    request=modelarmor_v1.UpdateFloorSettingRequest(
        floor_setting=modelarmor_v1.FloorSetting(
            name=floor_settings_name,
            filter_config=modelarmor_v1.FilterConfig(
                rai_settings=modelarmor_v1.RaiFilterSettings(
                    rai_filters=[
                        modelarmor_v1.RaiFilterSettings.RaiFilter(
                            filter_type=modelarmor_v1.RaiFilterType.HATE_SPEECH,
                            confidence_level=modelarmor_v1.DetectionConfidenceLevel.HIGH,
                        )
                    ]
                ),
            ),
            enable_floor_setting_enforcement=True,
        )
    )
)
# Print the updated config
print(response)

Memperbarui setelan lantai Model Armor untuk folder tertentu.


from google.cloud import modelarmor_v1

# Create the Model Armor client.
client = modelarmor_v1.ModelArmorClient(transport="rest")

# TODO (Developer): Uncomment these variables and initialize
# folder_id = "YOUR_FOLDER_ID"

# Prepare folder floor settings path/name
floor_settings_name = f"folders/{folder_id}/locations/global/floorSetting"

# Update the folder floor setting
# For more details on filters, please refer to the following doc:
# https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
response = client.update_floor_setting(
    request=modelarmor_v1.UpdateFloorSettingRequest(
        floor_setting=modelarmor_v1.FloorSetting(
            name=floor_settings_name,
            filter_config=modelarmor_v1.FilterConfig(
                rai_settings=modelarmor_v1.RaiFilterSettings(
                    rai_filters=[
                        modelarmor_v1.RaiFilterSettings.RaiFilter(
                            filter_type=modelarmor_v1.RaiFilterType.HATE_SPEECH,
                            confidence_level=modelarmor_v1.DetectionConfidenceLevel.HIGH,
                        )
                    ]
                ),
            ),
            enable_floor_setting_enforcement=True,
        )
    )
)
# Print the updated config
print(response)

Memperbarui setelan lantai Model Armor untuk organisasi tertentu.


from google.cloud import modelarmor_v1

# Create the Model Armor client.
client = modelarmor_v1.ModelArmorClient(transport="rest")

# TODO (Developer): Uncomment these variables and initialize
# organization_id = "YOUR_ORGANIZATION_ID"

# Prepare organization floor setting path/name
floor_settings_name = (
    f"organizations/{organization_id}/locations/global/floorSetting"
)

# Update the organization floor setting
# For more details on filters, please refer to the following doc:
# https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
response = client.update_floor_setting(
    request=modelarmor_v1.UpdateFloorSettingRequest(
        floor_setting=modelarmor_v1.FloorSetting(
            name=floor_settings_name,
            filter_config=modelarmor_v1.FilterConfig(
                rai_settings=modelarmor_v1.RaiFilterSettings(
                    rai_filters=[
                        modelarmor_v1.RaiFilterSettings.RaiFilter(
                            filter_type=modelarmor_v1.RaiFilterType.HATE_SPEECH,
                            confidence_level=modelarmor_v1.DetectionConfidenceLevel.HIGH,
                        )
                    ]
                ),
            ),
            enable_floor_setting_enforcement=True,
        )
    )
)
# Print the updated config
print(response)

Meninjau temuan tentang pelanggaran setelan minimum

Setiap temuan Model Armor mengidentifikasi pelanggaran setelan lantai. Pelanggaran terjadi saat template Model Armor gagal memenuhi standar keamanan minimum yang ditentukan oleh setelan minimum hierarki resource. Setelan minimum menentukan persyaratan minimum untuk template.

Temuan dibuat saat salah satu pelanggaran setelan lantai berikut terjadi:

Template dengan setelan yang tidak terlalu ketat dibuat sebelum setelan minimum dikonfigurasi.
Template tidak memiliki filter yang diperlukan.
Template tidak memenuhi tingkat keyakinan minimum untuk filter.

Jika pelanggaran terdeteksi, temuan tingkat keparahan tinggi akan dibuat di Security Command Center (hanya jika Anda menggunakan tingkat layanan Premium atau Enterprise Security Command Center). Temuan ini menentukan setelan lantai yang dilanggar, template yang tidak mematuhi, dan detail tentang pelanggaran.

Contoh berikut menunjukkan kolom sourceProperties temuan. Pelanggaran ini, yang terkait dengan filter URI berbahaya, terjadi karena setelan template untuk maliciousUriFilterSettings adalah DISABLED, tetapi setelan minimum mengharuskannya menjadi ENABLED.

{
  "filterConfig": {
    "raiSettings": {
      "raiFilters": [
        {
          "filterType": "HATE_SPEECH",
          "confidenceLevel": {
            "floorSettings": "LOW_AND_ABOVE",
            "template": "MEDIUM_AND_ABOVE"
          }
        },
        {
          "filterType": "HARASSMENT",
          "confidenceLevel": {
            "floorSettings": "MEDIUM_AND_ABOVE",
            "template": "HIGH"
          }
        }
      ]
    },
    "piAndJailbreakFilterSettings": {
      "confidenceLevel": {
        "floorSettings": "LOW_AND_ABOVE",
        "template": "HIGH"
      }
    },
    "maliciousUriFilterSettings": {
      "floorSettings": "ENABLED",
      "template": "DISABLED"
    }
  }
}

Mengonfigurasi setelan lantai Tetap teratur dengan koleksi Simpan dan kategorikan konten berdasarkan preferensi Anda.

Sebelum memulai

Mendapatkan izin yang diperlukan

Mengaktifkan API

Konsol

gcloud

Aplikasi setelan lantai

Kesesuaian template dan setelan minimum

Integrasi dengan server MCP Google Cloud dan Vertex AI

Mengonfigurasi setelan minimum

Menentukan cara setelan minimum diwariskan

Menentukan tempat setelan lantai diterapkan

Melihat setelan lantai Model Armor

Konsol

gcloud

REST

C#

Go

Java

Node.js

PHP

Python

Memperbarui setelan batas bawah Model Armor

Konsol

gcloud

REST

C#

Go

Java

Node.js

PHP

Python

Meninjau temuan tentang pelanggaran setelan minimum

Langkah berikutnya

Mengonfigurasi setelan lantai