指定底限設定

本文說明如何查看及更新 Model Armor 底限設定,並提供違反底限設定的範例。

樓層設定有兩個主要用途:

  • 範本一致性:確保新範本的限制至少與底限設定相同。範本一致性是在機構和資料夾層級定義。

  • 內嵌強制執行:對 Gemini 模型和 Google Cloud MCP 伺服器套用 Model Armor 保護措施。內嵌強制執行是在專案層級設定。使用內嵌強制執行的底價設定時,必須符合範本規定。

事前準備

開始之前,請先完成下列工作。

取得必要權限

如要取得管理底價設定所需的權限,請要求管理員授予您 Model Armor 底價設定的「Model Armor 底價設定管理員 」(roles/modelarmor.floorSettingsAdmin) IAM 角色。如要進一步瞭解如何授予角色,請參閱「管理專案、資料夾和組織的存取權」。

您或許也能透過自訂角色或其他預先定義的角色,取得必要權限。

啟用 API

您必須先啟用 Model Armor API,才能使用 Model Armor。

控制台

  1. Enable the Model Armor API.

    Roles required to enable APIs

    To enable APIs, you need the Service Usage Admin IAM role (roles/serviceusage.serviceUsageAdmin), which contains the serviceusage.services.enable permission. Learn how to grant roles.

    Enable the API

  2. 選取要啟用 Model Armor 的專案。

gcloud

開始前,請使用 Google Cloud CLI 搭配 Model Armor API 執行下列步驟:

  1. In the Google Cloud console, activate Cloud Shell.

    Activate Cloud Shell

    At the bottom of the Google Cloud console, a Cloud Shell session starts and displays a command-line prompt. Cloud Shell is a shell environment with the Google Cloud CLI already installed and with values already set for your current project. It can take a few seconds for the session to initialize.

  2. 執行下列指令,使用全球 API 端點:

    gcloud config set api_endpoint_overrides/modelarmor "https://modelarmor.googleapis.com/"

    3. 底限設定應用程式

    系統一律會套用本機設定。舉例來說,如果底限設定發生衝突,系統會優先採用資源階層結構中較低的設定。同樣地,專案層級的底限設定會覆寫上層資料夾層級的衝突底限設定。

    下表列出在不同位置套用樓層設定的方式:

    底限設定位置 應用程式
    機構層級 適用於機構內的所有項目。
    資料夾層級 套用至特定資料夾中的所有專案。
    專案層級 僅適用於該特定專案。

    為說明在不同層級設定底價時,底價設定的套用方式,請參考以下情境範例。假設您設定的底限設定類似於下列設定:

    • 資料夾層級 (較不具體) 的底限設定:這個資料夾中的所有內容都必須啟用惡意 URI 篩選器。
    • 專案層級 (更具體) 底限設定:位於資料夾中的專案必須使用提示詞注入和越獄偵測功能,並將信心水準設為中等。

    在本情境中,您設定的項目會導致下列情況發生:

    • 在專案中建立的任何範本都必須包含提示注入和越獄偵測篩選器,因為專案層級設定一律優先於資料夾層級設定。

    • 在其他專案中建立的範本 (即使是在其他資料夾中建立的範本),都不會受到第一個資料夾中惡意 URI 篩選器規則的影響。

    樓層設定只會套用至階層中的特定位置,除非是在機構層級設定,否則只會套用至整個機構。

    範本和底限設定一致性

    建立或更新 Model Armor 範本時,Model Armor 會檢查範本設定是否符合底限設定。您無法建立或更新比最低設定寬鬆的範本。

    底限設定可在機構、資料夾和專案層級設定。使用者介面僅適用於專案層級,可讓您沿用機構或資料夾層級的設定。如要在機構或資料夾層級設定底價,必須使用 API。

    與 Vertex AI 和 Google Cloud MCP 伺服器整合

    Model Armor 會與 Vertex AI 和 Google Cloud MCP 伺服器整合,根據您定義的底限設定,篩選 Gemini 模型和Google Cloud 遠端 MCP 伺服器的要求和回覆。您必須啟用 Cloud Logging,才能查看提示和回覆。 詳情請參閱「整合 Model Armor 與 Vertex AI」和「整合 Model Armor 與 Google Cloud MCP 伺服器

    指定底限設定

    您可以使用底限設定,為 Model Armor 範本設定最低偵測門檻。這些設定會驗證所有新範本和修改過的範本是否符合特定條件。

    如要設定底限,請按照下列步驟操作:

    1. 前往 Google Cloud 控制台的「Model Armor」頁面。

      前往 Model Armor

    2. 選取專案。
    3. 在「Model Armor」頁面中,前往「底限設定」分頁,然後按一下「設定底限設定」
    4. 在「設定樓層設定」頁面中,選取設定選項
    5. 在「偵測」部分,設定偵測設定
    6. 選用:如果選取 Sensitive Data Protection 偵測,請設定 Sensitive Data Protection 設定

    7. 在「負責任的 AI」部分,為每個內容篩選器設定信心水準

    8. 在「服務」部分,選擇要套用這些底限設定的服務

    9. 在「記錄」部分,選取「啟用 Cloud Logging」,即可記錄所有使用者提示、模型回覆和底限設定偵測器結果。

    10. 選取「啟用多語言支援」,即可使用多語言偵測設定

    11. 按一下「儲存底價設定」

    稍候幾分鐘,等待樓層設定變更生效。

    定義底限設定的沿用方式

    設定底限時,請選取配置選項。

    • 繼承上層項目的底限設定:繼承資源階層中較高層級的底限設定。按一下「儲存樓層設定」,然後略過後續步驟。如要查看沿用設定,請前往「樓層設定」分頁。

    • 自訂:定義這個專案的底限設定。您為專案定義的自訂設定,會覆寫所有繼承的底限設定。

    • 停用:停用所有繼承的底限設定,這表示系統不會將任何偵測規則套用至 Gemini 工作負載的 Model Armor 範本和 Vertex AI。按一下「儲存樓層設定」,然後略過後續步驟。在「樓層設定」分頁中查看停用狀態。

    定義底限設定的套用位置

    選取要套用設定底限的服務。

    • Model Armor - 建立及更新範本:系統會檢查專案中每個新的和修改過的 Model Armor 範本,確保已根據底限設定指定最低設定。

    • Google MCP 伺服器:系統會檢查傳送至 Google 或遠端 MCP 伺服器的要求,確保這些要求達到底限設定門檻。 Google Cloud 詳情請參閱「將 Model Armor 與 Google Cloud MCP 伺服器整合」(搶先版)。

    • Vertex AI:篩選傳送至 Gemini 模型的要求,並記錄或封鎖符合最低設定門檻的要求。

      如果選取「Vertex AI」,系統會顯示「Vertex AI」部分,您可以在其中選擇如何強制執行樓層設定。

      • 僅檢查:偵測不符合底限設定的要求,但不加以封鎖。
      • 檢查並封鎖不符合門檻的要求:偵測並封鎖不符合底限設定的要求。

    查看 Model Armor 底限設定

    查看 Model Armor 底限設定,驗證現有設定、找出 AI 應用程式的最低需求,或在範本未如預期運作時排解問題。

    執行下列指令,查看 Model Armor 底層設定。

    控制台

    1. 前往 Google Cloud 控制台的「Model Armor」頁面。

      前往 Model Armor

    2. 確認您正在查看已啟用 Model Armor 的專案。

    3. 在「Model Armor」頁面中,前往「Floor settings」分頁。如果是在機構層級設定樓層,您可以在這裡查看。如果沒有定義任何樓層設定,您就必須設定。詳情請參閱「設定樓層」。

    gcloud

    • 查看特定專案的 Model Armor 底限設定。

        gcloud model-armor floorsettings describe \
      --full-uri='projects/PROJECT_ID/locations/global/floorSetting'

    • 查看特定機構的 Model Armor 底限設定。

        gcloud model-armor floorsettings describe \
      --full-uri='organizations/ORGANIZATION_ID/locations/global/floorSetting'

    • 查看特定資料夾的 Model Armor 底限設定。

         gcloud model-armor floorsettings describe \
       --full-uri='folders/FOLDER_ID/locations/global/floorSetting'

      更改下列內容:

      • PROJECT_ID:樓層設定的專案 ID。
      • FOLDER_ID:底限設定的資料夾 ID。
      • ORGANIZATION_ID:樓層設定的機構 ID。

    REST

    • 查看特定專案的 Model Armor 底限設定。

      curl -X GET \
  -H "Authorization: Bearer $(gcloud auth print-access-token)" \
  -H "Content-Type: application/json" \
  "https://modelarmor.googleapis.com/v1/projects/PROJECT_ID/locations/global/floorSetting"

    • 查看特定資料夾的 Model Armor 底限設定。

      curl -X GET \
  -H "Authorization: Bearer $(gcloud auth print-access-token)" \
  -H "Content-Type: application/json" \
  "https://modelarmor.googleapis.com/v1/folders/FOLDER_ID/locations/global/floorSetting"

    • 查看特定機構的 Model Armor 底限設定。

      curl -X GET \
  -H "Authorization: Bearer $(gcloud auth print-access-token)" \
  -H "Content-Type: application/json" \
  "https://modelarmor.googleapis.com/v1/organizations/ORGANIZATION_ID/locations/global/floorSetting"

    更改下列內容:

    • PROJECT_ID:樓層設定的專案 ID。
    • FOLDER_ID:底限設定的資料夾 ID。
    • ORGANIZATION_ID:樓層設定的機構 ID。

    C#

    如要執行這段程式碼,請先設定 C# 開發環境,並安裝 Model Armor C# SDK

    Go

    如要執行這段程式碼,請先設定 Go 開發環境,然後安裝 Model Armor Go SDK

    • 查看特定專案的 Model Armor 底限設定。

      
import (
	"context"
	"fmt"
	"io"

	modelarmor "cloud.google.com/go/modelarmor/apiv1"
	modelarmorpb "cloud.google.com/go/modelarmor/apiv1/modelarmorpb"
)

// getProjectFloorSettings gets details of a single floor setting of a project.
//
// This method retrieves the details of a single floor setting of a project.
//
// w io.Writer: The writer to use for logging.
// projectID string: The ID of the project.
func getProjectFloorSettings(w io.Writer, projectID string) error {
	ctx := context.Background()

	// Create the Model Armor client.
	client, err := modelarmor.NewClient(ctx)
	if err != nil {
		return fmt.Errorf("failed to create client: %w", err)
	}
	defer client.Close()

	floorSettingsName := fmt.Sprintf("projects/%s/locations/global/floorSetting", projectID)

	// Get the project floor setting.
	req := &modelarmorpb.GetFloorSettingRequest{
		Name: floorSettingsName,
	}

	response, err := client.GetFloorSetting(ctx, req)
	if err != nil {
		return fmt.Errorf("failed to get floor setting: %w", err)
	}

	// Print the retrieved floor setting using fmt.Fprintf with the io.Writer.
	fmt.Fprintf(w, "Retrieved floor setting: %v\n", response)

	return nil
}

    • 查看特定資料夾的 Model Armor 底限設定。

      
import (
	"context"
	"fmt"
	"io"

	modelarmor "cloud.google.com/go/modelarmor/apiv1"
	modelarmorpb "cloud.google.com/go/modelarmor/apiv1/modelarmorpb"
)

// getFolderFloorSettings gets details of a single floor setting of a folder.
//
// This method retrieves the details of a single floor setting of a folder.
//
// w io.Writer: The writer to use for logging.
// folderID string: The ID of the folder.
func getFolderFloorSettings(w io.Writer, folderID string) error {
	ctx := context.Background()

	// Create the Model Armor client.
	client, err := modelarmor.NewClient(ctx)
	if err != nil {
		return fmt.Errorf("failed to create client: %w", err)
	}
	defer client.Close()

	// Prepare folder floor setting path/name
	floorSettingsName := fmt.Sprintf("folders/%s/locations/global/floorSetting", folderID)

	// Get the folder floor setting.
	req := &modelarmorpb.GetFloorSettingRequest{
		Name: floorSettingsName,
	}

	response, err := client.GetFloorSetting(ctx, req)
	if err != nil {
		return fmt.Errorf("failed to get floor setting: %w", err)
	}

	// Print the retrieved floor setting using fmt.Fprintf with the io.Writer.
	fmt.Fprintf(w, "Retrieved folder floor setting: %v\n", response)

	return nil
}

    • 查看特定機構的 Model Armor 底限設定。

      
import (
	"context"
	"fmt"
	"io"

	modelarmor "cloud.google.com/go/modelarmor/apiv1"
	modelarmorpb "cloud.google.com/go/modelarmor/apiv1/modelarmorpb"
)

// getOrganizationFloorSettings gets details of a single floor setting of an organization.
//
// This method retrieves the details of a single floor setting of an organization.
//
// w io.Writer: The writer to use for logging.
// organizationID string: The ID of the organization.
func getOrganizationFloorSettings(w io.Writer, organizationID string) error {
	ctx := context.Background()

	// Create the Model Armor client.
	client, err := modelarmor.NewClient(ctx)
	if err != nil {
		return fmt.Errorf("failed to create client: %w", err)
	}
	defer client.Close()

	floorSettingsName := fmt.Sprintf("organizations/%s/locations/global/floorSetting", organizationID)

	// Get the organization floor setting.
	req := &modelarmorpb.GetFloorSettingRequest{
		Name: floorSettingsName,
	}

	response, err := client.GetFloorSetting(ctx, req)
	if err != nil {
		return fmt.Errorf("failed to get floor setting: %w", err)
	}

	// Print the retrieved floor setting using fmt.Fprintf with the io.Writer.
	fmt.Fprintf(w, "Retrieved org floor setting: %v\n", response)

	return nil
}

    Java

    如要執行這段程式碼,請先設定 Java 開發環境,然後安裝 Model Armor Java SDK

    • 查看特定專案的 Model Armor 底限設定。

      
import com.google.cloud.modelarmor.v1.FloorSetting;
import com.google.cloud.modelarmor.v1.FloorSettingName;
import com.google.cloud.modelarmor.v1.GetFloorSettingRequest;
import com.google.cloud.modelarmor.v1.ModelArmorClient;
import java.io.IOException;

public class GetProjectFloorSetting {

  public static void main(String[] args) throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    String projectId = "your-project-id";

    getProjectFloorSetting(projectId);
  }

  public static FloorSetting getProjectFloorSetting(String projectId) throws IOException {

    // Initialize client that will be used to send requests. This client only
    // needs to be created once, and can be reused for multiple requests.
    try (ModelArmorClient client = ModelArmorClient.create()) {
      String name = FloorSettingName.of(projectId, "global").toString();

      GetFloorSettingRequest request = GetFloorSettingRequest.newBuilder().setName(name).build();

      FloorSetting floorSetting = client.getFloorSetting(request);
      System.out.println("Fetched floor setting for project: " + projectId);

      return floorSetting;
    }
  }
}

    • 查看特定資料夾的 Model Armor 底限設定。

      
import com.google.cloud.modelarmor.v1.FloorSetting;
import com.google.cloud.modelarmor.v1.FloorSettingName;
import com.google.cloud.modelarmor.v1.GetFloorSettingRequest;
import com.google.cloud.modelarmor.v1.ModelArmorClient;
import java.io.IOException;

public class GetFolderFloorSetting {

  public static void main(String[] args) throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    String folderId = "your-folder-id";

    getFolderFloorSetting(folderId);
  }

  public static FloorSetting getFolderFloorSetting(String folderId) throws IOException {

    // Initialize client that will be used to send requests. This client only
    // needs to be created once, and can be reused for multiple requests.
    try (ModelArmorClient client = ModelArmorClient.create()) {
      String name = FloorSettingName.ofFolderLocationName(folderId, "global").toString();

      GetFloorSettingRequest request = GetFloorSettingRequest.newBuilder().setName(name).build();

      FloorSetting floorSetting = client.getFloorSetting(request);
      System.out.println("Fetched floor setting for folder: " + folderId);

      return floorSetting;
    }
  }
}

    • 查看特定機構的 Model Armor 底限設定。

      
import com.google.cloud.modelarmor.v1.FloorSetting;
import com.google.cloud.modelarmor.v1.FloorSettingName;
import com.google.cloud.modelarmor.v1.GetFloorSettingRequest;
import com.google.cloud.modelarmor.v1.ModelArmorClient;
import java.io.IOException;

public class GetOrganizationFloorSetting {

  public static void main(String[] args) throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    String organizationId = "your-organization-id";

    getOrganizationFloorSetting(organizationId);
  }

  public static FloorSetting getOrganizationFloorSetting(String organizationId) throws IOException {

    // Initialize client that will be used to send requests. This client only
    // needs to be created once, and can be reused for multiple requests.
    try (ModelArmorClient client = ModelArmorClient.create()) {
      String name = FloorSettingName.ofOrganizationLocationName(organizationId, "global")
          .toString();

      GetFloorSettingRequest request = GetFloorSettingRequest.newBuilder().setName(name).build();

      FloorSetting floorSetting = client.getFloorSetting(request);
      System.out.println("Fetched floor setting for organization: " + organizationId);

      return floorSetting;
    }
  }
}

    Node.js

    如要執行這段程式碼,請先設定 Node.js 開發環境, 然後安裝 Model Armor Node.js SDK

    • 查看特定專案的 Model Armor 底限設定。

      /**
 * TODO(developer): Uncomment these variables before running the sample.
 */
// const projectId = 'your-project-id';

const name = `projects/${projectId}/locations/global/floorSetting`;

// Imports the Modelarmor library
const {ModelArmorClient} = require('@google-cloud/modelarmor').v1;

// Instantiates a client
const modelarmorClient = new ModelArmorClient();

async function getProjectFloorSettings() {
  // Construct request
  const request = {
    name,
  };

  // Run request
  const [response] = await modelarmorClient.getFloorSetting(request);
  return response;
}

return await getProjectFloorSettings();

    • 查看特定資料夾的 Model Armor 底限設定。

      /**
 * TODO(developer): Uncomment these variables before running the sample.
 */
// const folderId = 'your-folder-id';

const name = `folders/${folderId}/locations/global/floorSetting`;

// Imports the Modelarmor library
const {ModelArmorClient} = require('@google-cloud/modelarmor').v1;

// Instantiates a client
const modelarmorClient = new ModelArmorClient();

async function getFolderFloorSettings() {
  // Construct request
  const request = {
    name,
  };

  const [response] = await modelarmorClient.getFloorSetting(request);
  return response;
}

return await getFolderFloorSettings();

    • 查看特定機構的 Model Armor 底限設定。

      /**
 * TODO(developer): Uncomment these variables before running the sample.
 */
// const organizationId = 'your-organization-id';
const name = `organizations/${organizationId}/locations/global/floorSetting`;

// Imports the Modelarmor library
const {ModelArmorClient} = require('@google-cloud/modelarmor').v1;

// Instantiates a client
const modelarmorClient = new ModelArmorClient();

async function getOrganizationFloorSettings() {
  // Construct request
  const request = {
    name,
  };

  // Run request
  const [response] = await modelarmorClient.getFloorSetting(request);
  return response;
}

return await getOrganizationFloorSettings();

    PHP

    如要執行這段程式碼,請先設定 PHP 開發環境,然後安裝 Model Armor PHP SDK

    • 查看特定專案的 Model Armor 底限設定。

      use Google\Cloud\ModelArmor\V1\Client\ModelArmorClient;
use Google\Cloud\ModelArmor\V1\GetFloorSettingRequest;

/**
 * Gets the floor settings for a given project.
 *
 * @param string $projectId The project Id for which the floor settings is to be retrieved.
 *
 */
function get_project_floor_settings(string $projectId): void
{
    $client = new ModelArmorClient();

    $floorSettingsName = sprintf('projects/%s/locations/global/floorSetting', $projectId);

    $response = $client->getFloorSetting((new GetFloorSettingRequest())->setName($floorSettingsName));

    printf("Floor settings retrieved successfully: %s\n", $response->serializeToJsonString());
}

    • 查看特定資料夾的 Model Armor 底限設定。

      use Google\Cloud\ModelArmor\V1\Client\ModelArmorClient;
use Google\Cloud\ModelArmor\V1\GetFloorSettingRequest;

/**
 * Gets the floor settings for a given folder.
 *
 * @param string $folderId The folder Id for which the floor settings is to be retrieved.
 *
 */
function get_folder_floor_settings(string $folderId): void
{
    $client = new ModelArmorClient();

    $floorSettingsName = sprintf('folders/%s/locations/global/floorSetting', $folderId);

    $response = $client->getFloorSetting((new GetFloorSettingRequest())->setName($floorSettingsName));

    printf("Floor settings retrieved successfully: %s\n", $response->serializeToJsonString());
}

    • 查看特定機構的 Model Armor 底限設定。

      use Google\Cloud\ModelArmor\V1\Client\ModelArmorClient;
use Google\Cloud\ModelArmor\V1\GetFloorSettingRequest;

/**
 * Gets the floor settings for a given organization.
 *
 * @param string $organizationId The organization Id for which the floor settings is to be retrieved.
 *
 */
function get_organization_floor_settings(string $organizationId): void
{
    $client = new ModelArmorClient();

    $floorSettingsName = sprintf('organizations/%s/locations/global/floorSetting', $organizationId);

    $response = $client->getFloorSetting((new GetFloorSettingRequest())->setName($floorSettingsName));

    printf("Floor settings retrieved successfully: %s\n", $response->serializeToJsonString());
}

    Python

    如要執行這段程式碼,請先設定 Python 開發環境,然後安裝 Model Armor Python SDK

    • 查看特定專案的 Model Armor 底限設定。

      
from google.cloud import modelarmor_v1

# Create the Model Armor client.
client = modelarmor_v1.ModelArmorClient(transport="rest")

# TODO(Developer): Uncomment below variable.
# project_id = "YOUR_PROJECT_ID"

floor_settings_name = f"projects/{project_id}/locations/global/floorSetting"

# Get the project floor setting.
response = client.get_floor_setting(
    request=modelarmor_v1.GetFloorSettingRequest(name=floor_settings_name)
)

# Print the retrieved floor setting.
print(response)

    • 查看特定資料夾的 Model Armor 底限設定。

      
from google.cloud import modelarmor_v1

# Create the Model Armor client.
client = modelarmor_v1.ModelArmorClient(transport="rest")

# TODO(Developer): Uncomment below variable.
# folder_id = "YOUR_FOLDER_ID"

# Prepare folder floor setting path/name
floor_settings_name = f"folders/{folder_id}/locations/global/floorSetting"

# Get the folder floor setting.
response = client.get_floor_setting(
    request=modelarmor_v1.GetFloorSettingRequest(name=floor_settings_name)
)

# Print the retrieved floor setting.
print(response)

    • 查看特定機構的 Model Armor 底限設定。

      
from google.cloud import modelarmor_v1

# Create the Model Armor client.
client = modelarmor_v1.ModelArmorClient(transport="rest")

# TODO(Developer): Uncomment below variable.
# organization_id = "YOUR_ORGANIZATION_ID"

floor_settings_name = (
    f"organizations/{organization_id}/locations/global/floorSetting"
)

# Get the organization floor setting.
response = client.get_floor_setting(
    request=modelarmor_v1.GetFloorSettingRequest(name=floor_settings_name)
)

# Print the retrieved floor setting.
print(response)

    更新 Model Armor 底限設定

    更新 Model Armor 底限設定,即可變更範本的最低要求,以反映安全性政策的變更、修正設定錯誤,或解決底限設定之間的衝突。

    執行下列指令,更新 Model Armor 底層設定。

    控制台

    1. 前往 Google Cloud 控制台的「Model Armor」頁面。

      前往 Model Armor

    2. 確認您正在查看已啟用 Model Armor 的專案。

    3. 在「Model Armor」頁面中,前往「底限設定」分頁,然後按一下「設定底限設定」

    4. 更新必填欄位,然後按一下「儲存底價設定」

    gcloud

       gcloud model-armor floorsettings update --full-uri=<full-uri-of-the-floorsetting>

    範例指令:

           gcloud model-armor floorsettings update \
           --malicious-uri-filter-settings-enforcement=ENABLED \
           --pi-and-jailbreak-filter-settings-enforcement=DISABLED \
           --pi-and-jailbreak-filter-settings-confidence-level=LOW_AND_ABOVE \
           --basic-config-filter-enforcement=ENABLED \
           --add-rai-settings-filters='[{"confidenceLevel": "low_and_above", "filterType": "HARASSMENT"}, {"confidenceLevel": "high", "filterType": "SEXUALLY_EXPLICIT"}]'
           --full-uri='folders/FOLDER_ID/locations/global/floorSetting' \
           --enable-floor-setting-enforcement=true

    如要設定樓層設定並啟用多語言偵測功能,請執行下列指令:

        gcloud model-armor floorsettings update \
        --full-uri=projects/PROJECT_ID/locations/global/floorSetting \
        --enable-multi-language-detection

    更改下列內容:

    • PROJECT_ID:樓層設定的專案 ID。
    • FOLDER_ID:底限設定的資料夾 ID。

    REST

    • 更新特定專案的 Model Armor 底限設定。

      curl -X PATCH
  -d '{"filterConfig" :{"piAndJailbreakFilterSettings": { "filterEnforcement": "ENABLED"}, "maliciousUriFilterSettings": { "filterEnforcement": "ENABLED" }, "rai_settings":{"rai_filters":{"filter_type":"DANGEROUS", "confidence_level":"LOW_AND_ABOVE" }, \
  "rai_filters":{"filter_type":"HATE_SPEECH", "confidence_level":"LOW_AND_ABOVE" }, "rai_filters":{"filter_type":"HARASSMENT", "confidence_level":"LOW_AND_ABOVE" }, "rai_filters":{"filter_type":"SEXUALLY_EXPLICIT", "confidence_level":"LOW_AND_ABOVE" }}},"enableFloorSettingEnforcement":"true"}' \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $(gcloud auth print-access-token) \
  "https://modelarmor.googleapis.com/v1/projects/PROJECT_ID/locations/global/floorSetting"

    • 更新指定資料夾的 Model Armor 底限設定。

      curl -X PATCH \
  -d '{"filterConfig" :{"piAndJailbreakFilterSettings": { "filterEnforcement": "ENABLED"}, "maliciousUriFilterSettings": {"filterEnforcement": "ENABLED" }},"enableFloorSettingEnforcement":"true"}' \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $(gcloud auth print-access-token)" \
  "https://modelarmor.googleapis.com/v1/folders/FOLDER_ID/locations/global/floorSetting"

    • 更新特定機構的 Model Armor 底限設定。

      curl -X PATCH \
  -d '{"filterConfig" :{"piAndJailbreakFilterSettings": { "filterEnforcement": "ENABLED"}, "maliciousUriFilterSettings": {
      "filterEnforcement": "ENABLED" }},"enableFloorSettingEnforcement":"true"}' \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $(gcloud auth print-access-token)" \
      "https://modelarmor.googleapis.com/v1/organizations/ORGANIZATION_ID/locations/global/floorSetting"

      更改下列內容:

      • PROJECT_ID:樓層設定的專案 ID。
      • FOLDER_ID:底限設定的資料夾 ID。
      • ORGANIZATION_ID:樓層設定的機構 ID。

      更新指令會傳回下列回應:

      {
"name": "projects/PROJECT_ID/locations/global/floorSetting",
"updateTime": "2024-12-19T15:36:21.318191Z",
"filterConfig": {
"piAndJailbreakFilterSettings": {
  "filterEnforcement": "ENABLED"
},
"maliciousUriFilterSettings": {
"filterEnforcement": "ENABLED"
}
}
}

    C#

    如要執行這段程式碼,請先設定 C# 開發環境,並安裝 Model Armor C# SDK

    • 更新特定專案的 Model Armor 底限設定。

      using Google.Cloud.ModelArmor.V1;
using System;

public class UpdateProjectFloorSettings
{
    public FloorSetting UpdateProjectFloorSetting(string projectId)
    {
        // Create the client
        ModelArmorClient client = ModelArmorClient.Create();

        // Construct the floor settings name
        string floorSettingsName = $"projects/{projectId}/locations/global/floorSetting";

        // Build the floor settings with your preferred filters
        // For more details on filters, please refer to the following doc:
        // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
        var raiFilter = new RaiFilterSettings.Types.RaiFilter
        {
            FilterType = RaiFilterType.HateSpeech,
            ConfidenceLevel = DetectionConfidenceLevel.High,
        };

        var raiFilterSettings = new RaiFilterSettings();
        raiFilterSettings.RaiFilters.Add(raiFilter);

        var filterConfig = new FilterConfig { RaiSettings = raiFilterSettings };

        var floorSetting = new FloorSetting
        {
            Name = floorSettingsName,
            FilterConfig = filterConfig,
            EnableFloorSettingEnforcement = true,
        };

        // Create the update request
        var updateRequest = new UpdateFloorSettingRequest { FloorSetting = floorSetting };

        // Update the floor settings
        FloorSetting response = client.UpdateFloorSetting(updateRequest);

        Console.WriteLine($"Floor setting updated: {response.Name}");

        return response;
    }
}

    • 更新指定資料夾的 Model Armor 底限設定。

      using Google.Cloud.ModelArmor.V1;
using System;

public class UpdateFolderFloorSettings
{
    public FloorSetting UpdateFolderFloorSetting(string folderId)
    {
        // Create the client
        ModelArmorClient client = ModelArmorClient.Create();

        // Construct the floor settings name
        string floorSettingsName = $"folders/{folderId}/locations/global/floorSetting";

        // Build the floor settings with your preferred filters
        // For more details on filters, please refer to the following doc:
        // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
        var raiFilter = new RaiFilterSettings.Types.RaiFilter
        {
            FilterType = RaiFilterType.HateSpeech,
            ConfidenceLevel = DetectionConfidenceLevel.High,
        };

        var raiFilterSettings = new RaiFilterSettings();
        raiFilterSettings.RaiFilters.Add(raiFilter);

        var filterConfig = new FilterConfig { RaiSettings = raiFilterSettings };

        var floorSetting = new FloorSetting
        {
            Name = floorSettingsName,
            FilterConfig = filterConfig,
            EnableFloorSettingEnforcement = true,
        };

        // Create the update request
        var updateRequest = new UpdateFloorSettingRequest { FloorSetting = floorSetting };

        // Update the floor settings
        FloorSetting response = client.UpdateFloorSetting(updateRequest);

        Console.WriteLine($"Floor setting updated: {response.Name}");

        return response;
    }
}

    • 更新特定機構的 Model Armor 底限設定。

      using Google.Cloud.ModelArmor.V1;
using System;

public class UpdateOrganizationFloorSettings
{
    public FloorSetting UpdateOrganizationFloorSetting(string organizationId)
    {
        // Create the client
        ModelArmorClient client = ModelArmorClient.Create();

        // Construct the floor settings name
        string floorSettingsName = $"organizations/{organizationId}/locations/global/floorSetting";

        // Build the floor settings with your preferred filters
        // For more details on filters, please refer to the following doc:
        // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
        var raiFilter = new RaiFilterSettings.Types.RaiFilter
        {
            FilterType = RaiFilterType.HateSpeech,
            ConfidenceLevel = DetectionConfidenceLevel.High,
        };

        var raiFilterSettings = new RaiFilterSettings();
        raiFilterSettings.RaiFilters.Add(raiFilter);

        var filterConfig = new FilterConfig { RaiSettings = raiFilterSettings };

        var floorSetting = new FloorSetting
        {
            Name = floorSettingsName,
            FilterConfig = filterConfig,
            EnableFloorSettingEnforcement = true,
        };

        // Create the update request
        var updateRequest = new UpdateFloorSettingRequest { FloorSetting = floorSetting };

        // Update the floor settings
        FloorSetting response = client.UpdateFloorSetting(updateRequest);

        Console.WriteLine($"Floor setting updated: {response.Name}");

        return response;
    }
}

    Go

    如要執行這段程式碼,請先設定 Go 開發環境,然後安裝 Model Armor Go SDK

    • 更新特定專案的 Model Armor 底限設定。

      
import (
	"context"
	"fmt"
	"io"

	modelarmor "cloud.google.com/go/modelarmor/apiv1"
	modelarmorpb "cloud.google.com/go/modelarmor/apiv1/modelarmorpb"
)

// updateProjectFloorSettings updates the floor settings of a project.
//
// This method updates the floor settings of a project.
//
// w io.Writer: The writer to use for logging.
// projectID string: The ID of the project.
func updateProjectFloorSettings(w io.Writer, projectID string) error {
	ctx := context.Background()

	// Create the Model Armor client.
	client, err := modelarmor.NewClient(ctx)
	if err != nil {
		return fmt.Errorf("failed to create client: %w", err)
	}
	defer client.Close()

	// Prepare project floor setting path/name
	floorSettingsName := fmt.Sprintf("projects/%s/locations/global/floorSetting", projectID)

	// Update the project floor setting
	// For more details on filters, please refer to the following doc:
	// [https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters](https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters)
	enableEnforcement := true
	req := &modelarmorpb.UpdateFloorSettingRequest{
		FloorSetting: &modelarmorpb.FloorSetting{
			Name: floorSettingsName,
			FilterConfig: &modelarmorpb.FilterConfig{
				RaiSettings: &modelarmorpb.RaiFilterSettings{
					RaiFilters: []*modelarmorpb.RaiFilterSettings_RaiFilter{
						{
							FilterType:      modelarmorpb.RaiFilterType_HATE_SPEECH,
							ConfidenceLevel: modelarmorpb.DetectionConfidenceLevel_HIGH,
						},
					},
				},
			},
			EnableFloorSettingEnforcement: &enableEnforcement,
		},
	}

	response, err := client.UpdateFloorSetting(ctx, req)
	if err != nil {
		return fmt.Errorf("failed to update floor setting: %w", err)
	}

	// Print the updated config
	fmt.Fprintf(w, "Updated project floor setting: %+v\n", response)

	return nil
}

    • 更新指定資料夾的 Model Armor 底限設定。

      
import (
	"context"
	"fmt"
	"io"

	modelarmor "cloud.google.com/go/modelarmor/apiv1"
	modelarmorpb "cloud.google.com/go/modelarmor/apiv1/modelarmorpb"
)

// updateFolderFloorSettings updates floor settings of a folder.
//
// This method updates the floor settings of a folder.
//
// w io.Writer: The writer to use for logging.
// folderID string: The ID of the folder.
func updateFolderFloorSettings(w io.Writer, folderID string) error {
	ctx := context.Background()

	// Create the Model Armor client.
	client, err := modelarmor.NewClient(ctx)
	if err != nil {
		return fmt.Errorf("failed to create client: %w", err)
	}
	defer client.Close()

	// Prepare folder floor settings path/name
	floorSettingsName := fmt.Sprintf("folders/%s/locations/global/floorSetting", folderID)

	// Prepare the floor setting update
	enableEnforcement := true
	floorSetting := &modelarmorpb.FloorSetting{
		Name: floorSettingsName,
		FilterConfig: &modelarmorpb.FilterConfig{
			RaiSettings: &modelarmorpb.RaiFilterSettings{
				RaiFilters: []*modelarmorpb.RaiFilterSettings_RaiFilter{
					{
						FilterType:      modelarmorpb.RaiFilterType_HATE_SPEECH,
						ConfidenceLevel: modelarmorpb.DetectionConfidenceLevel_HIGH,
					},
				},
			},
		},
		EnableFloorSettingEnforcement: &enableEnforcement,
	}

	// Prepare request for updating the floor setting.
	req := &modelarmorpb.UpdateFloorSettingRequest{
		FloorSetting: floorSetting,
	}

	// Update the floor setting.
	response, err := client.UpdateFloorSetting(ctx, req)
	if err != nil {
		return fmt.Errorf("failed to update floor setting: %w", err)
	}

	// Print the updated config
	fmt.Fprintf(w, "Updated folder floor setting: %v\n", response)

	return nil

}

    • 更新特定機構的 Model Armor 底限設定。

      
import (
	"context"
	"fmt"
	"io"

	modelarmor "cloud.google.com/go/modelarmor/apiv1"
	modelarmorpb "cloud.google.com/go/modelarmor/apiv1/modelarmorpb"
)

// updateOrganizationFloorSettings updates floor settings of an organization.
//
// This method updates the floor settings of an organization.
//
// w io.Writer: The writer to use for logging.
// organizationID string: The ID of the organization.
func updateOrganizationFloorSettings(w io.Writer, organizationID string) error {
	ctx := context.Background()

	// Create the Model Armor client.
	client, err := modelarmor.NewClient(ctx)
	if err != nil {
		return fmt.Errorf("failed to create client: %w", err)
	}
	defer client.Close()

	// Prepare organization floor setting path/name
	floorSettingsName := fmt.Sprintf("organizations/%s/locations/global/floorSetting", organizationID)

	// Update the organization floor setting
	// For more details on filters, please refer to the following doc:
	// [https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters](https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters)
	enableEnforcement := true
	req := &modelarmorpb.UpdateFloorSettingRequest{
		FloorSetting: &modelarmorpb.FloorSetting{
			Name: floorSettingsName,
			FilterConfig: &modelarmorpb.FilterConfig{
				RaiSettings: &modelarmorpb.RaiFilterSettings{
					RaiFilters: []*modelarmorpb.RaiFilterSettings_RaiFilter{
						{
							FilterType:      modelarmorpb.RaiFilterType_HATE_SPEECH,
							ConfidenceLevel: modelarmorpb.DetectionConfidenceLevel_HIGH,
						},
					},
				},
			},
			EnableFloorSettingEnforcement: &enableEnforcement,
		},
	}

	response, err := client.UpdateFloorSetting(ctx, req)
	if err != nil {
		return fmt.Errorf("failed to update floor setting: %w", err)
	}

	// Print the updated config
	fmt.Fprintf(w, "Updated org floor setting: %+v\n", response)

    Java

    如要執行這段程式碼,請先設定 Java 開發環境,然後安裝 Model Armor Java SDK

    Node.js

    如要執行這段程式碼,請先設定 Node.js 開發環境, 然後安裝 Model Armor Node.js SDK

    • 更新特定專案的 Model Armor 底限設定。

      /**
 * TODO(developer): Uncomment these variables before running the sample.
 */
// const projectId = 'your-project-id';

const modelarmor = require('@google-cloud/modelarmor');
const {ModelArmorClient} = modelarmor.v1;
const {protos} = modelarmor;

// Initiate client
const client = new ModelArmorClient();

async function updateProjectFloorSettings() {
  const floorSettingsName = `projects/${projectId}/locations/global/floorSetting`;

  // Build the floor settings with your preferred filters
  // For more details on filters, please refer to the following doc:
  // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
  const floorSetting = {
    name: floorSettingsName,
    filterConfig: {
      raiSettings: {
        raiFilters: [
          {
            filterType:
              protos.google.cloud.modelarmor.v1.RaiFilterType.HARASSMENT,
            confidenceLevel:
              protos.google.cloud.modelarmor.v1.DetectionConfidenceLevel
                .LOW_AND_ABOVE,
          },
          {
            filterType:
              protos.google.cloud.modelarmor.v1.RaiFilterType
                .SEXUALLY_EXPLICIT,
            confidenceLevel:
              protos.google.cloud.modelarmor.v1.DetectionConfidenceLevel
                .LOW_AND_ABOVE,
          },
        ],
      },
    },
    enableFloorSettingEnforcement: true,
  };

  const request = {
    floorSetting: floorSetting,
  };

  const [response] = await client.updateFloorSetting(request);
  return response;
}

return await updateProjectFloorSettings();

    • 更新指定資料夾的 Model Armor 底限設定。

      /**
 * TODO(developer): Uncomment these variables before running the sample.
 */
// const folderId = 'your-folder-id';

// Imports the Model Armor library
const modelarmor = require('@google-cloud/modelarmor');
const {ModelArmorClient} = modelarmor.v1;
const {protos} = modelarmor;

// Instantiates a client
const client = new ModelArmorClient();

async function updateFolderFloorSettings() {
  const floorSettingsName = `folders/${folderId}/locations/global/floorSetting`;

  // Build the floor settings with your preferred filters
  // For more details on filters, please refer to the following doc:
  // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
  const floorSetting = {
    name: floorSettingsName,
    filterConfig: {
      raiSettings: {
        raiFilters: [
          {
            filterType:
              protos.google.cloud.modelarmor.v1.RaiFilterType.HARASSMENT,
            confidenceLevel:
              protos.google.cloud.modelarmor.v1.DetectionConfidenceLevel
                .LOW_AND_ABOVE,
          },
          {
            filterType:
              protos.google.cloud.modelarmor.v1.RaiFilterType
                .SEXUALLY_EXPLICIT,
            confidenceLevel:
              protos.google.cloud.modelarmor.v1.DetectionConfidenceLevel
                .LOW_AND_ABOVE,
          },
        ],
      },
    },
    enableFloorSettingEnforcement: true,
  };

  const request = {
    floorSetting: floorSetting,
  };

  const [response] = await client.updateFloorSetting(request);
  return response;
}

return await updateFolderFloorSettings();

    • 更新特定機構的 Model Armor 底限設定。

      /**
 * TODO(developer): Uncomment these variables before running the sample.
 */
// const organizationId = 'your-organization-id';

const modelarmor = require('@google-cloud/modelarmor');
const {ModelArmorClient} = modelarmor.v1;
const {protos} = modelarmor;

const client = new ModelArmorClient();

async function updateOrganizationFloorSettings() {
  const floorSettingsName = `organizations/${organizationId}/locations/global/floorSetting`;

  // Build the floor settings with your preferred filters
  // For more details on filters, please refer to the following doc:
  // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters
  const floorSetting = {
    name: floorSettingsName,
    filterConfig: {
      raiSettings: {
        raiFilters: [
          {
            filterType:
              protos.google.cloud.modelarmor.v1.RaiFilterType.HARASSMENT,
            confidenceLevel:
              protos.google.cloud.modelarmor.v1.DetectionConfidenceLevel
                .LOW_AND_ABOVE,
          },
          {
            filterType:
              protos.google.cloud.modelarmor.v1.RaiFilterType
                .SEXUALLY_EXPLICIT,
            confidenceLevel:
              protos.google.cloud.modelarmor.v1.DetectionConfidenceLevel
                .LOW_AND_ABOVE,
          },
        ],
      },
    },
    enableFloorSettingEnforcement: true,
  };

  const request = {
    floorSetting: floorSetting,
  };

  const [response] = await client.updateFloorSetting(request);
  return response;
}

return await updateOrganizationFloorSettings();

    PHP

    如要執行這段程式碼,請先設定 PHP 開發環境,然後安裝 Model Armor PHP SDK

    • 更新特定專案的 Model Armor 底限設定。

      use Google\Cloud\ModelArmor\V1\Client\ModelArmorClient;
use Google\Cloud\ModelArmor\V1\RaiFilterType;
use Google\Cloud\ModelArmor\V1\DetectionConfidenceLevel;
use Google\Cloud\ModelArmor\V1\UpdateFloorSettingRequest;
use Google\Cloud\ModelArmor\V1\FilterConfig;
use Google\Cloud\ModelArmor\V1\FloorSetting;
use Google\Cloud\ModelArmor\V1\RaiFilterSettings;
use Google\Cloud\ModelArmor\V1\RaiFilterSettings\RaiFilter;

/**
 * Updates the floor settings for a given project.
 *
 * @param string $projectId The project Id for which the floor settings is to be updated.
 *
 */
function update_project_floor_settings(string $projectId): void
{
    $client = new ModelArmorClient();

    $floorSettingsName = sprintf('projects/%s/locations/global/floorSetting', $projectId);

    // Build the floor settings with your preferred filters
    // For more details on filters, please refer to the following doc:
    // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters

    $raiFilterSetting = (new RaiFilterSettings())
        ->setRaiFilters([
            (new RaiFilter())
                ->setFilterType(RaiFilterType::HATE_SPEECH)
                ->setConfidenceLevel(DetectionConfidenceLevel::HIGH)
        ]);

    $filterConfig = (new FilterConfig())->setRaiSettings($raiFilterSetting);
    $floorSetting = (new FloorSetting())
        ->setName($floorSettingsName)
        ->setFilterConfig($filterConfig)
        ->setEnableFloorSettingEnforcement(true);

    $updateRequest = (new UpdateFloorSettingRequest())->setFloorSetting($floorSetting);

    $response = $client->updateFloorSetting($updateRequest);

    printf("Floor setting updated: %s\n", $response->getName());
}

    • 更新指定資料夾的 Model Armor 底限設定。

      use Google\Cloud\ModelArmor\V1\Client\ModelArmorClient;
use Google\Cloud\ModelArmor\V1\RaiFilterType;
use Google\Cloud\ModelArmor\V1\DetectionConfidenceLevel;
use Google\Cloud\ModelArmor\V1\UpdateFloorSettingRequest;
use Google\Cloud\ModelArmor\V1\FilterConfig;
use Google\Cloud\ModelArmor\V1\FloorSetting;
use Google\Cloud\ModelArmor\V1\RaiFilterSettings;
use Google\Cloud\ModelArmor\V1\RaiFilterSettings\RaiFilter;

/**
 * Updates the floor settings for a given folder.
 *
 * @param string $folderId The folder Id for which the floor settings is to be updated.
 *
 */
function update_folder_floor_settings(string $folderId): void
{
    $client = new ModelArmorClient();

    $floorSettingsName = sprintf('folders/%s/locations/global/floorSetting', $folderId);

    // Build the floor settings with your preferred filters
    // For more details on filters, please refer to the following doc:
    // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters

    $raiFilterSetting = (new RaiFilterSettings())
        ->setRaiFilters([
            (new RaiFilter())
                ->setFilterType(RaiFilterType::HATE_SPEECH)
                ->setConfidenceLevel(DetectionConfidenceLevel::HIGH)
        ]);

    $filterConfig = (new FilterConfig())->setRaiSettings($raiFilterSetting);
    $floorSetting = (new FloorSetting())
        ->setName($floorSettingsName)
        ->setFilterConfig($filterConfig)
        ->setEnableFloorSettingEnforcement(true);

    $updateRequest = (new UpdateFloorSettingRequest())->setFloorSetting($floorSetting);

    $response = $client->updateFloorSetting($updateRequest);

    printf("Floor setting updated: %s\n", $response->getName());
}

    • 更新特定機構的 Model Armor 底限設定。

      use Google\Cloud\ModelArmor\V1\Client\ModelArmorClient;
use Google\Cloud\ModelArmor\V1\RaiFilterType;
use Google\Cloud\ModelArmor\V1\DetectionConfidenceLevel;
use Google\Cloud\ModelArmor\V1\UpdateFloorSettingRequest;
use Google\Cloud\ModelArmor\V1\FilterConfig;
use Google\Cloud\ModelArmor\V1\FloorSetting;
use Google\Cloud\ModelArmor\V1\RaiFilterSettings;
use Google\Cloud\ModelArmor\V1\RaiFilterSettings\RaiFilter;

/**
 * Updates the floor settings for a given organization.
 *
 * @param string $organizationId The organization Id for which the floor settings is to be updated.
 *
 */
function update_organization_floor_settings(string $organizationId)
{
    $client = new ModelArmorClient();

    $floorSettingsName = sprintf('organizations/%s/locations/global/floorSetting', $organizationId);

    // Build the floor settings with your preferred filters
    // For more details on filters, please refer to the following doc:
    // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters

    $raiFilterSetting = (new RaiFilterSettings())
        ->setRaiFilters([
            (new RaiFilter())
                ->setFilterType(RaiFilterType::HATE_SPEECH)
                ->setConfidenceLevel(DetectionConfidenceLevel::HIGH)
        ]);

    $filterConfig = (new FilterConfig())->setRaiSettings($raiFilterSetting);
    $floorSetting = (new FloorSetting())
        ->setName($floorSettingsName)
        ->setFilterConfig($filterConfig)
        ->setEnableFloorSettingEnforcement(true);

    $updateRequest = (new UpdateFloorSettingRequest())->setFloorSetting($floorSetting);

    $response = $client->updateFloorSetting($updateRequest);

    printf("Floor setting updated: %s\n", $response->getName());
}

    Python

    如要執行這段程式碼,請先設定 Python 開發環境,然後安裝 Model Armor Python SDK

    查看有關違反底價設定的發現項目

    每項 Model Armor 發現結果都會指出底限設定違規事項。如果 Model Armor 範本未達到資源階層底限設定定義的最低安全標準,就會發生違規情況。底限設定會定義範本的最低要求。

    如果發生下列任一項違反底限設定的情形,系統就會產生調查結果:

    • 在設定底層設定前,系統會建立設定較寬鬆的範本。
    • 範本缺少必要篩選器。
    • 範本未達到篩選器的最低信賴水準。

    偵測到違規行為時,系統會在 Security Command Center 中產生嚴重程度高的發現項目 (僅限使用 Security Command Center Premium 或 Enterprise 服務層級時)。這項發現會指出違反的底限設定、不符規定的範本,以及違規的詳細資料。

    以下範例顯示了該發現的 sourceProperties 欄位。這項與惡意 URI 篩選器相關的違規事項,是因為範本設定的 maliciousUriFilterSettingsDISABLED,但底限設定要求為 ENABLED

    {
  "filterConfig": {
    "raiSettings": {
      "raiFilters": [
        {
          "filterType": "HATE_SPEECH",
          "confidenceLevel": {
            "floorSettings": "LOW_AND_ABOVE",
            "template": "MEDIUM_AND_ABOVE"
          }
        },
        {
          "filterType": "HARASSMENT",
          "confidenceLevel": {
            "floorSettings": "MEDIUM_AND_ABOVE",
            "template": "HIGH"
          }
        }
      ]
    },
    "piAndJailbreakFilterSettings": {
      "confidenceLevel": {
        "floorSettings": "LOW_AND_ABOVE",
        "template": "HIGH"
      }
    },
    "maliciousUriFilterSettings": {
      "floorSettings": "ENABLED",
      "template": "DISABLED"
    }
  }
}

    後續步驟