Skip to content

Add image filter support and complete AWS Cloud Control API schema compliance for guardrails #162

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
farhanashrafdev wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add image filter support and complete AWS Cloud Control API schema compliance for guardrails #162

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 25 additions & 7 deletions .header.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -263,7 +263,7 @@ Amazon Bedrock's Guardrails feature enables you to implement robust governance a

With Guardrails, you can define and enforce granular, customizable policies to precisely govern the behavior of your generative AI applications. You can configure the following policies in a guardrail to avoid undesirable and harmful content and remove sensitive information for privacy protection.

Content filters – Adjust filter strengths to block input prompts or model responses containing harmful content.
Content filters – Adjust filter strengths to block input prompts or model responses containing harmful content. Supports both text and image content filtering. Use `input_modalities` and `output_modalities` (list of strings) to specify content types: `["TEXT"]` for text-only, `["IMAGE"]` for image-only, or `["TEXT", "IMAGE"]` to apply the same filter to both text and image content.

Denied topics – Define a set of topics that are undesirable in the context of your application. These topics will be blocked if detected in user queries or model responses.

Expand All @@ -282,14 +282,32 @@ module "bedrock" {
blocked_output = "I can provide general info about services, but can't fully address your request here. For personalized help or detailed questions, please contact our customer service team directly. For security reasons, avoid sharing sensitive information through this channel. If you have a general product question, feel free to ask without including personal details."
filters_config = [
{
input_strength = "MEDIUM"
output_strength = "MEDIUM"
type = "HATE"
input_strength = "MEDIUM"
output_strength = "MEDIUM"
type = "HATE"
input_modalities = ["TEXT"]
output_modalities = ["TEXT"]
},
{
input_strength = "HIGH"
output_strength = "HIGH"
type = "VIOLENCE"
input_strength = "HIGH"
output_strength = "HIGH"
type = "VIOLENCE"
input_modalities = ["TEXT", "IMAGE"]
output_modalities = ["TEXT", "IMAGE"]
},
{
input_strength = "HIGH"
output_strength = "HIGH"
type = "HATE"
input_modalities = ["IMAGE"]
output_modalities = ["IMAGE"]
},
{
input_strength = "MEDIUM"
output_strength = "MEDIUM"
type = "SEXUAL"
input_modalities = ["IMAGE"]
output_modalities = ["IMAGE"]
}
]
pii_entities_config = [
Expand Down
46 changes: 23 additions & 23 deletions bda.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,29 +1,29 @@
resource "awscc_bedrock_data_automation_project" "bda_project" {
count = var.create_bda ? 1 : 0
project_name = "${random_string.solution_prefix.result}-${var.bda_project_name}"
project_description = var.bda_project_description
kms_encryption_context = var.bda_kms_encryption_context
kms_key_id = var.bda_kms_key_id
tags = var.bda_tags
standard_output_configuration = var.bda_standard_output_configuration
custom_output_configuration = {
blueprints = var.bda_custom_output_config
}
override_configuration = {
document = {
splitter = {
state = var.bda_override_config_state
}
}
count = var.create_bda ? 1 : 0
project_name = "${random_string.solution_prefix.result}-${var.bda_project_name}"
project_description = var.bda_project_description
kms_encryption_context = var.bda_kms_encryption_context
kms_key_id = var.bda_kms_key_id
tags = var.bda_tags
standard_output_configuration = var.bda_standard_output_configuration
custom_output_configuration = {
blueprints = var.bda_custom_output_config
}
override_configuration = {
document = {
splitter = {
state = var.bda_override_config_state
}
}
}
}

resource "awscc_bedrock_blueprint" "bda_blueprint" {
count = var.create_blueprint ? 1 : 0
blueprint_name = "${random_string.solution_prefix.result}-${var.blueprint_name}"
schema = var.blueprint_schema
type = var.blueprint_type
kms_encryption_context = var.blueprint_kms_encryption_context
kms_key_id = var.blueprint_kms_key_id
tags = var.blueprint_tags
count = var.create_blueprint ? 1 : 0
blueprint_name = "${random_string.solution_prefix.result}-${var.blueprint_name}"
schema = var.blueprint_schema
type = var.blueprint_type
kms_encryption_context = var.blueprint_kms_encryption_context
kms_key_id = var.blueprint_kms_key_id
tags = var.blueprint_tags
}
106 changes: 53 additions & 53 deletions data-source.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,17 +5,17 @@ locals {
chunking_configuration = var.chunking_strategy == null ? null : {
chunking_strategy = var.chunking_strategy
fixed_size_chunking_configuration = var.chunking_strategy_max_tokens == null ? null : {
max_tokens = var.chunking_strategy_max_tokens
max_tokens = var.chunking_strategy_max_tokens
overlap_percentage = var.chunking_strategy_overlap_percentage
}
hierarchical_chunking_configuration = var.heirarchical_overlap_tokens == null && var.level_configurations_list == null ? null : {
level_configurations = var.level_configurations_list
overlap_tokens = var.heirarchical_overlap_tokens
overlap_tokens = var.heirarchical_overlap_tokens
}
semantic_chunking_configuration = var.breakpoint_percentile_threshold == null && var.semantic_buffer_size == null && var.semantic_max_tokens == null ? null : {
breakpoint_percentile_threshold = var.breakpoint_percentile_threshold
buffer_size = var.semantic_buffer_size
max_tokens = var.semantic_max_tokens
buffer_size = var.semantic_buffer_size
max_tokens = var.semantic_max_tokens
}
}
context_enrichment_configuration = var.create_context_enrichment_config == false ? null : {
Expand Down Expand Up @@ -49,7 +49,7 @@ locals {
parsing_strategy = var.parsing_strategy
}
}

server_side_encryption_configuration = var.create_server_side_encryption_config == false ? null : {
kms_key_arn = var.data_source_kms_key_arn
}
Expand Down Expand Up @@ -92,12 +92,12 @@ resource "awscc_bedrock_data_source" "knowledge_base_ds" {
data_source_configuration = {
type = "S3"
s3_configuration = {
bucket_arn = var.kb_s3_data_source == null ? awscc_s3_bucket.s3_data_source[0].arn : var.kb_s3_data_source # Create an S3 bucket or reference existing
bucket_arn = var.kb_s3_data_source == null ? awscc_s3_bucket.s3_data_source[0].arn : var.kb_s3_data_source # Create an S3 bucket or reference existing
bucket_owner_account_id = var.bucket_owner_account_id
inclusion_prefixes = var.s3_inclusion_prefixes
inclusion_prefixes = var.s3_inclusion_prefixes
}
}
vector_ingestion_configuration = var.create_vector_ingestion_configuration == false ? null : local.vector_ingestion_configuration
vector_ingestion_configuration = var.create_vector_ingestion_configuration == false ? null : local.vector_ingestion_configuration
server_side_encryption_configuration = local.server_side_encryption_configuration
}

Expand Down Expand Up @@ -163,7 +163,7 @@ resource "awscc_bedrock_data_source" "knowledge_base_web_crawler" {
}
}
}
vector_ingestion_configuration = var.create_vector_ingestion_configuration == false ? null : local.vector_ingestion_configuration
vector_ingestion_configuration = var.create_vector_ingestion_configuration == false ? null : local.vector_ingestion_configuration
server_side_encryption_configuration = local.server_side_encryption_configuration
}

Expand All @@ -176,23 +176,23 @@ resource "awscc_bedrock_data_source" "knowledge_base_confluence" {
data_source_configuration = {
type = "CONFLUENCE"
confluence_configuration = {
crawler_configuration = {
filter_configuration = {
pattern_object_filter = {
filters = var.pattern_object_filter_list
}
type = var.crawl_filter_type
}
}
source_configuration = {
auth_type = var.auth_type
credentials_secret_arn = var.confluence_credentials_secret_arn
host_type = var.host_type
host_url = var.host_url
crawler_configuration = {
filter_configuration = {
pattern_object_filter = {
filters = var.pattern_object_filter_list
}
type = var.crawl_filter_type
}
}
source_configuration = {
auth_type = var.auth_type
credentials_secret_arn = var.confluence_credentials_secret_arn
host_type = var.host_type
host_url = var.host_url
}
}
}
vector_ingestion_configuration = var.create_vector_ingestion_configuration == false ? null : local.vector_ingestion_configuration
vector_ingestion_configuration = var.create_vector_ingestion_configuration == false ? null : local.vector_ingestion_configuration
server_side_encryption_configuration = local.server_side_encryption_configuration
}

Expand All @@ -204,26 +204,26 @@ resource "awscc_bedrock_data_source" "knowledge_base_sharepoint" {
description = var.data_source_description
data_source_configuration = {
type = "SHAREPOINT"
share_point_configuration = {
crawler_configuration = {
filter_configuration = {
pattern_object_filter ={
filters = var.pattern_object_filter_list
}
type = var.crawl_filter_type
}
}
source_configuration = {
auth_type = var.auth_type
credentials_secret_arn = var.share_point_credentials_secret_arn
domain = var.share_point_domain
host_type = var.host_type
site_urls = var.share_point_site_urls
tenant_id = var.tenant_id
share_point_configuration = {
crawler_configuration = {
filter_configuration = {
pattern_object_filter = {
filters = var.pattern_object_filter_list
}
type = var.crawl_filter_type
}
}
source_configuration = {
auth_type = var.auth_type
credentials_secret_arn = var.share_point_credentials_secret_arn
domain = var.share_point_domain
host_type = var.host_type
site_urls = var.share_point_site_urls
tenant_id = var.tenant_id
}
}
}
vector_ingestion_configuration = var.create_vector_ingestion_configuration == false ? null : local.vector_ingestion_configuration
vector_ingestion_configuration = var.create_vector_ingestion_configuration == false ? null : local.vector_ingestion_configuration
server_side_encryption_configuration = local.server_side_encryption_configuration
}

Expand All @@ -236,21 +236,21 @@ resource "awscc_bedrock_data_source" "knowledge_base_salesforce" {
data_source_configuration = {
type = "SALESFORCE"
salesforce_configuration = {
crawler_configuration = {
filter_configuration = {
pattern_object_filter = {
filters = var.pattern_object_filter_list
}
type = var.crawl_filter_type
}
}
source_configuration = {
auth_type = var.auth_type
credentials_secret_arn = var.salesforce_credentials_secret_arn
host_url = var.host_url
crawler_configuration = {
filter_configuration = {
pattern_object_filter = {
filters = var.pattern_object_filter_list
}
type = var.crawl_filter_type
}
}
source_configuration = {
auth_type = var.auth_type
credentials_secret_arn = var.salesforce_credentials_secret_arn
host_url = var.host_url
}
}
}
vector_ingestion_configuration = var.create_vector_ingestion_configuration == false ? null : local.vector_ingestion_configuration
vector_ingestion_configuration = var.create_vector_ingestion_configuration == false ? null : local.vector_ingestion_configuration
server_side_encryption_configuration = local.server_side_encryption_configuration
}
34 changes: 17 additions & 17 deletions data.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,10 @@ data "aws_partition" "current" {}
data "aws_region" "current" {}

locals {
region = data.aws_region.current.region
account_id = data.aws_caller_identity.current.account_id
partition = data.aws_partition.current.partition
create_kb = var.create_default_kb || var.create_rds_config || var.create_mongo_config || var.create_pinecone_config || var.create_opensearch_config || var.create_opensearch_managed_config || var.create_kb || var.create_kendra_config
region = data.aws_region.current.region
account_id = data.aws_caller_identity.current.account_id
partition = data.aws_partition.current.partition
create_kb = var.create_default_kb || var.create_rds_config || var.create_mongo_config || var.create_pinecone_config || var.create_opensearch_config || var.create_opensearch_managed_config || var.create_kb || var.create_kendra_config
foundation_model = var.create_agent ? var.foundation_model : (var.create_supervisor ? var.supervisor_model : null)
}

Expand Down Expand Up @@ -47,18 +47,18 @@ data "aws_iam_policy_document" "agent_permissions" {
"arn:aws:bedrock:*:*:application-inference-profile/*",
] : [],
var.create_app_inference_profile ? [
var.app_inference_profile_model_source,
awscc_bedrock_application_inference_profile.application_inference_profile[0].inference_profile_arn,
"arn:${local.partition}:bedrock:*:*:application-inference-profile/*",
var.app_inference_profile_model_source,
awscc_bedrock_application_inference_profile.application_inference_profile[0].inference_profile_arn,
"arn:${local.partition}:bedrock:*:*:application-inference-profile/*",
] : [],
var.create_app_inference_profile ?
awscc_bedrock_application_inference_profile.application_inference_profile[0].models[*].model_arn : [],
!var.create_app_inference_profile && !var.use_app_inference_profile ?
var.create_app_inference_profile ?
awscc_bedrock_application_inference_profile.application_inference_profile[0].models[*].model_arn : [],
!var.create_app_inference_profile && !var.use_app_inference_profile ?
[
"arn:${local.partition}:bedrock:${local.region}::foundation-model/${local.foundation_model}",
"arn:${local.partition}:bedrock:*::foundation-model/${local.foundation_model}",
"arn:${local.partition}:bedrock:${local.region}:${local.account_id}:inference-profile/*.${local.foundation_model}",
]: []
"arn:${local.partition}:bedrock:${local.region}::foundation-model/${local.foundation_model}",
"arn:${local.partition}:bedrock:*::foundation-model/${local.foundation_model}",
"arn:${local.partition}:bedrock:${local.region}:${local.account_id}:inference-profile/*.${local.foundation_model}",
] : []
))
}
}
Expand All @@ -67,12 +67,12 @@ data "aws_iam_policy_document" "agent_alias_permissions" {
count = var.create_agent_alias || var.create_supervisor ? 1 : 0
statement {
actions = [
"bedrock:GetAgentAlias",
"bedrock:GetAgentAlias",
"bedrock:InvokeAgent"
]
resources = [
"arn:${local.partition}:bedrock:${local.region}:${local.account_id}:agent/*",
"arn:${local.partition}:bedrock:${local.region}:${local.account_id}:agent-alias/*"
"arn:${local.partition}:bedrock:${local.region}:${local.account_id}:agent-alias/*"
]
}
}
Expand Down Expand Up @@ -124,6 +124,6 @@ data "aws_iam_policy_document" "app_inference_profile_permission" {
}

data "aws_bedrock_foundation_model" "model_identifier" {
count = var.create_custom_model ? 1 : 0
count = var.create_custom_model ? 1 : 0
model_id = var.custom_model_id
}
42 changes: 21 additions & 21 deletions examples/agent-collaborator/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,35 +5,35 @@
#####################################################################################

module "agent_supervisor" {
source = "../.."
create_agent = false
create_supervisor = true
supervisor_model = "anthropic.claude-3-5-sonnet-20241022-v2:0"
supervisor_instruction = "You are a supervisor who can provide detailed information about cars to an agent."
source = "../.."
create_agent = false
create_supervisor = true
supervisor_model = "anthropic.claude-3-5-sonnet-20241022-v2:0"
supervisor_instruction = "You are a supervisor who can provide detailed information about cars to an agent."
}

module "agent_collaborator1" {
source = "../.."
create_agent_alias = true
foundation_model = "anthropic.claude-v2"
instruction = "You are an automotive assisant who can provide detailed information about cars to a customer."
supervisor_id = module.agent_supervisor.supervisor_id
create_collaborator = true
collaborator_name = "AgentA"
collaboration_instruction = "Handle customer inquiries"
source = "../.."
create_agent_alias = true
foundation_model = "anthropic.claude-v2"
instruction = "You are an automotive assisant who can provide detailed information about cars to a customer."
supervisor_id = module.agent_supervisor.supervisor_id
create_collaborator = true
collaborator_name = "AgentA"
collaboration_instruction = "Handle customer inquiries"

depends_on = [module.agent_supervisor]
}

module "agent_collaborator2" {
source = "../.."
create_agent_alias = true
foundation_model = "anthropic.claude-v2"
instruction = "You are an automotive assisant who can provide detailed information about cars to a customer."
supervisor_id = module.agent_supervisor.supervisor_id
create_collaborator = true
collaborator_name = "AgentB"
collaboration_instruction = "Process backend tasks"
source = "../.."
create_agent_alias = true
foundation_model = "anthropic.claude-v2"
instruction = "You are an automotive assisant who can provide detailed information about cars to a customer."
supervisor_id = module.agent_supervisor.supervisor_id
create_collaborator = true
collaborator_name = "AgentB"
collaboration_instruction = "Process backend tasks"

depends_on = [module.agent_supervisor, module.agent_collaborator1]
}
Loading