1
0
Fork 0
mirror of https://github.com/imjasonh/gcloud-help synced 2026-07-18 14:56:05 +00:00

gcloud: Wed Feb 12 10:41:39 UTC 2025

This commit is contained in:
Automated 2025-02-12 10:41:39 +00:00
parent c854ee0644
commit 44f319c56c
119 changed files with 5956 additions and 337 deletions

View file

@ -0,0 +1,28 @@
NAME
gcloud model-armor floorsettings describe - describe the FloorSetting
resource
SYNOPSIS
gcloud model-armor floorsettings describe [--full-uri=FULL_URI]
[GCLOUD_WIDE_FLAG ...]
DESCRIPTION
Displays the floor setting resource with the given name.
FLAGS
--full-uri=FULL_URI
Full uri of the floor setting
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account,
--billing-project, --configuration, --flags-file, --flatten, --format,
--help, --impersonate-service-account, --log-http, --project, --quiet,
--trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
NOTES
This variant is also available:
$ gcloud alpha model-armor floorsettings describe

View file

@ -0,0 +1,28 @@
NAME
gcloud model-armor floorsettings - manage FloorSettings resources
SYNOPSIS
gcloud model-armor floorsettings COMMAND [GCLOUD_WIDE_FLAG ...]
DESCRIPTION
Manage FloorSettings resources.
GCLOUD WIDE FLAGS
These flags are available to all commands: --help.
Run $ gcloud help for details.
COMMANDS
COMMAND is one of the following:
describe
Describe the FloorSetting resource.
update
Update the FloorSetting resource.
NOTES
This variant is also available:
$ gcloud alpha model-armor floorsettings

View file

@ -0,0 +1,123 @@
NAME
gcloud model-armor floorsettings update - update the FloorSetting resource
SYNOPSIS
gcloud model-armor floorsettings update --full-uri=FULL_URI
[--enable-floor-setting-enforcement=ENABLE_FLOOR_SETTING_ENFORCEMENT]
[--malicious-uri-filter-settings-enforcement=MALICIOUS_URI_FILTER_SETTINGS_ENFORCEMENT]
[--add-rai-settings-filters=confidenceLevel=CONFIDENCELEVEL],
[filterType=FILTERTYPE] | --clear-rai-settings-filters
| --rai-settings-filters=confidenceLevel=CONFIDENCELEVEL],
[filterType=FILTERTYPE]
| --remove-rai-settings-filters=confidenceLevel=CONFIDENCELEVEL],
[filterType=FILTERTYPE]]
[--advanced-config-deidentify-template=ADVANCED_CONFIG_DEIDENTIFY_TEMPLATE --advanced-config-inspect-template=ADVANCED_CONFIG_INSPECT_TEMPLATE --basic-config-filter-enforcement=BASIC_CONFIG_FILTER_ENFORCEMENT]
[--pi-and-jailbreak-filter-settings-confidence-level=PI_AND_JAILBREAK_FILTER_SETTINGS_CONFIDENCE_LEVEL --pi-and-jailbreak-filter-settings-enforcement=PI_AND_JAILBREAK_FILTER_SETTINGS_ENFORCEMENT]
[GCLOUD_WIDE_FLAG ...]
DESCRIPTION
Updates the floor setting resource with the given name.
REQUIRED FLAGS
--full-uri=FULL_URI
Full uri of the floor setting
OPTIONAL FLAGS
--enable-floor-setting-enforcement=ENABLE_FLOOR_SETTING_ENFORCEMENT
Enable or disable the floor setting enforcement
Malicious uri filter settings.
--malicious-uri-filter-settings-enforcement=MALICIOUS_URI_FILTER_SETTINGS_ENFORCEMENT
Malicious URI filter settings.
RAI filter settings.
At most one of these can be specified:
--add-rai-settings-filters=confidenceLevel=CONFIDENCELEVEL],[filterType=FILTERTYPE]
Add rai filter settings. Sets add_rai_settings_filters value.
Shorthand Example:
--add-rai-settings-filters=string --add-rai-settings-filters=string
JSON Example:
--add-rai-settings-filters=["string"]
File Example:
--add-rai-settings-filters=path_to_file.(yaml|json)
--clear-rai-settings-filters
Clear all rai filter settings.
--rai-settings-filters=confidenceLevel=CONFIDENCELEVEL],[filterType=FILTERTYPE]
Set rai_settings_filters to new value. List of Responsible AI filters
enabled for floor setting. Sets rai_settings_filters value.
Shorthand Example:
--rai-settings-filters=string --rai-settings-filters=string
JSON Example:
--rai-settings-filters=["string"]
File Example:
--rai-settings-filters=path_to_file.(yaml|json)
--remove-rai-settings-filters=confidenceLevel=CONFIDENCELEVEL],[filterType=FILTERTYPE]
Remove rai filter settings. Sets remove_rai_settings_filters value.
Shorthand Example:
--remove-rai-settings-filters=string --remove-rai-settings-filters=string
JSON Example:
--remove-rai-settings-filters=["string"]
File Example:
--remove-rai-settings-filters=path_to_file.(yaml|json)
SDP filter settings.
--advanced-config-deidentify-template=ADVANCED_CONFIG_DEIDENTIFY_TEMPLATE
The sdp filter settings enforcement. The value can be either "enable"
or "disable".
--advanced-config-inspect-template=ADVANCED_CONFIG_INSPECT_TEMPLATE
The sdp filter settings enforcement. The value can be either "enable"
or "disable".
--basic-config-filter-enforcement=BASIC_CONFIG_FILTER_ENFORCEMENT
The sdp filter settings enforcement. The value can be either
"ENABLED" or "DISABLED"
PI and jailbreak filter settings.
--pi-and-jailbreak-filter-settings-confidence-level=PI_AND_JAILBREAK_FILTER_SETTINGS_CONFIDENCE_LEVEL
The pi and jailbreak filter settings confidence level. The value can
be either "high", "medium-and-above" or "low-and-above"
--pi-and-jailbreak-filter-settings-enforcement=PI_AND_JAILBREAK_FILTER_SETTINGS_ENFORCEMENT
The pi and jailbreak filter settings enforcement. The value can be
either "enable" or "disable".
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account,
--billing-project, --configuration, --flags-file, --flatten, --format,
--help, --impersonate-service-account, --log-http, --project, --quiet,
--trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
NOTES
This variant is also available:
$ gcloud alpha model-armor floorsettings update

31
gcloud/model-armor/help Normal file
View file

@ -0,0 +1,31 @@
NAME
gcloud model-armor - model Armor is a service offering LLM-agnostic
security and AI safety measures to mitigate risks associated with large
language models (LLMs)
SYNOPSIS
gcloud model-armor GROUP [GCLOUD_WIDE_FLAG ...]
DESCRIPTION
Model Armor is a service offering LLM-agnostic security and AI safety
measures to mitigate risks associated with large language models (LLMs).
GCLOUD WIDE FLAGS
These flags are available to all commands: --help.
Run $ gcloud help for details.
GROUPS
GROUP is one of the following:
floorsettings
Manage FloorSettings resources.
templates
Manage Template resources.
NOTES
This variant is also available:
$ gcloud alpha model-armor

View file

@ -0,0 +1,257 @@
NAME
gcloud model-armor templates create - create Model Armor Template
SYNOPSIS
gcloud model-armor templates create (TEMPLATE : --location=LOCATION)
(--malicious-uri-filter-settings-enforcement=MALICIOUS_URI_FILTER_SETTINGS_ENFORCEMENT --rai-settings-filters=[confidenceLevel=CONFIDENCELEVEL],
[filterType=FILTERTYPE]
--basic-config-filter-enforcement=BASIC_CONFIG_FILTER_ENFORCEMENT
| --advanced-config-deidentify-template=ADVANCED_CONFIG_DEIDENTIFY_TEMPLATE --advanced-config-inspect-template=ADVANCED_CONFIG_INSPECT_TEMPLATE --pi-and-jailbreak-filter-settings-confidence-level=PI_AND_JAILBREAK_FILTER_SETTINGS_CONFIDENCE_LEVEL --pi-and-jailbreak-filter-settings-enforcement=PI_AND_JAILBREAK_FILTER_SETTINGS_ENFORCEMENT)
[--labels=[LABELS,...]] [--request-id=REQUEST_ID]
[--template-metadata-custom-llm-response-safety-error-code=TEMPLATE_METADATA_CUSTOM_LLM_RESPONSE_SAFETY_ERROR_CODE --template-metadata-custom-llm-response-safety-error-message=TEMPLATE_METADATA_CUSTOM_LLM_RESPONSE_SAFETY_ERROR_MESSAGE --template-metadata-custom-prompt-safety-error-code=TEMPLATE_METADATA_CUSTOM_PROMPT_SAFETY_ERROR_CODE --template-metadata-custom-prompt-safety-error-message=TEMPLATE_METADATA_CUSTOM_PROMPT_SAFETY_ERROR_MESSAGE --template-metadata-ignore-partial-invocation-failures --template-metadata-log-operations --template-metadata-log-sanitize-operations]
[GCLOUD_WIDE_FLAG ...]
DESCRIPTION
Creates a new Template in a given project and location.
EXAMPLES
To create a Template, run: $ gcloud model-armor templates create my-template \
--location=us-central1 \
--malicious-uri-filter-settings-enforcement=enabled
POSITIONAL ARGUMENTS
Template resource - Identifier. name of resource The arguments in this
group can be used to specify the attributes of this resource. (NOTE) Some
attributes are not given arguments in this group but can be set in other
ways.
To set the project attribute:
◆ provide the argument template on the command line with a fully
specified name;
◆ provide the argument --project on the command line;
◆ set the property core/project.
This must be specified.
TEMPLATE
ID of the template or fully qualified identifier for the template.
To set the template attribute:
▸ provide the argument template on the command line.
This positional argument must be specified if any of the other
arguments in this group are specified.
--location=LOCATION
The location id of the template resource.
To set the location attribute:
▸ provide the argument template on the command line with a fully
specified name;
▸ provide the argument --location on the command line.
REQUIRED FLAGS
Filters configuration.
At least one of these must be specified:
Malicious URI filter settings.
--malicious-uri-filter-settings-enforcement=MALICIOUS_URI_FILTER_SETTINGS_ENFORCEMENT
Tells whether the Malicious URI filter is enabled or disabled.
MALICIOUS_URI_FILTER_SETTINGS_ENFORCEMENT must be one of:
disabled
Disabled
enabled
Enabled
Responsible AI Filter settings.
--rai-settings-filters=[confidenceLevel=CONFIDENCELEVEL],[filterType=FILTERTYPE]
Required, List of Responsible AI filters enabled for template.
confidenceLevel
Confidence level for this RAI filter. During data sanitization,
if data is classified under this filter with a confidence level
equal to or greater than the specified level, a positive match
is reported. If the confidence level is unspecified (i.e., 0),
the system will use a reasonable default level based on the
filter_type.
filterType
Type of responsible AI filter.
Shorthand Example:
--rai-settings-filters=confidenceLevel=string,filterType=string --rai-settings-filters=confidenceLevel=string,filterType=string
JSON Example:
--rai-settings-filters='[{"confidenceLevel": "string", "filterType": "string"}]'
File Example:
--rai-settings-filters=path_to_file.(yaml|json)
Sensitive Data Protection settings.
Arguments for the sdp configuration.
At most one of these can be specified:
Sensitive Data Protection basic configuration.
--basic-config-filter-enforcement=BASIC_CONFIG_FILTER_ENFORCEMENT
Tells whether the Sensitive Data Protection basic config is
enabled or disabled. BASIC_CONFIG_FILTER_ENFORCEMENT must be
one of:
disabled
Disabled
enabled
Enabled
Sensitive Data Protection Advanced configuration.
--advanced-config-deidentify-template=ADVANCED_CONFIG_DEIDENTIFY_TEMPLATE
Optional Sensitive Data Protection Deidentify template resource
name.
If provided then DeidentifyContent action is performed during
Sanitization using this template and inspect template. The
De-identified data will be returned in SdpDeidentifyResult.
Note that all info-types present in the deidentify template
must be present in inspect template.
e.g.
organizations/{organization}/deidentifyTemplates/{deidentify_template},
projects/{project}/deidentifyTemplates/{deidentify_template}
organizations/{organization}/locations/{location}/deidentifyTemplates/{deidentify_template}
projects/{project}/locations/{location}/deidentifyTemplates/{deidentify_template}
--advanced-config-inspect-template=ADVANCED_CONFIG_INSPECT_TEMPLATE
Sensitive Data Protection inspect template resource name
If only inspect template is provided (de-identify template not
provided), then Sensitive Data Protection InspectContent action
is performed during Sanitization. All Sensitive Data Protection
findings identified during inspection will be returned as
SdpFinding in SdpInsepctionResult e.g.
organizations/{organization}/inspectTemplates/{inspect_template},
projects/{project}/inspectTemplates/{inspect_template}
organizations/{organization}/locations/{location}/inspectTemplates/{inspect_template}
projects/{project}/locations/{location}/inspectTemplates/{inspect_template}
Prompt injection and Jailbreak Filter settings.
--pi-and-jailbreak-filter-settings-confidence-level=PI_AND_JAILBREAK_FILTER_SETTINGS_CONFIDENCE_LEVEL
Confidence level for this filter. Confidence level is used to
determine the threshold for the filter. If detection confidence is
equal to or greater than the specified level, a positive match is
reported. Confidence level will only be used if the filter is
enabled. PI_AND_JAILBREAK_FILTER_SETTINGS_CONFIDENCE_LEVEL must be
one of:
high
Low chance of false positives.
low-and-above
Highest chance of a false positive.
medium-and-above
Some chance of false positives.
--pi-and-jailbreak-filter-settings-enforcement=PI_AND_JAILBREAK_FILTER_SETTINGS_ENFORCEMENT
Tells whether Prompt injection and Jailbreak filter is enabled or
disabled. PI_AND_JAILBREAK_FILTER_SETTINGS_ENFORCEMENT must be one
of:
disabled
Enabled
enabled
Enabled
OPTIONAL FLAGS
--labels=[LABELS,...]
Labels as key value pairs.
KEY
Keys must start with a lowercase character and contain only hyphens
(-), underscores (_), lowercase characters, and numbers.
VALUE
Values must contain only hyphens (-), underscores (_), lowercase
characters, and numbers.
Shorthand Example:
--labels=string=string
JSON Example:
--labels='{"string": "string"}'
File Example:
--labels=path_to_file.(yaml|json)
--request-id=REQUEST_ID
An optional request ID to identify requests. Specify a unique request
ID so that if you must retry your request, the server will know to
ignore the request if it has already been completed. The server stores
the request ID for 60 minutes after the first request.
For example, consider a situation where you make an initial request and
the request times out. If you make the request again with the same
request ID, the server can check if original operation with the same
request ID was received, and if so, will ignore the second request.
This prevents clients from accidentally creating duplicate commitments.
The request ID must be a valid UUID with the exception that zero UUID
is not supported (00000000-0000-0000-0000-000000000000).
Message describing TemplateMetadata
--template-metadata-custom-llm-response-safety-error-code=TEMPLATE_METADATA_CUSTOM_LLM_RESPONSE_SAFETY_ERROR_CODE
Indicates the custom error code set by the user to be returned to the
end user if the LLM response trips Model Armor filters.
--template-metadata-custom-llm-response-safety-error-message=TEMPLATE_METADATA_CUSTOM_LLM_RESPONSE_SAFETY_ERROR_MESSAGE
Indicates the custom error message set by the user to be returned to
the end user if the LLM response trips Model Armor filters.
--template-metadata-custom-prompt-safety-error-code=TEMPLATE_METADATA_CUSTOM_PROMPT_SAFETY_ERROR_CODE
Indicates the custom error code set by the user to be returned to the
end user by the service extension if the prompt trips Model Armor
filters.
--template-metadata-custom-prompt-safety-error-message=TEMPLATE_METADATA_CUSTOM_PROMPT_SAFETY_ERROR_MESSAGE
Indicates the custom error message set by the user to be returned to
the end user if the prompt trips Model Armor filters.
--template-metadata-ignore-partial-invocation-failures
If true, partial detector failures should be ignored.
--template-metadata-log-operations
If true, log template crud operations.
--template-metadata-log-sanitize-operations
If true, log sanitize operations.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account,
--billing-project, --configuration, --flags-file, --flatten, --format,
--help, --impersonate-service-account, --log-http, --project, --quiet,
--trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
API REFERENCE
This command uses the modelarmor/v1 API. The full documentation for this
API can be found at:
https://cloud.google.com/security-command-center/docs/model-armor-overview
NOTES
This variant is also available:
$ gcloud alpha model-armor templates create

View file

@ -0,0 +1,78 @@
NAME
gcloud model-armor templates delete - delete Model Armor Template
SYNOPSIS
gcloud model-armor templates delete (TEMPLATE : --location=LOCATION)
[--request-id=REQUEST_ID] [GCLOUD_WIDE_FLAG ...]
DESCRIPTION
Deletes a Template.
EXAMPLES
To delete a Template, run: $ gcloud model-armor templates delete my-template \
--location=us-central1
POSITIONAL ARGUMENTS
Template resource - Name of the resource The arguments in this group can
be used to specify the attributes of this resource. (NOTE) Some attributes
are not given arguments in this group but can be set in other ways.
To set the project attribute:
◆ provide the argument template on the command line with a fully
specified name;
◆ provide the argument --project on the command line;
◆ set the property core/project.
This must be specified.
TEMPLATE
ID of the template or fully qualified identifier for the template.
To set the template attribute:
▸ provide the argument template on the command line.
This positional argument must be specified if any of the other
arguments in this group are specified.
--location=LOCATION
The location id of the template resource.
To set the location attribute:
▸ provide the argument template on the command line with a fully
specified name;
▸ provide the argument --location on the command line.
FLAGS
--request-id=REQUEST_ID
An optional request ID to identify requests. Specify a unique request
ID so that if you must retry your request, the server will know to
ignore the request if it has already been completed. The server stores
the request ID for 60 minutes after the first request.
For example, consider a situation where you make an initial request and
the request times out. If you make the request again with the same
request ID, the server can check if original operation with the same
request ID was received, and if so, will ignore the second request.
This prevents clients from accidentally creating duplicate commitments.
The request ID must be a valid UUID with the exception that zero UUID
is not supported (00000000-0000-0000-0000-000000000000).
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account,
--billing-project, --configuration, --flags-file, --flatten, --format,
--help, --impersonate-service-account, --log-http, --project, --quiet,
--trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
API REFERENCE
This command uses the modelarmor/v1 API. The full documentation for this
API can be found at:
https://cloud.google.com/security-command-center/docs/model-armor-overview
NOTES
This variant is also available:
$ gcloud alpha model-armor templates delete

View file

@ -0,0 +1,62 @@
NAME
gcloud model-armor templates describe - get Model Armor Template
SYNOPSIS
gcloud model-armor templates describe (TEMPLATE : --location=LOCATION)
[GCLOUD_WIDE_FLAG ...]
DESCRIPTION
Gets a Template.
EXAMPLES
To get a Template, run: $ gcloud model-armor templates describe my-template \
--location=us-central1
POSITIONAL ARGUMENTS
Template resource - Name of the resource The arguments in this group can
be used to specify the attributes of this resource. (NOTE) Some attributes
are not given arguments in this group but can be set in other ways.
To set the project attribute:
◆ provide the argument template on the command line with a fully
specified name;
◆ provide the argument --project on the command line;
◆ set the property core/project.
This must be specified.
TEMPLATE
ID of the template or fully qualified identifier for the template.
To set the template attribute:
▸ provide the argument template on the command line.
This positional argument must be specified if any of the other
arguments in this group are specified.
--location=LOCATION
The location id of the template resource.
To set the location attribute:
▸ provide the argument template on the command line with a fully
specified name;
▸ provide the argument --location on the command line.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account,
--billing-project, --configuration, --flags-file, --flatten, --format,
--help, --impersonate-service-account, --log-http, --project, --quiet,
--trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
API REFERENCE
This command uses the modelarmor/v1 API. The full documentation for this
API can be found at:
https://cloud.google.com/security-command-center/docs/model-armor-overview
NOTES
This variant is also available:
$ gcloud alpha model-armor templates describe

View file

@ -0,0 +1,43 @@
NAME
gcloud model-armor templates - manage Template resources
SYNOPSIS
gcloud model-armor templates COMMAND [GCLOUD_WIDE_FLAG ...]
DESCRIPTION
Manage Template resources.
GCLOUD WIDE FLAGS
These flags are available to all commands: --help.
Run $ gcloud help for details.
COMMANDS
COMMAND is one of the following:
create
Create Model Armor Template.
delete
Delete Model Armor Template.
describe
Get Model Armor Template.
list
List Model Armor Templates.
sanitize-model-response
Sanitize Model Response.
sanitize-user-prompt
Sanitize User Prompt.
update
Update Model Armor Template.
NOTES
This variant is also available:
$ gcloud alpha model-armor templates

View file

@ -0,0 +1,83 @@
NAME
gcloud model-armor templates list - list Model Armor Templates
SYNOPSIS
gcloud model-armor templates list --location=LOCATION [--filter=EXPRESSION]
[--limit=LIMIT] [--page-size=PAGE_SIZE] [--sort-by=[FIELD,...]] [--uri]
[GCLOUD_WIDE_FLAG ...]
DESCRIPTION
Lists Templates in a given project and location.
EXAMPLES
To list Templates in a given project and location, run: $ gcloud model-armor templates list list --location=us-central1
REQUIRED FLAGS
Location resource - Parent value for ListTemplatesRequest This represents
a Cloud resource. (NOTE) Some attributes are not given arguments in this
group but can be set in other ways.
To set the project attribute:
◆ provide the argument --location on the command line with a fully
specified name;
◆ provide the argument --project on the command line;
◆ set the property core/project.
This must be specified.
--location=LOCATION
ID of the location or fully qualified identifier for the location.
To set the location attribute:
▸ provide the argument --location on the command line.
LIST COMMAND FLAGS
--filter=EXPRESSION
Apply a Boolean filter EXPRESSION to each resource item to be listed.
If the expression evaluates True, then that item is listed. For more
details and examples of filter expressions, run $ gcloud topic filters.
This flag interacts with other flags that are applied in this order:
--flatten, --sort-by, --filter, --limit.
--limit=LIMIT
Maximum number of resources to list. The default is unlimited. This
flag interacts with other flags that are applied in this order:
--flatten, --sort-by, --filter, --limit.
--page-size=PAGE_SIZE
Some services group resource list output into pages. This flag
specifies the maximum number of resources per page. The default is
determined by the service if it supports paging, otherwise it is
unlimited (no paging). Paging may be applied before or after --filter
and --limit depending on the service.
--sort-by=[FIELD,...]
Comma-separated list of resource field key names to sort by. The
default order is ascending. Prefix a field with ``~'' for descending
order on that field. This flag interacts with other flags that are
applied in this order: --flatten, --sort-by, --filter, --limit.
--uri
Print a list of resource URIs instead of the default output, and change
the command output to a list of URIs. If this flag is used with
--format, the formatting is applied on this URI list. To display URIs
alongside other keys instead, use the uri() transform.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account,
--billing-project, --configuration, --flags-file, --flatten, --format,
--help, --impersonate-service-account, --log-http, --project, --quiet,
--trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
API REFERENCE
This command uses the modelarmor/v1 API. The full documentation for this
API can be found at:
https://cloud.google.com/security-command-center/docs/model-armor-overview
NOTES
This variant is also available:
$ gcloud alpha model-armor templates list

View file

@ -0,0 +1,102 @@
NAME
gcloud model-armor templates sanitize-model-response - sanitize Model
Response
SYNOPSIS
gcloud model-armor templates sanitize-model-response
(TEMPLATE : --location=LOCATION) [--user-prompt=USER_PROMPT]
[--model-response-data-text=MODEL_RESPONSE_DATA_TEXT
| --model-response-data-byte-item-from-file=PATH_TO_FILE
--model-response-data-byte-item-type=MODEL_RESPONSE_DATA_BYTE_ITEM_TYPE]
[GCLOUD_WIDE_FLAG ...]
DESCRIPTION
Sanitizes a model response.
EXAMPLES
To sanitize a model response, run: $ gcloud model-armor templates sanitize-model-response my-template \
--location=us-central1 \
--model-response-data="test-model-response"
POSITIONAL ARGUMENTS
Template resource - Represents resource name of template e.g.
name=projects/sample-project/locations/us-central1/templates/templ01 The
arguments in this group can be used to specify the attributes of this
resource. (NOTE) Some attributes are not given arguments in this group but
can be set in other ways.
To set the project attribute:
◆ provide the argument template on the command line with a fully
specified name;
◆ provide the argument --project on the command line;
◆ set the property core/project.
This must be specified.
TEMPLATE
ID of the template or fully qualified identifier for the template.
To set the template attribute:
▸ provide the argument template on the command line.
This positional argument must be specified if any of the other
arguments in this group are specified.
--location=LOCATION
The location id of the template resource.
To set the location attribute:
▸ provide the argument template on the command line with a fully
specified name;
▸ provide the argument --location on the command line.
FLAGS
--user-prompt=USER_PROMPT
User Prompt associated with Model response.
Arguments for the data item.
At most one of these can be specified:
--model-response-data-text=MODEL_RESPONSE_DATA_TEXT
Plaintext string data for sanitization.
Represents Byte Data item.
--model-response-data-byte-item-from-file=PATH_TO_FILE
Bytes Data. Use a full or relative path to a local file containing
the value of model_response_data_byte_item.
This flag argument must be specified if any of the other arguments
in this group are specified.
--model-response-data-byte-item-type=MODEL_RESPONSE_DATA_BYTE_ITEM_TYPE
The type of byte data. MODEL_RESPONSE_DATA_BYTE_ITEM_TYPE must be
one of:
pdf
PDF
plaintext-utf8
plain text
This flag argument must be specified if any of the other arguments
in this group are specified.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account,
--billing-project, --configuration, --flags-file, --flatten, --format,
--help, --impersonate-service-account, --log-http, --project, --quiet,
--trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
API REFERENCE
This command uses the modelarmor/v1 API. The full documentation for this
API can be found at:
https://cloud.google.com/security-command-center/docs/model-armor-overview
NOTES
This variant is also available:
$ gcloud alpha model-armor templates sanitize-model-response

View file

@ -0,0 +1,95 @@
NAME
gcloud model-armor templates sanitize-user-prompt - sanitize User Prompt
SYNOPSIS
gcloud model-armor templates sanitize-user-prompt
(TEMPLATE : --location=LOCATION)
[--user-prompt-data-text=USER_PROMPT_DATA_TEXT
| --byte-item-data-from-file=PATH_TO_FILE
--byte-item-data-type=BYTE_ITEM_DATA_TYPE] [GCLOUD_WIDE_FLAG ...]
DESCRIPTION
Sanitizes a user prompt.
EXAMPLES
To sanitize a user prompt, run: $ gcloud model-armor templates sanitize-user-prompt my-template \
--location=us-central1 --user-prompt-data="test-user-prompt"
POSITIONAL ARGUMENTS
Template resource - Represents resource name of template e.g.
name=projects/sample-project/locations/us-central1/templates/templ01 The
arguments in this group can be used to specify the attributes of this
resource. (NOTE) Some attributes are not given arguments in this group but
can be set in other ways.
To set the project attribute:
◆ provide the argument template on the command line with a fully
specified name;
◆ provide the argument --project on the command line;
◆ set the property core/project.
This must be specified.
TEMPLATE
ID of the template or fully qualified identifier for the template.
To set the template attribute:
▸ provide the argument template on the command line.
This positional argument must be specified if any of the other
arguments in this group are specified.
--location=LOCATION
The location id of the template resource.
To set the location attribute:
▸ provide the argument template on the command line with a fully
specified name;
▸ provide the argument --location on the command line.
FLAGS
Arguments for the data item.
At most one of these can be specified:
--user-prompt-data-text=USER_PROMPT_DATA_TEXT
Plaintext string data for sanitization.
Represents Byte Data item.
--byte-item-data-from-file=PATH_TO_FILE
Bytes Data. Use a full or relative path to a local file containing
the value of byte_item_data.
This flag argument must be specified if any of the other arguments
in this group are specified.
--byte-item-data-type=BYTE_ITEM_DATA_TYPE
The type of byte data. BYTE_ITEM_DATA_TYPE must be one of:
pdf
PDF
plaintext-utf8
plain text
This flag argument must be specified if any of the other arguments
in this group are specified.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account,
--billing-project, --configuration, --flags-file, --flatten, --format,
--help, --impersonate-service-account, --log-http, --project, --quiet,
--trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
API REFERENCE
This command uses the modelarmor/v1 API. The full documentation for this
API can be found at:
https://cloud.google.com/security-command-center/docs/model-armor-overview
NOTES
This variant is also available:
$ gcloud alpha model-armor templates sanitize-user-prompt

View file

@ -0,0 +1,370 @@
NAME
gcloud model-armor templates update - update Model Armor Template
SYNOPSIS
gcloud model-armor templates update (TEMPLATE : --location=LOCATION)
[--request-id=REQUEST_ID]
[--clear-filter-config
--malicious-uri-filter-settings-enforcement=MALICIOUS_URI_FILTER_SETTINGS_ENFORCEMENT --basic-config-filter-enforcement=BASIC_CONFIG_FILTER_ENFORCEMENT | --advanced-config-deidentify-template=ADVANCED_CONFIG_DEIDENTIFY_TEMPLATE --advanced-config-inspect-template=ADVANCED_CONFIG_INSPECT_TEMPLATE --pi-and-jailbreak-filter-settings-confidence-level=PI_AND_JAILBREAK_FILTER_SETTINGS_CONFIDENCE_LEVEL --pi-and-jailbreak-filter-settings-enforcement=PI_AND_JAILBREAK_FILTER_SETTINGS_ENFORCEMENT --rai-settings-filters=[confidenceLevel=CONFIDENCELEVEL],
[filterType=FILTERTYPE]
| --add-rai-settings-filters=[confidenceLevel=CONFIDENCELEVEL],
[filterType=FILTERTYPE] --clear-rai-settings-filters
| --remove-rai-settings-filters=[confidenceLevel=CONFIDENCELEVEL],
[filterType=FILTERTYPE]]
[--clear-template-metadata
--template-metadata-custom-llm-response-safety-error-code=TEMPLATE_METADATA_CUSTOM_LLM_RESPONSE_SAFETY_ERROR_CODE --template-metadata-custom-llm-response-safety-error-message=TEMPLATE_METADATA_CUSTOM_LLM_RESPONSE_SAFETY_ERROR_MESSAGE --template-metadata-custom-prompt-safety-error-code=TEMPLATE_METADATA_CUSTOM_PROMPT_SAFETY_ERROR_CODE --template-metadata-custom-prompt-safety-error-message=TEMPLATE_METADATA_CUSTOM_PROMPT_SAFETY_ERROR_MESSAGE --[no-]template-metadata-ignore-partial-invocation-failures --[no-]template-metadata-log-operations --[no-]template-metadata-log-sanitize-operations]
[--labels=[LABELS,...]
| --update-labels=[UPDATE_LABELS,...] --clear-labels
| --remove-labels=[__REMOVE_LABELS,...]] [GCLOUD_WIDE_FLAG ...]
DESCRIPTION
Updates a Template.
EXAMPLES
To update a Template, run: $ gcloud model-armor templates update my-template \
--location=us-central1 --clear-labels
POSITIONAL ARGUMENTS
Template resource - Identifier. name of resource The arguments in this
group can be used to specify the attributes of this resource. (NOTE) Some
attributes are not given arguments in this group but can be set in other
ways.
To set the project attribute:
◆ provide the argument template on the command line with a fully
specified name;
◆ provide the argument --project on the command line;
◆ set the property core/project.
This must be specified.
TEMPLATE
ID of the template or fully qualified identifier for the template.
To set the template attribute:
▸ provide the argument template on the command line.
This positional argument must be specified if any of the other
arguments in this group are specified.
--location=LOCATION
The location id of the template resource.
To set the location attribute:
▸ provide the argument template on the command line with a fully
specified name;
▸ provide the argument --location on the command line.
FLAGS
--request-id=REQUEST_ID
An optional request ID to identify requests. Specify a unique request
ID so that if you must retry your request, the server will know to
ignore the request if it has already been completed. The server stores
the request ID for 60 minutes after the first request.
For example, consider a situation where you make an initial request and
the request times out. If you make the request again with the same
request ID, the server can check if original operation with the same
request ID was received, and if so, will ignore the second request.
This prevents clients from accidentally creating duplicate commitments.
The request ID must be a valid UUID with the exception that zero UUID
is not supported (00000000-0000-0000-0000-000000000000).
Filters configuration.
--clear-filter-config
Set template.filterConfig back to default value.
Malicious URI filter settings.
--malicious-uri-filter-settings-enforcement=MALICIOUS_URI_FILTER_SETTINGS_ENFORCEMENT
Tells whether the Malicious URI filter is enabled or disabled.
MALICIOUS_URI_FILTER_SETTINGS_ENFORCEMENT must be one of:
disabled
Disabled
enabled
Enabled
Sensitive Data Protection settings.
Arguments for the sdp configuration.
At most one of these can be specified:
Sensitive Data Protection basic configuration.
--basic-config-filter-enforcement=BASIC_CONFIG_FILTER_ENFORCEMENT
Tells whether the Sensitive Data Protection basic config is
enabled or disabled. BASIC_CONFIG_FILTER_ENFORCEMENT must be
one of:
disabled
Disabled
enabled
Enabled
Sensitive Data Protection Advanced configuration.
--advanced-config-deidentify-template=ADVANCED_CONFIG_DEIDENTIFY_TEMPLATE
Optional Sensitive Data Protection Deidentify template resource
name.
If provided then DeidentifyContent action is performed during
Sanitization using this template and inspect template. The
De-identified data will be returned in SdpDeidentifyResult.
Note that all info-types present in the deidentify template
must be present in inspect template.
e.g.
organizations/{organization}/deidentifyTemplates/{deidentify_template},
projects/{project}/deidentifyTemplates/{deidentify_template}
organizations/{organization}/locations/{location}/deidentifyTemplates/{deidentify_template}
projects/{project}/locations/{location}/deidentifyTemplates/{deidentify_template}
--advanced-config-inspect-template=ADVANCED_CONFIG_INSPECT_TEMPLATE
Sensitive Data Protection inspect template resource name
If only inspect template is provided (de-identify template not
provided), then Sensitive Data Protection InspectContent action
is performed during Sanitization. All Sensitive Data Protection
findings identified during inspection will be returned as
SdpFinding in SdpInsepctionResult e.g.
organizations/{organization}/inspectTemplates/{inspect_template},
projects/{project}/inspectTemplates/{inspect_template}
organizations/{organization}/locations/{location}/inspectTemplates/{inspect_template}
projects/{project}/locations/{location}/inspectTemplates/{inspect_template}
Prompt injection and Jailbreak Filter settings.
--pi-and-jailbreak-filter-settings-confidence-level=PI_AND_JAILBREAK_FILTER_SETTINGS_CONFIDENCE_LEVEL
Confidence level for this filter. Confidence level is used to
determine the threshold for the filter. If detection confidence is
equal to or greater than the specified level, a positive match is
reported. Confidence level will only be used if the filter is
enabled. PI_AND_JAILBREAK_FILTER_SETTINGS_CONFIDENCE_LEVEL must be
one of:
high
Low chance of false positives.
low-and-above
Highest chance of a false positive.
medium-and-above
Some chance of false positives.
--pi-and-jailbreak-filter-settings-enforcement=PI_AND_JAILBREAK_FILTER_SETTINGS_ENFORCEMENT
Tells whether Prompt injection and Jailbreak filter is enabled or
disabled. PI_AND_JAILBREAK_FILTER_SETTINGS_ENFORCEMENT must be one
of:
disabled
Enabled
enabled
Enabled
Responsible AI Filter settings.
Update rai_settings_filters.
At most one of these can be specified:
--rai-settings-filters=[confidenceLevel=CONFIDENCELEVEL],[filterType=FILTERTYPE]
Set rai_settings_filters to new value. List of Responsible AI
filters enabled for template.
confidenceLevel
Confidence level for this RAI filter. During data
sanitization, if data is classified under this filter with a
confidence level equal to or greater than the specified
level, a positive match is reported. If the confidence level
is unspecified (i.e., 0), the system will use a reasonable
default level based on the filter_type.
filterType
Type of responsible AI filter.
Shorthand Example:
--rai-settings-filters=confidenceLevel=string,filterType=string --rai-settings-filters=confidenceLevel=string,filterType=string
JSON Example:
--rai-settings-filters='[{"confidenceLevel": "string", "filterType": "string"}]'
File Example:
--rai-settings-filters=path_to_file.(yaml|json)
--add-rai-settings-filters=[confidenceLevel=CONFIDENCELEVEL],[filterType=FILTERTYPE]
Add new value to rai_settings_filters list. List of Responsible
AI filters enabled for template.
confidenceLevel
Confidence level for this RAI filter. During data
sanitization, if data is classified under this filter with a
confidence level equal to or greater than the specified
level, a positive match is reported. If the confidence level
is unspecified (i.e., 0), the system will use a reasonable
default level based on the filter_type.
filterType
Type of responsible AI filter.
Shorthand Example:
--add-rai-settings-filters=confidenceLevel=string,filterType=string --add-rai-settings-filters=confidenceLevel=string,filterType=string
JSON Example:
--add-rai-settings-filters='[{"confidenceLevel": "string", "filterType": "string"}]'
File Example:
--add-rai-settings-filters=path_to_file.(yaml|json)
At most one of these can be specified:
--clear-rai-settings-filters
Clear rai_settings_filters value and set to empty list.
--remove-rai-settings-filters=[confidenceLevel=CONFIDENCELEVEL],[filterType=FILTERTYPE]
Remove existing value from rai_settings_filters list. List of
Responsible AI filters enabled for template.
confidenceLevel
Confidence level for this RAI filter. During data
sanitization, if data is classified under this filter with
a confidence level equal to or greater than the specified
level, a positive match is reported. If the confidence
level is unspecified (i.e., 0), the system will use a
reasonable default level based on the filter_type.
filterType
Type of responsible AI filter.
Shorthand Example:
--remove-rai-settings-filters=confidenceLevel=string,filterType=string --remove-rai-settings-filters=confidenceLevel=string,filterType=string
JSON Example:
--remove-rai-settings-filters='[{"confidenceLevel": "string", "filterType": "string"}]'
File Example:
--remove-rai-settings-filters=path_to_file.(yaml|json)
Message describing TemplateMetadata
--clear-template-metadata
Set template.templateMetadata back to default value.
--template-metadata-custom-llm-response-safety-error-code=TEMPLATE_METADATA_CUSTOM_LLM_RESPONSE_SAFETY_ERROR_CODE
Indicates the custom error code set by the user to be returned to the
end user if the LLM response trips Model Armor filters.
--template-metadata-custom-llm-response-safety-error-message=TEMPLATE_METADATA_CUSTOM_LLM_RESPONSE_SAFETY_ERROR_MESSAGE
Indicates the custom error message set by the user to be returned to
the end user if the LLM response trips Model Armor filters.
--template-metadata-custom-prompt-safety-error-code=TEMPLATE_METADATA_CUSTOM_PROMPT_SAFETY_ERROR_CODE
Indicates the custom error code set by the user to be returned to the
end user by the service extension if the prompt trips Model Armor
filters.
--template-metadata-custom-prompt-safety-error-message=TEMPLATE_METADATA_CUSTOM_PROMPT_SAFETY_ERROR_MESSAGE
Indicates the custom error message set by the user to be returned to
the end user if the prompt trips Model Armor filters.
--[no-]template-metadata-ignore-partial-invocation-failures
If true, partial detector failures should be ignored. Use
--template-metadata-ignore-partial-invocation-failures to enable and
--no-template-metadata-ignore-partial-invocation-failures to disable.
--[no-]template-metadata-log-operations
If true, log template crud operations. Use
--template-metadata-log-operations to enable and
--no-template-metadata-log-operations to disable.
--[no-]template-metadata-log-sanitize-operations
If true, log sanitize operations. Use
--template-metadata-log-sanitize-operations to enable and
--no-template-metadata-log-sanitize-operations to disable.
Update labels.
At most one of these can be specified:
--labels=[LABELS,...]
Set labels to new value. Labels as key value pairs.
KEY
Keys must start with a lowercase character and contain only
hyphens (-), underscores (_), lowercase characters, and numbers.
VALUE
Values must contain only hyphens (-), underscores (_), lowercase
characters, and numbers.
Shorthand Example:
--labels=string=string
JSON Example:
--labels='{"string": "string"}'
File Example:
--labels=path_to_file.(yaml|json)
--update-labels=[UPDATE_LABELS,...]
Update labels value or add key value pair. Labels as key value pairs.
KEY
Keys must start with a lowercase character and contain only
hyphens (-), underscores (_), lowercase characters, and numbers.
VALUE
Values must contain only hyphens (-), underscores (_), lowercase
characters, and numbers.
Shorthand Example:
--update-labels=string=string
JSON Example:
--update-labels='{"string": "string"}'
File Example:
--update-labels=path_to_file.(yaml|json)
At most one of these can be specified:
--clear-labels
Clear labels value and set to empty map.
--remove-labels=[__REMOVE_LABELS,...]
Remove existing value from map labels.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account,
--billing-project, --configuration, --flags-file, --flatten, --format,
--help, --impersonate-service-account, --log-http, --project, --quiet,
--trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
API REFERENCE
This command uses the modelarmor/v1 API. The full documentation for this
API can be found at:
https://cloud.google.com/security-command-center/docs/model-armor-overview
NOTES
This variant is also available:
$ gcloud alpha model-armor templates update