mirror of
https://github.com/imjasonh/gcloud-help
synced 2026-07-10 19:31:55 +00:00
401 lines
17 KiB
Text
401 lines
17 KiB
Text
NAME
|
|
gcloud beta model-armor templates update - update Model Armor Template
|
|
|
|
SYNOPSIS
|
|
gcloud beta model-armor templates update (TEMPLATE : --location=LOCATION)
|
|
[--request-id=REQUEST_ID]
|
|
[--clear-filter-config
|
|
--malicious-uri-filter-settings-enforcement=MALICIOUS_URI_FILTER_SETTINGS_ENFORCEMENT --basic-config-filter-enforcement=BASIC_CONFIG_FILTER_ENFORCEMENT | --advanced-config-deidentify-template=ADVANCED_CONFIG_DEIDENTIFY_TEMPLATE --advanced-config-inspect-template=ADVANCED_CONFIG_INSPECT_TEMPLATE --pi-and-jailbreak-filter-settings-confidence-level=PI_AND_JAILBREAK_FILTER_SETTINGS_CONFIDENCE_LEVEL --pi-and-jailbreak-filter-settings-enforcement=PI_AND_JAILBREAK_FILTER_SETTINGS_ENFORCEMENT --rai-settings-filters=[confidenceLevel=CONFIDENCELEVEL],
|
|
[filterType=FILTERTYPE]
|
|
| --add-rai-settings-filters=[confidenceLevel=CONFIDENCELEVEL],
|
|
[filterType=FILTERTYPE] --clear-rai-settings-filters
|
|
| --remove-rai-settings-filters=[confidenceLevel=CONFIDENCELEVEL],
|
|
[filterType=FILTERTYPE]]
|
|
[--clear-template-metadata --[no-]multi-language-detection-enable
|
|
--template-metadata-custom-llm-response-safety-error-code=TEMPLATE_METADATA_CUSTOM_LLM_RESPONSE_SAFETY_ERROR_CODE --template-metadata-custom-llm-response-safety-error-message=TEMPLATE_METADATA_CUSTOM_LLM_RESPONSE_SAFETY_ERROR_MESSAGE --template-metadata-custom-prompt-safety-error-code=TEMPLATE_METADATA_CUSTOM_PROMPT_SAFETY_ERROR_CODE --template-metadata-custom-prompt-safety-error-message=TEMPLATE_METADATA_CUSTOM_PROMPT_SAFETY_ERROR_MESSAGE --template-metadata-enforcement-type=TEMPLATE_METADATA_ENFORCEMENT_TYPE --[no-]template-metadata-ignore-partial-invocation-failures --[no-]template-metadata-log-operations --[no-]template-metadata-log-sanitize-operations]
|
|
[--labels=[LABELS,...]
|
|
| --update-labels=[UPDATE_LABELS,...] --clear-labels
|
|
| --remove-labels=REMOVE_LABELS] [GCLOUD_WIDE_FLAG ...]
|
|
|
|
DESCRIPTION
|
|
(BETA) Updates a Template.
|
|
|
|
EXAMPLES
|
|
To update a Template, run:
|
|
|
|
$ gcloud beta model-armor templates update my-template \
|
|
--location=us-central1 --clear-labels
|
|
|
|
POSITIONAL ARGUMENTS
|
|
Template resource - Identifier. name of resource The arguments in this
|
|
group can be used to specify the attributes of this resource. (NOTE) Some
|
|
attributes are not given arguments in this group but can be set in other
|
|
ways.
|
|
|
|
To set the project attribute:
|
|
◆ provide the argument template on the command line with a fully
|
|
specified name;
|
|
◆ provide the argument --project on the command line;
|
|
◆ set the property core/project.
|
|
|
|
This must be specified.
|
|
|
|
TEMPLATE
|
|
ID of the template or fully qualified identifier for the template.
|
|
|
|
To set the template attribute:
|
|
▸ provide the argument template on the command line.
|
|
|
|
This positional argument must be specified if any of the other
|
|
arguments in this group are specified.
|
|
|
|
--location=LOCATION
|
|
The location id of the template resource.
|
|
|
|
To set the location attribute:
|
|
▸ provide the argument template on the command line with a fully
|
|
specified name;
|
|
▸ provide the argument --location on the command line.
|
|
|
|
FLAGS
|
|
--request-id=REQUEST_ID
|
|
An optional request ID to identify requests. Specify a unique request
|
|
ID so that if you must retry your request, the server will know to
|
|
ignore the request if it has already been completed. The server stores
|
|
the request ID for 60 minutes after the first request.
|
|
|
|
For example, consider a situation where you make an initial request and
|
|
the request times out. If you make the request again with the same
|
|
request ID, the server can check if original operation with the same
|
|
request ID was received, and if so, will ignore the second request.
|
|
This prevents clients from accidentally creating duplicate commitments.
|
|
|
|
The request ID must be a valid UUID with the exception that zero UUID
|
|
is not supported (00000000-0000-0000-0000-000000000000).
|
|
|
|
Filters configuration.
|
|
|
|
--clear-filter-config
|
|
Set template.filterConfig back to default value.
|
|
|
|
Malicious URI filter settings.
|
|
|
|
--malicious-uri-filter-settings-enforcement=MALICIOUS_URI_FILTER_SETTINGS_ENFORCEMENT
|
|
Tells whether the Malicious URI filter is enabled or disabled.
|
|
MALICIOUS_URI_FILTER_SETTINGS_ENFORCEMENT must be one of:
|
|
|
|
disabled
|
|
Disabled
|
|
enabled
|
|
Enabled
|
|
|
|
Sensitive Data Protection settings.
|
|
|
|
Arguments for the sdp configuration.
|
|
|
|
At most one of these can be specified:
|
|
|
|
Sensitive Data Protection basic configuration.
|
|
|
|
--basic-config-filter-enforcement=BASIC_CONFIG_FILTER_ENFORCEMENT
|
|
Tells whether the Sensitive Data Protection basic config is
|
|
enabled or disabled. BASIC_CONFIG_FILTER_ENFORCEMENT must be
|
|
one of:
|
|
|
|
disabled
|
|
Disabled
|
|
enabled
|
|
Enabled
|
|
|
|
Sensitive Data Protection Advanced configuration.
|
|
|
|
--advanced-config-deidentify-template=ADVANCED_CONFIG_DEIDENTIFY_TEMPLATE
|
|
Optional Sensitive Data Protection Deidentify template resource
|
|
name.
|
|
|
|
If provided then DeidentifyContent action is performed during
|
|
Sanitization using this template and inspect template. The
|
|
De-identified data will be returned in SdpDeidentifyResult.
|
|
Note that all info-types present in the deidentify template
|
|
must be present in inspect template.
|
|
|
|
e.g.
|
|
projects/{project}/locations/{location}/deidentifyTemplates/{deidentify_template}
|
|
|
|
--advanced-config-inspect-template=ADVANCED_CONFIG_INSPECT_TEMPLATE
|
|
Sensitive Data Protection inspect template resource name
|
|
|
|
If only inspect template is provided (de-identify template not
|
|
provided), then Sensitive Data Protection InspectContent action
|
|
is performed during Sanitization. All Sensitive Data Protection
|
|
findings identified during inspection will be returned as
|
|
SdpFinding in SdpInsepctionResult.
|
|
|
|
e.g.
|
|
projects/{project}/locations/{location}/inspectTemplates/{inspect_template}
|
|
|
|
Prompt injection and Jailbreak Filter settings.
|
|
|
|
--pi-and-jailbreak-filter-settings-confidence-level=PI_AND_JAILBREAK_FILTER_SETTINGS_CONFIDENCE_LEVEL
|
|
Confidence level for this filter. Confidence level is used to
|
|
determine the threshold for the filter. If detection confidence is
|
|
equal to or greater than the specified level, a positive match is
|
|
reported. Confidence level will only be used if the filter is
|
|
enabled. PI_AND_JAILBREAK_FILTER_SETTINGS_CONFIDENCE_LEVEL must be
|
|
one of:
|
|
|
|
high
|
|
Low chance of false positives.
|
|
low-and-above
|
|
Highest chance of a false positive.
|
|
medium-and-above
|
|
Some chance of false positives.
|
|
|
|
--pi-and-jailbreak-filter-settings-enforcement=PI_AND_JAILBREAK_FILTER_SETTINGS_ENFORCEMENT
|
|
Tells whether Prompt injection and Jailbreak filter is enabled or
|
|
disabled. PI_AND_JAILBREAK_FILTER_SETTINGS_ENFORCEMENT must be one
|
|
of:
|
|
|
|
disabled
|
|
Enabled
|
|
enabled
|
|
Enabled
|
|
|
|
Responsible AI Filter settings.
|
|
|
|
Update rai_settings_filters.
|
|
|
|
At most one of these can be specified:
|
|
|
|
--rai-settings-filters=[confidenceLevel=CONFIDENCELEVEL],[filterType=FILTERTYPE]
|
|
Set rai_settings_filters to new value. List of Responsible AI
|
|
filters enabled for template.
|
|
|
|
confidenceLevel
|
|
Confidence level for this RAI filter. During data
|
|
sanitization, if data is classified under this filter with a
|
|
confidence level equal to or greater than the specified
|
|
level, a positive match is reported. If the confidence level
|
|
is unspecified (i.e., 0), the system will use a reasonable
|
|
default level based on the filter_type.
|
|
|
|
filterType
|
|
Type of responsible AI filter.
|
|
|
|
Shorthand Example:
|
|
|
|
--rai-settings-filters=confidenceLevel=string,filterType=string --rai-settings-filters=confidenceLevel=string,filterType=string
|
|
|
|
JSON Example:
|
|
|
|
--rai-settings-filters='[{"confidenceLevel": "string", "filterType": "string"}]'
|
|
|
|
File Example:
|
|
|
|
--rai-settings-filters=path_to_file.(yaml|json)
|
|
|
|
--add-rai-settings-filters=[confidenceLevel=CONFIDENCELEVEL],[filterType=FILTERTYPE]
|
|
Add new value to rai_settings_filters list. List of Responsible
|
|
AI filters enabled for template.
|
|
|
|
confidenceLevel
|
|
Confidence level for this RAI filter. During data
|
|
sanitization, if data is classified under this filter with a
|
|
confidence level equal to or greater than the specified
|
|
level, a positive match is reported. If the confidence level
|
|
is unspecified (i.e., 0), the system will use a reasonable
|
|
default level based on the filter_type.
|
|
|
|
filterType
|
|
Type of responsible AI filter.
|
|
|
|
Shorthand Example:
|
|
|
|
--add-rai-settings-filters=confidenceLevel=string,filterType=string --add-rai-settings-filters=confidenceLevel=string,filterType=string
|
|
|
|
JSON Example:
|
|
|
|
--add-rai-settings-filters='[{"confidenceLevel": "string", "filterType": "string"}]'
|
|
|
|
File Example:
|
|
|
|
--add-rai-settings-filters=path_to_file.(yaml|json)
|
|
|
|
At most one of these can be specified:
|
|
|
|
--clear-rai-settings-filters
|
|
Clear rai_settings_filters value and set to empty list.
|
|
|
|
--remove-rai-settings-filters=[confidenceLevel=CONFIDENCELEVEL],[filterType=FILTERTYPE]
|
|
Remove existing value from rai_settings_filters list. List of
|
|
Responsible AI filters enabled for template.
|
|
|
|
confidenceLevel
|
|
Confidence level for this RAI filter. During data
|
|
sanitization, if data is classified under this filter with
|
|
a confidence level equal to or greater than the specified
|
|
level, a positive match is reported. If the confidence
|
|
level is unspecified (i.e., 0), the system will use a
|
|
reasonable default level based on the filter_type.
|
|
|
|
filterType
|
|
Type of responsible AI filter.
|
|
|
|
Shorthand Example:
|
|
|
|
--remove-rai-settings-filters=confidenceLevel=string,filterType=string --remove-rai-settings-filters=confidenceLevel=string,filterType=string
|
|
|
|
JSON Example:
|
|
|
|
--remove-rai-settings-filters='[{"confidenceLevel": "string", "filterType": "string"}]'
|
|
|
|
File Example:
|
|
|
|
--remove-rai-settings-filters=path_to_file.(yaml|json)
|
|
|
|
Message describing TemplateMetadata
|
|
|
|
--clear-template-metadata
|
|
Set template.templateMetadata back to default value.
|
|
|
|
Metadata to enable multi language detection via template.
|
|
|
|
--[no-]multi-language-detection-enable
|
|
If true, multi language detection will be enabled. Use
|
|
--multi-language-detection-enable to enable and
|
|
--no-multi-language-detection-enable to disable.
|
|
|
|
--template-metadata-custom-llm-response-safety-error-code=TEMPLATE_METADATA_CUSTOM_LLM_RESPONSE_SAFETY_ERROR_CODE
|
|
Indicates the custom error code set by the user to be returned to the
|
|
end user if the LLM response trips Model Armor filters.
|
|
|
|
--template-metadata-custom-llm-response-safety-error-message=TEMPLATE_METADATA_CUSTOM_LLM_RESPONSE_SAFETY_ERROR_MESSAGE
|
|
Indicates the custom error message set by the user to be returned to
|
|
the end user if the LLM response trips Model Armor filters.
|
|
|
|
--template-metadata-custom-prompt-safety-error-code=TEMPLATE_METADATA_CUSTOM_PROMPT_SAFETY_ERROR_CODE
|
|
Indicates the custom error code set by the user to be returned to the
|
|
end user by the service extension if the prompt trips Model Armor
|
|
filters.
|
|
|
|
--template-metadata-custom-prompt-safety-error-message=TEMPLATE_METADATA_CUSTOM_PROMPT_SAFETY_ERROR_MESSAGE
|
|
Indicates the custom error message set by the user to be returned to
|
|
the end user if the prompt trips Model Armor filters.
|
|
|
|
--template-metadata-enforcement-type=TEMPLATE_METADATA_ENFORCEMENT_TYPE
|
|
Enforcement type for Model Armor filters.
|
|
TEMPLATE_METADATA_ENFORCEMENT_TYPE must be one of:
|
|
|
|
inspect-and-block
|
|
Model Armor filters will run in inspect and block mode. Requests
|
|
that trip Model Armor filters will be blocked.
|
|
inspect-only
|
|
Model Armor filters will run in inspect only mode. No action will
|
|
be taken on the request.
|
|
|
|
--[no-]template-metadata-ignore-partial-invocation-failures
|
|
If true, partial detector failures should be ignored. Use
|
|
--template-metadata-ignore-partial-invocation-failures to enable and
|
|
--no-template-metadata-ignore-partial-invocation-failures to disable.
|
|
|
|
--[no-]template-metadata-log-operations
|
|
If true, log template crud operations. Use
|
|
--template-metadata-log-operations to enable and
|
|
--no-template-metadata-log-operations to disable.
|
|
|
|
--[no-]template-metadata-log-sanitize-operations
|
|
If true, log sanitize operations. Use
|
|
--template-metadata-log-sanitize-operations to enable and
|
|
--no-template-metadata-log-sanitize-operations to disable.
|
|
|
|
Update labels.
|
|
|
|
At most one of these can be specified:
|
|
|
|
--labels=[LABELS,...]
|
|
Set labels to new value. Labels as key value pairs.
|
|
|
|
KEY
|
|
Keys must start with a lowercase character and contain only
|
|
hyphens (-), underscores (_), lowercase characters, and numbers.
|
|
|
|
VALUE
|
|
Values must contain only hyphens (-), underscores (_), lowercase
|
|
characters, and numbers.
|
|
|
|
Shorthand Example:
|
|
|
|
--labels=string=string
|
|
|
|
JSON Example:
|
|
|
|
--labels='{"string": "string"}'
|
|
|
|
File Example:
|
|
|
|
--labels=path_to_file.(yaml|json)
|
|
|
|
--update-labels=[UPDATE_LABELS,...]
|
|
Update labels value or add key value pair. Labels as key value pairs.
|
|
|
|
KEY
|
|
Keys must start with a lowercase character and contain only
|
|
hyphens (-), underscores (_), lowercase characters, and numbers.
|
|
|
|
VALUE
|
|
Values must contain only hyphens (-), underscores (_), lowercase
|
|
characters, and numbers.
|
|
|
|
Shorthand Example:
|
|
|
|
--update-labels=string=string
|
|
|
|
JSON Example:
|
|
|
|
--update-labels='{"string": "string"}'
|
|
|
|
File Example:
|
|
|
|
--update-labels=path_to_file.(yaml|json)
|
|
|
|
At most one of these can be specified:
|
|
|
|
--clear-labels
|
|
Clear labels value and set to empty map.
|
|
|
|
--remove-labels=REMOVE_LABELS
|
|
Remove existing value from map labels. Sets remove_labels value.
|
|
|
|
Shorthand Example:
|
|
|
|
--remove-labels=string,string
|
|
|
|
JSON Example:
|
|
|
|
--remove-labels=["string"]
|
|
|
|
File Example:
|
|
|
|
--remove-labels=path_to_file.(yaml|json)
|
|
|
|
GCLOUD WIDE FLAGS
|
|
These flags are available to all commands: --access-token-file, --account,
|
|
--billing-project, --configuration, --flags-file, --flatten, --format,
|
|
--help, --impersonate-service-account, --log-http, --project, --quiet,
|
|
--trace-token, --user-output-enabled, --verbosity.
|
|
|
|
Run $ gcloud help for details.
|
|
|
|
API REFERENCE
|
|
This command uses the modelarmor/v1beta API. The full documentation for
|
|
this API can be found at:
|
|
https://cloud.google.com/security-command-center/docs/model-armor-overview
|
|
|
|
NOTES
|
|
This command is currently in beta and might change without notice. These
|
|
variants are also available:
|
|
|
|
$ gcloud model-armor templates update
|
|
|
|
$ gcloud alpha model-armor templates update
|
|
|