mirror of
https://github.com/imjasonh/gcloud-help
synced 2026-07-09 19:06:53 +00:00
259 lines
11 KiB
Text
259 lines
11 KiB
Text
NAME
|
|
gcloud model-armor templates create - create Model Armor Template
|
|
|
|
SYNOPSIS
|
|
gcloud model-armor templates create (TEMPLATE : --location=LOCATION)
|
|
(--malicious-uri-filter-settings-enforcement=MALICIOUS_URI_FILTER_SETTINGS_ENFORCEMENT --rai-settings-filters=[confidenceLevel=CONFIDENCELEVEL],
|
|
[filterType=FILTERTYPE]
|
|
--basic-config-filter-enforcement=BASIC_CONFIG_FILTER_ENFORCEMENT
|
|
| --advanced-config-deidentify-template=ADVANCED_CONFIG_DEIDENTIFY_TEMPLATE --advanced-config-inspect-template=ADVANCED_CONFIG_INSPECT_TEMPLATE --pi-and-jailbreak-filter-settings-confidence-level=PI_AND_JAILBREAK_FILTER_SETTINGS_CONFIDENCE_LEVEL --pi-and-jailbreak-filter-settings-enforcement=PI_AND_JAILBREAK_FILTER_SETTINGS_ENFORCEMENT)
|
|
[--labels=[LABELS,...]] [--request-id=REQUEST_ID]
|
|
[--template-metadata-custom-llm-response-safety-error-code=TEMPLATE_METADATA_CUSTOM_LLM_RESPONSE_SAFETY_ERROR_CODE --template-metadata-custom-llm-response-safety-error-message=TEMPLATE_METADATA_CUSTOM_LLM_RESPONSE_SAFETY_ERROR_MESSAGE --template-metadata-custom-prompt-safety-error-code=TEMPLATE_METADATA_CUSTOM_PROMPT_SAFETY_ERROR_CODE --template-metadata-custom-prompt-safety-error-message=TEMPLATE_METADATA_CUSTOM_PROMPT_SAFETY_ERROR_MESSAGE --template-metadata-ignore-partial-invocation-failures --template-metadata-log-operations --template-metadata-log-sanitize-operations]
|
|
[GCLOUD_WIDE_FLAG ...]
|
|
|
|
DESCRIPTION
|
|
Creates a new Template in a given project and location.
|
|
|
|
EXAMPLES
|
|
To create a Template, run: $ gcloud model-armor templates create my-template \
|
|
--location=us-central1 \
|
|
--malicious-uri-filter-settings-enforcement=enabled
|
|
|
|
POSITIONAL ARGUMENTS
|
|
Template resource - Identifier. name of resource The arguments in this
|
|
group can be used to specify the attributes of this resource. (NOTE) Some
|
|
attributes are not given arguments in this group but can be set in other
|
|
ways.
|
|
|
|
To set the project attribute:
|
|
◆ provide the argument template on the command line with a fully
|
|
specified name;
|
|
◆ provide the argument --project on the command line;
|
|
◆ set the property core/project.
|
|
|
|
This must be specified.
|
|
|
|
TEMPLATE
|
|
ID of the template or fully qualified identifier for the template.
|
|
|
|
To set the template attribute:
|
|
▸ provide the argument template on the command line.
|
|
|
|
This positional argument must be specified if any of the other
|
|
arguments in this group are specified.
|
|
|
|
--location=LOCATION
|
|
The location id of the template resource.
|
|
|
|
To set the location attribute:
|
|
▸ provide the argument template on the command line with a fully
|
|
specified name;
|
|
▸ provide the argument --location on the command line.
|
|
|
|
REQUIRED FLAGS
|
|
Filters configuration.
|
|
|
|
At least one of these must be specified:
|
|
|
|
Malicious URI filter settings.
|
|
|
|
--malicious-uri-filter-settings-enforcement=MALICIOUS_URI_FILTER_SETTINGS_ENFORCEMENT
|
|
Tells whether the Malicious URI filter is enabled or disabled.
|
|
MALICIOUS_URI_FILTER_SETTINGS_ENFORCEMENT must be one of:
|
|
|
|
disabled
|
|
Disabled
|
|
enabled
|
|
Enabled
|
|
|
|
Responsible AI Filter settings.
|
|
|
|
--rai-settings-filters=[confidenceLevel=CONFIDENCELEVEL],[filterType=FILTERTYPE]
|
|
Required, List of Responsible AI filters enabled for template.
|
|
|
|
confidenceLevel
|
|
Confidence level for this RAI filter. During data sanitization,
|
|
if data is classified under this filter with a confidence level
|
|
equal to or greater than the specified level, a positive match
|
|
is reported. If the confidence level is unspecified (i.e., 0),
|
|
the system will use a reasonable default level based on the
|
|
filter_type.
|
|
|
|
filterType
|
|
Type of responsible AI filter.
|
|
|
|
Shorthand Example:
|
|
|
|
--rai-settings-filters=confidenceLevel=string,filterType=string --rai-settings-filters=confidenceLevel=string,filterType=string
|
|
|
|
JSON Example:
|
|
|
|
--rai-settings-filters='[{"confidenceLevel": "string", "filterType": "string"}]'
|
|
|
|
File Example:
|
|
|
|
--rai-settings-filters=path_to_file.(yaml|json)
|
|
|
|
Sensitive Data Protection settings.
|
|
|
|
Arguments for the sdp configuration.
|
|
|
|
At most one of these can be specified:
|
|
|
|
Sensitive Data Protection basic configuration.
|
|
|
|
--basic-config-filter-enforcement=BASIC_CONFIG_FILTER_ENFORCEMENT
|
|
Tells whether the Sensitive Data Protection basic config is
|
|
enabled or disabled. BASIC_CONFIG_FILTER_ENFORCEMENT must be
|
|
one of:
|
|
|
|
disabled
|
|
Disabled
|
|
enabled
|
|
Enabled
|
|
|
|
Sensitive Data Protection Advanced configuration.
|
|
|
|
--advanced-config-deidentify-template=ADVANCED_CONFIG_DEIDENTIFY_TEMPLATE
|
|
Optional Sensitive Data Protection Deidentify template resource
|
|
name.
|
|
|
|
If provided then DeidentifyContent action is performed during
|
|
Sanitization using this template and inspect template. The
|
|
De-identified data will be returned in SdpDeidentifyResult.
|
|
Note that all info-types present in the deidentify template
|
|
must be present in inspect template.
|
|
|
|
e.g.
|
|
organizations/{organization}/deidentifyTemplates/{deidentify_template},
|
|
projects/{project}/deidentifyTemplates/{deidentify_template}
|
|
organizations/{organization}/locations/{location}/deidentifyTemplates/{deidentify_template}
|
|
projects/{project}/locations/{location}/deidentifyTemplates/{deidentify_template}
|
|
|
|
--advanced-config-inspect-template=ADVANCED_CONFIG_INSPECT_TEMPLATE
|
|
Sensitive Data Protection inspect template resource name
|
|
|
|
If only inspect template is provided (de-identify template not
|
|
provided), then Sensitive Data Protection InspectContent action
|
|
is performed during Sanitization. All Sensitive Data Protection
|
|
findings identified during inspection will be returned as
|
|
SdpFinding in SdpInsepctionResult e.g.
|
|
organizations/{organization}/inspectTemplates/{inspect_template},
|
|
projects/{project}/inspectTemplates/{inspect_template}
|
|
organizations/{organization}/locations/{location}/inspectTemplates/{inspect_template}
|
|
projects/{project}/locations/{location}/inspectTemplates/{inspect_template}
|
|
|
|
Prompt injection and Jailbreak Filter settings.
|
|
|
|
--pi-and-jailbreak-filter-settings-confidence-level=PI_AND_JAILBREAK_FILTER_SETTINGS_CONFIDENCE_LEVEL
|
|
Confidence level for this filter. Confidence level is used to
|
|
determine the threshold for the filter. If detection confidence is
|
|
equal to or greater than the specified level, a positive match is
|
|
reported. Confidence level will only be used if the filter is
|
|
enabled. PI_AND_JAILBREAK_FILTER_SETTINGS_CONFIDENCE_LEVEL must be
|
|
one of:
|
|
|
|
high
|
|
Low chance of false positives.
|
|
low-and-above
|
|
Highest chance of a false positive.
|
|
medium-and-above
|
|
Some chance of false positives.
|
|
|
|
--pi-and-jailbreak-filter-settings-enforcement=PI_AND_JAILBREAK_FILTER_SETTINGS_ENFORCEMENT
|
|
Tells whether Prompt injection and Jailbreak filter is enabled or
|
|
disabled. PI_AND_JAILBREAK_FILTER_SETTINGS_ENFORCEMENT must be one
|
|
of:
|
|
|
|
disabled
|
|
Enabled
|
|
enabled
|
|
Enabled
|
|
|
|
OPTIONAL FLAGS
|
|
--labels=[LABELS,...]
|
|
Labels as key value pairs.
|
|
|
|
KEY
|
|
Keys must start with a lowercase character and contain only hyphens
|
|
(-), underscores (_), lowercase characters, and numbers.
|
|
|
|
VALUE
|
|
Values must contain only hyphens (-), underscores (_), lowercase
|
|
characters, and numbers.
|
|
|
|
Shorthand Example:
|
|
|
|
--labels=string=string
|
|
|
|
JSON Example:
|
|
|
|
--labels='{"string": "string"}'
|
|
|
|
File Example:
|
|
|
|
--labels=path_to_file.(yaml|json)
|
|
|
|
--request-id=REQUEST_ID
|
|
An optional request ID to identify requests. Specify a unique request
|
|
ID so that if you must retry your request, the server will know to
|
|
ignore the request if it has already been completed. The server stores
|
|
the request ID for 60 minutes after the first request.
|
|
|
|
For example, consider a situation where you make an initial request and
|
|
the request times out. If you make the request again with the same
|
|
request ID, the server can check if original operation with the same
|
|
request ID was received, and if so, will ignore the second request.
|
|
This prevents clients from accidentally creating duplicate commitments.
|
|
|
|
The request ID must be a valid UUID with the exception that zero UUID
|
|
is not supported (00000000-0000-0000-0000-000000000000).
|
|
|
|
Message describing TemplateMetadata
|
|
|
|
--template-metadata-custom-llm-response-safety-error-code=TEMPLATE_METADATA_CUSTOM_LLM_RESPONSE_SAFETY_ERROR_CODE
|
|
Indicates the custom error code set by the user to be returned to the
|
|
end user if the LLM response trips Model Armor filters.
|
|
|
|
--template-metadata-custom-llm-response-safety-error-message=TEMPLATE_METADATA_CUSTOM_LLM_RESPONSE_SAFETY_ERROR_MESSAGE
|
|
Indicates the custom error message set by the user to be returned to
|
|
the end user if the LLM response trips Model Armor filters.
|
|
|
|
--template-metadata-custom-prompt-safety-error-code=TEMPLATE_METADATA_CUSTOM_PROMPT_SAFETY_ERROR_CODE
|
|
Indicates the custom error code set by the user to be returned to the
|
|
end user by the service extension if the prompt trips Model Armor
|
|
filters.
|
|
|
|
--template-metadata-custom-prompt-safety-error-message=TEMPLATE_METADATA_CUSTOM_PROMPT_SAFETY_ERROR_MESSAGE
|
|
Indicates the custom error message set by the user to be returned to
|
|
the end user if the prompt trips Model Armor filters.
|
|
|
|
--template-metadata-ignore-partial-invocation-failures
|
|
If true, partial detector failures should be ignored.
|
|
|
|
--template-metadata-log-operations
|
|
If true, log template crud operations.
|
|
|
|
--template-metadata-log-sanitize-operations
|
|
If true, log sanitize operations.
|
|
|
|
GCLOUD WIDE FLAGS
|
|
These flags are available to all commands: --access-token-file, --account,
|
|
--billing-project, --configuration, --flags-file, --flatten, --format,
|
|
--help, --impersonate-service-account, --log-http, --project, --quiet,
|
|
--trace-token, --user-output-enabled, --verbosity.
|
|
|
|
Run $ gcloud help for details.
|
|
|
|
API REFERENCE
|
|
This command uses the modelarmor/v1 API. The full documentation for this
|
|
API can be found at:
|
|
https://cloud.google.com/security-command-center/docs/model-armor-overview
|
|
|
|
NOTES
|
|
These variants are also available:
|
|
|
|
$ gcloud alpha model-armor templates create
|
|
|
|
$ gcloud beta model-armor templates create
|
|
|