@cdklabs/generative-ai-cdk-constructs
@cdklabs/generative-ai-cdk-constructs / bedrock / Guardrail
Class to create a Guardrail with CDK.
AWS::Bedrock::Guardrail
new Guardrail(
scope,id,props):Guardrail
Construct
string
Guardrail
readonlycontentFilters:ContentFilter[]
The content filters applied by the guardrail.
readonlycontextualGroundingFilters:ContextualGroundingFilter[]
The contextual grounding filters applied by the guardrail.
readonlydeniedTopics:Topic[]
The denied topic filters applied by the guardrail.
readonlyenv:ResourceEnvironment
The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.
readonlyguardrailArn:string
The ARN of the guardrail.
readonlyguardrailId:string
The ID of the guardrail.
guardrailVersion:
string
The version of the guardrail.
By default, this value will always be DRAFT unless an explicit version is created.
For an explicit version created, this will usually be a number (e.g. for Version 1 just enter “1”)
"1"
- "DRAFT"
GuardrailBase.guardrailVersion
readonlyhash:string
The computed hash of the guardrail properties.
readonlyoptionalkmsKey:IKey
The KMS key used to encrypt data.
undefined - "Data is encrypted by default with a key that AWS owns and manages for you"
readonlyoptionallastUpdated:string
When this guardrail was last updated
readonlymanagedWordListFilters:ManagedWordFilter[]
The managed word list filters applied by the guardrail.
readonlyname:string
The name of the guardrail.
readonlynode:Node
The tree node.
protectedreadonlyphysicalName:string
Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
This value will resolve to one of the following:
"my-awesome-bucket")undefined, when a name should be generated by CloudFormation
readonlypiiFilters:PIIFilter[]
The PII filters applied by the guardrail.
readonlyregexFilters:RegexFilter[]
The regex filters applied by the guardrail.
readonlystack:Stack
The stack in which this resource is defined.
readonlywordFilters:WordFilter[]
The word filters applied by the guardrail.
_enableCrossEnvironment():
void
Internal
Called when this resource is referenced across environments (account/region) to order to request that a physical name will be generated for this resource during synthesis, so the resource can be referenced through its absolute name/arn.
void
GuardrailBase._enableCrossEnvironment
addContentFilter(
filter):void
Adds a content filter to the guardrail.
The content filter to add.
void
addContextualGroundingFilter(
filter):void
Adds a contextual grounding filter to the guardrail.
The contextual grounding filter to add.
void
addDeniedTopicFilter(
filter):void
Adds a denied topic filter to the guardrail.
The denied topic filter to add.
void
addManagedWordListFilter(
filter):void
Adds a managed word list filter to the guardrail.
The managed word list filter to add.
void
addPIIFilter(
filter):void
Adds a PII filter to the guardrail.
The PII filter to add.
void
addRegexFilter(
filter):void
Adds a regex filter to the guardrail.
The regex filter to add.
void
addWordFilter(
filter):void
Adds a word filter to the guardrail.
The word filter to add.
void
addWordFilterFromFile(
filePath,inputAction?,outputAction?,inputEnabled?,outputEnabled?):void
Adds a word filter to the guardrail.
string
The location of the word filter file.
boolean
boolean
void
applyRemovalPolicy(
policy):void
Apply the given removal policy to this resource
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you’ve removed it from the CDK application or because you’ve made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
RemovalPolicy
void
GuardrailBase.applyRemovalPolicy
createVersion(
description?):string
Create a version for the guardrail.
string
The description of the version.
string
The guardrail version.
protectedgeneratePhysicalName():string
string
GuardrailBase.generatePhysicalName
protectedgetResourceArnAttribute(arnAttr,arnComponents):string
Returns an environment-sensitive token that should be used for the
resource’s “ARN” attribute (e.g. bucket.bucketArn).
Normally, this token will resolve to arnAttr, but if the resource is
referenced across environments, arnComponents will be used to synthesize
a concrete ARN with the resource’s physical name. Make sure to reference
this.physicalName in arnComponents.
string
The CFN attribute which resolves to the ARN of the resource.
Commonly it will be called “Arn” (e.g. resource.attrArn), but sometimes
it’s the CFN resource’s ref.
ArnComponents
The format of the ARN of this resource. You must
reference this.physicalName somewhere within the ARN in order for
cross-environment references to work.
string
GuardrailBase.getResourceArnAttribute
protectedgetResourceNameAttribute(nameAttr):string
Returns an environment-sensitive token that should be used for the
resource’s “name” attribute (e.g. bucket.bucketName).
Normally, this token will resolve to nameAttr, but if the resource is
referenced across environments, it will be resolved to this.physicalName,
which will be a concrete name.
string
The CFN attribute which resolves to the resource’s name.
Commonly this is the resource’s ref.
string
GuardrailBase.getResourceNameAttribute
grant(
grantee, …actions):Grant
Grant the given principal identity permissions to perform actions on this agent alias.
IGrantable
…string[]
Grant
grantApply(
grantee):Grant
Grant the given identity permissions to apply the guardrail.
IGrantable
Grant
metric(
metricName,props?):Metric
Return the given named metric for this guardrail.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
string
MetricOptions
Metric
metricInvocationClientErrors(
props?):Metric
Return the invocation client errors metric for this guardrail.
MetricOptions
Metric
GuardrailBase.metricInvocationClientErrors
metricInvocationLatency(
props?):Metric
Return the invocation latency metric for this guardrail.
MetricOptions
Metric
GuardrailBase.metricInvocationLatency
metricInvocations(
props?):Metric
Return the invocations metric for this guardrail.
MetricOptions
Metric
GuardrailBase.metricInvocations
metricInvocationServerErrors(
props?):Metric
Return the invocation server errors metric for this guardrail.
MetricOptions
Metric
GuardrailBase.metricInvocationServerErrors
metricInvocationsIntervened(
props?):Metric
Return the invocations intervened metric for this guardrail.
MetricOptions
Metric
GuardrailBase.metricInvocationsIntervened
metricInvocationThrottles(
props?):Metric
Return the invocation throttles metric for this guardrail.
MetricOptions
Metric
GuardrailBase.metricInvocationThrottles
metricTextUnitCount(
props?):Metric
Return the text unit count metric for this guardrail.
MetricOptions
Metric
GuardrailBase.metricTextUnitCount
toString():
string
Returns a string representation of this construct.
string
staticfromCfnGuardrail(cfnGuardrail):IGuardrail
Import a low-level L1 Cfn Guardrail
CfnGuardrail
staticfromGuardrailAttributes(scope,id,attrs):IGuardrail
Import a guardrail given its attributes
Construct
string
staticisConstruct(x):x is Construct
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
any
Any object
x is Construct
true if x is an object created from a class which extends Construct.
staticisOwnedResource(construct):boolean
Returns true if the construct was created by CDK, and false otherwise
IConstruct
boolean
staticisResource(construct):construct is Resource
Check whether the given construct is a Resource
IConstruct
construct is Resource
staticmetricAll(metricName,props?):Metric
Return the given named metric for all guardrails.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
string
MetricOptions
Metric
staticmetricAllInvocationLatency(props?):Metric
Return the invocation latency metric for all guardrails.
MetricOptions
Metric
GuardrailBase.metricAllInvocationLatency
staticmetricAllInvocations(props?):Metric
Return the invocations metric for all guardrails.
MetricOptions
Metric
GuardrailBase.metricAllInvocations
staticmetricAllInvocationsIntervened(props?):Metric
Return the invocations intervened metric for all guardrails.
MetricOptions
Metric
GuardrailBase.metricAllInvocationsIntervened
staticmetricAllTextUnitCount(props?):Metric
Return the text unit count metric for all guardrails.
MetricOptions
Metric