Bedrock Agent Guardrails should have the Prompt Attack filter enabled and BLOCK prompt attacks at HIGH sensitivity

bedrock
이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

This control verifies that all Amazon Bedrock Agent aliases point to Agent versions with an Amazon Guardrail policy that has the Prompt Attack filter enabled and configured to block prompt attacks at high sensitivity, for both text and image.

Amazon Bedrock Agents can support multiple aliases, each pointing to a different immutable versions with its own guardrail configuration. Guardrails are crucial in maintaining the integrity and security of AI/ML environments by detecting and blocking prompt injection attacks that could manipulate model behavior or output.

Failing to implement these guardrail settings increases the risk of model exploitation, unauthorized access to confidential data, and potential security breaches, adversely affecting the integrity and reliability of your AI/ML workflows.

Remediation

For comprehensive guidance on implementing and connecting guardrail policies with the required configurations, refer to the Create a guardrail documentation.

PREVIEWING: adelhajhassan/add_csi_driver_documentation