Model Armor floor settings

Model Armor floor settings define rules that dictate minimum requirements for all Model Armor templates that are created at a specific point in the Google Cloud resource hierarchy (that is, at an organization, folder, or project level). If there are multiple floor settings that conflict with each other, then the settings lower in the resource hierarchy take precedence. For example, if a floor setting policy is created at a folder and project level, the project-level policy would be applied.

Here's an example to showcase how a Model Armor floor setting policy works. Floor policy X is set at a folder with the malicious URL filter enabled. Floor policy Y is set on a project within that folder for the prompt injection and jailbreak detection filter with a medium confidence threshold. The end result is that every Model Armor template created in the project has to have at least the prompt injection and jailbreak detection filter set with a medium confidence threshold, but the malicious URL filter is not required.

Floor settings help CISOs and security architects enforce a minimum security posture across all Model Armor templates within their organization, preventing individual developers from accidentally or intentionally lowering security standards below acceptable levels. For customers with a Premium tier or Enterprise tier of Security Command Center, floor setting violations trigger findings. That means that if a template is created before a floor setting, and the template has any less-restrictive settings, a finding will surface in Security Command Center to help you identify and remediate less secure Model Armor templates.

Integration with Vertex AI

Model Armor integrates with Vertex AI to screen Gemini model requests and responses based on your defined floor settings. You need to enable Cloud Logging to get visibility into prompts and responses. For more information, see Model Armor integration with Vertex AI.

Configure floor settings

You use floor settings to configure the minimum detection thresholds for Model Armor templates. These settings verify that all new and modified templates meet certain requirements. To configure floor settings, do the following:

  1. In the Google Cloud console, go to the Model Armor page.

    Go to Model Armor

  2. Select a project.
  3. On the Model Armor page, go to the Floor settings tab and click Configure floor settings.

  4. On the Configure floor settings page, select the configuration option.

    • Inherit parent's floor settings: Inherits floor settings set higher in the resource hierarchy. Click Save floor settings and skip the next steps. To view the inherited settings, go to the Floor settings tab.

    • Custom: Define floor settings for this project. If there are any inherited floor settings, they are overridden with the custom settings.

    • Disable: Disables any inherited floor settings, which means no detection rules are applied to the Model Armor templates and Vertex AI for your Gemini workloads. Click Save floor settings and skip the next steps. View the disabled status on the Floor settings tab.

  5. In the Detections section, configure the following detection settings:

    • Malicious URL detection: Identifies web addresses (URLs) that are designed to harm users or systems. These URLs might lead to phishing sites, malware downloads, or other cyberattacks. For more information, see Malicious URL detection.

    • Prompt injection and jailbreak detection: Detects malicious content and jailbreak attempts in a prompt. For stricter enforcement, set the confidence level to Low and above to detect most content that is likely to be a prompt injection and jailbreak attempt. For more information, see Prompt injection and jailbreak detection.

    • Sensitive Data Protection: Detects sensitive data and helps prevent its accidental exposure from attacks like prompt injection. For more information, see Sensitive Data Protection.

      You can set either basic or advanced Sensitive Data Protection.

      • Basic: Use predefined infoTypes to detect sensitive data types. For more information on the predefined infoType, see Basic Sensitive Data Protection configuration.

      • Advanced: Use an inspection template defined in the Sensitive Data Protection service as a single source for sensitive data infoTypes.

        If you select the Advanced Sensitive Data Protection, you need to specify the following parameters:

        • Inspect template: Templates for saving configuration information for inspection scan jobs, including what predefined or custom detectors to use. Enter the template name in the following format: projects/projectName/locations/locationID/inspectTemplates/templateName

        • Optional: De-identify template: Templates for saving configuration information for de-identification jobs, including both infoType and structured dataset transformations. Enter an identifier for the de-identification template in the following format: projects/projectName/locations/locationID/deidentifyTemplates/templateName

  6. In the Responsible AI section, you can set the confidence level for each content filter. Confidence level represents how likely the findings match a content filter type. Possible values are:

    • None: Don't detect any content filter type.
    • Low and above: Detect content with confidence level low, medium, or high.
    • Medium and above: Detect content with confidence level medium or high.
    • High: Detect content with confidence level high.

    For stricter enforcement, set the confidence level to Low and above to detect most content that falls into a content filter type. You can also select the confidence level for all content filter types at once.

  7. In the Services section, choose the services to which these floor settings will be applied.

    • Model Armor - Template creation & update: Every new and modified Model Armor template in this project will be checked to ensure they have minimum settings specified as per the floor settings.
    • Vertex AI: Screen requests sent to Gemini models and log or block those that meet floor settings thresholds. If you select Vertex AI, the Vertex AI section is displayed where you can choose how floor settings should be enforced.
      • Inspect only: Detect requests that don't meet floor settings but don't block them.
      • Inspect and block violations: Detect and block requests that don't meet the floor settings.

  8. In the Logs section, select Enable Cloud Logging to log all user prompts and model responses along with the floor settings detector results.

  9. Click Save floor settings. The configured floor settings are saved and are displayed on the Floor settings tab.

View floor settings

Console

  1. In the Google Cloud console, go to the Model Armor page.

    Go to Model Armor

  2. Verify that you are viewing the project that you activated Model Armor on.

  3. On the Model Armor page, go to the Floor settings tab. If floor settings are set at the organization level, you can view them here. If no floor settings are defined, then you must configure them. For more information, see Configure floor settings.

gcloud

  • View the Model Armor floor setting for a given project:

    gcloud model-armor floorsettings describe \
    --full-uri="projects/PROJECT_ID/locations/global/floorSetting"

  • View the Model Armor floor setting for a given organization:

    gcloud model-armor floorsettings describe \
    --full-uri="organizations/ORGANIZATION_ID/locations/global/floorSetting"

  • View the Model Armor floor setting for a given folder:

    gcloud model-armor floorsettings describe \
    --full-uri="folders/FOLDER_ID/locations/global/floorSetting"

    Replace the following:

    • PROJECT_ID is the ID of the project for the template.
    • FOLDER_ID is the ID of the folder for the template.
    • ORGANIZATION_ID is the ID of the organization for the template.

REST

  • View the Model Armor floor setting for a given project:

    curl -X GET \
-H "Authorization: Bearer $(gcloud auth print-access-token)" \
-H "Content-Type: application/json" \
"https://modelarmor.googleapis.com/v1/projects/PROJECT_ID/locations/global/floorSetting"

  • View the Model Armor floor setting for a given folder:

    curl -X GET \
-H "Authorization: Bearer $(gcloud auth print-access-token)" \
-H "Content-Type: application/json" \
"https://modelarmor.googleapis.com/v1/folders/FOLDER_ID/locations/global/floorSetting"

  • View the Model Armor floor setting for a given organization:

    curl -X GET \
-H "Authorization: Bearer $(gcloud auth print-access-token)" \
-H "Content-Type: application/json" \
"https://modelarmor.googleapis.com/v1/organizations/ORGANIZATION_ID/locations/global/floorSetting"

Replace the following:

  • PROJECT_ID is the ID of the project for the template.
  • FOLDER_ID is the ID of the folder for the template.
  • ORGANIZATION_ID is the ID of the organization for the template.

Python

To run this command, first initialize a Model Armor client in Python.

  • View the Model Armor floor setting for a given project:

    request = modelarmor_v1.GetFloorSettingRequest(
floor_setting={
  "name": "projects/PROJECT_ID/locations/global/floorSetting",
}
)
response = client.get_floor_setting(request=request)

  • View the Model Armor floor setting for a given folder:

    request = modelarmor_v1.GetFloorSettingRequest(
floor_setting={
  "name": "folders/FOLDER_ID/locations/global/floorSetting",
}
)
response = client.get_floor_setting(request=request)

  • View the Model Armor floor setting for a given organization:

    request = modelarmor_v1.GetFloorSettingRequest(
floor_setting={
  "name": "organizations/ORGANIZATION_ID/locations/global/floorSetting",
}
)
response = client.get_floor_setting(request=request)

    Replace the following:

    • PROJECT_ID is the ID of the project that the template belongs to.
    • FOLDER_ID is the ID of the folder for the template.
    • ORGANIZATION_ID is the ID of the organization for the template.

Update floor settings

Console

  1. In the Google Cloud console, go to the Model Armor page.

    Go to Model Armor

  2. Verify that you are viewing the project that you activated Model Armor on.

  3. On the Model Armor page, go to the Floor settings tab and click Configure floor settings.

  4. Update the required fields and click Save floor settings.

gcloud

   gcloud model-armor floorsettings update --full-uri=<full-uri-of-the-floorsetting>

Example command:

      gcloud model-armor floorsettings update \
          --malicious-uri-filter-settings-enforcement=ENABLED \
          --pi-and-jailbreak-filter-settings-enforcement=DISABLED \
          --pi-and-jailbreak-filter-settings-confidence-level=LOW_AND_ABOVE \
          --basic-config-filter-enforcement=ENABLED \
          --add-rai-settings-filters='[{"confidenceLevel": "low_and_above", "filterType": "HARASSMENT"}, {"confidenceLevel": "high", "filterType": "SEXUALLY_EXPLICIT"}]'
          --full-uri='folders/FOLDER_ID/locations/global/floorSetting' \
          --enable-floor-setting-enforcement=true

Replace FOLDER_ID with the ID of the folder for the template.

REST

  • Update the Model Armor floor setting for a given project:

    curl -X PATCH -d '{"filterConfig" :{"piAndJailbreakFilterSettings": { "filterEnforcement": "ENABLED"}, "maliciousUriFilterSettings": { "filterEnforcement": "ENABLED" }, "rai_settings":{"rai_filters":{"filter_type":"DANGEROUS", "confidence_level":"LOW_AND_ABOVE" },
"rai_filters":{"filter_type":"HATE_SPEECH", "confidence_level":"LOW_AND_ABOVE" }, "rai_filters":{"filter_type":"HARASSMENT", "confidence_level":"LOW_AND_ABOVE" }, "rai_filters":{"filter_type":"SEXUALLY_EXPLICIT", "confidence_level":"LOW_AND_ABOVE" }}},"enable_floor_setting_enforcement":"true"}' -H "Content-Type: application/json" -H "Authorization: Bearer $(gcloud auth print-access-token) "https://modelarmor.googleapis.com/v1/projects/PROJECT_ID/locations/global/floorSetting"

  • Update the Model Armor floor setting for a given folder:

    curl -X PATCH \
-d '{"filterConfig" :{"piAndJailbreakFilterSettings": { "filterEnforcement": "ENABLED"}, "maliciousUriFilterSettings": { "filterEnforcement": "ENABLED" }},"enable_floor_setting_enforcement":"true"}' \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $(gcloud auth print-access-token)" \
  "https://modelarmor.googleapis.com/v1/folders/FOLDER_ID/locations/global/floorSetting"

  • Update the Model Armor floor setting for a given organization:

    curl -X PATCH \
-d '{"filterConfig" :{"piAndJailbreakFilterSettings": { "filterEnforcement": "ENABLED"}, "maliciousUriFilterSettings": { "filterEnforcement": "ENABLED" }},"enable_floor_setting_enforcement":"true"}' \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $(gcloud auth print-access-token)" \
    "https://modelarmor.googleapis.com/v1/organizations/ORGANIZATION_ID/locations/global/floorSetting"

    Replace the following:

    • PROJECT_ID is the ID of the project for the template.
    • FOLDER_ID is the ID of the folder for the template.
    • ORGANIZATION_ID is the ID of the organization for the template.

    The update command returns the following response:

    {
"name": "projects/PROJECT_ID/locations/global/floorSetting",
"updateTime": "2024-12-19T15:36:21.318191Z",
"filterConfig": {
"piAndJailbreakFilterSettings": {
  "filterEnforcement": "ENABLED"
},
"maliciousUriFilterSettings": {
"filterEnforcement": "ENABLED"
}
}
}

Python

To run this command, first initialize a Model Armor client in Python.

  • Update the Model Armor floor setting for a given project:

    request = modelarmor_v1.UpdateFloorSettingRequest(
floor_setting={
  "name": "projects/PROJECT_ID/locations/global/floorSetting",
  "filter_config": FILTER_CONFIG,
  "enable_floor_setting_enforcement": True
}
)
response = client.update_floor_setting(request=request)

  • Update the Model Armor floor setting for a given folder:

    request = modelarmor_v1.UpdateFloorSettingRequest(
floor_setting={
  "name": "folders/FOLDER_ID/locations/global/floorSetting",
  "filter_config": FILTER_CONFIG
  "enable_floor_setting_enforcement": True
}
)
response = client.update_floor_setting(request=request)

  • Update the Model Armor floor setting for a given organization:

    request = modelarmor_v1.UpdateFloorSettingRequest(
floor_setting={
  "name": "organizations/ORGANIZATION_ID/locations/global/floorSetting",
  "filter_config": FILTER_CONFIG
  "enable_floor_setting_enforcement": True
}
)
response = client.update_floor_setting(request=request)

    Replace the following:

  • FILTER_CONFIG is the filter configuration for the template.

  • PROJECT_ID is the ID of the project that the template belongs to.

  • FOLDER_ID: is the ID of the folder for the template.

  • ORGANIZATION_ID is the ID of the organization for the template.

Disable floor settings

If you don't want to use the Model Armor floor settings, set the filter_config flag to empty or set the enable_floor_setting_enforcement flag to false.

Console

  1. In the Google Cloud console, go to the Model Armor page.

    Go to Model Armor

  2. Verify that you are viewing the project that you activated Model Armor on.

  3. On the Model Armor page, go to the Floor settings tab and click Configure floor settings.

  4. On the Configure floor settings page, select the Disable configuration option.

gcloud

  • Disable the Model Armor floor settings for a given project:

       gcloud model-armor floorsettings describe \
       --full-uri="projects/PROJECT_ID/locations/global/floorSetting"

  • Disable the Model Armor floor settings for a given organization:

       gcloud model-armor floorsettings describe \
       --full-uri="organizations/ORGANIZATION_ID/locations/global/floorSetting"

  • Disable the Model Armor floor settings for a given folder:

        gcloud model-armor floorsettings describe \
        --full-uri="folders/FOLDER_ID/locations/global/floorSetting"

    Replace the following:

  • PROJECT_ID is the ID of the project for the template.

  • FOLDER_ID is the ID of the folder for the template.

  • ORGANIZATION_ID is the ID of the organization for the template.

REST

  curl -X PATCH
    -d '{"enable_floor_setting_enforcement" : "true"}'
    -H "Content-Type: application/json"
    -H "Authorization: Bearer $(gcloud auth print-access-token)" "https://modelarmor.googleapis.com/v1/projects/PROJECT_ID/locations/global/floorSetting?update_mask=enable_floor_setting_enforcement"

Replace PROJECT_ID with the ID of the project for the template.

Floor settings violation

Each Model Armor service finding identifies a floor setting violation that occurs when a Model Armor template fails to meet the minimum security standards defined by the resource hierarchy floor settings. Floor settings dictate the least stringent level allowed for each filter within a template. A floor setting violation might involve a template that does not include the required filters or does not meet minimum confidence level for those filters. When a violation is detected, a high-severity finding is published in Security Command Center. The finding specifies the violated floor setting, the non-compliant template, and details about the violation. For more information, see Model Armor service findings.

This is an example of the source_properties field of the finding within floor settings violation.

{
  "filterConfig": {
    "raiSettings": {
      "raiFilters": [
        {
          "filterType": "HATE_SPEECH",
          "confidenceLevel": {
            "floorSettings": "LOW_AND_ABOVE",
            "template": "MEDIUM_AND_ABOVE"
          }
        },
        {
          "filterType": "HARASSMENT",
          "confidenceLevel": {
            "floorSettings": "MEDIUM_AND_ABOVE",
            "template": "HIGH"
          }
        }
      ]
    },
    "piAndJailbreakFilterSettings": {
      "confidenceLevel": {
        "floorSettings": "LOW_AND_ABOVE",
        "template": "HIGH"
      }
    },
    "maliciousUriFilterSettings": {
      "floorSettings": "ENABLED",
      "template": "DISABLED"
    }
  }
}

What's next