Console
    Contact Us Start free

    Configure Model Armor floor settings

    This document explains how to view and update Model Armor floor settings and provides an example of a floor setting violation.

    Model Armor floor settings define rules that specify minimum requirements for all the Model Armor templates created at a specific point in the Google Cloud resource hierarchy (that is, at an organization, folder, or project level). If multiple floor settings conflict, the settings lower in the resource hierarchy take precedence. For example, if a floor setting policy is created at a folder and project level, the project-level policy is applied. This behavior only applies to projects that are inside that specific folder.

    For example, suppose you've set a folder-level policy on a specific folder, enabling a malicious URI filter for all content within it. Then, within that same folder, you have a particular project. On this project, you've configured a more specific project-level policy. This project-level policy requires prompt injection and jailbreak detection with a medium confidence threshold.

    The outcome is the following:

    • Any Model Armor template created within this specific project must include the prompt injection and jailbreak detection filter, set with at least a medium confidence threshold. This is because the project-level policy establishes a minimum requirement for all templates within that project.

    • Templates created outside of this project's parent folder aren't affected by that specific folder policies. So, if you create a template in a different folder or at the root level, it won't automatically require the malicious URI filter that was set for this particular folder. This highlights that these policies are scoped to their specific hierarchical level and don't apply globally unless set at a higher, broader organizational level.

    Floor settings help CISOs and security architects enforce minimum security posture for all the Model Armor templates in their organization. These settings help prevent developers from compromising security standards. If you're using the Premium or Enterprise service tier of Security Command Center, floor setting violations trigger findings. If a template with less restrictive settings is created before a floor setting, Security Command Center surfaces a finding. These settings help you identify and remediate less secure Model Armor templates. Floor settings cannot enforce Sensitive Data Protection.

    Before you begin

    Before you begin, complete the following tasks.

    Obtain the required permissions

    To get the permissions that you need to manage floor settings, ask your administrator to grant you the Model Armor Floor Setting Admin ( roles/modelarmor.floorSettingsAdmin ) IAM role on Model Armor floor settings. For more information about granting roles, see Manage access to projects, folders, and organizations .

    You might also be able to get the required permissions through custom roles or other predefined roles .

    Enable APIs

    You must enable Model Armor APIs before you can use Model Armor.

    Console

    1. Enable the Model Armor API.

      Enable the API

    2. Select the project where you want to activate Model Armor.

    gcloud

    Before you begin, follow these steps using the Google Cloud CLI with the Model Armor API:

    1. In the Google Cloud console, activate Cloud Shell.

      Activate Cloud Shell

      At the bottom of the Google Cloud console, a Cloud Shell session starts and displays a command-line prompt. Cloud Shell is a shell environment with the Google Cloud CLI already installed and with values already set for your current project. It can take a few seconds for the session to initialize.

    2. Run the following command to set the API endpoint for the Model Armor service.

      gcloud  
config  
 set 
  
api_endpoint_overrides/modelarmor  
 "https://modelarmor. LOCATION 
.rep.googleapis.com/"

      Replace LOCATION with the region where you want to use Model Armor.

    Run the following command to enable Model Armor.

      
gcloud  
services  
 enable 
  
modelarmor.googleapis.com  
--project = 
 PROJECT_ID

    Replace PROJECT_ID with the ID of the project.

    Integration with Vertex AI

    Model Armor integrates with Vertex AI to screen Gemini model requests and responses based on your defined floor settings. You need to enable Cloud Logging to get visibility into prompts and responses. For more information, see Model Armor integration with Vertex AI .

    Configure floor settings

    You use floor settings to configure the minimum detection thresholds for Model Armor templates. These settings verify that all new and modified templates meet certain requirements. To configure floor settings, do the following:

    Console

    1. In the Google Cloud console, go to the Model Armorpage.

      Go to Model Armor

    2. Select a project.
    3. On the Model Armorpage, go to the Floor settingstab and click Configure floor settings.
    4. On the Configure floor settingspage, select the configuration option .
    5. In the Detectionssection, configure the detection settings .
    6. Optional: If you select Sensitive Data Protection detection, you need to configure the Sensitive Data Protection settings .

    7. In the Responsible AIsection, set the confidence level for each content filter .

    8. In the Servicessection, choose the services where these floor settings will be applied.

    9. In the Logssection, select Enable Cloud Loggingto log all user prompts, model responses, and the floor settings detector results.

    10. Select Enable multi-language supportto use the multi-language detection settings .

    11. Click Save floor settings.

    REST

    curl  
-X  
PATCH  
 \ 
  
-H  
 "Content-Type: application/json" 
  
 \ 
  
-H  
 "Authorization: Bearer 
 $( 
gcloud  
auth  
print-access-token ) 
 " 
  
 \ 
  
-d  
 '{"filterConfig" : {}, "integratedServices": "AI_PLATFORM", "aiPlatformFloorSetting":{"inspect_only":true, "enableCloudLogging":true}}' 
  
 \ 
  
 "https://modelarmor.googleapis.com/v1/projects/ PROJECT_ID 
/locations/global/floorSetting"

    Replace PROJECT_ID with the ID of the project for the floor settings.

    Define how floor settings are inherited

    When configuring floor settings, select the configuration option.

    • Inherit parent's floor settings: Inherits floor settings set higher in the resource hierarchy. Click Save floor settingsand skip the next steps. To view the inherited settings, go to the Floor settingstab.

    • Custom: Define floor settings for this project. The custom settings that you define for a project override any inherited floor settings.

    • Disable: Disables any inherited floor settings, which means no detection rules are applied to the Model Armor templates and Vertex AI for your Gemini workloads. Click Save floor settingsand skip the next steps. View the disabled status on the Floor settingstab.

    Define where floor settings are applied

    Select one of the following services where the configured floor settings are applied.

    • Model Armor - Template creation & update: Every new and modified Model Armor template in a project is checked to ensure that the minimum settings are specified according to the floor settings.

    • Vertex AI: Screen requests sent to Gemini models and log or block those that meet floor settings thresholds.

      If you select Vertex AI, the Vertex AIsection is displayed where you can choose how floor settings are enforced.

      • Inspect only: Detect requests that don't meet floor settings but don't block them.
      • Inspect and block violations: Detect and block requests that don't meet the floor settings.

    View Model Armor floor settings

    View Model Armor floor settings to verify existing settings, to identify what the minimum requirements are for your AI applications, or to troubleshoot issues when a template is not behaving as expected.

    Run the following command to view the Model Armor floor settings.

    Console

    1. In the Google Cloud console, go to the Model Armorpage.

      Go to Model Armor

    2. Verify that you are viewing the project that you activated Model Armor on.

    3. On the Model Armorpage, go to the Floor settingstab. If floor settings are set at the organization level, you can view them here. If no floor settings are defined, then you must configure them. For more information, see Configure floor settings .

    gcloud

    • View the Model Armor floor setting for a given project.

        
gcloud  
model-armor  
floorsettings  
describe  
 \ 
  
--full-uri = 
 'projects/ PROJECT_ID 
/locations/global/floorSetting'

    • View the Model Armor floor setting for a given organization.

        
gcloud  
model-armor  
floorsettings  
describe  
 \ 
  
--full-uri = 
 'organizations/ ORGANIZATION_ID 
/locations/global/floorSetting'

    • View the Model Armor floor setting for a given folder.

        
gcloud  
model-armor  
floorsettings  
describe  
 \ 
  
--full-uri = 
 'folders/ FOLDER_ID 
/locations/global/floorSetting'

      Replace the following:

      • PROJECT_ID : the ID of the project for the floor settings.
      • FOLDER_ID : the ID of the folder for the floor settings.
      • ORGANIZATION_ID : the ID of the organization for the floor settings.

    REST

    • View the Model Armor floor setting for a given project.

       curl 
  
 - 
 X 
  
 GET 
  
 \ 
  
 - 
 H 
  
 "Authorization: Bearer $(gcloud auth print-access-token)" 
  
 \ 
  
 - 
 H 
  
 "Content-Type: application/json" 
  
 \ 
  
 "https://modelarmor.googleapis.com/v1/projects/ PROJECT_ID 
/locations/global/floorSetting"

    • View the Model Armor floor setting for a given folder.

       curl 
  
 - 
 X 
  
 GET 
  
 \ 
  
 - 
 H 
  
 "Authorization: Bearer $(gcloud auth print-access-token)" 
  
 \ 
  
 - 
 H 
  
 "Content-Type: application/json" 
  
 \ 
  
 "https://modelarmor.googleapis.com/v1/folders/ FOLDER_ID 
/locations/global/floorSetting"

    • View the Model Armor floor setting for a given organization.

       curl 
  
 - 
 X 
  
 GET 
  
 \ 
  
 - 
 H 
  
 "Authorization: Bearer $(gcloud auth print-access-token)" 
  
 \ 
  
 - 
 H 
  
 "Content-Type: application/json" 
  
 \ 
  
 "https://modelarmor.googleapis.com/v1/organizations/ ORGANIZATION_ID 
/locations/global/floorSetting"

    Replace the following:

    • PROJECT_ID : the ID of the project for the floor settings.
    • FOLDER_ID : the ID of the folder for the floor settings.
    • ORGANIZATION_ID : the ID of the organization for the floor settings.

    Go

    To run this code, first set up a Go development environment and install the Model Armor Go SDK .

    • View the Model Armor floor setting for a given project.

        import 
  
 ( 
  
 "context" 
  
 "fmt" 
  
 "io" 
  
 modelarmor 
  
 "cloud.google.com/go/modelarmor/apiv1" 
  
 modelarmorpb 
  
 "cloud.google.com/go/modelarmor/apiv1/modelarmorpb" 
 ) 
 // getProjectFloorSettings gets details of a single floor setting of a project. 
 // 
 // This method retrieves the details of a single floor setting of a project. 
 // 
 // w io.Writer: The writer to use for logging. 
 // projectID string: The ID of the project. 
 func 
  
 getProjectFloorSettings 
 ( 
 w 
  
 io 
 . 
 Writer 
 , 
  
 projectID 
  
 string 
 ) 
  
 error 
  
 { 
  
 ctx 
  
 := 
  
 context 
 . 
 Background 
 () 
  
 // Create the Model Armor client. 
  
 client 
 , 
  
 err 
  
 := 
  
 modelarmor 
 . 
  NewClient 
 
 ( 
 ctx 
 ) 
  
 if 
  
 err 
  
 != 
  
 nil 
  
 { 
  
 return 
  
 fmt 
 . 
 Errorf 
 ( 
 "failed to create client: %w" 
 , 
  
 err 
 ) 
  
 } 
  
 defer 
  
 client 
 . 
  Close 
 
 () 
  
 floorSettingsName 
  
 := 
  
 fmt 
 . 
 Sprintf 
 ( 
 "projects/%s/locations/global/floorSetting" 
 , 
  
 projectID 
 ) 
  
 // Get the project floor setting. 
  
 req 
  
 := 
  
& modelarmorpb 
 . 
 GetFloorSettingRequest 
 { 
  
 Name 
 : 
  
 floorSettingsName 
 , 
  
 } 
  
 response 
 , 
  
 err 
  
 := 
  
 client 
 . 
 GetFloorSetting 
 ( 
 ctx 
 , 
  
 req 
 ) 
  
 if 
  
 err 
  
 != 
  
 nil 
  
 { 
  
 return 
  
 fmt 
 . 
 Errorf 
 ( 
 "failed to get floor setting: %w" 
 , 
  
 err 
 ) 
  
 } 
  
 // Print the retrieved floor setting using fmt.Fprintf with the io.Writer. 
  
 fmt 
 . 
 Fprintf 
 ( 
 w 
 , 
  
 "Retrieved floor setting: %v\n" 
 , 
  
 response 
 ) 
  
 return 
  
 nil 
 }

    • View the Model Armor floor setting for a given folder.

        import 
  
 ( 
  
 "context" 
  
 "fmt" 
  
 "io" 
  
 modelarmor 
  
 "cloud.google.com/go/modelarmor/apiv1" 
  
 modelarmorpb 
  
 "cloud.google.com/go/modelarmor/apiv1/modelarmorpb" 
 ) 
 // getFolderFloorSettings gets details of a single floor setting of a folder. 
 // 
 // This method retrieves the details of a single floor setting of a folder. 
 // 
 // w io.Writer: The writer to use for logging. 
 // folderID string: The ID of the folder. 
 func 
  
 getFolderFloorSettings 
 ( 
 w 
  
 io 
 . 
 Writer 
 , 
  
 folderID 
  
 string 
 ) 
  
 error 
  
 { 
  
 ctx 
  
 := 
  
 context 
 . 
 Background 
 () 
  
 // Create the Model Armor client. 
  
 client 
 , 
  
 err 
  
 := 
  
 modelarmor 
 . 
  NewClient 
 
 ( 
 ctx 
 ) 
  
 if 
  
 err 
  
 != 
  
 nil 
  
 { 
  
 return 
  
 fmt 
 . 
 Errorf 
 ( 
 "failed to create client: %w" 
 , 
  
 err 
 ) 
  
 } 
  
 defer 
  
 client 
 . 
  Close 
 
 () 
  
 // Prepare folder floor setting path/name 
  
 floorSettingsName 
  
 := 
  
 fmt 
 . 
 Sprintf 
 ( 
 "folders/%s/locations/global/floorSetting" 
 , 
  
 folderID 
 ) 
  
 // Get the folder floor setting. 
  
 req 
  
 := 
  
& modelarmorpb 
 . 
 GetFloorSettingRequest 
 { 
  
 Name 
 : 
  
 floorSettingsName 
 , 
  
 } 
  
 response 
 , 
  
 err 
  
 := 
  
 client 
 . 
 GetFloorSetting 
 ( 
 ctx 
 , 
  
 req 
 ) 
  
 if 
  
 err 
  
 != 
  
 nil 
  
 { 
  
 return 
  
 fmt 
 . 
 Errorf 
 ( 
 "failed to get floor setting: %w" 
 , 
  
 err 
 ) 
  
 } 
  
 // Print the retrieved floor setting using fmt.Fprintf with the io.Writer. 
  
 fmt 
 . 
 Fprintf 
 ( 
 w 
 , 
  
 "Retrieved folder floor setting: %v\n" 
 , 
  
 response 
 ) 
  
 return 
  
 nil 
 }

    • View the Model Armor floor setting for a given organization.

        import 
  
 ( 
  
 "context" 
  
 "fmt" 
  
 "io" 
  
 modelarmor 
  
 "cloud.google.com/go/modelarmor/apiv1" 
  
 modelarmorpb 
  
 "cloud.google.com/go/modelarmor/apiv1/modelarmorpb" 
 ) 
 // getOrganizationFloorSettings gets details of a single floor setting of an organization. 
 // 
 // This method retrieves the details of a single floor setting of an organization. 
 // 
 // w io.Writer: The writer to use for logging. 
 // organizationID string: The ID of the organization. 
 func 
  
 getOrganizationFloorSettings 
 ( 
 w 
  
 io 
 . 
 Writer 
 , 
  
 organizationID 
  
 string 
 ) 
  
 error 
  
 { 
  
 ctx 
  
 := 
  
 context 
 . 
 Background 
 () 
  
 // Create the Model Armor client. 
  
 client 
 , 
  
 err 
  
 := 
  
 modelarmor 
 . 
  NewClient 
 
 ( 
 ctx 
 ) 
  
 if 
  
 err 
  
 != 
  
 nil 
  
 { 
  
 return 
  
 fmt 
 . 
 Errorf 
 ( 
 "failed to create client: %w" 
 , 
  
 err 
 ) 
  
 } 
  
 defer 
  
 client 
 . 
  Close 
 
 () 
  
 floorSettingsName 
  
 := 
  
 fmt 
 . 
 Sprintf 
 ( 
 "organizations/%s/locations/global/floorSetting" 
 , 
  
 organizationID 
 ) 
  
 // Get the organization floor setting. 
  
 req 
  
 := 
  
& modelarmorpb 
 . 
 GetFloorSettingRequest 
 { 
  
 Name 
 : 
  
 floorSettingsName 
 , 
  
 } 
  
 response 
 , 
  
 err 
  
 := 
  
 client 
 . 
 GetFloorSetting 
 ( 
 ctx 
 , 
  
 req 
 ) 
  
 if 
  
 err 
  
 != 
  
 nil 
  
 { 
  
 return 
  
 fmt 
 . 
 Errorf 
 ( 
 "failed to get floor setting: %w" 
 , 
  
 err 
 ) 
  
 } 
  
 // Print the retrieved floor setting using fmt.Fprintf with the io.Writer. 
  
 fmt 
 . 
 Fprintf 
 ( 
 w 
 , 
  
 "Retrieved org floor setting: %v\n" 
 , 
  
 response 
 ) 
  
 return 
  
 nil 
 }

    Java

    To run this code, first set up a Java development environment and install the Model Armor Java SDK .

    • View the Model Armor floor setting for a given project.

        import 
  
 com.google.cloud.modelarmor.v1. FloorSetting 
 
 ; 
 import 
  
 com.google.cloud.modelarmor.v1. FloorSettingName 
 
 ; 
 import 
  
 com.google.cloud.modelarmor.v1. GetFloorSettingRequest 
 
 ; 
 import 
  
 com.google.cloud.modelarmor.v1. ModelArmorClient 
 
 ; 
 import 
  
 java.io.IOException 
 ; 
 public 
  
 class 
 GetProjectFloorSetting 
  
 { 
  
 public 
  
 static 
  
 void 
  
 main 
 ( 
 String 
 [] 
  
 args 
 ) 
  
 throws 
  
 IOException 
  
 { 
  
 // TODO(developer): Replace these variables before running the sample. 
  
 String 
  
 projectId 
  
 = 
  
 "your-project-id" 
 ; 
  
 getProjectFloorSetting 
 ( 
 projectId 
 ); 
  
 } 
  
 public 
  
 static 
  
  FloorSetting 
 
  
 getProjectFloorSetting 
 ( 
 String 
  
 projectId 
 ) 
  
 throws 
  
 IOException 
  
 { 
  
 // Initialize client that will be used to send requests. This client only 
  
 // needs to be created once, and can be reused for multiple requests. 
  
 try 
  
 ( 
  ModelArmorClient 
 
  
 client 
  
 = 
  
  ModelArmorClient 
 
 . 
 create 
 ()) 
  
 { 
  
 String 
  
 name 
  
 = 
  
  FloorSettingName 
 
 . 
 of 
 ( 
 projectId 
 , 
  
 "global" 
 ). 
 toString 
 (); 
  
  GetFloorSettingRequest 
 
  
 request 
  
 = 
  
  GetFloorSettingRequest 
 
 . 
 newBuilder 
 (). 
 setName 
 ( 
 name 
 ). 
 build 
 (); 
  
  FloorSetting 
 
  
 floorSetting 
  
 = 
  
 client 
 . 
 getFloorSetting 
 ( 
 request 
 ); 
  
 System 
 . 
 out 
 . 
 println 
 ( 
 "Fetched floor setting for project: " 
  
 + 
  
 projectId 
 ); 
  
 return 
  
 floorSetting 
 ; 
  
 } 
  
 } 
 }

    • View the Model Armor floor setting for a given folder.

        import 
  
 com.google.cloud.modelarmor.v1. FloorSetting 
 
 ; 
 import 
  
 com.google.cloud.modelarmor.v1. FloorSettingName 
 
 ; 
 import 
  
 com.google.cloud.modelarmor.v1. GetFloorSettingRequest 
 
 ; 
 import 
  
 com.google.cloud.modelarmor.v1. ModelArmorClient 
 
 ; 
 import 
  
 java.io.IOException 
 ; 
 public 
  
 class 
 GetFolderFloorSetting 
  
 { 
  
 public 
  
 static 
  
 void 
  
 main 
 ( 
 String 
 [] 
  
 args 
 ) 
  
 throws 
  
 IOException 
  
 { 
  
 // TODO(developer): Replace these variables before running the sample. 
  
 String 
  
 folderId 
  
 = 
  
 "your-folder-id" 
 ; 
  
 getFolderFloorSetting 
 ( 
 folderId 
 ); 
  
 } 
  
 public 
  
 static 
  
  FloorSetting 
 
  
 getFolderFloorSetting 
 ( 
 String 
  
 folderId 
 ) 
  
 throws 
  
 IOException 
  
 { 
  
 // Initialize client that will be used to send requests. This client only 
  
 // needs to be created once, and can be reused for multiple requests. 
  
 try 
  
 ( 
  ModelArmorClient 
 
  
 client 
  
 = 
  
  ModelArmorClient 
 
 . 
 create 
 ()) 
  
 { 
  
 String 
  
 name 
  
 = 
  
  FloorSettingName 
 
 . 
  ofFolderLocationName 
 
 ( 
 folderId 
 , 
  
 "global" 
 ). 
 toString 
 (); 
  
  GetFloorSettingRequest 
 
  
 request 
  
 = 
  
  GetFloorSettingRequest 
 
 . 
 newBuilder 
 (). 
 setName 
 ( 
 name 
 ). 
 build 
 (); 
  
  FloorSetting 
 
  
 floorSetting 
  
 = 
  
 client 
 . 
 getFloorSetting 
 ( 
 request 
 ); 
  
 System 
 . 
 out 
 . 
 println 
 ( 
 "Fetched floor setting for folder: " 
  
 + 
  
 folderId 
 ); 
  
 return 
  
 floorSetting 
 ; 
  
 } 
  
 } 
 }

    • View the Model Armor floor setting for a given organization.

        import 
  
 com.google.cloud.modelarmor.v1. FloorSetting 
 
 ; 
 import 
  
 com.google.cloud.modelarmor.v1. FloorSettingName 
 
 ; 
 import 
  
 com.google.cloud.modelarmor.v1. GetFloorSettingRequest 
 
 ; 
 import 
  
 com.google.cloud.modelarmor.v1. ModelArmorClient 
 
 ; 
 import 
  
 java.io.IOException 
 ; 
 public 
  
 class 
 GetOrganizationFloorSetting 
  
 { 
  
 public 
  
 static 
  
 void 
  
 main 
 ( 
 String 
 [] 
  
 args 
 ) 
  
 throws 
  
 IOException 
  
 { 
  
 // TODO(developer): Replace these variables before running the sample. 
  
 String 
  
 organizationId 
  
 = 
  
 "your-organization-id" 
 ; 
  
 getOrganizationFloorSetting 
 ( 
 organizationId 
 ); 
  
 } 
  
 public 
  
 static 
  
  FloorSetting 
 
  
 getOrganizationFloorSetting 
 ( 
 String 
  
 organizationId 
 ) 
  
 throws 
  
 IOException 
  
 { 
  
 // Initialize client that will be used to send requests. This client only 
  
 // needs to be created once, and can be reused for multiple requests. 
  
 try 
  
 ( 
  ModelArmorClient 
 
  
 client 
  
 = 
  
  ModelArmorClient 
 
 . 
 create 
 ()) 
  
 { 
  
 String 
  
 name 
  
 = 
  
  FloorSettingName 
 
 . 
  ofOrganizationLocationName 
 
 ( 
 organizationId 
 , 
  
 "global" 
 ) 
  
 . 
 toString 
 (); 
  
  GetFloorSettingRequest 
 
  
 request 
  
 = 
  
  GetFloorSettingRequest 
 
 . 
 newBuilder 
 (). 
 setName 
 ( 
 name 
 ). 
 build 
 (); 
  
  FloorSetting 
 
  
 floorSetting 
  
 = 
  
 client 
 . 
 getFloorSetting 
 ( 
 request 
 ); 
  
 System 
 . 
 out 
 . 
 println 
 ( 
 "Fetched floor setting for organization: " 
  
 + 
  
 organizationId 
 ); 
  
 return 
  
 floorSetting 
 ; 
  
 } 
  
 } 
 }

    Node.js

    To run this code, first set up a Node.js development environment and install the Model Armor Node.js SDK .

    • View the Model Armor floor setting for a given project.

        /** 
 * TODO(developer): Uncomment these variables before running the sample. 
 */ 
 // const projectId = 'your-project-id'; 
 const 
  
 name 
  
 = 
  
 `projects/ 
 ${ 
 projectId 
 } 
 /locations/global/floorSetting` 
 ; 
 // Imports the Modelarmor library 
 const 
  
 { 
 ModelArmorClient 
 } 
  
 = 
  
 require 
 ( 
 '@google-cloud/modelarmor' 
 ). 
 v1 
 ; 
 // Instantiates a client 
 const 
  
 modelarmorClient 
  
 = 
  
 new 
  
 ModelArmorClient 
 (); 
 async 
  
 function 
  
 getProjectFloorSettings 
 () 
  
 { 
  
 // Construct request 
  
 const 
  
 request 
  
 = 
  
 { 
  
 name 
 , 
  
 }; 
  
 // Run request 
  
 const 
  
 [ 
 response 
 ] 
  
 = 
  
 await 
  
 modelarmorClient 
 . 
 getFloorSetting 
 ( 
 request 
 ); 
  
 return 
  
 response 
 ; 
 } 
 return 
  
 await 
  
 getProjectFloorSettings 
 ();

    • View the Model Armor floor setting for a given folder.

        /** 
 * TODO(developer): Uncomment these variables before running the sample. 
 */ 
 // const folderId = 'your-folder-id'; 
 const 
  
 name 
  
 = 
  
 `folders/ 
 ${ 
 folderId 
 } 
 /locations/global/floorSetting` 
 ; 
 // Imports the Modelarmor library 
 const 
  
 { 
 ModelArmorClient 
 } 
  
 = 
  
 require 
 ( 
 '@google-cloud/modelarmor' 
 ). 
 v1 
 ; 
 // Instantiates a client 
 const 
  
 modelarmorClient 
  
 = 
  
 new 
  
 ModelArmorClient 
 (); 
 async 
  
 function 
  
 getFolderFloorSettings 
 () 
  
 { 
  
 // Construct request 
  
 const 
  
 request 
  
 = 
  
 { 
  
 name 
 , 
  
 }; 
  
 const 
  
 [ 
 response 
 ] 
  
 = 
  
 await 
  
 modelarmorClient 
 . 
 getFloorSetting 
 ( 
 request 
 ); 
  
 return 
  
 response 
 ; 
 } 
 return 
  
 await 
  
 getFolderFloorSettings 
 ();

    • View the Model Armor floor setting for a given organization.

        /** 
 * TODO(developer): Uncomment these variables before running the sample. 
 */ 
 // const organizationId = 'your-organization-id'; 
 const 
  
 name 
  
 = 
  
 `organizations/ 
 ${ 
 organizationId 
 } 
 /locations/global/floorSetting` 
 ; 
 // Imports the Modelarmor library 
 const 
  
 { 
 ModelArmorClient 
 } 
  
 = 
  
 require 
 ( 
 '@google-cloud/modelarmor' 
 ). 
 v1 
 ; 
 // Instantiates a client 
 const 
  
 modelarmorClient 
  
 = 
  
 new 
  
 ModelArmorClient 
 (); 
 async 
  
 function 
  
 getOrganizationFloorSettings 
 () 
  
 { 
  
 // Construct request 
  
 const 
  
 request 
  
 = 
  
 { 
  
 name 
 , 
  
 }; 
  
 // Run request 
  
 const 
  
 [ 
 response 
 ] 
  
 = 
  
 await 
  
 modelarmorClient 
 . 
 getFloorSetting 
 ( 
 request 
 ); 
  
 return 
  
 response 
 ; 
 } 
 return 
  
 await 
  
 getOrganizationFloorSettings 
 ();

    PHP

    To run this code, first set up a PHP development environment and install the Model Armor PHP SDK .

    • View the Model Armor floor setting for a given project.

        use Google\Cloud\ModelArmor\V1\Client\ModelArmorClient; 
 use Google\Cloud\ModelArmor\V1\GetFloorSettingRequest; 
 /** 
 * Gets the floor settings for a given project. 
 * 
 * @param string $projectId The project Id for which the floor settings is to be retrieved. 
 * 
 */ 
 function get_project_floor_settings(string $projectId): void 
 { 
 $client = new ModelArmorClient(); 
 $floorSettingsName = sprintf('projects/%s/locations/global/floorSetting', $projectId); 
 $response = $client->getFloorSetting((new GetFloorSettingRequest())->setName($floorSettingsName)); 
 printf("Floor settings retrieved successfully: %s\n", $response->serializeToJsonString()); 
 }

    • View the Model Armor floor setting for a given folder.

        use Google\Cloud\ModelArmor\V1\Client\ModelArmorClient; 
 use Google\Cloud\ModelArmor\V1\GetFloorSettingRequest; 
 /** 
 * Gets the floor settings for a given folder. 
 * 
 * @param string $folderId The folder Id for which the floor settings is to be retrieved. 
 * 
 */ 
 function get_folder_floor_settings(string $folderId): void 
 { 
 $client = new ModelArmorClient(); 
 $floorSettingsName = sprintf('folders/%s/locations/global/floorSetting', $folderId); 
 $response = $client->getFloorSetting((new GetFloorSettingRequest())->setName($floorSettingsName)); 
 printf("Floor settings retrieved successfully: %s\n", $response->serializeToJsonString()); 
 }

    • View the Model Armor floor setting for a given organization.

        use Google\Cloud\ModelArmor\V1\Client\ModelArmorClient; 
 use Google\Cloud\ModelArmor\V1\GetFloorSettingRequest; 
 /** 
 * Gets the floor settings for a given organization. 
 * 
 * @param string $organizationId The organization Id for which the floor settings is to be retrieved. 
 * 
 */ 
 function get_organization_floor_settings(string $organizationId): void 
 { 
 $client = new ModelArmorClient(); 
 $floorSettingsName = sprintf('organizations/%s/locations/global/floorSetting', $organizationId); 
 $response = $client->getFloorSetting((new GetFloorSettingRequest())->setName($floorSettingsName)); 
 printf("Floor settings retrieved successfully: %s\n", $response->serializeToJsonString()); 
 }

    Python

    To run this code, first set up a Python development environment and install the Model Armor Python SDK .

    • View the Model Armor floor setting for a given project.

        from 
  
 google.cloud 
  
 import 
  modelarmor_v1 
 
 # Create the Model Armor client. 
 client 
 = 
  modelarmor_v1 
 
 . 
  ModelArmorClient 
 
 ( 
 transport 
 = 
 "rest" 
 ) 
 # TODO(Developer): Uncomment below variable. 
 # project_id = "YOUR_PROJECT_ID" 
 floor_settings_name 
 = 
 f 
 "projects/ 
 { 
 project_id 
 } 
 /locations/global/floorSetting" 
 # Get the project floor setting. 
 response 
 = 
 client 
 . 
  get_floor_setting 
 
 ( 
 request 
 = 
  modelarmor_v1 
 
 . 
  GetFloorSettingRequest 
 
 ( 
 name 
 = 
 floor_settings_name 
 ) 
 ) 
 # Print the retrieved floor setting. 
 print 
 ( 
 response 
 )

    • View the Model Armor floor setting for a given folder.

        from 
  
 google.cloud 
  
 import 
  modelarmor_v1 
 
 # Create the Model Armor client. 
 client 
 = 
  modelarmor_v1 
 
 . 
  ModelArmorClient 
 
 ( 
 transport 
 = 
 "rest" 
 ) 
 # TODO(Developer): Uncomment below variable. 
 # folder_id = "YOUR_FOLDER_ID" 
 # Prepare folder floor setting path/name 
 floor_settings_name 
 = 
 f 
 "folders/ 
 { 
 folder_id 
 } 
 /locations/global/floorSetting" 
 # Get the folder floor setting. 
 response 
 = 
 client 
 . 
  get_floor_setting 
 
 ( 
 request 
 = 
  modelarmor_v1 
 
 . 
  GetFloorSettingRequest 
 
 ( 
 name 
 = 
 floor_settings_name 
 ) 
 ) 
 # Print the retrieved floor setting. 
 print 
 ( 
 response 
 )

    • View the Model Armor floor setting for a given organization.

        from 
  
 google.cloud 
  
 import 
  modelarmor_v1 
 
 # Create the Model Armor client. 
 client 
 = 
  modelarmor_v1 
 
 . 
  ModelArmorClient 
 
 ( 
 transport 
 = 
 "rest" 
 ) 
 # TODO(Developer): Uncomment below variable. 
 # organization_id = "YOUR_ORGANIZATION_ID" 
 floor_settings_name 
 = 
 ( 
 f 
 "organizations/ 
 { 
 organization_id 
 } 
 /locations/global/floorSetting" 
 ) 
 # Get the organization floor setting. 
 response 
 = 
 client 
 . 
  get_floor_setting 
 
 ( 
 request 
 = 
  modelarmor_v1 
 
 . 
  GetFloorSettingRequest 
 
 ( 
 name 
 = 
 floor_settings_name 
 ) 
 ) 
 # Print the retrieved floor setting. 
 print 
 ( 
 response 
 )

    Update Model Armor floor settings

    Update Model Armor floor settings to change the minimum requirements for templates to reflect changes in security policies, to correct misconfigurations, or to resolve conflicts between floor settings.

    Run the following command to update the Model Armor floor settings.

    Console

    1. In the Google Cloud console, go to the Model Armorpage.

      Go to Model Armor

    2. Verify that you are viewing the project that you activated Model Armor on.

    3. On the Model Armorpage, go to the Floor settingstab and click Configure floor settings.

    4. Update the required fields and click Save floor settings.

    gcloud

     gcloud model-armor floorsettings update --full-uri=<full-uri-of-the-floorsetting>

    Example command:

     gcloud model-armor floorsettings update \
           --malicious-uri-filter-settings-enforcement=ENABLED \
           --pi-and-jailbreak-filter-settings-enforcement=DISABLED \
           --pi-and-jailbreak-filter-settings-confidence-level=LOW_AND_ABOVE \
           --basic-config-filter-enforcement=ENABLED \
           --add-rai-settings-filters='[{"confidenceLevel": "low_and_above", "filterType": "HARASSMENT"}, {"confidenceLevel": "high", "filterType": "SEXUALLY_EXPLICIT"}]'
           --full-uri='folders/ FOLDER_ID 
/locations/global/floorSetting' \
           --enable-floor-setting-enforcement=true

    Replace FOLDER_ID with the ID of the folder for the floor settings.

    REST

    • Update the Model Armor floor setting for a given project.

       curl 
  
 - 
 X 
  
 PATCH 
  
 - 
 d 
  
 ' 
 { 
 "filterConfig" 
  
 :{ 
 "piAndJailbreakFilterSettings" 
 : 
  
 { 
  
 "filterEnforcement" 
 : 
  
 "ENABLED" 
 }, 
  
 "maliciousUriFilterSettings" 
 : 
  
 { 
  
 "filterEnforcement" 
 : 
  
 "ENABLED" 
  
 }, 
  
 "rai_settings" 
 :{ 
 "rai_filters" 
 :{ 
 "filter_type" 
 : 
 "DANGEROUS" 
 , 
  
 "confidence_level" 
 : 
 "LOW_AND_ABOVE" 
  
 }, 
  
 \ 
 "rai_filters" 
 :{ 
 "filter_type" 
 : 
 "HATE_SPEECH" 
 , 
  
 "confidence_level" 
 : 
 "LOW_AND_ABOVE" 
  
 }, 
  
 "rai_filters" 
 :{ 
 "filter_type" 
 : 
 "HARASSMENT" 
 , 
  
 "confidence_level" 
 : 
 "LOW_AND_ABOVE" 
  
 }, 
  
 "rai_filters" 
 :{ 
 "filter_type" 
 : 
 "SEXUALLY_EXPLICIT" 
 , 
  
 "confidence_level" 
 : 
 "LOW_AND_ABOVE" 
  
 }}}, 
 "enableFloorSettingEnforcement" 
 : 
 "true" 
 } 
 ' 
  
 - 
 H 
  
 "Content-Type: application/json" 
  
 - 
 H 
  
 "Authorization: Bearer $(gcloud auth print-access-token) " 
 h 
 tt 
 ps 
 : 
 //modelarmor.googleapis.com/v1/projects/ PROJECT_ID 
/locations/global/floorSetting"

    • Update the Model Armor floor setting for a given folder.

       curl 
  
 - 
 X 
  
 PATCH 
  
 \ 
  
 - 
 d 
  
 ' 
 { 
 "filterConfig" 
  
 :{ 
 "piAndJailbreakFilterSettings" 
 : 
  
 { 
  
 "filterEnforcement" 
 : 
  
 "ENABLED" 
 }, 
  
 "maliciousUriFilterSettings" 
 : 
  
 { 
  
 "filterEnforcement" 
 : 
  
 "ENABLED" 
  
 }}, 
 "enableFloorSettingEnforcement" 
 : 
 "true" 
 } 
 ' 
  
 \ 
  
 - 
 H 
  
 "Content-Type: application/json" 
  
 \ 
  
 - 
 H 
  
 "Authorization: Bearer $(gcloud auth print-access-token)" 
  
 \ 
  
 "https://modelarmor.googleapis.com/v1/folders/ FOLDER_ID 
/locations/global/floorSetting"

    • Update the Model Armor floor setting for a given organization.

       curl 
  
 - 
 X 
  
 PATCH 
  
 \ 
  
 - 
 d 
  
 ' 
 { 
 "filterConfig" 
  
 :{ 
 "piAndJailbreakFilterSettings" 
 : 
  
 { 
  
 "filterEnforcement" 
 : 
  
 "ENABLED" 
 }, 
  
 "maliciousUriFilterSettings" 
 : 
  
 { 
  
 "filterEnforcement" 
 : 
  
 "ENABLED" 
  
 }}, 
 "enableFloorSettingEnforcement" 
 : 
 "true" 
 } 
 ' 
  
 \ 
  
 - 
 H 
  
 "Content-Type: application/json" 
  
 \ 
  
 - 
 H 
  
 "Authorization: Bearer $(gcloud auth print-access-token)" 
  
 \ 
  
 "https://modelarmor.googleapis.com/v1/organizations/ ORGANIZATION_ID 
/locations/global/floorSetting"

      Replace the following:

      • PROJECT_ID : the ID of the project for the floor settings.
      • FOLDER_ID : the ID of the folder for the floor settings.
      • ORGANIZATION_ID : the ID of the organization for the floor settings.

      The update command returns the following response:

       { 
 "name" 
 : 
  
 "projects/PROJECT_ID/locations/global/floorSetting" 
 , 
 "updateTime" 
 : 
  
 "2024-12-19T15:36:21.318191Z" 
 , 
 "filterConfig" 
 : 
  
 { 
 "piAndJailbreakFilterSettings" 
 : 
  
 { 
  
 "filterEnforcement" 
 : 
  
 "ENABLED" 
 }, 
 "maliciousUriFilterSettings" 
 : 
  
 { 
 "filterEnforcement" 
 : 
  
 "ENABLED" 
 } 
 } 
 }

    Go

    To run this code, first set up a Go development environment and install the Model Armor Go SDK .

    • Update the Model Armor floor setting for a given project.

        import 
  
 ( 
  
 "context" 
  
 "fmt" 
  
 "io" 
  
 modelarmor 
  
 "cloud.google.com/go/modelarmor/apiv1" 
  
 modelarmorpb 
  
 "cloud.google.com/go/modelarmor/apiv1/modelarmorpb" 
  
 "google.golang.org/api/option" 
 ) 
 // updateProjectFloorSettings updates the floor settings of a project. 
 // 
 // This method updates the floor settings of a project. 
 // 
 // w io.Writer: The writer to use for logging. 
 // projectID string: The ID of the project. 
 // locationID string: The ID of the location. 
 func 
  
 updateProjectFloorSettings 
 ( 
 w 
  
 io 
 . 
 Writer 
 , 
  
 projectID 
 , 
  
 locationID 
  
 string 
 ) 
  
 error 
  
 { 
  
 ctx 
  
 := 
  
 context 
 . 
 Background 
 () 
  
 // Create options for Model Armor client. 
  
 opts 
  
 := 
  
 option 
 . 
 WithEndpoint 
 ( 
 fmt 
 . 
 Sprintf 
 ( 
 "modelarmor.%s.rep.googleapis.com:443" 
 , 
  
 locationID 
 )) 
  
 // Create the Model Armor client. 
  
 client 
 , 
  
 err 
  
 := 
  
 modelarmor 
 . 
  NewClient 
 
 ( 
 ctx 
 , 
  
 opts 
 ) 
  
 if 
  
 err 
  
 != 
  
 nil 
  
 { 
  
 return 
  
 fmt 
 . 
 Errorf 
 ( 
 "failed to create client: %w" 
 , 
  
 err 
 ) 
  
 } 
  
 defer 
  
 client 
 . 
  Close 
 
 () 
  
 // Prepare project floor setting path/name 
  
 floorSettingsName 
  
 := 
  
 fmt 
 . 
 Sprintf 
 ( 
 "projects/%s/locations/global/floorSetting" 
 , 
  
 projectID 
 ) 
  
 // Update the project floor setting 
  
 // For more details on filters, please refer to the following doc: 
  
 // [https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters](https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters) 
  
 enableEnforcement 
  
 := 
  
 true 
  
 req 
  
 := 
  
& modelarmorpb 
 . 
 UpdateFloorSettingRequest 
 { 
  
 FloorSetting 
 : 
  
& modelarmorpb 
 . 
 FloorSetting 
 { 
  
 Name 
 : 
  
 floorSettingsName 
 , 
  
 FilterConfig 
 : 
  
& modelarmorpb 
 . 
 FilterConfig 
 { 
  
 RaiSettings 
 : 
  
& modelarmorpb 
 . 
 RaiFilterSettings 
 { 
  
 RaiFilters 
 : 
  
 [] 
 * 
 modelarmorpb 
 . 
 RaiFilterSettings_RaiFilter 
 { 
  
 { 
  
 FilterType 
 : 
  
 modelarmorpb 
 . 
  RaiFilterType_HATE_SPEECH 
 
 , 
  
 ConfidenceLevel 
 : 
  
 modelarmorpb 
 . 
  DetectionConfidenceLevel_HIGH 
 
 , 
  
 }, 
  
 }, 
  
 }, 
  
 }, 
  
 EnableFloorSettingEnforcement 
 : 
  
& enableEnforcement 
 , 
  
 }, 
  
 } 
  
 response 
 , 
  
 err 
  
 := 
  
 client 
 . 
 UpdateFloorSetting 
 ( 
 ctx 
 , 
  
 req 
 ) 
  
 if 
  
 err 
  
 != 
  
 nil 
  
 { 
  
 return 
  
 fmt 
 . 
 Errorf 
 ( 
 "failed to update floor setting: %w" 
 , 
  
 err 
 ) 
  
 } 
  
 // Print the updated config 
  
 fmt 
 . 
 Fprintf 
 ( 
 w 
 , 
  
 "Updated project floor setting: %+v\n" 
 , 
  
 response 
 ) 
  
 return 
  
 nil 
 }

    • Update the Model Armor floor setting for a given folder.

        import 
  
 ( 
  
 "context" 
  
 "fmt" 
  
 "io" 
  
 modelarmor 
  
 "cloud.google.com/go/modelarmor/apiv1" 
  
 modelarmorpb 
  
 "cloud.google.com/go/modelarmor/apiv1/modelarmorpb" 
  
 "google.golang.org/api/option" 
 ) 
 // updateFolderFloorSettings updates floor settings of a folder. 
 // 
 // This method updates the floor settings of a folder. 
 // 
 // w io.Writer: The writer to use for logging. 
 // folderID string: The ID of the folder. 
 // locationID string: The ID of the location. 
 func 
  
 updateFolderFloorSettings 
 ( 
 w 
  
 io 
 . 
 Writer 
 , 
  
 folderID 
 , 
  
 locationID 
  
 string 
 ) 
  
 error 
  
 { 
  
 ctx 
  
 := 
  
 context 
 . 
 Background 
 () 
  
 // Create the Model Armor client. 
  
 client 
 , 
  
 err 
  
 := 
  
 modelarmor 
 . 
  NewClient 
 
 ( 
 ctx 
 , 
  
 option 
 . 
 WithEndpoint 
 ( 
 fmt 
 . 
 Sprintf 
 ( 
 "modelarmor.%s.rep.googleapis.com:443" 
 , 
  
 locationID 
 )), 
  
 ) 
  
 if 
  
 err 
  
 != 
  
 nil 
  
 { 
  
 return 
  
 fmt 
 . 
 Errorf 
 ( 
 "failed to create client: %w" 
 , 
  
 err 
 ) 
  
 } 
  
 defer 
  
 client 
 . 
  Close 
 
 () 
  
 // Prepare folder floor settings path/name 
  
 floorSettingsName 
  
 := 
  
 fmt 
 . 
 Sprintf 
 ( 
 "folders/%s/locations/global/floorSetting" 
 , 
  
 folderID 
 ) 
  
 // Prepare the floor setting update 
  
 enableEnforcement 
  
 := 
  
 true 
  
 floorSetting 
  
 := 
  
& modelarmorpb 
 . 
 FloorSetting 
 { 
  
 Name 
 : 
  
 floorSettingsName 
 , 
  
 FilterConfig 
 : 
  
& modelarmorpb 
 . 
 FilterConfig 
 { 
  
 RaiSettings 
 : 
  
& modelarmorpb 
 . 
 RaiFilterSettings 
 { 
  
 RaiFilters 
 : 
  
 [] 
 * 
 modelarmorpb 
 . 
 RaiFilterSettings_RaiFilter 
 { 
  
 { 
  
 FilterType 
 : 
  
 modelarmorpb 
 . 
  RaiFilterType_HATE_SPEECH 
 
 , 
  
 ConfidenceLevel 
 : 
  
 modelarmorpb 
 . 
  DetectionConfidenceLevel_HIGH 
 
 , 
  
 }, 
  
 }, 
  
 }, 
  
 }, 
  
 EnableFloorSettingEnforcement 
 : 
  
& enableEnforcement 
 , 
  
 } 
  
 // Prepare request for updating the floor setting. 
  
 req 
  
 := 
  
& modelarmorpb 
 . 
 UpdateFloorSettingRequest 
 { 
  
 FloorSetting 
 : 
  
 floorSetting 
 , 
  
 } 
  
 // Update the floor setting. 
  
 response 
 , 
  
 err 
  
 := 
  
 client 
 . 
 UpdateFloorSetting 
 ( 
 ctx 
 , 
  
 req 
 ) 
  
 if 
  
 err 
  
 != 
  
 nil 
  
 { 
  
 return 
  
 fmt 
 . 
 Errorf 
 ( 
 "failed to update floor setting: %w" 
 , 
  
 err 
 ) 
  
 } 
  
 // Print the updated config 
  
 fmt 
 . 
 Fprintf 
 ( 
 w 
 , 
  
 "Updated folder floor setting: %v\n" 
 , 
  
 response 
 ) 
  
 return 
  
 nil 
 }

    • Update the Model Armor floor setting for a given organization.

        import 
  
 ( 
  
 "context" 
  
 "fmt" 
  
 "io" 
  
 modelarmor 
  
 "cloud.google.com/go/modelarmor/apiv1" 
  
 modelarmorpb 
  
 "cloud.google.com/go/modelarmor/apiv1/modelarmorpb" 
  
 "google.golang.org/api/option" 
 ) 
 // updateOrganizationFloorSettings updates floor settings of an organization. 
 // 
 // This method updates the floor settings of an organization. 
 // 
 // w io.Writer: The writer to use for logging. 
 // organizationID string: The ID of the organization. 
 // locationID string: The ID of the location. 
 func 
  
 updateOrganizationFloorSettings 
 ( 
 w 
  
 io 
 . 
 Writer 
 , 
  
 organizationID 
 , 
  
 locationID 
  
 string 
 ) 
  
 error 
  
 { 
  
 ctx 
  
 := 
  
 context 
 . 
 Background 
 () 
  
 // Create options for Model Armor client. 
  
 opts 
  
 := 
  
 option 
 . 
 WithEndpoint 
 ( 
 fmt 
 . 
 Sprintf 
 ( 
 "modelarmor.%s.rep.googleapis.com:443" 
 , 
  
 locationID 
 )) 
  
 // Create the Model Armor client. 
  
 client 
 , 
  
 err 
  
 := 
  
 modelarmor 
 . 
  NewClient 
 
 ( 
 ctx 
 , 
  
 opts 
 ) 
  
 if 
  
 err 
  
 != 
  
 nil 
  
 { 
  
 return 
  
 fmt 
 . 
 Errorf 
 ( 
 "failed to create client: %w" 
 , 
  
 err 
 ) 
  
 } 
  
 defer 
  
 client 
 . 
  Close 
 
 () 
  
 // Prepare organization floor setting path/name 
  
 floorSettingsName 
  
 := 
  
 fmt 
 . 
 Sprintf 
 ( 
 "organizations/%s/locations/global/floorSetting" 
 , 
  
 organizationID 
 ) 
  
 // Update the organization floor setting 
  
 // For more details on filters, please refer to the following doc: 
  
 // [https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters](https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters) 
  
 enableEnforcement 
  
 := 
  
 true 
  
 req 
  
 := 
  
& modelarmorpb 
 . 
 UpdateFloorSettingRequest 
 { 
  
 FloorSetting 
 : 
  
& modelarmorpb 
 . 
 FloorSetting 
 { 
  
 Name 
 : 
  
 floorSettingsName 
 , 
  
 FilterConfig 
 : 
  
& modelarmorpb 
 . 
 FilterConfig 
 { 
  
 RaiSettings 
 : 
  
& modelarmorpb 
 . 
 RaiFilterSettings 
 { 
  
 RaiFilters 
 : 
  
 [] 
 * 
 modelarmorpb 
 . 
 RaiFilterSettings_RaiFilter 
 { 
  
 { 
  
 FilterType 
 : 
  
 modelarmorpb 
 . 
  RaiFilterType_HATE_SPEECH 
 
 , 
  
 ConfidenceLevel 
 : 
  
 modelarmorpb 
 . 
  DetectionConfidenceLevel_HIGH 
 
 , 
  
 }, 
  
 }, 
  
 }, 
  
 }, 
  
 EnableFloorSettingEnforcement 
 : 
  
& enableEnforcement 
 , 
  
 }, 
  
 } 
  
 response 
 , 
  
 err 
  
 := 
  
 client 
 . 
 UpdateFloorSetting 
 ( 
 ctx 
 , 
  
 req 
 ) 
  
 if 
  
 err 
  
 != 
  
 nil 
  
 { 
  
 return 
  
 fmt 
 . 
 Errorf 
 ( 
 "failed to update floor setting: %w" 
 , 
  
 err 
 ) 
  
 } 
  
 // Print the updated config 
  
 fmt 
 . 
 Fprintf 
 ( 
 w 
 , 
  
 "Updated org floor setting: %+v\n" 
 , 
  
 response 
 )

    Java

    To run this code, first set up a Java development environment and install the Model Armor Java SDK .

    Node.js

    To run this code, first set up a Node.js development environment and install the Model Armor Node.js SDK .

    • Update the Model Armor floor setting for a given project.

        /** 
 * TODO(developer): Uncomment these variables before running the sample. 
 */ 
 // const projectId = 'your-project-id'; 
 const 
  
 modelarmor 
  
 = 
  
 require 
 ( 
 '@google-cloud/modelarmor' 
 ); 
 const 
  
 { 
 ModelArmorClient 
 } 
  
 = 
  
 modelarmor 
 . 
 v1 
 ; 
 const 
  
 { 
 protos 
 } 
  
 = 
  
 modelarmor 
 ; 
 // Initiate client 
 const 
  
 client 
  
 = 
  
 new 
  
 ModelArmorClient 
 (); 
 async 
  
 function 
  
 updateProjectFloorSettings 
 () 
  
 { 
  
 const 
  
 floorSettingsName 
  
 = 
  
 `projects/ 
 ${ 
 projectId 
 } 
 /locations/global/floorSetting` 
 ; 
  
 // Build the floor settings with your preferred filters 
  
 // For more details on filters, please refer to the following doc: 
  
 // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters 
  
 const 
  
 floorSetting 
  
 = 
  
 { 
  
 name 
 : 
  
 floorSettingsName 
 , 
  
 filterConfig 
 : 
  
 { 
  
 raiSettings 
 : 
  
 { 
  
 raiFilters 
 : 
  
 [ 
  
 { 
  
 filterType 
 : 
  
 protos 
 . 
 google 
 . 
 cloud 
 . 
 modelarmor 
 . 
 v1 
 . 
 RaiFilterType 
 . 
 HARASSMENT 
 , 
  
 confidenceLevel 
 : 
  
 protos 
 . 
 google 
 . 
 cloud 
 . 
 modelarmor 
 . 
 v1 
 . 
 DetectionConfidenceLevel 
  
 . 
 LOW_AND_ABOVE 
 , 
  
 }, 
  
 { 
  
 filterType 
 : 
  
 protos 
 . 
 google 
 . 
 cloud 
 . 
 modelarmor 
 . 
 v1 
 . 
 RaiFilterType 
  
 . 
 SEXUALLY_EXPLICIT 
 , 
  
 confidenceLevel 
 : 
  
 protos 
 . 
 google 
 . 
 cloud 
 . 
 modelarmor 
 . 
 v1 
 . 
 DetectionConfidenceLevel 
  
 . 
 LOW_AND_ABOVE 
 , 
  
 }, 
  
 ], 
  
 }, 
  
 }, 
  
 enableFloorSettingEnforcement 
 : 
  
 true 
 , 
  
 }; 
  
 const 
  
 request 
  
 = 
  
 { 
  
 floorSetting 
 : 
  
 floorSetting 
 , 
  
 }; 
  
 const 
  
 [ 
 response 
 ] 
  
 = 
  
 await 
  
 client 
 . 
 updateFloorSetting 
 ( 
 request 
 ); 
  
 return 
  
 response 
 ; 
 } 
 return 
  
 await 
  
 updateProjectFloorSettings 
 ();

    • Update the Model Armor floor setting for a given folder.

        /** 
 * TODO(developer): Uncomment these variables before running the sample. 
 */ 
 // const folderId = 'your-folder-id'; 
 // Imports the Model Armor library 
 const 
  
 modelarmor 
  
 = 
  
 require 
 ( 
 '@google-cloud/modelarmor' 
 ); 
 const 
  
 { 
 ModelArmorClient 
 } 
  
 = 
  
 modelarmor 
 . 
 v1 
 ; 
 const 
  
 { 
 protos 
 } 
  
 = 
  
 modelarmor 
 ; 
 // Instantiates a client 
 const 
  
 client 
  
 = 
  
 new 
  
 ModelArmorClient 
 (); 
 async 
  
 function 
  
 updateFolderFloorSettings 
 () 
  
 { 
  
 const 
  
 floorSettingsName 
  
 = 
  
 `folders/ 
 ${ 
 folderId 
 } 
 /locations/global/floorSetting` 
 ; 
  
 // Build the floor settings with your preferred filters 
  
 // For more details on filters, please refer to the following doc: 
  
 // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters 
  
 const 
  
 floorSetting 
  
 = 
  
 { 
  
 name 
 : 
  
 floorSettingsName 
 , 
  
 filterConfig 
 : 
  
 { 
  
 raiSettings 
 : 
  
 { 
  
 raiFilters 
 : 
  
 [ 
  
 { 
  
 filterType 
 : 
  
 protos 
 . 
 google 
 . 
 cloud 
 . 
 modelarmor 
 . 
 v1 
 . 
 RaiFilterType 
 . 
 HARASSMENT 
 , 
  
 confidenceLevel 
 : 
  
 protos 
 . 
 google 
 . 
 cloud 
 . 
 modelarmor 
 . 
 v1 
 . 
 DetectionConfidenceLevel 
  
 . 
 LOW_AND_ABOVE 
 , 
  
 }, 
  
 { 
  
 filterType 
 : 
  
 protos 
 . 
 google 
 . 
 cloud 
 . 
 modelarmor 
 . 
 v1 
 . 
 RaiFilterType 
  
 . 
 SEXUALLY_EXPLICIT 
 , 
  
 confidenceLevel 
 : 
  
 protos 
 . 
 google 
 . 
 cloud 
 . 
 modelarmor 
 . 
 v1 
 . 
 DetectionConfidenceLevel 
  
 . 
 LOW_AND_ABOVE 
 , 
  
 }, 
  
 ], 
  
 }, 
  
 }, 
  
 enableFloorSettingEnforcement 
 : 
  
 true 
 , 
  
 }; 
  
 const 
  
 request 
  
 = 
  
 { 
  
 floorSetting 
 : 
  
 floorSetting 
 , 
  
 }; 
  
 const 
  
 [ 
 response 
 ] 
  
 = 
  
 await 
  
 client 
 . 
 updateFloorSetting 
 ( 
 request 
 ); 
  
 return 
  
 response 
 ; 
 } 
 return 
  
 await 
  
 updateFolderFloorSettings 
 ();

    • Update the Model Armor floor setting for a given organization.

        /** 
 * TODO(developer): Uncomment these variables before running the sample. 
 */ 
 // const organizationId = 'your-organization-id'; 
 const 
  
 modelarmor 
  
 = 
  
 require 
 ( 
 '@google-cloud/modelarmor' 
 ); 
 const 
  
 { 
 ModelArmorClient 
 } 
  
 = 
  
 modelarmor 
 . 
 v1 
 ; 
 const 
  
 { 
 protos 
 } 
  
 = 
  
 modelarmor 
 ; 
 const 
  
 client 
  
 = 
  
 new 
  
 ModelArmorClient 
 (); 
 async 
  
 function 
  
 updateOrganizationFloorSettings 
 () 
  
 { 
  
 const 
  
 floorSettingsName 
  
 = 
  
 `organizations/ 
 ${ 
 organizationId 
 } 
 /locations/global/floorSetting` 
 ; 
  
 // Build the floor settings with your preferred filters 
  
 // For more details on filters, please refer to the following doc: 
  
 // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters 
  
 const 
  
 floorSetting 
  
 = 
  
 { 
  
 name 
 : 
  
 floorSettingsName 
 , 
  
 filterConfig 
 : 
  
 { 
  
 raiSettings 
 : 
  
 { 
  
 raiFilters 
 : 
  
 [ 
  
 { 
  
 filterType 
 : 
  
 protos 
 . 
 google 
 . 
 cloud 
 . 
 modelarmor 
 . 
 v1 
 . 
 RaiFilterType 
 . 
 HARASSMENT 
 , 
  
 confidenceLevel 
 : 
  
 protos 
 . 
 google 
 . 
 cloud 
 . 
 modelarmor 
 . 
 v1 
 . 
 DetectionConfidenceLevel 
  
 . 
 LOW_AND_ABOVE 
 , 
  
 }, 
  
 { 
  
 filterType 
 : 
  
 protos 
 . 
 google 
 . 
 cloud 
 . 
 modelarmor 
 . 
 v1 
 . 
 RaiFilterType 
  
 . 
 SEXUALLY_EXPLICIT 
 , 
  
 confidenceLevel 
 : 
  
 protos 
 . 
 google 
 . 
 cloud 
 . 
 modelarmor 
 . 
 v1 
 . 
 DetectionConfidenceLevel 
  
 . 
 LOW_AND_ABOVE 
 , 
  
 }, 
  
 ], 
  
 }, 
  
 }, 
  
 enableFloorSettingEnforcement 
 : 
  
 true 
 , 
  
 }; 
  
 const 
  
 request 
  
 = 
  
 { 
  
 floorSetting 
 : 
  
 floorSetting 
 , 
  
 }; 
  
 const 
  
 [ 
 response 
 ] 
  
 = 
  
 await 
  
 client 
 . 
 updateFloorSetting 
 ( 
 request 
 ); 
  
 return 
  
 response 
 ; 
 } 
 return 
  
 await 
  
 updateOrganizationFloorSettings 
 ();

    PHP

    To run this code, first set up a PHP development environment and install the Model Armor PHP SDK .

    • Update the Model Armor floor setting for a given project.

        use Google\Cloud\ModelArmor\V1\Client\ModelArmorClient; 
 use Google\Cloud\ModelArmor\V1\RaiFilterType; 
 use Google\Cloud\ModelArmor\V1\DetectionConfidenceLevel; 
 use Google\Cloud\ModelArmor\V1\UpdateFloorSettingRequest; 
 use Google\Cloud\ModelArmor\V1\FilterConfig; 
 use Google\Cloud\ModelArmor\V1\FloorSetting; 
 use Google\Cloud\ModelArmor\V1\RaiFilterSettings; 
 use Google\Cloud\ModelArmor\V1\RaiFilterSettings\RaiFilter; 
 /** 
 * Updates the floor settings for a given project. 
 * 
 * @param string $projectId The project Id for which the floor settings is to be updated. 
 * 
 */ 
 function update_project_floor_settings(string $projectId): void 
 { 
 $client = new ModelArmorClient(); 
 $floorSettingsName = sprintf('projects/%s/locations/global/floorSetting', $projectId); 
 // Build the floor settings with your preferred filters 
 // For more details on filters, please refer to the following doc: 
 // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters 
 $raiFilterSetting = (new RaiFilterSettings()) 
 ->setRaiFilters([ 
 (new RaiFilter()) 
 ->setFilterType(RaiFilterType::HATE_SPEECH) 
 ->setConfidenceLevel(DetectionConfidenceLevel::HIGH) 
 ]); 
 $filterConfig = (new FilterConfig())->setRaiSettings($raiFilterSetting); 
 $floorSetting = (new FloorSetting()) 
 ->setName($floorSettingsName) 
 ->setFilterConfig($filterConfig) 
 ->setEnableFloorSettingEnforcement(true); 
 $updateRequest = (new UpdateFloorSettingRequest())->setFloorSetting($floorSetting); 
 $response = $client->updateFloorSetting($updateRequest); 
 printf("Floor setting updated: %s\n", $response->getName()); 
 }

    • Update the Model Armor floor setting for a given folder.

        use Google\Cloud\ModelArmor\V1\Client\ModelArmorClient; 
 use Google\Cloud\ModelArmor\V1\RaiFilterType; 
 use Google\Cloud\ModelArmor\V1\DetectionConfidenceLevel; 
 use Google\Cloud\ModelArmor\V1\UpdateFloorSettingRequest; 
 use Google\Cloud\ModelArmor\V1\FilterConfig; 
 use Google\Cloud\ModelArmor\V1\FloorSetting; 
 use Google\Cloud\ModelArmor\V1\RaiFilterSettings; 
 use Google\Cloud\ModelArmor\V1\RaiFilterSettings\RaiFilter; 
 /** 
 * Updates the floor settings for a given folder. 
 * 
 * @param string $folderId The folder Id for which the floor settings is to be updated. 
 * 
 */ 
 function update_folder_floor_settings(string $folderId): void 
 { 
 $client = new ModelArmorClient(); 
 $floorSettingsName = sprintf('folders/%s/locations/global/floorSetting', $folderId); 
 // Build the floor settings with your preferred filters 
 // For more details on filters, please refer to the following doc: 
 // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters 
 $raiFilterSetting = (new RaiFilterSettings()) 
 ->setRaiFilters([ 
 (new RaiFilter()) 
 ->setFilterType(RaiFilterType::HATE_SPEECH) 
 ->setConfidenceLevel(DetectionConfidenceLevel::HIGH) 
 ]); 
 $filterConfig = (new FilterConfig())->setRaiSettings($raiFilterSetting); 
 $floorSetting = (new FloorSetting()) 
 ->setName($floorSettingsName) 
 ->setFilterConfig($filterConfig) 
 ->setEnableFloorSettingEnforcement(true); 
 $updateRequest = (new UpdateFloorSettingRequest())->setFloorSetting($floorSetting); 
 $response = $client->updateFloorSetting($updateRequest); 
 printf("Floor setting updated: %s\n", $response->getName()); 
 }

    • Update the Model Armor floor setting for a given organization.

        use Google\Cloud\ModelArmor\V1\Client\ModelArmorClient; 
 use Google\Cloud\ModelArmor\V1\RaiFilterType; 
 use Google\Cloud\ModelArmor\V1\DetectionConfidenceLevel; 
 use Google\Cloud\ModelArmor\V1\UpdateFloorSettingRequest; 
 use Google\Cloud\ModelArmor\V1\FilterConfig; 
 use Google\Cloud\ModelArmor\V1\FloorSetting; 
 use Google\Cloud\ModelArmor\V1\RaiFilterSettings; 
 use Google\Cloud\ModelArmor\V1\RaiFilterSettings\RaiFilter; 
 /** 
 * Updates the floor settings for a given organization. 
 * 
 * @param string $organizationId The organization Id for which the floor settings is to be updated. 
 * 
 */ 
 function update_organization_floor_settings(string $organizationId) 
 { 
 $client = new ModelArmorClient(); 
 $floorSettingsName = sprintf('organizations/%s/locations/global/floorSetting', $organizationId); 
 // Build the floor settings with your preferred filters 
 // For more details on filters, please refer to the following doc: 
 // https://cloud.google.com/security-command-center/docs/key-concepts-model-armor#ma-filters 
 $raiFilterSetting = (new RaiFilterSettings()) 
 ->setRaiFilters([ 
 (new RaiFilter()) 
 ->setFilterType(RaiFilterType::HATE_SPEECH) 
 ->setConfidenceLevel(DetectionConfidenceLevel::HIGH) 
 ]); 
 $filterConfig = (new FilterConfig())->setRaiSettings($raiFilterSetting); 
 $floorSetting = (new FloorSetting()) 
 ->setName($floorSettingsName) 
 ->setFilterConfig($filterConfig) 
 ->setEnableFloorSettingEnforcement(true); 
 $updateRequest = (new UpdateFloorSettingRequest())->setFloorSetting($floorSetting); 
 $response = $client->updateFloorSetting($updateRequest); 
 printf("Floor setting updated: %s\n", $response->getName()); 
 }

    Python

    To run this code, first set up a Python development environment and install the Model Armor Python SDK .

    Review findings about floor setting violation

    Each Model Armor finding identifies a floor setting violation. A violation occurs when a Model Armor template fails to meet the minimum security standards defined by the resource hierarchy floor settings. Floor settings define the minimum requirements for templates. A floor setting violation might involve a template missing required filters or not meeting the minimum confidence level for those filters. When a violation is detected, a high-severity finding is generated in Security Command Center. The finding specifies the violated floor setting, the non-compliant template, and details about the violation.

    The following example shows the finding's sourceProperties field. This violation, related to the malicious URI filter, occurred because the template setting for the maliciousUriFilterSettings is DISABLED , but the floor settings require it to be ENABLED .

     { 
  
 "filterConfig" 
 : 
  
 { 
  
 "raiSettings" 
 : 
  
 { 
  
 "raiFilters" 
 : 
  
 [ 
  
 { 
  
 "filterType" 
 : 
  
 "HATE_SPEECH" 
 , 
  
 "confidenceLevel" 
 : 
  
 { 
  
 "floorSettings" 
 : 
  
 "LOW_AND_ABOVE" 
 , 
  
 "template" 
 : 
  
 "MEDIUM_AND_ABOVE" 
  
 } 
  
 }, 
  
 { 
  
 "filterType" 
 : 
  
 "HARASSMENT" 
 , 
  
 "confidenceLevel" 
 : 
  
 { 
  
 "floorSettings" 
 : 
  
 "MEDIUM_AND_ABOVE" 
 , 
  
 "template" 
 : 
  
 "HIGH" 
  
 } 
  
 } 
  
 ] 
  
 }, 
  
 "piAndJailbreakFilterSettings" 
 : 
  
 { 
  
 "confidenceLevel" 
 : 
  
 { 
  
 "floorSettings" 
 : 
  
 "LOW_AND_ABOVE" 
 , 
  
 "template" 
 : 
  
 "HIGH" 
  
 } 
  
 }, 
  
 "maliciousUriFilterSettings" 
 : 
  
 { 
  
 "floorSettings" 
 : 
  
 "ENABLED" 
 , 
  
 "template" 
 : 
  
 "DISABLED" 
  
 } 
  
 } 
 }

    What's next
    Create a Mobile Website
    View Site in Mobile | Classic
    Share by: