Block request and response content using Azure Content Safetyv3.14+
Configure the plugin to block request and response content matching the Hate and Violence categories defined by Azure.
In this example, we create a category_names function to parse the category object, and a check_response function to parse the response returned by Azure Content Safety.
Prerequisites
-
You have an Azure subscription and access to Azure AI Content Safety.
-
You have enabled an AI Proxy or AI Proxy Advanced plugin.
Environment variables
-
CONTENT_SAFETY_URL: The full URL of the Azure AI Content Safety instance. -
CONTENT_SAFETY_KEY: The API key to access the Azure AI Content Safety instance.
Add this section to your kong.yaml configuration file:
kong.yaml
Copied!
_format_version: "3.0"
plugins:
- name: ai-custom-guardrail
config:
guarding_mode: BOTH
text_source: concatenate_all_content
params:
content_safety_url: ${{ env "DECK_CONTENT_SAFETY_URL" }}
content_safety_key: ${{ env "DECK_CONTENT_SAFETY_KEY" }}
categories: '[{ "name": "Hate", "rejection_level": 2}, { "name": "Violence",
"rejection_level": 2}]'
output_type: FourSeverityLevels
azure_api_version: '2023-10-01'
request:
url: "$(conf.params.content_safety_url)"
headers:
Ocp-Apim-Subscription-Key: "$(conf.params.content_safety_key)"
body:
categories: "$(category_names)"
text: "$(content)"
outputType: "$(conf.params.output_type)"
queries:
api-version: "$(conf.params.azure_api_version)"
response:
block: "$(check_response.block)"
block_message: "$(check_response.block_message)"
functions:
category_names: |
return function(conf)
local category_names = {}
for _, v in ipairs(conf.params.categories or {}) do
if v.rejection_level >= 2 then
table.insert(category_names, v.name)
end
end
return category_names
end
check_response: |
return function(resp, conf)
local res = {
block = true,
block_message = "content passed safety check",
}
if
((type(resp.categoriesAnalysis) ~= "table") or (#resp.categoriesAnalysis == 0))
and ((type(resp.blocklistsMatch) ~= "table") or (#resp.blocklistsMatch == 0))
then
return res, "content safety introspection is invalid"
end
local reason = ""
local ok = true
for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do
local category_name = v.category
local failure_level = nil
for _, category in ipairs(conf.params.categories or {}) do
if category.name == category_name then
failure_level = category.rejection_level
break
end
end
if failure_level and (v.severity >= failure_level) then
if not ok then
reason = reason .. "; "
end
ok = false
reason = reason .. "breached category [" .. category_name .. "] at level " .. failure_level
end
end
for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do
local blocklist_name = v.blocklistName or "unknown_name"
ok = false
reason = reason .. "breached blocklist [" .. blocklist_name .. "]"
end
return {
block = not ok,
block_message = reason,
}
end
Make the following request:
curl -i -X POST http://localhost:8001/plugins/ \
--header "Accept: application/json" \
--header "Content-Type: application/json" \
--data '
{
"name": "ai-custom-guardrail",
"config": {
"guarding_mode": "BOTH",
"text_source": "concatenate_all_content",
"params": {
"content_safety_url": "'$CONTENT_SAFETY_URL'",
"content_safety_key": "'$CONTENT_SAFETY_KEY'",
"categories": "[{ \"name\": \"Hate\", \"rejection_level\": 2}, { \"name\": \"Violence\", \"rejection_level\": 2}]",
"output_type": "FourSeverityLevels",
"azure_api_version": "2023-10-01"
},
"request": {
"url": "$(conf.params.content_safety_url)",
"headers": {
"Ocp-Apim-Subscription-Key": "$(conf.params.content_safety_key)"
},
"body": {
"categories": "$(category_names)",
"text": "$(content)",
"outputType": "$(conf.params.output_type)"
},
"queries": {
"api-version": "$(conf.params.azure_api_version)"
}
},
"response": {
"block": "$(check_response.block)",
"block_message": "$(check_response.block_message)"
},
"functions": {
"category_names": "return function(conf)\n local category_names = {}\n for _, v in ipairs(conf.params.categories or {}) do\n if v.rejection_level >= 2 then\n table.insert(category_names, v.name)\n end\n end\n return category_names\nend\n",
"check_response": "return function(resp, conf)\n local res = {\n block = true,\n block_message = \"content passed safety check\",\n }\n\n if\n ((type(resp.categoriesAnalysis) ~= \"table\") or (#resp.categoriesAnalysis == 0))\n and ((type(resp.blocklistsMatch) ~= \"table\") or (#resp.blocklistsMatch == 0))\n then\n return res, \"content safety introspection is invalid\"\n end\n\n local reason = \"\"\n local ok = true\n\n for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do\n local category_name = v.category\n local failure_level = nil\n for _, category in ipairs(conf.params.categories or {}) do\n if category.name == category_name then\n failure_level = category.rejection_level\n break\n end\n end\n\n if failure_level and (v.severity >= failure_level) then\n if not ok then\n reason = reason .. \"; \"\n end\n\n ok = false\n reason = reason .. \"breached category [\" .. category_name .. \"] at level \" .. failure_level\n end\n end\n\n for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do\n local blocklist_name = v.blocklistName or \"unknown_name\"\n\n ok = false\n reason = reason .. \"breached blocklist [\" .. blocklist_name .. \"]\"\n end\n\n return {\n block = not ok,\n block_message = reason,\n }\nend\n"
}
},
"tags": []
}
'
Copied!
Make the following request:
curl -X POST https://{region}.api.konghq.com/v2/control-planes/{controlPlaneId}/core-entities/plugins/ \
--header "accept: application/json" \
--header "Content-Type: application/json" \
--header "Authorization: Bearer $KONNECT_TOKEN" \
--data '
{
"name": "ai-custom-guardrail",
"config": {
"guarding_mode": "BOTH",
"text_source": "concatenate_all_content",
"params": {
"content_safety_url": "'$CONTENT_SAFETY_URL'",
"content_safety_key": "'$CONTENT_SAFETY_KEY'",
"categories": "[{ \"name\": \"Hate\", \"rejection_level\": 2}, { \"name\": \"Violence\", \"rejection_level\": 2}]",
"output_type": "FourSeverityLevels",
"azure_api_version": "2023-10-01"
},
"request": {
"url": "$(conf.params.content_safety_url)",
"headers": {
"Ocp-Apim-Subscription-Key": "$(conf.params.content_safety_key)"
},
"body": {
"categories": "$(category_names)",
"text": "$(content)",
"outputType": "$(conf.params.output_type)"
},
"queries": {
"api-version": "$(conf.params.azure_api_version)"
}
},
"response": {
"block": "$(check_response.block)",
"block_message": "$(check_response.block_message)"
},
"functions": {
"category_names": "return function(conf)\n local category_names = {}\n for _, v in ipairs(conf.params.categories or {}) do\n if v.rejection_level >= 2 then\n table.insert(category_names, v.name)\n end\n end\n return category_names\nend\n",
"check_response": "return function(resp, conf)\n local res = {\n block = true,\n block_message = \"content passed safety check\",\n }\n\n if\n ((type(resp.categoriesAnalysis) ~= \"table\") or (#resp.categoriesAnalysis == 0))\n and ((type(resp.blocklistsMatch) ~= \"table\") or (#resp.blocklistsMatch == 0))\n then\n return res, \"content safety introspection is invalid\"\n end\n\n local reason = \"\"\n local ok = true\n\n for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do\n local category_name = v.category\n local failure_level = nil\n for _, category in ipairs(conf.params.categories or {}) do\n if category.name == category_name then\n failure_level = category.rejection_level\n break\n end\n end\n\n if failure_level and (v.severity >= failure_level) then\n if not ok then\n reason = reason .. \"; \"\n end\n\n ok = false\n reason = reason .. \"breached category [\" .. category_name .. \"] at level \" .. failure_level\n end\n end\n\n for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do\n local blocklist_name = v.blocklistName or \"unknown_name\"\n\n ok = false\n reason = reason .. \"breached blocklist [\" .. blocklist_name .. \"]\"\n end\n\n return {\n block = not ok,\n block_message = reason,\n }\nend\n"
}
},
"tags": []
}
'
Copied!
Make sure to replace the following placeholders with your own values:
-
region: Geographic region where your Kong Konnect is hosted and operates. -
KONNECT_TOKEN: Your Personal Access Token (PAT) associated with your Konnect account. -
controlPlaneId: Theidof the control plane.
See the Konnect API reference to learn about region-specific URLs and personal access tokens.
echo "
apiVersion: configuration.konghq.com/v1
kind: KongClusterPlugin
metadata:
name: ai-custom-guardrail
namespace: kong
annotations:
kubernetes.io/ingress.class: kong
konghq.com/tags: ''
labels:
global: 'true'
config:
guarding_mode: BOTH
text_source: concatenate_all_content
params:
content_safety_url: '$CONTENT_SAFETY_URL'
content_safety_key: '$CONTENT_SAFETY_KEY'
categories: '[{ 'name': 'Hate', 'rejection_level': 2}, { 'name': 'Violence', 'rejection_level':
2}]'
output_type: FourSeverityLevels
azure_api_version: '2023-10-01'
request:
url: '$(conf.params.content_safety_url)'
headers:
Ocp-Apim-Subscription-Key: '$(conf.params.content_safety_key)'
body:
categories: '$(category_names)'
text: '$(content)'
outputType: '$(conf.params.output_type)'
queries:
api-version: '$(conf.params.azure_api_version)'
response:
block: '$(check_response.block)'
block_message: '$(check_response.block_message)'
functions:
category_names: |
return function(conf)
local category_names = {}
for _, v in ipairs(conf.params.categories or {}) do
if v.rejection_level >= 2 then
table.insert(category_names, v.name)
end
end
return category_names
end
check_response: |
return function(resp, conf)
local res = {
block = true,
block_message = 'content passed safety check',
}
if
((type(resp.categoriesAnalysis) ~= 'table') or (#resp.categoriesAnalysis == 0))
and ((type(resp.blocklistsMatch) ~= 'table') or (#resp.blocklistsMatch == 0))
then
return res, 'content safety introspection is invalid'
end
local reason = ''
local ok = true
for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do
local category_name = v.category
local failure_level = nil
for _, category in ipairs(conf.params.categories or {}) do
if category.name == category_name then
failure_level = category.rejection_level
break
end
end
if failure_level and (v.severity >= failure_level) then
if not ok then
reason = reason .. '; '
end
ok = false
reason = reason .. 'breached category [' .. category_name .. '] at level ' .. failure_level
end
end
for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do
local blocklist_name = v.blocklistName or 'unknown_name'
ok = false
reason = reason .. 'breached blocklist [' .. blocklist_name .. ']'
end
return {
block = not ok,
block_message = reason,
}
end
plugin: ai-custom-guardrail
" | kubectl apply -f -
Copied!
Prerequisite: Configure your Personal Access Token
terraform {
required_providers {
konnect = {
source = "kong/konnect"
}
}
}
provider "konnect" {
personal_access_token = "$KONNECT_TOKEN"
server_url = "https://us.api.konghq.com/"
}
Copied!
Add the following to your Terraform configuration to create a Konnect Gateway Plugin:
resource "konnect_gateway_plugin_ai_custom_guardrail" "my_ai_custom_guardrail" {
enabled = true
config = {
guarding_mode = "BOTH"
text_source = "concatenate_all_content"
params = {
content_safety_url = var.content_safety_url
content_safety_key = var.content_safety_key
categories = "[{ \"name\": \"Hate\", \"rejection_level\": 2}, { \"name\": \"Violence\", \"rejection_level\": 2}]"
output_type = "FourSeverityLevels"
azure_api_version = "2023-10-01"
}
request = {
url = "$(conf.params.content_safety_url)"
headers = {
Ocp-Apim-Subscription-Key = "$(conf.params.content_safety_key)"
}
body = {
categories = "$(category_names)"
text = "$(content)"
outputType = "$(conf.params.output_type)"
}
queries = {
api-version = "$(conf.params.azure_api_version)"
}
}
response = {
block = "$(check_response.block)"
block_message = "$(check_response.block_message)"
}
functions = {
category_names = <<EOF
return function(conf)
local category_names = {}
for _, v in ipairs(conf.params.categories or {}) do
if v.rejection_level >= 2 then
table.insert(category_names, v.name)
end
end
return category_names
end
EOF
check_response = <<EOF
return function(resp, conf)
local res = {
block = true,
block_message = "content passed safety check",
}
if
((type(resp.categoriesAnalysis) ~= "table") or (#resp.categoriesAnalysis == 0))
and ((type(resp.blocklistsMatch) ~= "table") or (#resp.blocklistsMatch == 0))
then
return res, "content safety introspection is invalid"
end
local reason = ""
local ok = true
for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do
local category_name = v.category
local failure_level = nil
for _, category in ipairs(conf.params.categories or {}) do
if category.name == category_name then
failure_level = category.rejection_level
break
end
end
if failure_level and (v.severity >= failure_level) then
if not ok then
reason = reason .. "; "
end
ok = false
reason = reason .. "breached category [" .. category_name .. "] at level " .. failure_level
end
end
for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do
local blocklist_name = v.blocklistName or "unknown_name"
ok = false
reason = reason .. "breached blocklist [" .. blocklist_name .. "]"
end
return {
block = not ok,
block_message = reason,
}
end
EOF
}
}
tags = []
control_plane_id = konnect_gateway_control_plane.my_konnect_cp.id
}
Copied!
This example requires the following variables to be added to your manifest. You can specify values at runtime by setting TF_VAR_name=value.
variable "content_safety_key" {
type = string
}
Copied!
Add this section to your kong.yaml configuration file:
kong.yaml
Copied!
_format_version: "3.0"
plugins:
- name: ai-custom-guardrail
service: serviceName|Id
config:
guarding_mode: BOTH
text_source: concatenate_all_content
params:
content_safety_url: ${{ env "DECK_CONTENT_SAFETY_URL" }}
content_safety_key: ${{ env "DECK_CONTENT_SAFETY_KEY" }}
categories: '[{ "name": "Hate", "rejection_level": 2}, { "name": "Violence",
"rejection_level": 2}]'
output_type: FourSeverityLevels
azure_api_version: '2023-10-01'
request:
url: "$(conf.params.content_safety_url)"
headers:
Ocp-Apim-Subscription-Key: "$(conf.params.content_safety_key)"
body:
categories: "$(category_names)"
text: "$(content)"
outputType: "$(conf.params.output_type)"
queries:
api-version: "$(conf.params.azure_api_version)"
response:
block: "$(check_response.block)"
block_message: "$(check_response.block_message)"
functions:
category_names: |
return function(conf)
local category_names = {}
for _, v in ipairs(conf.params.categories or {}) do
if v.rejection_level >= 2 then
table.insert(category_names, v.name)
end
end
return category_names
end
check_response: |
return function(resp, conf)
local res = {
block = true,
block_message = "content passed safety check",
}
if
((type(resp.categoriesAnalysis) ~= "table") or (#resp.categoriesAnalysis == 0))
and ((type(resp.blocklistsMatch) ~= "table") or (#resp.blocklistsMatch == 0))
then
return res, "content safety introspection is invalid"
end
local reason = ""
local ok = true
for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do
local category_name = v.category
local failure_level = nil
for _, category in ipairs(conf.params.categories or {}) do
if category.name == category_name then
failure_level = category.rejection_level
break
end
end
if failure_level and (v.severity >= failure_level) then
if not ok then
reason = reason .. "; "
end
ok = false
reason = reason .. "breached category [" .. category_name .. "] at level " .. failure_level
end
end
for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do
local blocklist_name = v.blocklistName or "unknown_name"
ok = false
reason = reason .. "breached blocklist [" .. blocklist_name .. "]"
end
return {
block = not ok,
block_message = reason,
}
end
Make sure to replace the following placeholders with your own values:
-
serviceName|Id: Theidornameof the service the plugin configuration will target.
Make the following request:
curl -i -X POST http://localhost:8001/services/{serviceName|Id}/plugins/ \
--header "Accept: application/json" \
--header "Content-Type: application/json" \
--data '
{
"name": "ai-custom-guardrail",
"config": {
"guarding_mode": "BOTH",
"text_source": "concatenate_all_content",
"params": {
"content_safety_url": "'$CONTENT_SAFETY_URL'",
"content_safety_key": "'$CONTENT_SAFETY_KEY'",
"categories": "[{ \"name\": \"Hate\", \"rejection_level\": 2}, { \"name\": \"Violence\", \"rejection_level\": 2}]",
"output_type": "FourSeverityLevels",
"azure_api_version": "2023-10-01"
},
"request": {
"url": "$(conf.params.content_safety_url)",
"headers": {
"Ocp-Apim-Subscription-Key": "$(conf.params.content_safety_key)"
},
"body": {
"categories": "$(category_names)",
"text": "$(content)",
"outputType": "$(conf.params.output_type)"
},
"queries": {
"api-version": "$(conf.params.azure_api_version)"
}
},
"response": {
"block": "$(check_response.block)",
"block_message": "$(check_response.block_message)"
},
"functions": {
"category_names": "return function(conf)\n local category_names = {}\n for _, v in ipairs(conf.params.categories or {}) do\n if v.rejection_level >= 2 then\n table.insert(category_names, v.name)\n end\n end\n return category_names\nend\n",
"check_response": "return function(resp, conf)\n local res = {\n block = true,\n block_message = \"content passed safety check\",\n }\n\n if\n ((type(resp.categoriesAnalysis) ~= \"table\") or (#resp.categoriesAnalysis == 0))\n and ((type(resp.blocklistsMatch) ~= \"table\") or (#resp.blocklistsMatch == 0))\n then\n return res, \"content safety introspection is invalid\"\n end\n\n local reason = \"\"\n local ok = true\n\n for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do\n local category_name = v.category\n local failure_level = nil\n for _, category in ipairs(conf.params.categories or {}) do\n if category.name == category_name then\n failure_level = category.rejection_level\n break\n end\n end\n\n if failure_level and (v.severity >= failure_level) then\n if not ok then\n reason = reason .. \"; \"\n end\n\n ok = false\n reason = reason .. \"breached category [\" .. category_name .. \"] at level \" .. failure_level\n end\n end\n\n for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do\n local blocklist_name = v.blocklistName or \"unknown_name\"\n\n ok = false\n reason = reason .. \"breached blocklist [\" .. blocklist_name .. \"]\"\n end\n\n return {\n block = not ok,\n block_message = reason,\n }\nend\n"
}
},
"tags": []
}
'
Copied!
Make sure to replace the following placeholders with your own values:
-
serviceName|Id: Theidornameof the service the plugin configuration will target.
Make the following request:
curl -X POST https://{region}.api.konghq.com/v2/control-planes/{controlPlaneId}/core-entities/services/{serviceId}/plugins/ \
--header "accept: application/json" \
--header "Content-Type: application/json" \
--header "Authorization: Bearer $KONNECT_TOKEN" \
--data '
{
"name": "ai-custom-guardrail",
"config": {
"guarding_mode": "BOTH",
"text_source": "concatenate_all_content",
"params": {
"content_safety_url": "'$CONTENT_SAFETY_URL'",
"content_safety_key": "'$CONTENT_SAFETY_KEY'",
"categories": "[{ \"name\": \"Hate\", \"rejection_level\": 2}, { \"name\": \"Violence\", \"rejection_level\": 2}]",
"output_type": "FourSeverityLevels",
"azure_api_version": "2023-10-01"
},
"request": {
"url": "$(conf.params.content_safety_url)",
"headers": {
"Ocp-Apim-Subscription-Key": "$(conf.params.content_safety_key)"
},
"body": {
"categories": "$(category_names)",
"text": "$(content)",
"outputType": "$(conf.params.output_type)"
},
"queries": {
"api-version": "$(conf.params.azure_api_version)"
}
},
"response": {
"block": "$(check_response.block)",
"block_message": "$(check_response.block_message)"
},
"functions": {
"category_names": "return function(conf)\n local category_names = {}\n for _, v in ipairs(conf.params.categories or {}) do\n if v.rejection_level >= 2 then\n table.insert(category_names, v.name)\n end\n end\n return category_names\nend\n",
"check_response": "return function(resp, conf)\n local res = {\n block = true,\n block_message = \"content passed safety check\",\n }\n\n if\n ((type(resp.categoriesAnalysis) ~= \"table\") or (#resp.categoriesAnalysis == 0))\n and ((type(resp.blocklistsMatch) ~= \"table\") or (#resp.blocklistsMatch == 0))\n then\n return res, \"content safety introspection is invalid\"\n end\n\n local reason = \"\"\n local ok = true\n\n for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do\n local category_name = v.category\n local failure_level = nil\n for _, category in ipairs(conf.params.categories or {}) do\n if category.name == category_name then\n failure_level = category.rejection_level\n break\n end\n end\n\n if failure_level and (v.severity >= failure_level) then\n if not ok then\n reason = reason .. \"; \"\n end\n\n ok = false\n reason = reason .. \"breached category [\" .. category_name .. \"] at level \" .. failure_level\n end\n end\n\n for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do\n local blocklist_name = v.blocklistName or \"unknown_name\"\n\n ok = false\n reason = reason .. \"breached blocklist [\" .. blocklist_name .. \"]\"\n end\n\n return {\n block = not ok,\n block_message = reason,\n }\nend\n"
}
},
"tags": []
}
'
Copied!
Make sure to replace the following placeholders with your own values:
-
region: Geographic region where your Kong Konnect is hosted and operates. -
KONNECT_TOKEN: Your Personal Access Token (PAT) associated with your Konnect account. -
controlPlaneId: Theidof the control plane. -
serviceId: Theidof the service the plugin configuration will target.
See the Konnect API reference to learn about region-specific URLs and personal access tokens.
echo "
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
name: ai-custom-guardrail
namespace: kong
annotations:
kubernetes.io/ingress.class: kong
konghq.com/tags: ''
config:
guarding_mode: BOTH
text_source: concatenate_all_content
params:
content_safety_url: '$CONTENT_SAFETY_URL'
content_safety_key: '$CONTENT_SAFETY_KEY'
categories: '[{ 'name': 'Hate', 'rejection_level': 2}, { 'name': 'Violence', 'rejection_level':
2}]'
output_type: FourSeverityLevels
azure_api_version: '2023-10-01'
request:
url: '$(conf.params.content_safety_url)'
headers:
Ocp-Apim-Subscription-Key: '$(conf.params.content_safety_key)'
body:
categories: '$(category_names)'
text: '$(content)'
outputType: '$(conf.params.output_type)'
queries:
api-version: '$(conf.params.azure_api_version)'
response:
block: '$(check_response.block)'
block_message: '$(check_response.block_message)'
functions:
category_names: |
return function(conf)
local category_names = {}
for _, v in ipairs(conf.params.categories or {}) do
if v.rejection_level >= 2 then
table.insert(category_names, v.name)
end
end
return category_names
end
check_response: |
return function(resp, conf)
local res = {
block = true,
block_message = 'content passed safety check',
}
if
((type(resp.categoriesAnalysis) ~= 'table') or (#resp.categoriesAnalysis == 0))
and ((type(resp.blocklistsMatch) ~= 'table') or (#resp.blocklistsMatch == 0))
then
return res, 'content safety introspection is invalid'
end
local reason = ''
local ok = true
for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do
local category_name = v.category
local failure_level = nil
for _, category in ipairs(conf.params.categories or {}) do
if category.name == category_name then
failure_level = category.rejection_level
break
end
end
if failure_level and (v.severity >= failure_level) then
if not ok then
reason = reason .. '; '
end
ok = false
reason = reason .. 'breached category [' .. category_name .. '] at level ' .. failure_level
end
end
for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do
local blocklist_name = v.blocklistName or 'unknown_name'
ok = false
reason = reason .. 'breached blocklist [' .. blocklist_name .. ']'
end
return {
block = not ok,
block_message = reason,
}
end
plugin: ai-custom-guardrail
" | kubectl apply -f -
Copied!
Next, apply the KongPlugin resource by annotating the service resource:
kubectl annotate -n kong service SERVICE_NAME konghq.com/plugins=ai-custom-guardrail
Copied!
Prerequisite: Configure your Personal Access Token
terraform {
required_providers {
konnect = {
source = "kong/konnect"
}
}
}
provider "konnect" {
personal_access_token = "$KONNECT_TOKEN"
server_url = "https://us.api.konghq.com/"
}
Copied!
Add the following to your Terraform configuration to create a Konnect Gateway Plugin:
resource "konnect_gateway_plugin_ai_custom_guardrail" "my_ai_custom_guardrail" {
enabled = true
config = {
guarding_mode = "BOTH"
text_source = "concatenate_all_content"
params = {
content_safety_url = var.content_safety_url
content_safety_key = var.content_safety_key
categories = "[{ \"name\": \"Hate\", \"rejection_level\": 2}, { \"name\": \"Violence\", \"rejection_level\": 2}]"
output_type = "FourSeverityLevels"
azure_api_version = "2023-10-01"
}
request = {
url = "$(conf.params.content_safety_url)"
headers = {
Ocp-Apim-Subscription-Key = "$(conf.params.content_safety_key)"
}
body = {
categories = "$(category_names)"
text = "$(content)"
outputType = "$(conf.params.output_type)"
}
queries = {
api-version = "$(conf.params.azure_api_version)"
}
}
response = {
block = "$(check_response.block)"
block_message = "$(check_response.block_message)"
}
functions = {
category_names = <<EOF
return function(conf)
local category_names = {}
for _, v in ipairs(conf.params.categories or {}) do
if v.rejection_level >= 2 then
table.insert(category_names, v.name)
end
end
return category_names
end
EOF
check_response = <<EOF
return function(resp, conf)
local res = {
block = true,
block_message = "content passed safety check",
}
if
((type(resp.categoriesAnalysis) ~= "table") or (#resp.categoriesAnalysis == 0))
and ((type(resp.blocklistsMatch) ~= "table") or (#resp.blocklistsMatch == 0))
then
return res, "content safety introspection is invalid"
end
local reason = ""
local ok = true
for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do
local category_name = v.category
local failure_level = nil
for _, category in ipairs(conf.params.categories or {}) do
if category.name == category_name then
failure_level = category.rejection_level
break
end
end
if failure_level and (v.severity >= failure_level) then
if not ok then
reason = reason .. "; "
end
ok = false
reason = reason .. "breached category [" .. category_name .. "] at level " .. failure_level
end
end
for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do
local blocklist_name = v.blocklistName or "unknown_name"
ok = false
reason = reason .. "breached blocklist [" .. blocklist_name .. "]"
end
return {
block = not ok,
block_message = reason,
}
end
EOF
}
}
tags = []
control_plane_id = konnect_gateway_control_plane.my_konnect_cp.id
service = {
id = konnect_gateway_service.my_service.id
}
}
Copied!
This example requires the following variables to be added to your manifest. You can specify values at runtime by setting TF_VAR_name=value.
variable "content_safety_key" {
type = string
}
Copied!
Add this section to your kong.yaml configuration file:
kong.yaml
Copied!
_format_version: "3.0"
plugins:
- name: ai-custom-guardrail
route: routeName|Id
config:
guarding_mode: BOTH
text_source: concatenate_all_content
params:
content_safety_url: ${{ env "DECK_CONTENT_SAFETY_URL" }}
content_safety_key: ${{ env "DECK_CONTENT_SAFETY_KEY" }}
categories: '[{ "name": "Hate", "rejection_level": 2}, { "name": "Violence",
"rejection_level": 2}]'
output_type: FourSeverityLevels
azure_api_version: '2023-10-01'
request:
url: "$(conf.params.content_safety_url)"
headers:
Ocp-Apim-Subscription-Key: "$(conf.params.content_safety_key)"
body:
categories: "$(category_names)"
text: "$(content)"
outputType: "$(conf.params.output_type)"
queries:
api-version: "$(conf.params.azure_api_version)"
response:
block: "$(check_response.block)"
block_message: "$(check_response.block_message)"
functions:
category_names: |
return function(conf)
local category_names = {}
for _, v in ipairs(conf.params.categories or {}) do
if v.rejection_level >= 2 then
table.insert(category_names, v.name)
end
end
return category_names
end
check_response: |
return function(resp, conf)
local res = {
block = true,
block_message = "content passed safety check",
}
if
((type(resp.categoriesAnalysis) ~= "table") or (#resp.categoriesAnalysis == 0))
and ((type(resp.blocklistsMatch) ~= "table") or (#resp.blocklistsMatch == 0))
then
return res, "content safety introspection is invalid"
end
local reason = ""
local ok = true
for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do
local category_name = v.category
local failure_level = nil
for _, category in ipairs(conf.params.categories or {}) do
if category.name == category_name then
failure_level = category.rejection_level
break
end
end
if failure_level and (v.severity >= failure_level) then
if not ok then
reason = reason .. "; "
end
ok = false
reason = reason .. "breached category [" .. category_name .. "] at level " .. failure_level
end
end
for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do
local blocklist_name = v.blocklistName or "unknown_name"
ok = false
reason = reason .. "breached blocklist [" .. blocklist_name .. "]"
end
return {
block = not ok,
block_message = reason,
}
end
Make sure to replace the following placeholders with your own values:
-
routeName|Id: Theidornameof the route the plugin configuration will target.
Make the following request:
curl -i -X POST http://localhost:8001/routes/{routeName|Id}/plugins/ \
--header "Accept: application/json" \
--header "Content-Type: application/json" \
--data '
{
"name": "ai-custom-guardrail",
"config": {
"guarding_mode": "BOTH",
"text_source": "concatenate_all_content",
"params": {
"content_safety_url": "'$CONTENT_SAFETY_URL'",
"content_safety_key": "'$CONTENT_SAFETY_KEY'",
"categories": "[{ \"name\": \"Hate\", \"rejection_level\": 2}, { \"name\": \"Violence\", \"rejection_level\": 2}]",
"output_type": "FourSeverityLevels",
"azure_api_version": "2023-10-01"
},
"request": {
"url": "$(conf.params.content_safety_url)",
"headers": {
"Ocp-Apim-Subscription-Key": "$(conf.params.content_safety_key)"
},
"body": {
"categories": "$(category_names)",
"text": "$(content)",
"outputType": "$(conf.params.output_type)"
},
"queries": {
"api-version": "$(conf.params.azure_api_version)"
}
},
"response": {
"block": "$(check_response.block)",
"block_message": "$(check_response.block_message)"
},
"functions": {
"category_names": "return function(conf)\n local category_names = {}\n for _, v in ipairs(conf.params.categories or {}) do\n if v.rejection_level >= 2 then\n table.insert(category_names, v.name)\n end\n end\n return category_names\nend\n",
"check_response": "return function(resp, conf)\n local res = {\n block = true,\n block_message = \"content passed safety check\",\n }\n\n if\n ((type(resp.categoriesAnalysis) ~= \"table\") or (#resp.categoriesAnalysis == 0))\n and ((type(resp.blocklistsMatch) ~= \"table\") or (#resp.blocklistsMatch == 0))\n then\n return res, \"content safety introspection is invalid\"\n end\n\n local reason = \"\"\n local ok = true\n\n for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do\n local category_name = v.category\n local failure_level = nil\n for _, category in ipairs(conf.params.categories or {}) do\n if category.name == category_name then\n failure_level = category.rejection_level\n break\n end\n end\n\n if failure_level and (v.severity >= failure_level) then\n if not ok then\n reason = reason .. \"; \"\n end\n\n ok = false\n reason = reason .. \"breached category [\" .. category_name .. \"] at level \" .. failure_level\n end\n end\n\n for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do\n local blocklist_name = v.blocklistName or \"unknown_name\"\n\n ok = false\n reason = reason .. \"breached blocklist [\" .. blocklist_name .. \"]\"\n end\n\n return {\n block = not ok,\n block_message = reason,\n }\nend\n"
}
},
"tags": []
}
'
Copied!
Make sure to replace the following placeholders with your own values:
-
routeName|Id: Theidornameof the route the plugin configuration will target.
Make the following request:
curl -X POST https://{region}.api.konghq.com/v2/control-planes/{controlPlaneId}/core-entities/routes/{routeId}/plugins/ \
--header "accept: application/json" \
--header "Content-Type: application/json" \
--header "Authorization: Bearer $KONNECT_TOKEN" \
--data '
{
"name": "ai-custom-guardrail",
"config": {
"guarding_mode": "BOTH",
"text_source": "concatenate_all_content",
"params": {
"content_safety_url": "'$CONTENT_SAFETY_URL'",
"content_safety_key": "'$CONTENT_SAFETY_KEY'",
"categories": "[{ \"name\": \"Hate\", \"rejection_level\": 2}, { \"name\": \"Violence\", \"rejection_level\": 2}]",
"output_type": "FourSeverityLevels",
"azure_api_version": "2023-10-01"
},
"request": {
"url": "$(conf.params.content_safety_url)",
"headers": {
"Ocp-Apim-Subscription-Key": "$(conf.params.content_safety_key)"
},
"body": {
"categories": "$(category_names)",
"text": "$(content)",
"outputType": "$(conf.params.output_type)"
},
"queries": {
"api-version": "$(conf.params.azure_api_version)"
}
},
"response": {
"block": "$(check_response.block)",
"block_message": "$(check_response.block_message)"
},
"functions": {
"category_names": "return function(conf)\n local category_names = {}\n for _, v in ipairs(conf.params.categories or {}) do\n if v.rejection_level >= 2 then\n table.insert(category_names, v.name)\n end\n end\n return category_names\nend\n",
"check_response": "return function(resp, conf)\n local res = {\n block = true,\n block_message = \"content passed safety check\",\n }\n\n if\n ((type(resp.categoriesAnalysis) ~= \"table\") or (#resp.categoriesAnalysis == 0))\n and ((type(resp.blocklistsMatch) ~= \"table\") or (#resp.blocklistsMatch == 0))\n then\n return res, \"content safety introspection is invalid\"\n end\n\n local reason = \"\"\n local ok = true\n\n for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do\n local category_name = v.category\n local failure_level = nil\n for _, category in ipairs(conf.params.categories or {}) do\n if category.name == category_name then\n failure_level = category.rejection_level\n break\n end\n end\n\n if failure_level and (v.severity >= failure_level) then\n if not ok then\n reason = reason .. \"; \"\n end\n\n ok = false\n reason = reason .. \"breached category [\" .. category_name .. \"] at level \" .. failure_level\n end\n end\n\n for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do\n local blocklist_name = v.blocklistName or \"unknown_name\"\n\n ok = false\n reason = reason .. \"breached blocklist [\" .. blocklist_name .. \"]\"\n end\n\n return {\n block = not ok,\n block_message = reason,\n }\nend\n"
}
},
"tags": []
}
'
Copied!
Make sure to replace the following placeholders with your own values:
-
region: Geographic region where your Kong Konnect is hosted and operates. -
KONNECT_TOKEN: Your Personal Access Token (PAT) associated with your Konnect account. -
controlPlaneId: Theidof the control plane. -
routeId: Theidof the route the plugin configuration will target.
See the Konnect API reference to learn about region-specific URLs and personal access tokens.
echo "
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
name: ai-custom-guardrail
namespace: kong
annotations:
kubernetes.io/ingress.class: kong
konghq.com/tags: ''
config:
guarding_mode: BOTH
text_source: concatenate_all_content
params:
content_safety_url: '$CONTENT_SAFETY_URL'
content_safety_key: '$CONTENT_SAFETY_KEY'
categories: '[{ 'name': 'Hate', 'rejection_level': 2}, { 'name': 'Violence', 'rejection_level':
2}]'
output_type: FourSeverityLevels
azure_api_version: '2023-10-01'
request:
url: '$(conf.params.content_safety_url)'
headers:
Ocp-Apim-Subscription-Key: '$(conf.params.content_safety_key)'
body:
categories: '$(category_names)'
text: '$(content)'
outputType: '$(conf.params.output_type)'
queries:
api-version: '$(conf.params.azure_api_version)'
response:
block: '$(check_response.block)'
block_message: '$(check_response.block_message)'
functions:
category_names: |
return function(conf)
local category_names = {}
for _, v in ipairs(conf.params.categories or {}) do
if v.rejection_level >= 2 then
table.insert(category_names, v.name)
end
end
return category_names
end
check_response: |
return function(resp, conf)
local res = {
block = true,
block_message = 'content passed safety check',
}
if
((type(resp.categoriesAnalysis) ~= 'table') or (#resp.categoriesAnalysis == 0))
and ((type(resp.blocklistsMatch) ~= 'table') or (#resp.blocklistsMatch == 0))
then
return res, 'content safety introspection is invalid'
end
local reason = ''
local ok = true
for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do
local category_name = v.category
local failure_level = nil
for _, category in ipairs(conf.params.categories or {}) do
if category.name == category_name then
failure_level = category.rejection_level
break
end
end
if failure_level and (v.severity >= failure_level) then
if not ok then
reason = reason .. '; '
end
ok = false
reason = reason .. 'breached category [' .. category_name .. '] at level ' .. failure_level
end
end
for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do
local blocklist_name = v.blocklistName or 'unknown_name'
ok = false
reason = reason .. 'breached blocklist [' .. blocklist_name .. ']'
end
return {
block = not ok,
block_message = reason,
}
end
plugin: ai-custom-guardrail
" | kubectl apply -f -
Copied!
Next, apply the KongPlugin resource by annotating the httproute or ingress resource:
kubectl annotate -n kong httproute konghq.com/plugins=ai-custom-guardrail
Copied!
kubectl annotate -n kong ingress konghq.com/plugins=ai-custom-guardrail
Copied!
Prerequisite: Configure your Personal Access Token
terraform {
required_providers {
konnect = {
source = "kong/konnect"
}
}
}
provider "konnect" {
personal_access_token = "$KONNECT_TOKEN"
server_url = "https://us.api.konghq.com/"
}
Copied!
Add the following to your Terraform configuration to create a Konnect Gateway Plugin:
resource "konnect_gateway_plugin_ai_custom_guardrail" "my_ai_custom_guardrail" {
enabled = true
config = {
guarding_mode = "BOTH"
text_source = "concatenate_all_content"
params = {
content_safety_url = var.content_safety_url
content_safety_key = var.content_safety_key
categories = "[{ \"name\": \"Hate\", \"rejection_level\": 2}, { \"name\": \"Violence\", \"rejection_level\": 2}]"
output_type = "FourSeverityLevels"
azure_api_version = "2023-10-01"
}
request = {
url = "$(conf.params.content_safety_url)"
headers = {
Ocp-Apim-Subscription-Key = "$(conf.params.content_safety_key)"
}
body = {
categories = "$(category_names)"
text = "$(content)"
outputType = "$(conf.params.output_type)"
}
queries = {
api-version = "$(conf.params.azure_api_version)"
}
}
response = {
block = "$(check_response.block)"
block_message = "$(check_response.block_message)"
}
functions = {
category_names = <<EOF
return function(conf)
local category_names = {}
for _, v in ipairs(conf.params.categories or {}) do
if v.rejection_level >= 2 then
table.insert(category_names, v.name)
end
end
return category_names
end
EOF
check_response = <<EOF
return function(resp, conf)
local res = {
block = true,
block_message = "content passed safety check",
}
if
((type(resp.categoriesAnalysis) ~= "table") or (#resp.categoriesAnalysis == 0))
and ((type(resp.blocklistsMatch) ~= "table") or (#resp.blocklistsMatch == 0))
then
return res, "content safety introspection is invalid"
end
local reason = ""
local ok = true
for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do
local category_name = v.category
local failure_level = nil
for _, category in ipairs(conf.params.categories or {}) do
if category.name == category_name then
failure_level = category.rejection_level
break
end
end
if failure_level and (v.severity >= failure_level) then
if not ok then
reason = reason .. "; "
end
ok = false
reason = reason .. "breached category [" .. category_name .. "] at level " .. failure_level
end
end
for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do
local blocklist_name = v.blocklistName or "unknown_name"
ok = false
reason = reason .. "breached blocklist [" .. blocklist_name .. "]"
end
return {
block = not ok,
block_message = reason,
}
end
EOF
}
}
tags = []
control_plane_id = konnect_gateway_control_plane.my_konnect_cp.id
route = {
id = konnect_gateway_route.my_route.id
}
}
Copied!
This example requires the following variables to be added to your manifest. You can specify values at runtime by setting TF_VAR_name=value.
variable "content_safety_key" {
type = string
}
Copied!
Add this section to your kong.yaml configuration file:
kong.yaml
Copied!
_format_version: "3.0"
plugins:
- name: ai-custom-guardrail
consumer: consumerName|Id
config:
guarding_mode: BOTH
text_source: concatenate_all_content
params:
content_safety_url: ${{ env "DECK_CONTENT_SAFETY_URL" }}
content_safety_key: ${{ env "DECK_CONTENT_SAFETY_KEY" }}
categories: '[{ "name": "Hate", "rejection_level": 2}, { "name": "Violence",
"rejection_level": 2}]'
output_type: FourSeverityLevels
azure_api_version: '2023-10-01'
request:
url: "$(conf.params.content_safety_url)"
headers:
Ocp-Apim-Subscription-Key: "$(conf.params.content_safety_key)"
body:
categories: "$(category_names)"
text: "$(content)"
outputType: "$(conf.params.output_type)"
queries:
api-version: "$(conf.params.azure_api_version)"
response:
block: "$(check_response.block)"
block_message: "$(check_response.block_message)"
functions:
category_names: |
return function(conf)
local category_names = {}
for _, v in ipairs(conf.params.categories or {}) do
if v.rejection_level >= 2 then
table.insert(category_names, v.name)
end
end
return category_names
end
check_response: |
return function(resp, conf)
local res = {
block = true,
block_message = "content passed safety check",
}
if
((type(resp.categoriesAnalysis) ~= "table") or (#resp.categoriesAnalysis == 0))
and ((type(resp.blocklistsMatch) ~= "table") or (#resp.blocklistsMatch == 0))
then
return res, "content safety introspection is invalid"
end
local reason = ""
local ok = true
for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do
local category_name = v.category
local failure_level = nil
for _, category in ipairs(conf.params.categories or {}) do
if category.name == category_name then
failure_level = category.rejection_level
break
end
end
if failure_level and (v.severity >= failure_level) then
if not ok then
reason = reason .. "; "
end
ok = false
reason = reason .. "breached category [" .. category_name .. "] at level " .. failure_level
end
end
for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do
local blocklist_name = v.blocklistName or "unknown_name"
ok = false
reason = reason .. "breached blocklist [" .. blocklist_name .. "]"
end
return {
block = not ok,
block_message = reason,
}
end
Make sure to replace the following placeholders with your own values:
-
consumerName|Id: Theidornameof the consumer the plugin configuration will target.
Make the following request:
curl -i -X POST http://localhost:8001/consumers/{consumerName|Id}/plugins/ \
--header "Accept: application/json" \
--header "Content-Type: application/json" \
--data '
{
"name": "ai-custom-guardrail",
"config": {
"guarding_mode": "BOTH",
"text_source": "concatenate_all_content",
"params": {
"content_safety_url": "'$CONTENT_SAFETY_URL'",
"content_safety_key": "'$CONTENT_SAFETY_KEY'",
"categories": "[{ \"name\": \"Hate\", \"rejection_level\": 2}, { \"name\": \"Violence\", \"rejection_level\": 2}]",
"output_type": "FourSeverityLevels",
"azure_api_version": "2023-10-01"
},
"request": {
"url": "$(conf.params.content_safety_url)",
"headers": {
"Ocp-Apim-Subscription-Key": "$(conf.params.content_safety_key)"
},
"body": {
"categories": "$(category_names)",
"text": "$(content)",
"outputType": "$(conf.params.output_type)"
},
"queries": {
"api-version": "$(conf.params.azure_api_version)"
}
},
"response": {
"block": "$(check_response.block)",
"block_message": "$(check_response.block_message)"
},
"functions": {
"category_names": "return function(conf)\n local category_names = {}\n for _, v in ipairs(conf.params.categories or {}) do\n if v.rejection_level >= 2 then\n table.insert(category_names, v.name)\n end\n end\n return category_names\nend\n",
"check_response": "return function(resp, conf)\n local res = {\n block = true,\n block_message = \"content passed safety check\",\n }\n\n if\n ((type(resp.categoriesAnalysis) ~= \"table\") or (#resp.categoriesAnalysis == 0))\n and ((type(resp.blocklistsMatch) ~= \"table\") or (#resp.blocklistsMatch == 0))\n then\n return res, \"content safety introspection is invalid\"\n end\n\n local reason = \"\"\n local ok = true\n\n for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do\n local category_name = v.category\n local failure_level = nil\n for _, category in ipairs(conf.params.categories or {}) do\n if category.name == category_name then\n failure_level = category.rejection_level\n break\n end\n end\n\n if failure_level and (v.severity >= failure_level) then\n if not ok then\n reason = reason .. \"; \"\n end\n\n ok = false\n reason = reason .. \"breached category [\" .. category_name .. \"] at level \" .. failure_level\n end\n end\n\n for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do\n local blocklist_name = v.blocklistName or \"unknown_name\"\n\n ok = false\n reason = reason .. \"breached blocklist [\" .. blocklist_name .. \"]\"\n end\n\n return {\n block = not ok,\n block_message = reason,\n }\nend\n"
}
},
"tags": []
}
'
Copied!
Make sure to replace the following placeholders with your own values:
-
consumerName|Id: Theidornameof the consumer the plugin configuration will target.
Make the following request:
curl -X POST https://{region}.api.konghq.com/v2/control-planes/{controlPlaneId}/core-entities/consumers/{consumerId}/plugins/ \
--header "accept: application/json" \
--header "Content-Type: application/json" \
--header "Authorization: Bearer $KONNECT_TOKEN" \
--data '
{
"name": "ai-custom-guardrail",
"config": {
"guarding_mode": "BOTH",
"text_source": "concatenate_all_content",
"params": {
"content_safety_url": "'$CONTENT_SAFETY_URL'",
"content_safety_key": "'$CONTENT_SAFETY_KEY'",
"categories": "[{ \"name\": \"Hate\", \"rejection_level\": 2}, { \"name\": \"Violence\", \"rejection_level\": 2}]",
"output_type": "FourSeverityLevels",
"azure_api_version": "2023-10-01"
},
"request": {
"url": "$(conf.params.content_safety_url)",
"headers": {
"Ocp-Apim-Subscription-Key": "$(conf.params.content_safety_key)"
},
"body": {
"categories": "$(category_names)",
"text": "$(content)",
"outputType": "$(conf.params.output_type)"
},
"queries": {
"api-version": "$(conf.params.azure_api_version)"
}
},
"response": {
"block": "$(check_response.block)",
"block_message": "$(check_response.block_message)"
},
"functions": {
"category_names": "return function(conf)\n local category_names = {}\n for _, v in ipairs(conf.params.categories or {}) do\n if v.rejection_level >= 2 then\n table.insert(category_names, v.name)\n end\n end\n return category_names\nend\n",
"check_response": "return function(resp, conf)\n local res = {\n block = true,\n block_message = \"content passed safety check\",\n }\n\n if\n ((type(resp.categoriesAnalysis) ~= \"table\") or (#resp.categoriesAnalysis == 0))\n and ((type(resp.blocklistsMatch) ~= \"table\") or (#resp.blocklistsMatch == 0))\n then\n return res, \"content safety introspection is invalid\"\n end\n\n local reason = \"\"\n local ok = true\n\n for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do\n local category_name = v.category\n local failure_level = nil\n for _, category in ipairs(conf.params.categories or {}) do\n if category.name == category_name then\n failure_level = category.rejection_level\n break\n end\n end\n\n if failure_level and (v.severity >= failure_level) then\n if not ok then\n reason = reason .. \"; \"\n end\n\n ok = false\n reason = reason .. \"breached category [\" .. category_name .. \"] at level \" .. failure_level\n end\n end\n\n for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do\n local blocklist_name = v.blocklistName or \"unknown_name\"\n\n ok = false\n reason = reason .. \"breached blocklist [\" .. blocklist_name .. \"]\"\n end\n\n return {\n block = not ok,\n block_message = reason,\n }\nend\n"
}
},
"tags": []
}
'
Copied!
Make sure to replace the following placeholders with your own values:
-
region: Geographic region where your Kong Konnect is hosted and operates. -
KONNECT_TOKEN: Your Personal Access Token (PAT) associated with your Konnect account. -
controlPlaneId: Theidof the control plane. -
consumerId: Theidof the consumer the plugin configuration will target.
See the Konnect API reference to learn about region-specific URLs and personal access tokens.
echo "
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
name: ai-custom-guardrail
namespace: kong
annotations:
kubernetes.io/ingress.class: kong
konghq.com/tags: ''
config:
guarding_mode: BOTH
text_source: concatenate_all_content
params:
content_safety_url: '$CONTENT_SAFETY_URL'
content_safety_key: '$CONTENT_SAFETY_KEY'
categories: '[{ 'name': 'Hate', 'rejection_level': 2}, { 'name': 'Violence', 'rejection_level':
2}]'
output_type: FourSeverityLevels
azure_api_version: '2023-10-01'
request:
url: '$(conf.params.content_safety_url)'
headers:
Ocp-Apim-Subscription-Key: '$(conf.params.content_safety_key)'
body:
categories: '$(category_names)'
text: '$(content)'
outputType: '$(conf.params.output_type)'
queries:
api-version: '$(conf.params.azure_api_version)'
response:
block: '$(check_response.block)'
block_message: '$(check_response.block_message)'
functions:
category_names: |
return function(conf)
local category_names = {}
for _, v in ipairs(conf.params.categories or {}) do
if v.rejection_level >= 2 then
table.insert(category_names, v.name)
end
end
return category_names
end
check_response: |
return function(resp, conf)
local res = {
block = true,
block_message = 'content passed safety check',
}
if
((type(resp.categoriesAnalysis) ~= 'table') or (#resp.categoriesAnalysis == 0))
and ((type(resp.blocklistsMatch) ~= 'table') or (#resp.blocklistsMatch == 0))
then
return res, 'content safety introspection is invalid'
end
local reason = ''
local ok = true
for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do
local category_name = v.category
local failure_level = nil
for _, category in ipairs(conf.params.categories or {}) do
if category.name == category_name then
failure_level = category.rejection_level
break
end
end
if failure_level and (v.severity >= failure_level) then
if not ok then
reason = reason .. '; '
end
ok = false
reason = reason .. 'breached category [' .. category_name .. '] at level ' .. failure_level
end
end
for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do
local blocklist_name = v.blocklistName or 'unknown_name'
ok = false
reason = reason .. 'breached blocklist [' .. blocklist_name .. ']'
end
return {
block = not ok,
block_message = reason,
}
end
plugin: ai-custom-guardrail
" | kubectl apply -f -
Copied!
Next, apply the KongPlugin resource by annotating the KongConsumer resource:
kubectl annotate -n kong kongconsumer CONSUMER_NAME konghq.com/plugins=ai-custom-guardrail
Copied!
Prerequisite: Configure your Personal Access Token
terraform {
required_providers {
konnect = {
source = "kong/konnect"
}
}
}
provider "konnect" {
personal_access_token = "$KONNECT_TOKEN"
server_url = "https://us.api.konghq.com/"
}
Copied!
Add the following to your Terraform configuration to create a Konnect Gateway Plugin:
resource "konnect_gateway_plugin_ai_custom_guardrail" "my_ai_custom_guardrail" {
enabled = true
config = {
guarding_mode = "BOTH"
text_source = "concatenate_all_content"
params = {
content_safety_url = var.content_safety_url
content_safety_key = var.content_safety_key
categories = "[{ \"name\": \"Hate\", \"rejection_level\": 2}, { \"name\": \"Violence\", \"rejection_level\": 2}]"
output_type = "FourSeverityLevels"
azure_api_version = "2023-10-01"
}
request = {
url = "$(conf.params.content_safety_url)"
headers = {
Ocp-Apim-Subscription-Key = "$(conf.params.content_safety_key)"
}
body = {
categories = "$(category_names)"
text = "$(content)"
outputType = "$(conf.params.output_type)"
}
queries = {
api-version = "$(conf.params.azure_api_version)"
}
}
response = {
block = "$(check_response.block)"
block_message = "$(check_response.block_message)"
}
functions = {
category_names = <<EOF
return function(conf)
local category_names = {}
for _, v in ipairs(conf.params.categories or {}) do
if v.rejection_level >= 2 then
table.insert(category_names, v.name)
end
end
return category_names
end
EOF
check_response = <<EOF
return function(resp, conf)
local res = {
block = true,
block_message = "content passed safety check",
}
if
((type(resp.categoriesAnalysis) ~= "table") or (#resp.categoriesAnalysis == 0))
and ((type(resp.blocklistsMatch) ~= "table") or (#resp.blocklistsMatch == 0))
then
return res, "content safety introspection is invalid"
end
local reason = ""
local ok = true
for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do
local category_name = v.category
local failure_level = nil
for _, category in ipairs(conf.params.categories or {}) do
if category.name == category_name then
failure_level = category.rejection_level
break
end
end
if failure_level and (v.severity >= failure_level) then
if not ok then
reason = reason .. "; "
end
ok = false
reason = reason .. "breached category [" .. category_name .. "] at level " .. failure_level
end
end
for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do
local blocklist_name = v.blocklistName or "unknown_name"
ok = false
reason = reason .. "breached blocklist [" .. blocklist_name .. "]"
end
return {
block = not ok,
block_message = reason,
}
end
EOF
}
}
tags = []
control_plane_id = konnect_gateway_control_plane.my_konnect_cp.id
consumer = {
id = konnect_gateway_consumer.my_consumer.id
}
}
Copied!
This example requires the following variables to be added to your manifest. You can specify values at runtime by setting TF_VAR_name=value.
variable "content_safety_key" {
type = string
}
Copied!
Add this section to your kong.yaml configuration file:
kong.yaml
Copied!
_format_version: "3.0"
plugins:
- name: ai-custom-guardrail
consumer_group: consumerGroupName|Id
config:
guarding_mode: BOTH
text_source: concatenate_all_content
params:
content_safety_url: ${{ env "DECK_CONTENT_SAFETY_URL" }}
content_safety_key: ${{ env "DECK_CONTENT_SAFETY_KEY" }}
categories: '[{ "name": "Hate", "rejection_level": 2}, { "name": "Violence",
"rejection_level": 2}]'
output_type: FourSeverityLevels
azure_api_version: '2023-10-01'
request:
url: "$(conf.params.content_safety_url)"
headers:
Ocp-Apim-Subscription-Key: "$(conf.params.content_safety_key)"
body:
categories: "$(category_names)"
text: "$(content)"
outputType: "$(conf.params.output_type)"
queries:
api-version: "$(conf.params.azure_api_version)"
response:
block: "$(check_response.block)"
block_message: "$(check_response.block_message)"
functions:
category_names: |
return function(conf)
local category_names = {}
for _, v in ipairs(conf.params.categories or {}) do
if v.rejection_level >= 2 then
table.insert(category_names, v.name)
end
end
return category_names
end
check_response: |
return function(resp, conf)
local res = {
block = true,
block_message = "content passed safety check",
}
if
((type(resp.categoriesAnalysis) ~= "table") or (#resp.categoriesAnalysis == 0))
and ((type(resp.blocklistsMatch) ~= "table") or (#resp.blocklistsMatch == 0))
then
return res, "content safety introspection is invalid"
end
local reason = ""
local ok = true
for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do
local category_name = v.category
local failure_level = nil
for _, category in ipairs(conf.params.categories or {}) do
if category.name == category_name then
failure_level = category.rejection_level
break
end
end
if failure_level and (v.severity >= failure_level) then
if not ok then
reason = reason .. "; "
end
ok = false
reason = reason .. "breached category [" .. category_name .. "] at level " .. failure_level
end
end
for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do
local blocklist_name = v.blocklistName or "unknown_name"
ok = false
reason = reason .. "breached blocklist [" .. blocklist_name .. "]"
end
return {
block = not ok,
block_message = reason,
}
end
Make sure to replace the following placeholders with your own values:
-
consumerGroupName|Id: Theidornameof the consumer group the plugin configuration will target.
Make the following request:
curl -i -X POST http://localhost:8001/consumer_groups/{consumerGroupName|Id}/plugins/ \
--header "Accept: application/json" \
--header "Content-Type: application/json" \
--data '
{
"name": "ai-custom-guardrail",
"config": {
"guarding_mode": "BOTH",
"text_source": "concatenate_all_content",
"params": {
"content_safety_url": "'$CONTENT_SAFETY_URL'",
"content_safety_key": "'$CONTENT_SAFETY_KEY'",
"categories": "[{ \"name\": \"Hate\", \"rejection_level\": 2}, { \"name\": \"Violence\", \"rejection_level\": 2}]",
"output_type": "FourSeverityLevels",
"azure_api_version": "2023-10-01"
},
"request": {
"url": "$(conf.params.content_safety_url)",
"headers": {
"Ocp-Apim-Subscription-Key": "$(conf.params.content_safety_key)"
},
"body": {
"categories": "$(category_names)",
"text": "$(content)",
"outputType": "$(conf.params.output_type)"
},
"queries": {
"api-version": "$(conf.params.azure_api_version)"
}
},
"response": {
"block": "$(check_response.block)",
"block_message": "$(check_response.block_message)"
},
"functions": {
"category_names": "return function(conf)\n local category_names = {}\n for _, v in ipairs(conf.params.categories or {}) do\n if v.rejection_level >= 2 then\n table.insert(category_names, v.name)\n end\n end\n return category_names\nend\n",
"check_response": "return function(resp, conf)\n local res = {\n block = true,\n block_message = \"content passed safety check\",\n }\n\n if\n ((type(resp.categoriesAnalysis) ~= \"table\") or (#resp.categoriesAnalysis == 0))\n and ((type(resp.blocklistsMatch) ~= \"table\") or (#resp.blocklistsMatch == 0))\n then\n return res, \"content safety introspection is invalid\"\n end\n\n local reason = \"\"\n local ok = true\n\n for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do\n local category_name = v.category\n local failure_level = nil\n for _, category in ipairs(conf.params.categories or {}) do\n if category.name == category_name then\n failure_level = category.rejection_level\n break\n end\n end\n\n if failure_level and (v.severity >= failure_level) then\n if not ok then\n reason = reason .. \"; \"\n end\n\n ok = false\n reason = reason .. \"breached category [\" .. category_name .. \"] at level \" .. failure_level\n end\n end\n\n for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do\n local blocklist_name = v.blocklistName or \"unknown_name\"\n\n ok = false\n reason = reason .. \"breached blocklist [\" .. blocklist_name .. \"]\"\n end\n\n return {\n block = not ok,\n block_message = reason,\n }\nend\n"
}
},
"tags": []
}
'
Copied!
Make sure to replace the following placeholders with your own values:
-
consumerGroupName|Id: Theidornameof the consumer group the plugin configuration will target.
Make the following request:
curl -X POST https://{region}.api.konghq.com/v2/control-planes/{controlPlaneId}/core-entities/consumer_groups/{consumerGroupId}/plugins/ \
--header "accept: application/json" \
--header "Content-Type: application/json" \
--header "Authorization: Bearer $KONNECT_TOKEN" \
--data '
{
"name": "ai-custom-guardrail",
"config": {
"guarding_mode": "BOTH",
"text_source": "concatenate_all_content",
"params": {
"content_safety_url": "'$CONTENT_SAFETY_URL'",
"content_safety_key": "'$CONTENT_SAFETY_KEY'",
"categories": "[{ \"name\": \"Hate\", \"rejection_level\": 2}, { \"name\": \"Violence\", \"rejection_level\": 2}]",
"output_type": "FourSeverityLevels",
"azure_api_version": "2023-10-01"
},
"request": {
"url": "$(conf.params.content_safety_url)",
"headers": {
"Ocp-Apim-Subscription-Key": "$(conf.params.content_safety_key)"
},
"body": {
"categories": "$(category_names)",
"text": "$(content)",
"outputType": "$(conf.params.output_type)"
},
"queries": {
"api-version": "$(conf.params.azure_api_version)"
}
},
"response": {
"block": "$(check_response.block)",
"block_message": "$(check_response.block_message)"
},
"functions": {
"category_names": "return function(conf)\n local category_names = {}\n for _, v in ipairs(conf.params.categories or {}) do\n if v.rejection_level >= 2 then\n table.insert(category_names, v.name)\n end\n end\n return category_names\nend\n",
"check_response": "return function(resp, conf)\n local res = {\n block = true,\n block_message = \"content passed safety check\",\n }\n\n if\n ((type(resp.categoriesAnalysis) ~= \"table\") or (#resp.categoriesAnalysis == 0))\n and ((type(resp.blocklistsMatch) ~= \"table\") or (#resp.blocklistsMatch == 0))\n then\n return res, \"content safety introspection is invalid\"\n end\n\n local reason = \"\"\n local ok = true\n\n for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do\n local category_name = v.category\n local failure_level = nil\n for _, category in ipairs(conf.params.categories or {}) do\n if category.name == category_name then\n failure_level = category.rejection_level\n break\n end\n end\n\n if failure_level and (v.severity >= failure_level) then\n if not ok then\n reason = reason .. \"; \"\n end\n\n ok = false\n reason = reason .. \"breached category [\" .. category_name .. \"] at level \" .. failure_level\n end\n end\n\n for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do\n local blocklist_name = v.blocklistName or \"unknown_name\"\n\n ok = false\n reason = reason .. \"breached blocklist [\" .. blocklist_name .. \"]\"\n end\n\n return {\n block = not ok,\n block_message = reason,\n }\nend\n"
}
},
"tags": []
}
'
Copied!
Make sure to replace the following placeholders with your own values:
-
region: Geographic region where your Kong Konnect is hosted and operates. -
KONNECT_TOKEN: Your Personal Access Token (PAT) associated with your Konnect account. -
controlPlaneId: Theidof the control plane. -
consumerGroupId: Theidof the consumer group the plugin configuration will target.
See the Konnect API reference to learn about region-specific URLs and personal access tokens.
echo "
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
name: ai-custom-guardrail
namespace: kong
annotations:
kubernetes.io/ingress.class: kong
konghq.com/tags: ''
config:
guarding_mode: BOTH
text_source: concatenate_all_content
params:
content_safety_url: '$CONTENT_SAFETY_URL'
content_safety_key: '$CONTENT_SAFETY_KEY'
categories: '[{ 'name': 'Hate', 'rejection_level': 2}, { 'name': 'Violence', 'rejection_level':
2}]'
output_type: FourSeverityLevels
azure_api_version: '2023-10-01'
request:
url: '$(conf.params.content_safety_url)'
headers:
Ocp-Apim-Subscription-Key: '$(conf.params.content_safety_key)'
body:
categories: '$(category_names)'
text: '$(content)'
outputType: '$(conf.params.output_type)'
queries:
api-version: '$(conf.params.azure_api_version)'
response:
block: '$(check_response.block)'
block_message: '$(check_response.block_message)'
functions:
category_names: |
return function(conf)
local category_names = {}
for _, v in ipairs(conf.params.categories or {}) do
if v.rejection_level >= 2 then
table.insert(category_names, v.name)
end
end
return category_names
end
check_response: |
return function(resp, conf)
local res = {
block = true,
block_message = 'content passed safety check',
}
if
((type(resp.categoriesAnalysis) ~= 'table') or (#resp.categoriesAnalysis == 0))
and ((type(resp.blocklistsMatch) ~= 'table') or (#resp.blocklistsMatch == 0))
then
return res, 'content safety introspection is invalid'
end
local reason = ''
local ok = true
for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do
local category_name = v.category
local failure_level = nil
for _, category in ipairs(conf.params.categories or {}) do
if category.name == category_name then
failure_level = category.rejection_level
break
end
end
if failure_level and (v.severity >= failure_level) then
if not ok then
reason = reason .. '; '
end
ok = false
reason = reason .. 'breached category [' .. category_name .. '] at level ' .. failure_level
end
end
for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do
local blocklist_name = v.blocklistName or 'unknown_name'
ok = false
reason = reason .. 'breached blocklist [' .. blocklist_name .. ']'
end
return {
block = not ok,
block_message = reason,
}
end
plugin: ai-custom-guardrail
" | kubectl apply -f -
Copied!
Next, apply the KongPlugin resource by annotating the KongConsumerGroup resource:
kubectl annotate -n kong kongconsumergroup CONSUMERGROUP_NAME konghq.com/plugins=ai-custom-guardrail
Copied!
Prerequisite: Configure your Personal Access Token
terraform {
required_providers {
konnect = {
source = "kong/konnect"
}
}
}
provider "konnect" {
personal_access_token = "$KONNECT_TOKEN"
server_url = "https://us.api.konghq.com/"
}
Copied!
Add the following to your Terraform configuration to create a Konnect Gateway Plugin:
resource "konnect_gateway_plugin_ai_custom_guardrail" "my_ai_custom_guardrail" {
enabled = true
config = {
guarding_mode = "BOTH"
text_source = "concatenate_all_content"
params = {
content_safety_url = var.content_safety_url
content_safety_key = var.content_safety_key
categories = "[{ \"name\": \"Hate\", \"rejection_level\": 2}, { \"name\": \"Violence\", \"rejection_level\": 2}]"
output_type = "FourSeverityLevels"
azure_api_version = "2023-10-01"
}
request = {
url = "$(conf.params.content_safety_url)"
headers = {
Ocp-Apim-Subscription-Key = "$(conf.params.content_safety_key)"
}
body = {
categories = "$(category_names)"
text = "$(content)"
outputType = "$(conf.params.output_type)"
}
queries = {
api-version = "$(conf.params.azure_api_version)"
}
}
response = {
block = "$(check_response.block)"
block_message = "$(check_response.block_message)"
}
functions = {
category_names = <<EOF
return function(conf)
local category_names = {}
for _, v in ipairs(conf.params.categories or {}) do
if v.rejection_level >= 2 then
table.insert(category_names, v.name)
end
end
return category_names
end
EOF
check_response = <<EOF
return function(resp, conf)
local res = {
block = true,
block_message = "content passed safety check",
}
if
((type(resp.categoriesAnalysis) ~= "table") or (#resp.categoriesAnalysis == 0))
and ((type(resp.blocklistsMatch) ~= "table") or (#resp.blocklistsMatch == 0))
then
return res, "content safety introspection is invalid"
end
local reason = ""
local ok = true
for _, v in ipairs(resp.categoriesAnalysis or EMPTY_T) do
local category_name = v.category
local failure_level = nil
for _, category in ipairs(conf.params.categories or {}) do
if category.name == category_name then
failure_level = category.rejection_level
break
end
end
if failure_level and (v.severity >= failure_level) then
if not ok then
reason = reason .. "; "
end
ok = false
reason = reason .. "breached category [" .. category_name .. "] at level " .. failure_level
end
end
for _, v in ipairs(resp.blocklistsMatch or EMPTY_T) do
local blocklist_name = v.blocklistName or "unknown_name"
ok = false
reason = reason .. "breached blocklist [" .. blocklist_name .. "]"
end
return {
block = not ok,
block_message = reason,
}
end
EOF
}
}
tags = []
control_plane_id = konnect_gateway_control_plane.my_konnect_cp.id
consumer_group = {
id = konnect_gateway_consumer_group.my_consumer_group.id
}
}
Copied!
This example requires the following variables to be added to your manifest. You can specify values at runtime by setting TF_VAR_name=value.
variable "content_safety_key" {
type = string
}
Copied!