Block request and response content using Mistral AI moderationv3.14+
Configure the AI Custom Guardrail plugin to check requests and responses, and block content matching using Mistral AI.
Prerequisites
-
You have an Mistral AI account.
-
You have enabled an AI Proxy or AI Proxy Advanced plugin.
Environment variables
-
MISTRAL_API_KEY: The API key to access Mistral AI. -
MISTRAL_MODEL: The Mistral AI model to use for moderation.
Add this section to your kong.yaml configuration file:
kong.yaml
Copied!
_format_version: "3.0"
plugins:
- name: ai-custom-guardrail
config:
guarding_mode: BOTH
text_source: concatenate_all_content
params:
api_key: ${{ env "DECK_MISTRAL_API_KEY" }}
model: ${{ env "DECK_MISTRAL_MODEL" }}
request:
url: https://api.mistral.ai/v1/moderations
headers:
Authorization: Bearer $(conf.params.api_key)
body:
model: "$(conf.params.model)"
input: "$(content)"
response:
block: "$(check_response.block)"
block_message: "$(check_response.block_message)"
functions:
check_response: "return function(resp)\n local blocked_categories = {}\n
\ \n for _, result in ipairs(resp.results) do\n for category,
is_flagged in pairs(result.categories) do\n if is_flagged then\n
\ table.insert(blocked_categories, category)\n end\n
\ end\n end\n \n local block = #blocked_categories > 0\n local
reason\n\n if block then\n reason = \"Content moderation failed in
the following categories: \" .. table.concat(blocked_categories, \", \")\n
\ else\n reason = \"Content moderation passed\"\n end\n \n return
{\n block = block,\n block_message = reason\n }\nend\n"
Make the following request:
curl -i -X POST http://localhost:8001/plugins/ \
--header "Accept: application/json" \
--header "Content-Type: application/json" \
--data '
{
"name": "ai-custom-guardrail",
"config": {
"guarding_mode": "BOTH",
"text_source": "concatenate_all_content",
"params": {
"api_key": "'$MISTRAL_API_KEY'",
"model": "'$MISTRAL_MODEL'"
},
"request": {
"url": "https://api.mistral.ai/v1/moderations",
"headers": {
"Authorization": "Bearer $(conf.params.api_key)"
},
"body": {
"model": "$(conf.params.model)",
"input": "$(content)"
}
},
"response": {
"block": "$(check_response.block)",
"block_message": "$(check_response.block_message)"
},
"functions": {
"check_response": "return function(resp)\n local blocked_categories = {}\n \n for _, result in ipairs(resp.results) do\n for category, is_flagged in pairs(result.categories) do\n if is_flagged then\n table.insert(blocked_categories, category)\n end\n end\n end\n \n local block = #blocked_categories > 0\n local reason\n\n if block then\n reason = \"Content moderation failed in the following categories: \" .. table.concat(blocked_categories, \", \")\n else\n reason = \"Content moderation passed\"\n end\n \n return {\n block = block,\n block_message = reason\n }\nend\n"
}
},
"tags": []
}
'
Copied!
Make the following request:
curl -X POST https://{region}.api.konghq.com/v2/control-planes/{controlPlaneId}/core-entities/plugins/ \
--header "accept: application/json" \
--header "Content-Type: application/json" \
--header "Authorization: Bearer $KONNECT_TOKEN" \
--data '
{
"name": "ai-custom-guardrail",
"config": {
"guarding_mode": "BOTH",
"text_source": "concatenate_all_content",
"params": {
"api_key": "'$MISTRAL_API_KEY'",
"model": "'$MISTRAL_MODEL'"
},
"request": {
"url": "https://api.mistral.ai/v1/moderations",
"headers": {
"Authorization": "Bearer $(conf.params.api_key)"
},
"body": {
"model": "$(conf.params.model)",
"input": "$(content)"
}
},
"response": {
"block": "$(check_response.block)",
"block_message": "$(check_response.block_message)"
},
"functions": {
"check_response": "return function(resp)\n local blocked_categories = {}\n \n for _, result in ipairs(resp.results) do\n for category, is_flagged in pairs(result.categories) do\n if is_flagged then\n table.insert(blocked_categories, category)\n end\n end\n end\n \n local block = #blocked_categories > 0\n local reason\n\n if block then\n reason = \"Content moderation failed in the following categories: \" .. table.concat(blocked_categories, \", \")\n else\n reason = \"Content moderation passed\"\n end\n \n return {\n block = block,\n block_message = reason\n }\nend\n"
}
},
"tags": []
}
'
Copied!
Make sure to replace the following placeholders with your own values:
-
region: Geographic region where your Kong Konnect is hosted and operates. -
KONNECT_TOKEN: Your Personal Access Token (PAT) associated with your Konnect account. -
controlPlaneId: Theidof the control plane.
See the Konnect API reference to learn about region-specific URLs and personal access tokens.
echo "
apiVersion: configuration.konghq.com/v1
kind: KongClusterPlugin
metadata:
name: ai-custom-guardrail
namespace: kong
annotations:
kubernetes.io/ingress.class: kong
konghq.com/tags: ''
labels:
global: 'true'
config:
guarding_mode: BOTH
text_source: concatenate_all_content
params:
api_key: '$MISTRAL_API_KEY'
model: '$MISTRAL_MODEL'
request:
url: https://api.mistral.ai/v1/moderations
headers:
Authorization: Bearer $(conf.params.api_key)
body:
model: '$(conf.params.model)'
input: '$(content)'
response:
block: '$(check_response.block)'
block_message: '$(check_response.block_message)'
functions:
check_response: 'return function(resp)\n local blocked_categories = {}\n \n
\ for _, result in ipairs(resp.results) do\n for category, is_flagged
in pairs(result.categories) do\n if is_flagged then\n table.insert(blocked_categories,
category)\n end\n end\n end\n \n local block = #blocked_categories
> 0\n local reason\n\n if block then\n reason = \'Content moderation
failed in the following categories: \' .. table.concat(blocked_categories, \',
\')\n else\n reason = \'Content moderation passed\'\n end\n \n
\ return {\n block = block,\n block_message = reason\n }\nend\n'
plugin: ai-custom-guardrail
" | kubectl apply -f -
Copied!
Prerequisite: Configure your Personal Access Token
terraform {
required_providers {
konnect = {
source = "kong/konnect"
}
}
}
provider "konnect" {
personal_access_token = "$KONNECT_TOKEN"
server_url = "https://us.api.konghq.com/"
}
Copied!
Add the following to your Terraform configuration to create a Konnect Gateway Plugin:
resource "konnect_gateway_plugin_ai_custom_guardrail" "my_ai_custom_guardrail" {
enabled = true
config = {
guarding_mode = "BOTH"
text_source = "concatenate_all_content"
params = {
api_key = var.mistral_api_key
model = var.mistral_model
}
request = {
url = "https://api.mistral.ai/v1/moderations"
headers = {
Authorization = "Bearer $(conf.params.api_key)"
}
body = {
model = "$(conf.params.model)"
input = "$(content)"
}
}
response = {
block = "$(check_response.block)"
block_message = "$(check_response.block_message)"
}
functions = {
check_response = <<EOF
return function(resp)
local blocked_categories = {}
for _, result in ipairs(resp.results) do
for category, is_flagged in pairs(result.categories) do
if is_flagged then
table.insert(blocked_categories, category)
end
end
end
local block = #blocked_categories > 0
local reason
if block then
reason = "Content moderation failed in the following categories: " .. table.concat(blocked_categories, ", ")
else
reason = "Content moderation passed"
end
return {
block = block,
block_message = reason
}
end
EOF
}
}
tags = []
control_plane_id = konnect_gateway_control_plane.my_konnect_cp.id
}
Copied!
This example requires the following variables to be added to your manifest. You can specify values at runtime by setting TF_VAR_name=value.
variable "mistral_model" {
type = string
}
Copied!
Add this section to your kong.yaml configuration file:
kong.yaml
Copied!
_format_version: "3.0"
plugins:
- name: ai-custom-guardrail
service: serviceName|Id
config:
guarding_mode: BOTH
text_source: concatenate_all_content
params:
api_key: ${{ env "DECK_MISTRAL_API_KEY" }}
model: ${{ env "DECK_MISTRAL_MODEL" }}
request:
url: https://api.mistral.ai/v1/moderations
headers:
Authorization: Bearer $(conf.params.api_key)
body:
model: "$(conf.params.model)"
input: "$(content)"
response:
block: "$(check_response.block)"
block_message: "$(check_response.block_message)"
functions:
check_response: "return function(resp)\n local blocked_categories = {}\n
\ \n for _, result in ipairs(resp.results) do\n for category,
is_flagged in pairs(result.categories) do\n if is_flagged then\n
\ table.insert(blocked_categories, category)\n end\n
\ end\n end\n \n local block = #blocked_categories > 0\n local
reason\n\n if block then\n reason = \"Content moderation failed in
the following categories: \" .. table.concat(blocked_categories, \", \")\n
\ else\n reason = \"Content moderation passed\"\n end\n \n return
{\n block = block,\n block_message = reason\n }\nend\n"
Make sure to replace the following placeholders with your own values:
-
serviceName|Id: Theidornameof the service the plugin configuration will target.
Make the following request:
curl -i -X POST http://localhost:8001/services/{serviceName|Id}/plugins/ \
--header "Accept: application/json" \
--header "Content-Type: application/json" \
--data '
{
"name": "ai-custom-guardrail",
"config": {
"guarding_mode": "BOTH",
"text_source": "concatenate_all_content",
"params": {
"api_key": "'$MISTRAL_API_KEY'",
"model": "'$MISTRAL_MODEL'"
},
"request": {
"url": "https://api.mistral.ai/v1/moderations",
"headers": {
"Authorization": "Bearer $(conf.params.api_key)"
},
"body": {
"model": "$(conf.params.model)",
"input": "$(content)"
}
},
"response": {
"block": "$(check_response.block)",
"block_message": "$(check_response.block_message)"
},
"functions": {
"check_response": "return function(resp)\n local blocked_categories = {}\n \n for _, result in ipairs(resp.results) do\n for category, is_flagged in pairs(result.categories) do\n if is_flagged then\n table.insert(blocked_categories, category)\n end\n end\n end\n \n local block = #blocked_categories > 0\n local reason\n\n if block then\n reason = \"Content moderation failed in the following categories: \" .. table.concat(blocked_categories, \", \")\n else\n reason = \"Content moderation passed\"\n end\n \n return {\n block = block,\n block_message = reason\n }\nend\n"
}
},
"tags": []
}
'
Copied!
Make sure to replace the following placeholders with your own values:
-
serviceName|Id: Theidornameof the service the plugin configuration will target.
Make the following request:
curl -X POST https://{region}.api.konghq.com/v2/control-planes/{controlPlaneId}/core-entities/services/{serviceId}/plugins/ \
--header "accept: application/json" \
--header "Content-Type: application/json" \
--header "Authorization: Bearer $KONNECT_TOKEN" \
--data '
{
"name": "ai-custom-guardrail",
"config": {
"guarding_mode": "BOTH",
"text_source": "concatenate_all_content",
"params": {
"api_key": "'$MISTRAL_API_KEY'",
"model": "'$MISTRAL_MODEL'"
},
"request": {
"url": "https://api.mistral.ai/v1/moderations",
"headers": {
"Authorization": "Bearer $(conf.params.api_key)"
},
"body": {
"model": "$(conf.params.model)",
"input": "$(content)"
}
},
"response": {
"block": "$(check_response.block)",
"block_message": "$(check_response.block_message)"
},
"functions": {
"check_response": "return function(resp)\n local blocked_categories = {}\n \n for _, result in ipairs(resp.results) do\n for category, is_flagged in pairs(result.categories) do\n if is_flagged then\n table.insert(blocked_categories, category)\n end\n end\n end\n \n local block = #blocked_categories > 0\n local reason\n\n if block then\n reason = \"Content moderation failed in the following categories: \" .. table.concat(blocked_categories, \", \")\n else\n reason = \"Content moderation passed\"\n end\n \n return {\n block = block,\n block_message = reason\n }\nend\n"
}
},
"tags": []
}
'
Copied!
Make sure to replace the following placeholders with your own values:
-
region: Geographic region where your Kong Konnect is hosted and operates. -
KONNECT_TOKEN: Your Personal Access Token (PAT) associated with your Konnect account. -
controlPlaneId: Theidof the control plane. -
serviceId: Theidof the service the plugin configuration will target.
See the Konnect API reference to learn about region-specific URLs and personal access tokens.
echo "
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
name: ai-custom-guardrail
namespace: kong
annotations:
kubernetes.io/ingress.class: kong
konghq.com/tags: ''
config:
guarding_mode: BOTH
text_source: concatenate_all_content
params:
api_key: '$MISTRAL_API_KEY'
model: '$MISTRAL_MODEL'
request:
url: https://api.mistral.ai/v1/moderations
headers:
Authorization: Bearer $(conf.params.api_key)
body:
model: '$(conf.params.model)'
input: '$(content)'
response:
block: '$(check_response.block)'
block_message: '$(check_response.block_message)'
functions:
check_response: 'return function(resp)\n local blocked_categories = {}\n \n
\ for _, result in ipairs(resp.results) do\n for category, is_flagged
in pairs(result.categories) do\n if is_flagged then\n table.insert(blocked_categories,
category)\n end\n end\n end\n \n local block = #blocked_categories
> 0\n local reason\n\n if block then\n reason = \'Content moderation
failed in the following categories: \' .. table.concat(blocked_categories, \',
\')\n else\n reason = \'Content moderation passed\'\n end\n \n
\ return {\n block = block,\n block_message = reason\n }\nend\n'
plugin: ai-custom-guardrail
" | kubectl apply -f -
Copied!
Next, apply the KongPlugin resource by annotating the service resource:
kubectl annotate -n kong service SERVICE_NAME konghq.com/plugins=ai-custom-guardrail
Copied!
Prerequisite: Configure your Personal Access Token
terraform {
required_providers {
konnect = {
source = "kong/konnect"
}
}
}
provider "konnect" {
personal_access_token = "$KONNECT_TOKEN"
server_url = "https://us.api.konghq.com/"
}
Copied!
Add the following to your Terraform configuration to create a Konnect Gateway Plugin:
resource "konnect_gateway_plugin_ai_custom_guardrail" "my_ai_custom_guardrail" {
enabled = true
config = {
guarding_mode = "BOTH"
text_source = "concatenate_all_content"
params = {
api_key = var.mistral_api_key
model = var.mistral_model
}
request = {
url = "https://api.mistral.ai/v1/moderations"
headers = {
Authorization = "Bearer $(conf.params.api_key)"
}
body = {
model = "$(conf.params.model)"
input = "$(content)"
}
}
response = {
block = "$(check_response.block)"
block_message = "$(check_response.block_message)"
}
functions = {
check_response = <<EOF
return function(resp)
local blocked_categories = {}
for _, result in ipairs(resp.results) do
for category, is_flagged in pairs(result.categories) do
if is_flagged then
table.insert(blocked_categories, category)
end
end
end
local block = #blocked_categories > 0
local reason
if block then
reason = "Content moderation failed in the following categories: " .. table.concat(blocked_categories, ", ")
else
reason = "Content moderation passed"
end
return {
block = block,
block_message = reason
}
end
EOF
}
}
tags = []
control_plane_id = konnect_gateway_control_plane.my_konnect_cp.id
service = {
id = konnect_gateway_service.my_service.id
}
}
Copied!
This example requires the following variables to be added to your manifest. You can specify values at runtime by setting TF_VAR_name=value.
variable "mistral_model" {
type = string
}
Copied!
Add this section to your kong.yaml configuration file:
kong.yaml
Copied!
_format_version: "3.0"
plugins:
- name: ai-custom-guardrail
route: routeName|Id
config:
guarding_mode: BOTH
text_source: concatenate_all_content
params:
api_key: ${{ env "DECK_MISTRAL_API_KEY" }}
model: ${{ env "DECK_MISTRAL_MODEL" }}
request:
url: https://api.mistral.ai/v1/moderations
headers:
Authorization: Bearer $(conf.params.api_key)
body:
model: "$(conf.params.model)"
input: "$(content)"
response:
block: "$(check_response.block)"
block_message: "$(check_response.block_message)"
functions:
check_response: "return function(resp)\n local blocked_categories = {}\n
\ \n for _, result in ipairs(resp.results) do\n for category,
is_flagged in pairs(result.categories) do\n if is_flagged then\n
\ table.insert(blocked_categories, category)\n end\n
\ end\n end\n \n local block = #blocked_categories > 0\n local
reason\n\n if block then\n reason = \"Content moderation failed in
the following categories: \" .. table.concat(blocked_categories, \", \")\n
\ else\n reason = \"Content moderation passed\"\n end\n \n return
{\n block = block,\n block_message = reason\n }\nend\n"
Make sure to replace the following placeholders with your own values:
-
routeName|Id: Theidornameof the route the plugin configuration will target.
Make the following request:
curl -i -X POST http://localhost:8001/routes/{routeName|Id}/plugins/ \
--header "Accept: application/json" \
--header "Content-Type: application/json" \
--data '
{
"name": "ai-custom-guardrail",
"config": {
"guarding_mode": "BOTH",
"text_source": "concatenate_all_content",
"params": {
"api_key": "'$MISTRAL_API_KEY'",
"model": "'$MISTRAL_MODEL'"
},
"request": {
"url": "https://api.mistral.ai/v1/moderations",
"headers": {
"Authorization": "Bearer $(conf.params.api_key)"
},
"body": {
"model": "$(conf.params.model)",
"input": "$(content)"
}
},
"response": {
"block": "$(check_response.block)",
"block_message": "$(check_response.block_message)"
},
"functions": {
"check_response": "return function(resp)\n local blocked_categories = {}\n \n for _, result in ipairs(resp.results) do\n for category, is_flagged in pairs(result.categories) do\n if is_flagged then\n table.insert(blocked_categories, category)\n end\n end\n end\n \n local block = #blocked_categories > 0\n local reason\n\n if block then\n reason = \"Content moderation failed in the following categories: \" .. table.concat(blocked_categories, \", \")\n else\n reason = \"Content moderation passed\"\n end\n \n return {\n block = block,\n block_message = reason\n }\nend\n"
}
},
"tags": []
}
'
Copied!
Make sure to replace the following placeholders with your own values:
-
routeName|Id: Theidornameof the route the plugin configuration will target.
Make the following request:
curl -X POST https://{region}.api.konghq.com/v2/control-planes/{controlPlaneId}/core-entities/routes/{routeId}/plugins/ \
--header "accept: application/json" \
--header "Content-Type: application/json" \
--header "Authorization: Bearer $KONNECT_TOKEN" \
--data '
{
"name": "ai-custom-guardrail",
"config": {
"guarding_mode": "BOTH",
"text_source": "concatenate_all_content",
"params": {
"api_key": "'$MISTRAL_API_KEY'",
"model": "'$MISTRAL_MODEL'"
},
"request": {
"url": "https://api.mistral.ai/v1/moderations",
"headers": {
"Authorization": "Bearer $(conf.params.api_key)"
},
"body": {
"model": "$(conf.params.model)",
"input": "$(content)"
}
},
"response": {
"block": "$(check_response.block)",
"block_message": "$(check_response.block_message)"
},
"functions": {
"check_response": "return function(resp)\n local blocked_categories = {}\n \n for _, result in ipairs(resp.results) do\n for category, is_flagged in pairs(result.categories) do\n if is_flagged then\n table.insert(blocked_categories, category)\n end\n end\n end\n \n local block = #blocked_categories > 0\n local reason\n\n if block then\n reason = \"Content moderation failed in the following categories: \" .. table.concat(blocked_categories, \", \")\n else\n reason = \"Content moderation passed\"\n end\n \n return {\n block = block,\n block_message = reason\n }\nend\n"
}
},
"tags": []
}
'
Copied!
Make sure to replace the following placeholders with your own values:
-
region: Geographic region where your Kong Konnect is hosted and operates. -
KONNECT_TOKEN: Your Personal Access Token (PAT) associated with your Konnect account. -
controlPlaneId: Theidof the control plane. -
routeId: Theidof the route the plugin configuration will target.
See the Konnect API reference to learn about region-specific URLs and personal access tokens.
echo "
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
name: ai-custom-guardrail
namespace: kong
annotations:
kubernetes.io/ingress.class: kong
konghq.com/tags: ''
config:
guarding_mode: BOTH
text_source: concatenate_all_content
params:
api_key: '$MISTRAL_API_KEY'
model: '$MISTRAL_MODEL'
request:
url: https://api.mistral.ai/v1/moderations
headers:
Authorization: Bearer $(conf.params.api_key)
body:
model: '$(conf.params.model)'
input: '$(content)'
response:
block: '$(check_response.block)'
block_message: '$(check_response.block_message)'
functions:
check_response: 'return function(resp)\n local blocked_categories = {}\n \n
\ for _, result in ipairs(resp.results) do\n for category, is_flagged
in pairs(result.categories) do\n if is_flagged then\n table.insert(blocked_categories,
category)\n end\n end\n end\n \n local block = #blocked_categories
> 0\n local reason\n\n if block then\n reason = \'Content moderation
failed in the following categories: \' .. table.concat(blocked_categories, \',
\')\n else\n reason = \'Content moderation passed\'\n end\n \n
\ return {\n block = block,\n block_message = reason\n }\nend\n'
plugin: ai-custom-guardrail
" | kubectl apply -f -
Copied!
Next, apply the KongPlugin resource by annotating the httproute or ingress resource:
kubectl annotate -n kong httproute konghq.com/plugins=ai-custom-guardrail
Copied!
kubectl annotate -n kong ingress konghq.com/plugins=ai-custom-guardrail
Copied!
Prerequisite: Configure your Personal Access Token
terraform {
required_providers {
konnect = {
source = "kong/konnect"
}
}
}
provider "konnect" {
personal_access_token = "$KONNECT_TOKEN"
server_url = "https://us.api.konghq.com/"
}
Copied!
Add the following to your Terraform configuration to create a Konnect Gateway Plugin:
resource "konnect_gateway_plugin_ai_custom_guardrail" "my_ai_custom_guardrail" {
enabled = true
config = {
guarding_mode = "BOTH"
text_source = "concatenate_all_content"
params = {
api_key = var.mistral_api_key
model = var.mistral_model
}
request = {
url = "https://api.mistral.ai/v1/moderations"
headers = {
Authorization = "Bearer $(conf.params.api_key)"
}
body = {
model = "$(conf.params.model)"
input = "$(content)"
}
}
response = {
block = "$(check_response.block)"
block_message = "$(check_response.block_message)"
}
functions = {
check_response = <<EOF
return function(resp)
local blocked_categories = {}
for _, result in ipairs(resp.results) do
for category, is_flagged in pairs(result.categories) do
if is_flagged then
table.insert(blocked_categories, category)
end
end
end
local block = #blocked_categories > 0
local reason
if block then
reason = "Content moderation failed in the following categories: " .. table.concat(blocked_categories, ", ")
else
reason = "Content moderation passed"
end
return {
block = block,
block_message = reason
}
end
EOF
}
}
tags = []
control_plane_id = konnect_gateway_control_plane.my_konnect_cp.id
route = {
id = konnect_gateway_route.my_route.id
}
}
Copied!
This example requires the following variables to be added to your manifest. You can specify values at runtime by setting TF_VAR_name=value.
variable "mistral_model" {
type = string
}
Copied!
Add this section to your kong.yaml configuration file:
kong.yaml
Copied!
_format_version: "3.0"
plugins:
- name: ai-custom-guardrail
consumer: consumerName|Id
config:
guarding_mode: BOTH
text_source: concatenate_all_content
params:
api_key: ${{ env "DECK_MISTRAL_API_KEY" }}
model: ${{ env "DECK_MISTRAL_MODEL" }}
request:
url: https://api.mistral.ai/v1/moderations
headers:
Authorization: Bearer $(conf.params.api_key)
body:
model: "$(conf.params.model)"
input: "$(content)"
response:
block: "$(check_response.block)"
block_message: "$(check_response.block_message)"
functions:
check_response: "return function(resp)\n local blocked_categories = {}\n
\ \n for _, result in ipairs(resp.results) do\n for category,
is_flagged in pairs(result.categories) do\n if is_flagged then\n
\ table.insert(blocked_categories, category)\n end\n
\ end\n end\n \n local block = #blocked_categories > 0\n local
reason\n\n if block then\n reason = \"Content moderation failed in
the following categories: \" .. table.concat(blocked_categories, \", \")\n
\ else\n reason = \"Content moderation passed\"\n end\n \n return
{\n block = block,\n block_message = reason\n }\nend\n"
Make sure to replace the following placeholders with your own values:
-
consumerName|Id: Theidornameof the consumer the plugin configuration will target.
Make the following request:
curl -i -X POST http://localhost:8001/consumers/{consumerName|Id}/plugins/ \
--header "Accept: application/json" \
--header "Content-Type: application/json" \
--data '
{
"name": "ai-custom-guardrail",
"config": {
"guarding_mode": "BOTH",
"text_source": "concatenate_all_content",
"params": {
"api_key": "'$MISTRAL_API_KEY'",
"model": "'$MISTRAL_MODEL'"
},
"request": {
"url": "https://api.mistral.ai/v1/moderations",
"headers": {
"Authorization": "Bearer $(conf.params.api_key)"
},
"body": {
"model": "$(conf.params.model)",
"input": "$(content)"
}
},
"response": {
"block": "$(check_response.block)",
"block_message": "$(check_response.block_message)"
},
"functions": {
"check_response": "return function(resp)\n local blocked_categories = {}\n \n for _, result in ipairs(resp.results) do\n for category, is_flagged in pairs(result.categories) do\n if is_flagged then\n table.insert(blocked_categories, category)\n end\n end\n end\n \n local block = #blocked_categories > 0\n local reason\n\n if block then\n reason = \"Content moderation failed in the following categories: \" .. table.concat(blocked_categories, \", \")\n else\n reason = \"Content moderation passed\"\n end\n \n return {\n block = block,\n block_message = reason\n }\nend\n"
}
},
"tags": []
}
'
Copied!
Make sure to replace the following placeholders with your own values:
-
consumerName|Id: Theidornameof the consumer the plugin configuration will target.
Make the following request:
curl -X POST https://{region}.api.konghq.com/v2/control-planes/{controlPlaneId}/core-entities/consumers/{consumerId}/plugins/ \
--header "accept: application/json" \
--header "Content-Type: application/json" \
--header "Authorization: Bearer $KONNECT_TOKEN" \
--data '
{
"name": "ai-custom-guardrail",
"config": {
"guarding_mode": "BOTH",
"text_source": "concatenate_all_content",
"params": {
"api_key": "'$MISTRAL_API_KEY'",
"model": "'$MISTRAL_MODEL'"
},
"request": {
"url": "https://api.mistral.ai/v1/moderations",
"headers": {
"Authorization": "Bearer $(conf.params.api_key)"
},
"body": {
"model": "$(conf.params.model)",
"input": "$(content)"
}
},
"response": {
"block": "$(check_response.block)",
"block_message": "$(check_response.block_message)"
},
"functions": {
"check_response": "return function(resp)\n local blocked_categories = {}\n \n for _, result in ipairs(resp.results) do\n for category, is_flagged in pairs(result.categories) do\n if is_flagged then\n table.insert(blocked_categories, category)\n end\n end\n end\n \n local block = #blocked_categories > 0\n local reason\n\n if block then\n reason = \"Content moderation failed in the following categories: \" .. table.concat(blocked_categories, \", \")\n else\n reason = \"Content moderation passed\"\n end\n \n return {\n block = block,\n block_message = reason\n }\nend\n"
}
},
"tags": []
}
'
Copied!
Make sure to replace the following placeholders with your own values:
-
region: Geographic region where your Kong Konnect is hosted and operates. -
KONNECT_TOKEN: Your Personal Access Token (PAT) associated with your Konnect account. -
controlPlaneId: Theidof the control plane. -
consumerId: Theidof the consumer the plugin configuration will target.
See the Konnect API reference to learn about region-specific URLs and personal access tokens.
echo "
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
name: ai-custom-guardrail
namespace: kong
annotations:
kubernetes.io/ingress.class: kong
konghq.com/tags: ''
config:
guarding_mode: BOTH
text_source: concatenate_all_content
params:
api_key: '$MISTRAL_API_KEY'
model: '$MISTRAL_MODEL'
request:
url: https://api.mistral.ai/v1/moderations
headers:
Authorization: Bearer $(conf.params.api_key)
body:
model: '$(conf.params.model)'
input: '$(content)'
response:
block: '$(check_response.block)'
block_message: '$(check_response.block_message)'
functions:
check_response: 'return function(resp)\n local blocked_categories = {}\n \n
\ for _, result in ipairs(resp.results) do\n for category, is_flagged
in pairs(result.categories) do\n if is_flagged then\n table.insert(blocked_categories,
category)\n end\n end\n end\n \n local block = #blocked_categories
> 0\n local reason\n\n if block then\n reason = \'Content moderation
failed in the following categories: \' .. table.concat(blocked_categories, \',
\')\n else\n reason = \'Content moderation passed\'\n end\n \n
\ return {\n block = block,\n block_message = reason\n }\nend\n'
plugin: ai-custom-guardrail
" | kubectl apply -f -
Copied!
Next, apply the KongPlugin resource by annotating the KongConsumer resource:
kubectl annotate -n kong kongconsumer CONSUMER_NAME konghq.com/plugins=ai-custom-guardrail
Copied!
Prerequisite: Configure your Personal Access Token
terraform {
required_providers {
konnect = {
source = "kong/konnect"
}
}
}
provider "konnect" {
personal_access_token = "$KONNECT_TOKEN"
server_url = "https://us.api.konghq.com/"
}
Copied!
Add the following to your Terraform configuration to create a Konnect Gateway Plugin:
resource "konnect_gateway_plugin_ai_custom_guardrail" "my_ai_custom_guardrail" {
enabled = true
config = {
guarding_mode = "BOTH"
text_source = "concatenate_all_content"
params = {
api_key = var.mistral_api_key
model = var.mistral_model
}
request = {
url = "https://api.mistral.ai/v1/moderations"
headers = {
Authorization = "Bearer $(conf.params.api_key)"
}
body = {
model = "$(conf.params.model)"
input = "$(content)"
}
}
response = {
block = "$(check_response.block)"
block_message = "$(check_response.block_message)"
}
functions = {
check_response = <<EOF
return function(resp)
local blocked_categories = {}
for _, result in ipairs(resp.results) do
for category, is_flagged in pairs(result.categories) do
if is_flagged then
table.insert(blocked_categories, category)
end
end
end
local block = #blocked_categories > 0
local reason
if block then
reason = "Content moderation failed in the following categories: " .. table.concat(blocked_categories, ", ")
else
reason = "Content moderation passed"
end
return {
block = block,
block_message = reason
}
end
EOF
}
}
tags = []
control_plane_id = konnect_gateway_control_plane.my_konnect_cp.id
consumer = {
id = konnect_gateway_consumer.my_consumer.id
}
}
Copied!
This example requires the following variables to be added to your manifest. You can specify values at runtime by setting TF_VAR_name=value.
variable "mistral_model" {
type = string
}
Copied!
Add this section to your kong.yaml configuration file:
kong.yaml
Copied!
_format_version: "3.0"
plugins:
- name: ai-custom-guardrail
consumer_group: consumerGroupName|Id
config:
guarding_mode: BOTH
text_source: concatenate_all_content
params:
api_key: ${{ env "DECK_MISTRAL_API_KEY" }}
model: ${{ env "DECK_MISTRAL_MODEL" }}
request:
url: https://api.mistral.ai/v1/moderations
headers:
Authorization: Bearer $(conf.params.api_key)
body:
model: "$(conf.params.model)"
input: "$(content)"
response:
block: "$(check_response.block)"
block_message: "$(check_response.block_message)"
functions:
check_response: "return function(resp)\n local blocked_categories = {}\n
\ \n for _, result in ipairs(resp.results) do\n for category,
is_flagged in pairs(result.categories) do\n if is_flagged then\n
\ table.insert(blocked_categories, category)\n end\n
\ end\n end\n \n local block = #blocked_categories > 0\n local
reason\n\n if block then\n reason = \"Content moderation failed in
the following categories: \" .. table.concat(blocked_categories, \", \")\n
\ else\n reason = \"Content moderation passed\"\n end\n \n return
{\n block = block,\n block_message = reason\n }\nend\n"
Make sure to replace the following placeholders with your own values:
-
consumerGroupName|Id: Theidornameof the consumer group the plugin configuration will target.
Make the following request:
curl -i -X POST http://localhost:8001/consumer_groups/{consumerGroupName|Id}/plugins/ \
--header "Accept: application/json" \
--header "Content-Type: application/json" \
--data '
{
"name": "ai-custom-guardrail",
"config": {
"guarding_mode": "BOTH",
"text_source": "concatenate_all_content",
"params": {
"api_key": "'$MISTRAL_API_KEY'",
"model": "'$MISTRAL_MODEL'"
},
"request": {
"url": "https://api.mistral.ai/v1/moderations",
"headers": {
"Authorization": "Bearer $(conf.params.api_key)"
},
"body": {
"model": "$(conf.params.model)",
"input": "$(content)"
}
},
"response": {
"block": "$(check_response.block)",
"block_message": "$(check_response.block_message)"
},
"functions": {
"check_response": "return function(resp)\n local blocked_categories = {}\n \n for _, result in ipairs(resp.results) do\n for category, is_flagged in pairs(result.categories) do\n if is_flagged then\n table.insert(blocked_categories, category)\n end\n end\n end\n \n local block = #blocked_categories > 0\n local reason\n\n if block then\n reason = \"Content moderation failed in the following categories: \" .. table.concat(blocked_categories, \", \")\n else\n reason = \"Content moderation passed\"\n end\n \n return {\n block = block,\n block_message = reason\n }\nend\n"
}
},
"tags": []
}
'
Copied!
Make sure to replace the following placeholders with your own values:
-
consumerGroupName|Id: Theidornameof the consumer group the plugin configuration will target.
Make the following request:
curl -X POST https://{region}.api.konghq.com/v2/control-planes/{controlPlaneId}/core-entities/consumer_groups/{consumerGroupId}/plugins/ \
--header "accept: application/json" \
--header "Content-Type: application/json" \
--header "Authorization: Bearer $KONNECT_TOKEN" \
--data '
{
"name": "ai-custom-guardrail",
"config": {
"guarding_mode": "BOTH",
"text_source": "concatenate_all_content",
"params": {
"api_key": "'$MISTRAL_API_KEY'",
"model": "'$MISTRAL_MODEL'"
},
"request": {
"url": "https://api.mistral.ai/v1/moderations",
"headers": {
"Authorization": "Bearer $(conf.params.api_key)"
},
"body": {
"model": "$(conf.params.model)",
"input": "$(content)"
}
},
"response": {
"block": "$(check_response.block)",
"block_message": "$(check_response.block_message)"
},
"functions": {
"check_response": "return function(resp)\n local blocked_categories = {}\n \n for _, result in ipairs(resp.results) do\n for category, is_flagged in pairs(result.categories) do\n if is_flagged then\n table.insert(blocked_categories, category)\n end\n end\n end\n \n local block = #blocked_categories > 0\n local reason\n\n if block then\n reason = \"Content moderation failed in the following categories: \" .. table.concat(blocked_categories, \", \")\n else\n reason = \"Content moderation passed\"\n end\n \n return {\n block = block,\n block_message = reason\n }\nend\n"
}
},
"tags": []
}
'
Copied!
Make sure to replace the following placeholders with your own values:
-
region: Geographic region where your Kong Konnect is hosted and operates. -
KONNECT_TOKEN: Your Personal Access Token (PAT) associated with your Konnect account. -
controlPlaneId: Theidof the control plane. -
consumerGroupId: Theidof the consumer group the plugin configuration will target.
See the Konnect API reference to learn about region-specific URLs and personal access tokens.
echo "
apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
name: ai-custom-guardrail
namespace: kong
annotations:
kubernetes.io/ingress.class: kong
konghq.com/tags: ''
config:
guarding_mode: BOTH
text_source: concatenate_all_content
params:
api_key: '$MISTRAL_API_KEY'
model: '$MISTRAL_MODEL'
request:
url: https://api.mistral.ai/v1/moderations
headers:
Authorization: Bearer $(conf.params.api_key)
body:
model: '$(conf.params.model)'
input: '$(content)'
response:
block: '$(check_response.block)'
block_message: '$(check_response.block_message)'
functions:
check_response: 'return function(resp)\n local blocked_categories = {}\n \n
\ for _, result in ipairs(resp.results) do\n for category, is_flagged
in pairs(result.categories) do\n if is_flagged then\n table.insert(blocked_categories,
category)\n end\n end\n end\n \n local block = #blocked_categories
> 0\n local reason\n\n if block then\n reason = \'Content moderation
failed in the following categories: \' .. table.concat(blocked_categories, \',
\')\n else\n reason = \'Content moderation passed\'\n end\n \n
\ return {\n block = block,\n block_message = reason\n }\nend\n'
plugin: ai-custom-guardrail
" | kubectl apply -f -
Copied!
Next, apply the KongPlugin resource by annotating the KongConsumerGroup resource:
kubectl annotate -n kong kongconsumergroup CONSUMERGROUP_NAME konghq.com/plugins=ai-custom-guardrail
Copied!
Prerequisite: Configure your Personal Access Token
terraform {
required_providers {
konnect = {
source = "kong/konnect"
}
}
}
provider "konnect" {
personal_access_token = "$KONNECT_TOKEN"
server_url = "https://us.api.konghq.com/"
}
Copied!
Add the following to your Terraform configuration to create a Konnect Gateway Plugin:
resource "konnect_gateway_plugin_ai_custom_guardrail" "my_ai_custom_guardrail" {
enabled = true
config = {
guarding_mode = "BOTH"
text_source = "concatenate_all_content"
params = {
api_key = var.mistral_api_key
model = var.mistral_model
}
request = {
url = "https://api.mistral.ai/v1/moderations"
headers = {
Authorization = "Bearer $(conf.params.api_key)"
}
body = {
model = "$(conf.params.model)"
input = "$(content)"
}
}
response = {
block = "$(check_response.block)"
block_message = "$(check_response.block_message)"
}
functions = {
check_response = <<EOF
return function(resp)
local blocked_categories = {}
for _, result in ipairs(resp.results) do
for category, is_flagged in pairs(result.categories) do
if is_flagged then
table.insert(blocked_categories, category)
end
end
end
local block = #blocked_categories > 0
local reason
if block then
reason = "Content moderation failed in the following categories: " .. table.concat(blocked_categories, ", ")
else
reason = "Content moderation passed"
end
return {
block = block,
block_message = reason
}
end
EOF
}
}
tags = []
control_plane_id = konnect_gateway_control_plane.my_konnect_cp.id
consumer_group = {
id = konnect_gateway_consumer_group.my_consumer_group.id
}
}
Copied!
This example requires the following variables to be added to your manifest. You can specify values at runtime by setting TF_VAR_name=value.
variable "mistral_model" {
type = string
}
Copied!