Turbot Guardrails Hub 
Hub
  • Mods
  • Policy Packs
  • Docs
  • Home
ModsPolicy PacksDocsHome
Mods
GCP
Loading policies...

Policy: GCP > Model Armor > Floor Setting > Settings > Detection > Sensitive Data Protection

Whether the floor's filterConfig.sdpSettings.basicConfig.filterEnforcement must be ENABLED — the Basic mode of Sensitive Data Protection, which detects a fixed set of common PII categories (e.g. credit-card numbers, US social security numbers, email addresses) in prompts and responses without a customer-provided DLP inspect template.

When Enabled, the Settings control alarms unless the SDP Basic filter is enforced on the live Floor Setting, and the Set Floor Setting action sets it to ENABLED on Enforce: Enabled per ... (preserving any existing advancedConfig block — Advanced mode is not in scope here). When Disabled, the filter is not checked.

Targets

This policy targets the following resource types:

  • GCP > Model Armor > Floor Setting

Primary Policy

This policy is used with the following primary policy:

  • GCP > Model Armor > Floor Setting > Settings > Detection

Controls

Setting this policy configures this control:

  • GCP > Model Armor > Floor Setting > Settings

Policy Specification

Schema Type
string
Default
Disabled
Valid Values [YAML]
  • Enabled

  • Disabled
Examples [YAML]
Enabled

Category

  • Security

In Your Workspace

  • Policy Settings by Type report

Developers

    Category URI
    • tmod:@turbot/turbot#/control/categories/security
    • Policy Type URI
    • tmod:@turbot/gcp-modelarmor#/policy/types/floorSettingSettingsDetectionSensitiveDataProtection
    • GraphQL
    • query policyType(id: "tmod:@turbot/gcp-modelarmor#/policy/types/floorSettingSettingsDetectionSensitiveDataProtection") { … }
    • query policySettings(filter: "policyTypeId:'tmod:@turbot/gcp-modelarmor#/policy/types/floorSettingSettingsDetectionSensitiveDataProtection'") { … }
    • query policyValues(filter: "policyTypeId:'tmod:@turbot/gcp-modelarmor#/policy/types/floorSettingSettingsDetectionSensitiveDataProtection'") { … }
    • CLI
    • Get Policy Type
    • turbot graphql policy-type --id "tmod:@turbot/gcp-modelarmor#/policy/types/floorSettingSettingsDetectionSensitiveDataProtection"
      • Get Policy Settings
    • turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/gcp-modelarmor#/policy/types/floorSettingSettingsDetectionSensitiveDataProtection"
Guardrails
Guardrails Hub
  • Hub
  • Docs
  • Blog
  • Changelog
Products
  • GuardrailsGuardrails
  • PipesPipes
  • SteampipeSteampipe
  • PowerpipePowerpipe
  • FlowpipeFlowpipe
  • TailpipeTailpipe
Turbot
  • Home
  • About us
  • We're hiring!
  • Contact us
Community

Our community of practitioners love to discuss cloud governance & security.

Slack logoJoin us on Slack →

System StatusLegalSecurity
Terms of UseSecurityPrivacy
39
Mods
151
Resource Types
2,578
Policies
1,245
Controls
118
Quick Actions
89
IAM