Using Model Armor in ADK callbacks

Google Cloud Tech · Beginner ·🧠 Large Language Models ·4mo ago

Key Takeaways

This video demonstrates how to integrate Model Armor with an ADK agent using callbacks to protect AI applications from threats such as prompt injection and data leakage. It shows how to use the before and after model callbacks to implement input and output validation guardrails, inspect and sanitize user prompts and model responses, and enforce policies to filter out harmful content.

Full Transcript

[music] Building your own AI agents can completely change the way users experience your business. But this new level of access introduces threats like prompt injection, data leakage, and harmful content generation. When using ADK, the key to mitigating these risks is using callbacks to create security checkpoints in the agents interaction with a model. Model Armor is the dedicated service for enforcing policies that filter user prompts and model responses, protecting against these threats. I've made a few videos about it in the description below if you want to get caught up. We can integrate model armor with an ADK agent using the callback mechanism. The callback mechanism provides powerful hooks to observe, customize, and control the agents behavior. The most critical control point is right before the agent calls the LLM. We use the before model call back to implement an input guard rail. This function runs just before the LLM request is sent, allowing us to inspect and sanitize the user's prompt using the model armor API's sanitize user prompt method. If our model armor check detects a prompt injection attempt or other harmful content, the callback will skip the LLM call and return a predetermined response. This prevents the request from reaching the model entirely. After the model has generated a response, we must implement an output validation guardrail. We use the after model callback to inspect the raw LLM response before it's finalized and returned to the user. This callback calls the sanitize model response method from model armor. If the response contains leaked data or harmful output, we can replace or block the response. Replacing is useful if we want to preserve most of the response but just filter out a small part such as a name or a credit card number. See my video below for some detailed examples. First, we ask a benign question that is allowed to proceed, demonstrating the default behavior of the agent. When the model armor policy is satisfied, the model armor check passes. The callback prints that it is proceeding and the LLM is called. We receive a normal response as the call back returned no issues. Now, for the real test, we include a telltale sign of something a miss in our prompt. This simulates an attempt at prompt injection or a policy violation. The before model callback intercepts the request. Model Armor detects the attempt. Instead of sending the request to the LLM, the callback returns a static safe response. The LLM is skipped entirely, protecting the model from exposure. We must also secure the agents response when it comes directly from the LLM. The after model call back allows inspection and modification of the raw LLM output before it's processed further by the invoking agent. This is critical for preventing data leakage when the model inadvertently generates sensitive information. For example, if the LLM output contains a credit card number or CCN, a piece of data it should not be generating, this callback can enforce a policy to redact it. If a sequence matching a CCN is detected, the callback modifies the text to remove all but the last four digits, preventing disclosure, but still giving a user the information they need. By inserting these model armor security checkpoints with callbacks, you add a layer of defense to each point of your agents interaction with the model. Check out some useful ADK callback and model armor documentation in the links below, as well as the agent factory episode where we discuss how to use this in an agent that has access to your cloud environment. I'd really like to know what you're building and what issues you run into and what you want to see more of next. I read every comment, so please let me know below and I'll see you next time when we use anti-gravity to vibe code an agent in ADK that uses model armor based on the ideas we discussed in this video. Thanks for watching. Heat. Heat. N. >> [music]

Original Description

[Lab] Securing AI applications → https://goo.gle/4qaHdRH [Lab] Sensitive data protection → https://goo.gle/4rbxY4G [Lab] Model Armor Guard → https://goo.gle/4bXa20o Learn how to integrate Model Armor with an ADK agent using the callback mechanism to protect your AI apps. Model Armer proactively screensLLM prompts and responses, protects against various risks, and ensures responsible AI practices. Chapters: 0:00 - Intro 0:48 - Input guardrail 1:14 - Output validation guardrail 1:46 - See it action More resources: Model Armor overview → https://goo.gle/4aoWngv Building a production ready AI security foundation → https://goo.gle/4qfNsUw De-identifying data with SDP → https://goo.gle/4t68h7m We tried to jailbreak our AI (and Model Armor stopped it) → https://goo.gle/3NLQ4M6 ADK callbacks → https://goo.gle/4k2pWbS Foundations of secure MCP: Architecture and threat model → https://goo.gle/3O9CPVz Agent security | The Agent Factory Podcast → https://goo.gle/4q7tYkS 🔔 Subscribe to Google Cloud Tech → https://goo.gle/GoogleCloudTech #GoogleCloud Speaker: Aron Eidelman Products Mentioned: Google Cloud Security
Watch on YouTube ↗ (saves to browser)
Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from Google Cloud Tech · Google Cloud Tech · 0 of 60

← Previous Next →
1 I’m going for it #GoogleCloudCertified
I’m going for it #GoogleCloudCertified
Google Cloud Tech
2 I had to get #GoogleCloudCertified
I had to get #GoogleCloudCertified
Google Cloud Tech
3 Be better overall at what you do #GoogleCloudCertified
Be better overall at what you do #GoogleCloudCertified
Google Cloud Tech
4 Cloud Monitoring on our radar #Analysis #Uptime
Cloud Monitoring on our radar #Analysis #Uptime
Google Cloud Tech
5 Introduction to Generative AI Studio
Introduction to Generative AI Studio
Google Cloud Tech
6 How to use Github Actions with Google's Workload Identity Federation
How to use Github Actions with Google's Workload Identity Federation
Google Cloud Tech
7 Introduction to Responsible AI
Introduction to Responsible AI
Google Cloud Tech
8 Networking updates and CDMC-certified architecture
Networking updates and CDMC-certified architecture
Google Cloud Tech
9 Create and use a Cloud Storage bucket
Create and use a Cloud Storage bucket
Google Cloud Tech
10 How to digitize text from documents
How to digitize text from documents
Google Cloud Tech
11 Faster analytical queries with AlloyDB
Faster analytical queries with AlloyDB
Google Cloud Tech
12 Next ‘23 sessions and FaaS Wave
Next ‘23 sessions and FaaS Wave
Google Cloud Tech
13 Introduction to Assured Open Source Software
Introduction to Assured Open Source Software
Google Cloud Tech
14 BigQuery Cost Optimization: Storage
BigQuery Cost Optimization: Storage
Google Cloud Tech
15 BigQuery Cost Optimization: Compute
BigQuery Cost Optimization: Compute
Google Cloud Tech
16 BigQuery Cost Optimization: Select Queries
BigQuery Cost Optimization: Select Queries
Google Cloud Tech
17 Remote Field Equipment Management with Manufacturing Data Engine
Remote Field Equipment Management with Manufacturing Data Engine
Google Cloud Tech
18 Supercharging your applications with Cloud SQL Enterprise Plus
Supercharging your applications with Cloud SQL Enterprise Plus
Google Cloud Tech
19 Vector Support on our radar #GenAI
Vector Support on our radar #GenAI
Google Cloud Tech
20 Architecting a blockchain startup with Google Cloud
Architecting a blockchain startup with Google Cloud
Google Cloud Tech
21 Kubernetes and multitasking updates!
Kubernetes and multitasking updates!
Google Cloud Tech
22 GKE: Using Kubernetes Events
GKE: Using Kubernetes Events
Google Cloud Tech
23 How to configure firewall rules for Cloud Composer
How to configure firewall rules for Cloud Composer
Google Cloud Tech
24 Vertex AI Embeddings API + Matching Engine: Grounding LLMs made easy
Vertex AI Embeddings API + Matching Engine: Grounding LLMs made easy
Google Cloud Tech
25 Geospatial analytics on our radar #EarthEngine #BigQuery
Geospatial analytics on our radar #EarthEngine #BigQuery
Google Cloud Tech
26 Ensuring requests are set in Kubernetes
Ensuring requests are set in Kubernetes
Google Cloud Tech
27 Cloud Next 2023, Google research program, and more!
Cloud Next 2023, Google research program, and more!
Google Cloud Tech
28 How to migrate projects between organizations with Resource Manager
How to migrate projects between organizations with Resource Manager
Google Cloud Tech
29 How to run #MySQL in Google Cloud
How to run #MySQL in Google Cloud
Google Cloud Tech
30 #GenerativeAI for enterprises and #Next2023
#GenerativeAI for enterprises and #Next2023
Google Cloud Tech
31 How Google Photos scales to store 4 trillion photos and videos
How Google Photos scales to store 4 trillion photos and videos
Google Cloud Tech
32 Google Cross-Cloud Interconnect (Demo 2)
Google Cross-Cloud Interconnect (Demo 2)
Google Cloud Tech
33 GKE Cost Optimization Golden Signals: Introduction
GKE Cost Optimization Golden Signals: Introduction
Google Cloud Tech
34 GKE Cost Optimization Golden Signals: Workload Rightsizing
GKE Cost Optimization Golden Signals: Workload Rightsizing
Google Cloud Tech
35 GKE Load Balancing: Overview
GKE Load Balancing: Overview
Google Cloud Tech
36 GKE Load Balancing: Best Practices
GKE Load Balancing: Best Practices
Google Cloud Tech
37 Disaster Recovery in GKE
Disaster Recovery in GKE
Google Cloud Tech
38 How to configure IP masquerade agent in GKE Standard clusters
How to configure IP masquerade agent in GKE Standard clusters
Google Cloud Tech
39 Enable and use GKE Control plane logs
Enable and use GKE Control plane logs
Google Cloud Tech
40 Compliance in Australia with Assured Workloads
Compliance in Australia with Assured Workloads
Google Cloud Tech
41 Creating budgets and budget alerts in Google Cloud #FinOps
Creating budgets and budget alerts in Google Cloud #FinOps
Google Cloud Tech
42 Cloud SQL Enterprise Plus on our radar #mySQL
Cloud SQL Enterprise Plus on our radar #mySQL
Google Cloud Tech
43 What's Next for Google Cloud?
What's Next for Google Cloud?
Google Cloud Tech
44 How Loveholidays scaled with Contact Center AI
How Loveholidays scaled with Contact Center AI
Google Cloud Tech
45 What is fleet team management in GKE?
What is fleet team management in GKE?
Google Cloud Tech
46 Troubleshoot VPC Network Peering
Troubleshoot VPC Network Peering
Google Cloud Tech
47 Introduction to DocAI and Contact Center AI
Introduction to DocAI and Contact Center AI
Google Cloud Tech
48 Cloud Run Direct VPC egress explained
Cloud Run Direct VPC egress explained
Google Cloud Tech
49 Database deployment options in GKE
Database deployment options in GKE
Google Cloud Tech
50 Analyze cloud billing data with #BigQuery
Analyze cloud billing data with #BigQuery
Google Cloud Tech
51 Tips to becoming a world-class Prompt Engineer
Tips to becoming a world-class Prompt Engineer
Google Cloud Tech
52 Serverless is simple. Do I need CI/CD?
Serverless is simple. Do I need CI/CD?
Google Cloud Tech
53 Accelerating model deployment with MLOps
Accelerating model deployment with MLOps
Google Cloud Tech
54 How Hawaii's Department of Human Services scaled with CCAI
How Hawaii's Department of Human Services scaled with CCAI
Google Cloud Tech
55 Pricing API on our #Radar
Pricing API on our #Radar
Google Cloud Tech
56 How Recommendations AI for Media can boost customer retention
How Recommendations AI for Media can boost customer retention
Google Cloud Tech
57 Troubleshooting: Node Not Ready Status
Troubleshooting: Node Not Ready Status
Google Cloud Tech
58 One weekend until Cloud Next 2023!
One weekend until Cloud Next 2023!
Google Cloud Tech
59 #GoogleCloudNext starts tomorrow!
#GoogleCloudNext starts tomorrow!
Google Cloud Tech
60 #GoogleCloudNext will be demand!
#GoogleCloudNext will be demand!
Google Cloud Tech

This video teaches how to integrate Model Armor with an ADK agent using callbacks to protect AI applications from threats. It covers how to implement input and output validation guardrails, inspect and sanitize user prompts and model responses, and enforce policies to filter out harmful content. By following these steps, developers can add a layer of defense to their AI agents and protect their models from exposure.

Key Takeaways
  1. Integrate Model Armor with an ADK agent using the callback mechanism
  2. Implement an input guard rail using the before model callback
  3. Inspect and sanitize user prompts using the Model Armor API's sanitize user prompt method
  4. Implement an output validation guardrail using the after model callback
  5. Inspect and modify the raw LLM response using the Model Armor API's sanitize model response method
  6. Enforce policies to filter out harmful content and prevent data leakage
  7. Test the implementation using benign and malicious prompts
💡 The callback mechanism provides powerful hooks to observe, customize, and control the agent's behavior, allowing developers to implement security checkpoints and protect their AI applications from threats.

Related Reads

📰
I Built an LLM Filter That Prefers Silence Over Slop — and the Eval Harness That Keeps It Honest
Learn how to build an LLM filter that prioritizes silence over slop and create an evaluation harness to ensure its accuracy
Dev.to AI
📰
Open-Weight LLM API Integration: A Developer's Practical Guide
Learn to integrate open-weight LLM APIs into your applications for more flexible and customizable AI solutions
Dev.to AI
📰
Fine-Tuning: Lleva tus modelos de IA al siguiente nivel con precisión real
Learn how to fine-tune pre-trained AI models for specific business needs to achieve more precise and coherent results
Medium · Machine Learning
📰
Building an AI Dream Analysis Engine, Part 1: Designing the NLP Pipeline
Learn to design an NLP pipeline for an AI dream analysis engine that generates structured psychological insights
Hackernoon

Chapters (4)

Intro
0:48 Input guardrail
1:14 Output validation guardrail
1:46 See it action
Up next
5 Levels of AI Agents - From Simple LLM Calls to Multi-Agent Systems
Dave Ebbelaar (LLM Eng)
Watch →