Info icon
End of Life Notice: For Trend Cloud One™ - Conformity Customers, Conformity will reach its End of Sale on “July 31st, 2025” and End of Life “July 31st, 2026”. The same capabilities and much more is available in TrendAI Vision One™ Cloud Risk Management. For details, please refer to Upgrade to TrendAI Vision One™

Configure Content Filter Strength for Bedrock Guardrails

TrendAI Vision One™ provides continuous assurance that gives peace of mind for your cloud infrastructure, delivering over 1400 automated best practice checks.

Risk Level: High (not acceptable risk)

Ensure that the content policy filter categories (HATE, INSULTS, SEXUAL, VIOLENCE, and MISCONDUCT) configured for your Amazon Bedrock guardrails have both the input and output filter strength set to at least MEDIUM. This rule extends the coverage provided by the "Configure Prompt Attack Strength for Amazon Bedrock Guardrails" rule, which only evaluates the PROMPT_ATTACK filter category, to the remaining five content filter categories.

Security

Content filters in Amazon Bedrock guardrails detect and filter harmful user inputs and model-generated outputs based on a confidence classification (NONE, LOW, MEDIUM, or HIGH) across the HATE, INSULTS, SEXUAL, VIOLENCE, and MISCONDUCT categories. If the input or output strength for any of these categories is configured with a low threshold (LOW or NONE), the guardrail becomes significantly less effective at detecting and blocking harmful content, allowing more borderline or harmful content to pass through undetected. An identity with the bedrock:UpdateGuardrail permission can systematically weaken these filter thresholds, making the underlying model significantly more susceptible to generating or relaying harmful content. Configuring at least a MEDIUM filter strength for both inputs and outputs across all content policy filter categories ensures a consistent and adequate level of protection against harmful content in your generative AI applications.


Audit

To determine if the content policy filter categories configured for your Amazon Bedrock guardrails have an input and output filter strength set to at least MEDIUM, perform the following operations:

Using AWS Console

  1. Sign in to the AWS Management Console.

  2. Navigate to Amazon Bedrock console available at https://console.aws.amazon.com/bedrock/.

  3. In the main navigation panel, under Build, select Guardrails.

  4. In the Guardrails section, click on the name (link) of the Amazon Bedrock guardrail that you want to examine, available in the Name column.

  5. In the Working draft section, click on Working draft (link) to open the current draft defined for the selected guardrail.

  6. In the Content filters section, locate the Harmful categories subsection and perform the following checks:

    1. Check the Prompt filters and Response filters status. If either is set to Disabled, the corresponding input or output content filters are not enabled for the selected guardrail.
    2. For each of the Hate, Insults, Sexual, Violence, and Misconduct categories, check the strength value shown under [Category] filter for prompts (input) and [Category] filter for responses (output) — for example, Sexual filter for prompts and Sexual filter for responses. If any value is Low strength or None (a None value is shown with Action: Disabled) for any of these categories, the content filter strength for the selected Amazon Bedrock guardrail is not set to at least MEDIUM.
  7. Repeat steps no. 4 - 6 for each Amazon Bedrock guardrail available within the current AWS region.

  8. Change the AWS cloud region from the navigation bar to repeat the Audit process for other regions.

Using AWS CLI

  1. Run list-guardrails command (OSX/Linux/UNIX) to list the Amazon Resource Name (ARN) of each Amazon Bedrock guardrail available in the selected AWS cloud region:

    aws bedrock list-guardrails
      --region us-east-1
      --query 'guardrails[*].arn'
    
  2. The command output should return the requested guardrail identifiers (ARNs):

    [
        "arn:aws:bedrock:us-east-1:123456789012:guardrail/abcd1234abcd",
        "arn:aws:bedrock:us-east-1:123456789012:guardrail/1234abcd1234"
    ]
    
  3. Run get-guardrail command (OSX/Linux/UNIX) with the identifier (ID or ARN) of the Amazon Bedrock guardrail that you want to examine, to describe the content filter strengths configured for the selected guardrail, excluding the PROMPT_ATTACK category:

    aws bedrock get-guardrail
      --region us-east-1
      --guardrail-identifier arn:aws:bedrock:us-east-1:123456789012:guardrail/abcd1234abcd
      --query 'contentPolicy.filters[?type!=`PROMPT_ATTACK`].{type:type,inputStrength:inputStrength,outputStrength:outputStrength}'
    
  4. The command output should return the filter strengths configured for each content policy category on your guardrail:

    [
        {
            "type": "HATE",
            "inputStrength": "HIGH",
            "outputStrength": "HIGH"
        },
        {
            "type": "INSULTS",
            "inputStrength": "MEDIUM",
            "outputStrength": "MEDIUM"
        },
        {
            "type": "SEXUAL",
            "inputStrength": "LOW",
            "outputStrength": "HIGH"
        },
        {
            "type": "VIOLENCE",
            "inputStrength": "HIGH",
            "outputStrength": "NONE"
        },
        {
            "type": "MISCONDUCT",
            "inputStrength": "HIGH",
            "outputStrength": "HIGH"
        }
    ]
    

    If the get-guardrail command output does not return an entry for one of the HATE, INSULTS, SEXUAL, VIOLENCE, or MISCONDUCT categories, the selected Amazon Bedrock guardrail is not configured with a content filter for that category. If the inputStrength or outputStrength value returned for any category is LOW or NONE (as shown for SEXUAL and VIOLENCE in the example above), the content filter strength for the selected Amazon Bedrock guardrail is not set to at least MEDIUM to adequately protect against harmful content.

  5. Repeat steps no. 3 and 4 for each Amazon Bedrock guardrail available in the selected AWS region.

  6. Change the AWS cloud region by updating the --region command parameter value and repeat steps no. 1 – 5 to perform the Audit process for other regions.

Remediation / Resolution

To ensure that all content policy filter categories in your Amazon Bedrock guardrails have an input and output filter strength set to at least MEDIUM, perform the following operations:

Using AWS Console

  1. Sign in to the AWS Management Console.

  2. Navigate to Amazon Bedrock console available at https://console.aws.amazon.com/bedrock/.

  3. In the main navigation panel, under Build, select Guardrails.

  4. In the Guardrails section, click on the name (link) of the Amazon Bedrock guardrail that you want to configure, available in the Name column.

  5. In the Working draft section, click on Working draft (link) to open the current draft defined for the selected guardrail.

  6. Choose Edit from the Harmful categories section to edit the content filters configured for the selected guardrail.

  7. In the Harmful categories section, ensure the Configure harmful categories filters toggle is turned on. Note the Use the same harmful categories filters for responses check box: when it is selected (the default), the strength you set under Filters for prompts is applied to both inputs and outputs; clear this check box to configure the Filters for prompts and Filters for responses sections independently (needed when the input and output strengths differ). For each of the Hate, Insults, Sexual, Violence, and Misconduct categories, ensure the category is enabled (select Text and/or Image) and drag the Strength slider to Medium or High. If you cleared the shared-filter check box, set the Strength slider to Medium or High in both the Filters for prompts and Filters for responses sections.

  8. Choose Save and exit to apply the configuration changes.

  9. Repeat steps no. 4 - 8 for each Amazon Bedrock guardrail that you want to configure, available within the current AWS region.

  10. Change the AWS cloud region from the navigation bar and repeat the Remediation process for other regions.

Using AWS CLI

  1. Run update-guardrail command (OSX/Linux/UNIX) with the identifier (ID or ARN) of the Amazon Bedrock guardrail that you want to configure, to set the content filter strength to at least MEDIUM for each harmful category on the selected guardrail. The --content-policy-config parameter must be specified in full, including any filter categories you want to keep unchanged (such as PROMPT_ATTACK), since update-guardrail replaces the entire content policy configuration rather than patching individual filters. Important: update-guardrail performs a full replacement of the guardrail configuration (an HTTP PUT), not a partial update. Any other policy configuration currently on the guardrail (topic, word, sensitive information, contextual grounding, or automated reasoning policies) that you do not re-supply in this command will be removed. Before running the command, use get-guardrail to retrieve the guardrail's current configuration, then re-supply every policy you want to keep alongside the corrected content filter strengths:

    aws bedrock update-guardrail
      --region us-east-1
      --guardrail-identifier arn:aws:bedrock:us-east-1:123456789012:guardrail/abcd1234abcd
      --name tm-project5-ai-guardrail
      --blocked-input-messaging "Sorry, the model cannot answer this question."
      --blocked-outputs-messaging "Sorry, the model cannot answer this question."
      --content-policy-config 'filtersConfig=[{type="PROMPT_ATTACK",inputStrength="HIGH",outputStrength="NONE"},{type="SEXUAL",inputStrength="HIGH",outputStrength="HIGH"},
    {type="HATE",inputStrength="HIGH",outputStrength="HIGH"},{type="VIOLENCE",inputStrength="HIGH",outputStrength="HIGH"},{type="INSULTS",inputStrength="MEDIUM",outputStrength="MEDIUM"},{type="MISCONDUCT",inputStrength="MEDIUM",outputStrength="MEDIUM"}]'
    
  2. The command output should return the identification details available for the configured guardrail:

    {
        "guardrailId": "abcd1234abcd",
        "guardrailArn": "arn:aws:bedrock:us-east-1:123456789012:guardrail/abcd1234abcd",
        "version": "DRAFT",
        "updatedAt": "2024-06-15T10:07:34.347840+00:00"
    }
    
  3. Repeat steps no. 1 and 2 for each Amazon Bedrock guardrail that you want to configure, available in the selected AWS region.

  4. Change the AWS cloud region by updating the --region command parameter value and repeat the Remediation process for other regions.

References

Publication date Jul 13, 2026