From 065f25b11d7bb2212876ada45cd83447f3418907 Mon Sep 17 00:00:00 2001 From: cyphronix <57731583+liamschn@users.noreply.github.com> Date: Wed, 23 Apr 2025 16:42:33 -0600 Subject: [PATCH] change 'security control' to 'safeguard' --- aws_sra_examples/solutions/genai/README.md | 2 +- .../solutions/genai/bedrock_guardrails/lambda/src/app.py | 2 +- aws_sra_examples/solutions/genai/bedrock_org/README.md | 8 ++++---- .../solutions/genai/bedrock_org/lambda/src/app.py | 6 +++--- .../genai/bedrock_org/templates/sra-bedrock-org-main.yaml | 4 ++-- 5 files changed, 11 insertions(+), 11 deletions(-) diff --git a/aws_sra_examples/solutions/genai/README.md b/aws_sra_examples/solutions/genai/README.md index 6d9d5b3c..46365d7c 100644 --- a/aws_sra_examples/solutions/genai/README.md +++ b/aws_sra_examples/solutions/genai/README.md @@ -14,7 +14,7 @@ This directory contains security solutions for implementing generative AI capabi ## Solutions - [SRA Bedrock Organizations Solution](./bedrock_org/) -This solution provides an automated framework for deploying Bedrock organizational security controls. +This solution provides an automated framework for deploying Bedrock organizational safeguards. - [SRA Bedrock Guardrails Solution](./bedrock_guardrails/) This solution provides an automated framework for deploying Bedrock guardrails across multiple AWS accounts and regions in an organization. diff --git a/aws_sra_examples/solutions/genai/bedrock_guardrails/lambda/src/app.py b/aws_sra_examples/solutions/genai/bedrock_guardrails/lambda/src/app.py index 97c8dbe8..46abd774 100644 --- a/aws_sra_examples/solutions/genai/bedrock_guardrails/lambda/src/app.py +++ b/aws_sra_examples/solutions/genai/bedrock_guardrails/lambda/src/app.py @@ -2,7 +2,7 @@ Version: 1.0 -Main app module for SRA GenAI Bedrock org security controls solution in the repo, +Main app module for SRA GenAI Bedrock org safeguards solution in the repo, https://github.com/aws-samples/aws-security-reference-architecture-examples Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. diff --git a/aws_sra_examples/solutions/genai/bedrock_org/README.md b/aws_sra_examples/solutions/genai/bedrock_org/README.md index 80b005bc..35ce7856 100644 --- a/aws_sra_examples/solutions/genai/bedrock_org/README.md +++ b/aws_sra_examples/solutions/genai/bedrock_org/README.md @@ -13,7 +13,7 @@ ## Introduction -This solution provides an automated framework for deploying Bedrock organizational security controls using AWS CloudFormation. It leverages a Lambda function to configure and deploy AWS Config rules, CloudWatch metrics, and other resources necessary to monitor and enforce governance policies across multiple AWS accounts and regions in an organization. +This solution provides an automated framework for deploying Bedrock organizational safeguards using AWS CloudFormation. It leverages a Lambda function to configure and deploy AWS Config rules, CloudWatch metrics, and other resources necessary to monitor and enforce governance policies across multiple AWS accounts and regions in an organization. The architecture follows best practices for security and scalability and is designed for easy extensibility. @@ -464,7 +464,7 @@ This section explains the parameters in the CloudFormation template that require ## Related Security Control Solutions -This solution works in conjunction with other AWS SRA solutions to provide comprehensive security controls for Bedrock GenAI environments: +This solution works in conjunction with other AWS SRA solutions to provide comprehensive safeguards for Bedrock GenAI environments: ### Amazon Bedrock Guardrails Solution The [SRA Bedrock Guardrails solution](../../genai/bedrock_guardrails/README.md) provides automated deployment of Amazon Bedrock Guardrails across your organization. It supports: @@ -487,6 +487,6 @@ The [SRA GuardDuty Malware Protection solution](../../guardduty/guardduty_malwar The solution enables GuardDuty's malware scanning capabilities to detect malicious files that could be used in prompt injection attacks or compromise your GenAI applications. These complementary solutions work together to provide defense-in-depth for your Bedrock GenAI environment: -- This solution (SRA Bedrock Org) provides organizational security controls and monitoring -- Bedrock Guardrails solution provides content and data security controls +- This solution (SRA Bedrock Org) provides organizational safeguards and monitoring +- Bedrock Guardrails solution provides content and data safeguards - GuardDuty Malware Protection ensures S3 bucket security against malware threats diff --git a/aws_sra_examples/solutions/genai/bedrock_org/lambda/src/app.py b/aws_sra_examples/solutions/genai/bedrock_org/lambda/src/app.py index f0f0e893..3483b08b 100644 --- a/aws_sra_examples/solutions/genai/bedrock_org/lambda/src/app.py +++ b/aws_sra_examples/solutions/genai/bedrock_org/lambda/src/app.py @@ -1,8 +1,8 @@ -"""This script performs operations to enable, configure, and disable Bedrock security controls. +"""This script performs operations to enable, configure, and disable Bedrock safeguards. Version: 1.0 -Main app module for SRA GenAI Bedrock org security controls solution in the repo, +Main app module for SRA GenAI Bedrock org safeguards solution in the repo, https://github.com/aws-samples/aws-security-reference-architecture-examples Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. @@ -1955,7 +1955,7 @@ def process_sns_records(event: dict) -> None: LOGGER.info({"SNS Record": record}) message = record["Sns"]["Message"] if message["Action"] == "configure": - LOGGER.info("Continuing process to enable SRA security controls for Bedrock (sns event)") + LOGGER.info("Continuing process to enable SRA safeguards for Bedrock (sns event)") # 3) Deploy config rules (regional) message["Accounts"].append(sts.MANAGEMENT_ACCOUNT) diff --git a/aws_sra_examples/solutions/genai/bedrock_org/templates/sra-bedrock-org-main.yaml b/aws_sra_examples/solutions/genai/bedrock_org/templates/sra-bedrock-org-main.yaml index 33417d04..291c4000 100644 --- a/aws_sra_examples/solutions/genai/bedrock_org/templates/sra-bedrock-org-main.yaml +++ b/aws_sra_examples/solutions/genai/bedrock_org/templates/sra-bedrock-org-main.yaml @@ -1,5 +1,5 @@ AWSTemplateFormatVersion: '2010-09-09' -Description: CloudFormation template to deploy the sra-bedrock-org solution for GenAI deep-dive Bedrock capability one security controls. See https://github.com/aws-samples/aws-security-reference-architecture-examples (sra-1u3sd7f8n) +Description: CloudFormation template to deploy the sra-bedrock-org solution for GenAI deep-dive Bedrock capability one safeguards. See https://github.com/aws-samples/aws-security-reference-architecture-examples (sra-1u3sd7f8n) Parameters: pSRARepoZipUrl: @@ -90,7 +90,7 @@ Parameters: AllowedPattern: '^[\w+=,.@-]{1,64}$' ConstraintDescription: Max 64 alphanumeric characters. Also special characters supported [+, =, ., @, -] Default: sra-bedrock-org-lambda - Description: Bedrock security control configuration Lambda role name + Description: Bedrock safeguard configuration Lambda role name Type: String AllowedValues: ['sra-bedrock-org-lambda']