Integrate AI Guard within your application to scan your AI usage for harmful content
generation, sensitive information leakage, and prompt injections.
For Trend-hosted integration, see Integrate Trend-hosted AI Guard. For data sovereignty, deploy and host the Trend Micro Artifact Scanner in your AWS
environment. Trend Vision One receives only the scan results.
Procedure
- To configure a new AWS account:
- In the Trend Vision One console, go to .
- Click Add Account.
- For Deployment Method, select CloudFormation.
- Select the account type:
-
Single AWS Account
-
AWS Organization
-
- Provide an Account name and Description to display in Cloud Accounts.
- Specify the Organizational Unit ID. When you add the AWS Organization, all member accounts without a specified alias in AWS receive an automatically generated name in Cloud Accounts.
- To configure an existing AWS account:
- Click Update AWS account then click the account name.
- In Cloud Accounts Settings, click the Stack Update tab.
- Select the AWS region for CloudFormation template deployment.
- To add custom tags to the resources deployed by Trend Vision One, select Resource tagging and specify the key-value pairs.
-
To add up to three tags, click Create a new tag.
-
- Click Next.
- Enable AI Application Security.
- Select the Deployment.
- Select Enable AI Guard.
- In a new tab in the same browser session, sign in to the AWS account you want to connect using a role that has administrator privileges.
- For an existing AWS account:
- Under Update the CloudFormation template, click Copy S3 URL.
- To review the template before deploying, click Download and Review Template.
- Go to Stacks and click the stack name for the stack you want to update.
-
Vision-One-Cloud-Account-Management
-
- Click Update.
- Select Replace current template.
- Paste the template S3 URL into Amazon S3 URL.
- Click Next.
- For a new AWS account:
- Click Next.
- To use automated deployment:
-
Select Automated for the deployment type.
-
Click Launch stack to launch the CloudFormation template in the AWS console.
-
Complete the steps in Quick Create Stack.
-
- To use manual deployment:
-
Select Manual for the deployment type.
-
Click Download the template and stack parameters as a .zip.
-
Go to Stacks under CloudFormation.
-
Create a new stack using the parameters in the .zip file.
-
- In Trend Vision One, click Done.
- In another tab, log in to the AWS management console and open the CloudFormation stack.
- Go to Outputs tab and copy the GuardAPIEndpoint.
- Integrate AI Guard with your application. Refer to the following code snippet for
the integration.
import os import requests # Get your Trend Vision One API key from environment variable api_key = os.environ.get("V1_API_KEY") if not api_key: raise ValueError("Missing V1_API_KEY environment variable") # Get your Trend Micro AI Guard URL from environment variable ai_guard_url = os.environ.get("AI_GUARD_URL") if not ai_guard_url: raise ValueError("Missing AI_GUARD_URL environment variable") # Configure headers headers = { "Authorization": f"Bearer {api_key}", "Content-Type": "application/json", "TMV1-Application-Name": "your-application-name" # Required } # Prepare the payload payload = { "prompt": "Your prompt or message here" } # Copy AI Guard URL from AWS template Stack Output url = f"{ai_guard_url}" # Make the API request response = requests.post( url, headers=headers, json=payload ) # Check response status if response.status_code == 200: result = response.json() # API returns action and optional reasons action = result.get("action") reasons = result.get("reasons", []) if action == "Allow": print("Request allowed by AI Guard") elif action == "Block": print(f"Request blocked by AI Guard") print(f"Reasons: {', '.join(reasons)}") print(f"Response ID: {result.get('id')}") else: print(f"Error: {response.status_code} - {response.text}")-
Set the AI_GUARD_URL value using the value from GuardAPIEndpoint.
For more information, see the AI Guard API Reference and code examples and the Trend Micro Automation Center. -