Module 9 Wrap-up: The Security Specialist

You have graduated from "Building" to "Protecting." You know that a professional AI application is not just about getting the right answer—it's about Refusing to give the wrong or dangerous one. You have mastered Guardrails and Grounding strategies.

---

Hands-on Exercise: The PII Defender

1. The Goal

Create a simple Python script that uses a Bedrock Guardrail to redact social security numbers (SSNs) from an AI's response.

2. The Implementation Plan

1. Go to the AWS Console $\rightarrow$ Bedrock $\rightarrow$ Safeguards $\rightarrow$ Guardrails.
2. Create a guardrail that has "Sensitive Information Filters" enabled for "Social Security Number."
3. Add "Redact" as the action.
4. In your Python script, call a model and ask it to: "Make up a fake name and a fake 9-digit social security number for a character."
5. Verify that the SSN appears as [SSN] or *** in the output.

---

Module 9 Summary

• Guardrails: The infrastructure-level safety net for AI.
• PII Filtering: Mandatory for compliance (GDPR/HIPAA).
• Grounding: The art of keeping AI focused on your documents.
• "I don't know": The most powerful instruction in a RAG prompt.

Coming Up Next...

In Module 10, we enter the second major pillar of Bedrock: Agents. We will learn how to build AI that does more than just talk—AI that can Make Decisions and Call Functions to solve complex problems.

---

Module 9 Checklist

• I have created a Guardrail in the AWS Console.
• I can explain the difference between a content filter and a topic filter.
• I have used the guardrailConfig in a Python API call.
• I understand how to redact PII automatically.
• I have tested my RAG grounding by asking an "unsupported" question.