From 9f184a64fae99d5da0ba89841b188e8e821ab724 Mon Sep 17 00:00:00 2001 From: lena-larionova Date: Mon, 8 Sep 2025 15:30:19 -0700 Subject: [PATCH 1/6] document ai sanitizer response support --- .../examples/anonymize-phone-numbers.yaml | 4 +- .../anonymize-request-and-response-data.yaml | 35 ++++++++++++++++ .../examples/anonymize-response-data.yaml | 35 ++++++++++++++++ app/_kong_plugins/ai-sanitizer/index.md | 42 ++++++++++++++++--- 4 files changed, 109 insertions(+), 7 deletions(-) create mode 100644 app/_kong_plugins/ai-sanitizer/examples/anonymize-request-and-response-data.yaml create mode 100644 app/_kong_plugins/ai-sanitizer/examples/anonymize-response-data.yaml diff --git a/app/_kong_plugins/ai-sanitizer/examples/anonymize-phone-numbers.yaml b/app/_kong_plugins/ai-sanitizer/examples/anonymize-phone-numbers.yaml index ea10211574..2b3d4bbe96 100644 --- a/app/_kong_plugins/ai-sanitizer/examples/anonymize-phone-numbers.yaml +++ b/app/_kong_plugins/ai-sanitizer/examples/anonymize-phone-numbers.yaml @@ -1,6 +1,6 @@ -description: Configure the plugin to use your sanitizer service to anonymize phone numbers in requests before they reach the upstream service. +description: Configure the AI Sanitizer plugin to use your sanitizer service to anonymize phone numbers in requests before they reach the upstream service. -title: Anonymize phone numbers +title: Anonymize phone numbers in requests weight: 900 diff --git a/app/_kong_plugins/ai-sanitizer/examples/anonymize-request-and-response-data.yaml b/app/_kong_plugins/ai-sanitizer/examples/anonymize-request-and-response-data.yaml new file mode 100644 index 0000000000..51963240bc --- /dev/null +++ b/app/_kong_plugins/ai-sanitizer/examples/anonymize-request-and-response-data.yaml @@ -0,0 +1,35 @@ +description: Configure the AI Sanitizer plugin to use your sanitizer service to anonymize all sensitive data and credentials in both client requests and LLM responses. + +title: Anonymize sensitive data in requests and responses + +weight: 900 + +requirements: + - You have enabled the AI Proxy or AI Proxy Advanced plugin + +variables: + host: + description: The sanitizer service's host + value: $SANITIZER_SERVICE_HOST + port: + description: The sanitizer service's port + value: $SANITIZER_SERVICE_PORT + +config: + anonymize: + - all_and_credentials + sanitization_mode: BOTH + port: ${port} + host: ${host} + redact_type: placeholder + recover_redacted: false + +min_version: + gateway: '3.12' + +tools: + - deck + - admin-api + - konnect-api + - kic + - terraform \ No newline at end of file diff --git a/app/_kong_plugins/ai-sanitizer/examples/anonymize-response-data.yaml b/app/_kong_plugins/ai-sanitizer/examples/anonymize-response-data.yaml new file mode 100644 index 0000000000..0af9595c40 --- /dev/null +++ b/app/_kong_plugins/ai-sanitizer/examples/anonymize-response-data.yaml @@ -0,0 +1,35 @@ +description: Configure the AI Sanitizer plugin to use your sanitizer service to anonymize all sensitive data and credentials in LLM responses before they reach the client. + +title: Anonymize sensitive data in responses + +weight: 900 + +requirements: + - You have enabled the AI Proxy or AI Proxy Advanced plugin + +variables: + host: + description: The sanitizer service's host + value: $SANITIZER_SERVICE_HOST + port: + description: The sanitizer service's port + value: $SANITIZER_SERVICE_PORT + +config: + anonymize: + - all_and_credentials + sanitization_mode: OUTPUT + port: ${port} + host: ${host} + redact_type: placeholder + recover_redacted: false + +min_version: + gateway: '3.12' + +tools: + - deck + - admin-api + - konnect-api + - kic + - terraform \ No newline at end of file diff --git a/app/_kong_plugins/ai-sanitizer/index.md b/app/_kong_plugins/ai-sanitizer/index.md index 47f6768fa9..9b39c3c4f5 100644 --- a/app/_kong_plugins/ai-sanitizer/index.md +++ b/app/_kong_plugins/ai-sanitizer/index.md @@ -6,8 +6,7 @@ content_type: plugin tier: ai_gateway_enterprise publisher: kong-inc -description: Protect sensitive information in client request bodies before they reach upstream services - +description: Protect sensitive information in client request or response bodies before they reach upstream services or clients products: - gateway @@ -44,11 +43,12 @@ related_resources: url: /how-to/protect-sensitive-information-with-ai/ --- -The AI Sanitizer plugin for {{site.base_gateway}} helps protect sensitive information in client request bodies before they reach upstream services. +The AI Sanitizer plugin for {{site.base_gateway}} helps protect sensitive information in client request bodies before they reach upstream services, or in LLM response bodies before they reach the client. + By integrating with an external PII service, the plugin ensures compliance with data privacy regulations while preserving the usability of request data. It supports multiple sanitization modes, including replacing sensitive information with fixed placeholders or generating synthetic replacements that retain category-specific characteristics. -Additionally, AI Sanitizer offers an optional restoration feature, allowing the original data to be reinstated in responses when needed. +Additionally, AI Sanitizer offers an optional restoration feature, allowing the original request data to be reinstated in responses when needed. {% include plugins/ai-plugins-note.md %} @@ -56,10 +56,42 @@ The AI Sanitizer plugin uses the AI PII Anonymizer Service, which can run in a D ## How it works +The AI Sanitizer plugin can be applied to input data (requests), output data (responses) {% new_in 3.12 %}, or both. +Here's how it works if you apply it to both requests and responses: + 1. The plugin intercepts the request body and sends it to the external PII service. 1. The PII service detects sensitive data and applies the chosen sanitization method (placeholders or synthetic replacements). 1. The sanitized request is forwarded upstream with the AI Proxy or AI Proxy Advanced plugin. -1. If restoration is enabled, the plugin restores original data in responses before returning them to the client. +1. {% new_in 3.12 %} On the way back, the plugin intercepts the response body and sends it to the external PII service. +1. The PII service detects sensitive data and applies the chosen sanitization method (placeholders or synthetic replacements). +1. If restoration is enabled, the plugin restores the original request data in responses before returning them to the client. + + +{% mermaid %} +sequenceDiagram + autonumber + participant Client + participant Plugin as AI Sanitizer + participant PII as PII Service + participant Proxy as AI Proxy/Advanced + participant AI as Upstream AI Service + + Client->>Plugin: Send request + Plugin->>PII: Intercept & send request body + PII->>PII: Detect sensitive data in request + PII->>Plugin: Return sanitized request
(placeholders/synthetic data) + Plugin->>Proxy: Forward sanitized request + Proxy->>AI: Process sanitized request + AI->>Proxy: Return AI response + Proxy->>Plugin: Forward response + Plugin->>PII: Intercept & send response body + PII->>PII: Detect sensitive data in response + PII->>Plugin: Return sanitized response
(placeholders/synthetic data) + Plugin->>Client: Return sanitized response
(with optional restored request data) +{% endmermaid %} + + +> _Figure 1: Diagram showing the request and response flow with the AI Sanitizer plugin._ ## AI PII Anonymizer service From e51b1233972a4de10296a640a663c2e3f8fe9b10 Mon Sep 17 00:00:00 2001 From: lena-larionova Date: Mon, 8 Sep 2025 15:32:28 -0700 Subject: [PATCH 2/6] vale --- app/_kong_plugins/ai-sanitizer/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/_kong_plugins/ai-sanitizer/index.md b/app/_kong_plugins/ai-sanitizer/index.md index 9b39c3c4f5..4322a90285 100644 --- a/app/_kong_plugins/ai-sanitizer/index.md +++ b/app/_kong_plugins/ai-sanitizer/index.md @@ -66,7 +66,7 @@ Here's how it works if you apply it to both requests and responses: 1. The PII service detects sensitive data and applies the chosen sanitization method (placeholders or synthetic replacements). 1. If restoration is enabled, the plugin restores the original request data in responses before returning them to the client. - + {% mermaid %} sequenceDiagram autonumber @@ -89,7 +89,7 @@ sequenceDiagram PII->>Plugin: Return sanitized response
(placeholders/synthetic data) Plugin->>Client: Return sanitized response
(with optional restored request data) {% endmermaid %} - + > _Figure 1: Diagram showing the request and response flow with the AI Sanitizer plugin._ From 6f6a76e7370a2bea7c59e60a315f8b5bb649203f Mon Sep 17 00:00:00 2001 From: lena-larionova <54370747+lena-larionova@users.noreply.github.com> Date: Tue, 9 Sep 2025 08:02:27 -0700 Subject: [PATCH 3/6] Apply suggestions from code review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: 罗泽轩 --- app/_kong_plugins/ai-sanitizer/index.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/app/_kong_plugins/ai-sanitizer/index.md b/app/_kong_plugins/ai-sanitizer/index.md index 4322a90285..e58c36ce94 100644 --- a/app/_kong_plugins/ai-sanitizer/index.md +++ b/app/_kong_plugins/ai-sanitizer/index.md @@ -56,7 +56,10 @@ The AI Sanitizer plugin uses the AI PII Anonymizer Service, which can run in a D ## How it works -The AI Sanitizer plugin can be applied to input data (requests), output data (responses) {% new_in 3.12 %}, or both. +The AI Sanitizer plugin can be applied to: +* Input data (requests) +* Output data (responses) {% new_in 3.12 %} +* Both input and output data {% new_in 3.12 %} Here's how it works if you apply it to both requests and responses: 1. The plugin intercepts the request body and sends it to the external PII service. @@ -87,7 +90,7 @@ sequenceDiagram Plugin->>PII: Intercept & send response body PII->>PII: Detect sensitive data in response PII->>Plugin: Return sanitized response
(placeholders/synthetic data) - Plugin->>Client: Return sanitized response
(with optional restored request data) + Plugin->>Client: Return sanitized response {% endmermaid %} From 6b46f33502512cae8d37e0d621f49b233671c2aa Mon Sep 17 00:00:00 2001 From: lena-larionova <54370747+lena-larionova@users.noreply.github.com> Date: Tue, 9 Sep 2025 08:15:45 -0700 Subject: [PATCH 4/6] fix spacing --- app/_kong_plugins/ai-sanitizer/index.md | 1 + 1 file changed, 1 insertion(+) diff --git a/app/_kong_plugins/ai-sanitizer/index.md b/app/_kong_plugins/ai-sanitizer/index.md index e58c36ce94..2ab9c847fe 100644 --- a/app/_kong_plugins/ai-sanitizer/index.md +++ b/app/_kong_plugins/ai-sanitizer/index.md @@ -60,6 +60,7 @@ The AI Sanitizer plugin can be applied to: * Input data (requests) * Output data (responses) {% new_in 3.12 %} * Both input and output data {% new_in 3.12 %} + Here's how it works if you apply it to both requests and responses: 1. The plugin intercepts the request body and sends it to the external PII service. From 816869278c579f0e46eecfa4e7d9449760d80c3d Mon Sep 17 00:00:00 2001 From: lena-larionova <54370747+lena-larionova@users.noreply.github.com> Date: Tue, 9 Sep 2025 08:20:44 -0700 Subject: [PATCH 5/6] move new_in tag --- app/_kong_plugins/ai-sanitizer/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/_kong_plugins/ai-sanitizer/index.md b/app/_kong_plugins/ai-sanitizer/index.md index 2ab9c847fe..55235ce202 100644 --- a/app/_kong_plugins/ai-sanitizer/index.md +++ b/app/_kong_plugins/ai-sanitizer/index.md @@ -66,7 +66,7 @@ Here's how it works if you apply it to both requests and responses: 1. The plugin intercepts the request body and sends it to the external PII service. 1. The PII service detects sensitive data and applies the chosen sanitization method (placeholders or synthetic replacements). 1. The sanitized request is forwarded upstream with the AI Proxy or AI Proxy Advanced plugin. -1. {% new_in 3.12 %} On the way back, the plugin intercepts the response body and sends it to the external PII service. +1. On the way back, the plugin intercepts the response body and sends it to the external PII service. {% new_in 3.12 %} 1. The PII service detects sensitive data and applies the chosen sanitization method (placeholders or synthetic replacements). 1. If restoration is enabled, the plugin restores the original request data in responses before returning them to the client. @@ -224,4 +224,4 @@ You can use the following fields in the `anonymize` array: * `nationalid`: Anonymizes various national identification numbers (for example, Aadhaar, PESEL, NRIC, social security, or voter IDs). * `custom`: Anonymizes user-defined custom PII patterns using regular expressions only when custom patterns are provided. * `credentials`: Anonymizes the credentials, similar to `/sanitize_credentials`. -* `all`: Includes all the fields above, including custom ones. \ No newline at end of file +* `all`: Includes all the fields above, including custom ones. From dc80227c2dea10c7a8ade12df335fd3b2f5d2d3f Mon Sep 17 00:00:00 2001 From: lena-larionova Date: Tue, 9 Sep 2025 14:35:29 -0700 Subject: [PATCH 6/6] use placeholder values in examples instead of env variables --- .../anonymize-request-and-response-data.yaml | 12 ++---------- .../examples/anonymize-response-data.yaml | 12 ++---------- app/_kong_plugins/ai-sanitizer/index.md | 6 +++--- 3 files changed, 7 insertions(+), 23 deletions(-) diff --git a/app/_kong_plugins/ai-sanitizer/examples/anonymize-request-and-response-data.yaml b/app/_kong_plugins/ai-sanitizer/examples/anonymize-request-and-response-data.yaml index 51963240bc..bd04f9635d 100644 --- a/app/_kong_plugins/ai-sanitizer/examples/anonymize-request-and-response-data.yaml +++ b/app/_kong_plugins/ai-sanitizer/examples/anonymize-request-and-response-data.yaml @@ -7,20 +7,12 @@ weight: 900 requirements: - You have enabled the AI Proxy or AI Proxy Advanced plugin -variables: - host: - description: The sanitizer service's host - value: $SANITIZER_SERVICE_HOST - port: - description: The sanitizer service's port - value: $SANITIZER_SERVICE_PORT - config: anonymize: - all_and_credentials sanitization_mode: BOTH - port: ${port} - host: ${host} + port: 8080 + host: example.service.com redact_type: placeholder recover_redacted: false diff --git a/app/_kong_plugins/ai-sanitizer/examples/anonymize-response-data.yaml b/app/_kong_plugins/ai-sanitizer/examples/anonymize-response-data.yaml index 0af9595c40..9f218d20dd 100644 --- a/app/_kong_plugins/ai-sanitizer/examples/anonymize-response-data.yaml +++ b/app/_kong_plugins/ai-sanitizer/examples/anonymize-response-data.yaml @@ -7,20 +7,12 @@ weight: 900 requirements: - You have enabled the AI Proxy or AI Proxy Advanced plugin -variables: - host: - description: The sanitizer service's host - value: $SANITIZER_SERVICE_HOST - port: - description: The sanitizer service's port - value: $SANITIZER_SERVICE_PORT - config: anonymize: - all_and_credentials sanitization_mode: OUTPUT - port: ${port} - host: ${host} + port: 8080 + host: example.service.com redact_type: placeholder recover_redacted: false diff --git a/app/_kong_plugins/ai-sanitizer/index.md b/app/_kong_plugins/ai-sanitizer/index.md index 55235ce202..a92c6025ad 100644 --- a/app/_kong_plugins/ai-sanitizer/index.md +++ b/app/_kong_plugins/ai-sanitizer/index.md @@ -64,11 +64,11 @@ The AI Sanitizer plugin can be applied to: Here's how it works if you apply it to both requests and responses: 1. The plugin intercepts the request body and sends it to the external PII service. -1. The PII service detects sensitive data and applies the chosen sanitization method (placeholders or synthetic replacements). + 1. The PII service detects sensitive data and applies the chosen sanitization method (placeholders or synthetic replacements). 1. The sanitized request is forwarded upstream with the AI Proxy or AI Proxy Advanced plugin. 1. On the way back, the plugin intercepts the response body and sends it to the external PII service. {% new_in 3.12 %} -1. The PII service detects sensitive data and applies the chosen sanitization method (placeholders or synthetic replacements). -1. If restoration is enabled, the plugin restores the original request data in responses before returning them to the client. + 1. The PII service detects sensitive data and applies the chosen sanitization method (placeholders or synthetic replacements). +1. (_Only applies to input data sanitization_) If restoration is enabled, the plugin restores the original request data in responses before returning them to the client. {% mermaid %}