
Explanation:
Cloud control plane: IAM policies, Resource policies
Prompt firewall: Injection policies, Output monitoring
WAF: Connection rate limits, Input token validation
Front-end API + Model + Vector database: Guardrails, Input quota
API gateway: Load balancing, Authentication token validation
Cloud control plane relies on IAM and resource policies to enforce centralized identity and access management as well as usage restrictions.
Prompt firewall protects against malicious input via injection policies and ensures outputs are monitored for compliance and safety.
WAF controls connection rate to mitigate DoS and validates input tokens to stop unauthorized access attempts.
Front-end API, Model, and Vector database share guardrails to restrict unsafe behaviors and input quotas to prevent overuse, making them consistent and efficient security points.
API gateway enforces load balancing for availability and validates authentication tokens at the entry point, providing secure and scalable access.