From af824b3fb1109be45d8e40512eec8386444597af Mon Sep 17 00:00:00 2001
From: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
Date: Wed, 1 Feb 2023 09:36:02 -0600
Subject: [PATCH] Add warning about regex experession in ML (#2536)

* Add warning about regex experession in ML

* Update cluster-settings.md

* Update cluster-settings.md

* Update _ml-commons-plugin/cluster-settings.md

Co-authored-by: Yaliang Wu <ylwu@amazon.com>

* Update cluster-settings.md

---------

Co-authored-by: Yaliang Wu <ylwu@amazon.com>
---
 _ml-commons-plugin/cluster-settings.md | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/_ml-commons-plugin/cluster-settings.md b/_ml-commons-plugin/cluster-settings.md
index eb4c71be..f0ee867f 100644
--- a/_ml-commons-plugin/cluster-settings.md
+++ b/_ml-commons-plugin/cluster-settings.md
@@ -143,13 +143,17 @@ The default value allows you to upload a model file from any http/https/ftp/loca
 
 ### Setting
 
+The default URL value for this trusted URL setting is not secure. To ensure the security, please use you own regex string to the trusted repository that contains your models, for example `https://github.com/opensearch-project/ml-commons/blob/2.x/ml-algorithms/src/test/resources/org/opensearch/ml/engine/algorithms/text_embedding/*`.
+{: .warning }
+
+
 ```
-plugins.ml_commons.trusted_url_regex: ^(https?\|ftp\|file)://[-a-zA-Z0-9+&@#/%?=~_\|!:,.;]*[-a-zA-Z0-9+&@#/%=~_\|]
+plugins.ml_commons.trusted_url_regex: <model-repository-url>
 ```
 
 ### Values
 
-- Default value: `^(https?\|ftp\|file)://[-a-zA-Z0-9+&@#/%?=~_\|!:,.;]*[-a-zA-Z0-9+&@#/%=~_\|]`
+- Default value: `"^(https?|ftp|file)://[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA-Z0-9+&@#/%=~_|]"`
 - Value range: Java regular expression (regex) string
 
 ## Assign task timeout