AWS Bedrock

AWS Bedrock Security Guide

AWS Bedrock provides a fully managed service for building and scaling generative AI applications using foundation models. As organizations deploy production AI workloads on Bedrock, implementing comprehensive security controls becomes critical for protecting sensitive data, ensuring compliance, and preventing unauthorized access to AI capabilities.

This guide covers security best practices for AWS Bedrock deployments, including identity and access management (IAM), data protection, network security, monitoring and logging, compliance considerations, and operational security. Whether you're deploying Claude, Llama, Titan, or other foundation models through Bedrock, these security controls help protect your AI applications from threats while maintaining compliance with regulatory requirements.

AWS Bedrock integrates with AWS's comprehensive security infrastructure, providing enterprise-grade protection through features like AWS KMS for encryption, VPC endpoints for network isolation, CloudTrail for audit logging, and IAM for fine-grained access control. Understanding how to properly configure these security features and implement defense-in-depth strategies is essential for maintaining a robust security posture for your Bedrock deployments.

Key Security Features

Access Control & IAM

Implement fine-grained access controls for Bedrock models and APIs using AWS Identity and Access Management (IAM). Control who can invoke specific foundation models, configure guardrails, and access Bedrock features.

IAM Policies: Create custom policies to control model invocation permissions, guardrail configuration, and knowledge base access
Resource-Based Policies: Attach policies directly to Bedrock resources for service-level access control
Cross-Account Access: Securely share Bedrock resources across AWS accounts using IAM roles and resource policies
Service Control Policies: Use AWS Organizations SCPs to enforce organization-wide Bedrock usage policies
API Throttling: Configure rate limits and quotas to prevent abuse and control costs

Monitoring & Logging

Track and audit all Bedrock API calls, model invocations, and administrative actions using AWS CloudTrail, CloudWatch, and Bedrock's native logging capabilities.

CloudTrail Integration: Comprehensive audit logging of all Bedrock API calls with detailed request/response metadata
Model Invocation Logging: Enable logging for model inputs and outputs for debugging and compliance
CloudWatch Metrics: Monitor API usage, latency, errors, and token consumption in real-time
Anomaly Detection: Set up CloudWatch alarms for unusual usage patterns or security events
Guardrail Violations: Log all content filter violations and policy breaches for security analysis

Data Protection & Privacy

Comprehensive Data Security

AWS Bedrock provides multiple layers of data protection to ensure your prompts, model outputs, and training data remain secure and compliant with regulatory requirements. The service is designed with privacy-by-default principles, ensuring that your data is not used to train foundation models.

Encryption

Encryption at Rest: All data stored in Bedrock is encrypted using AWS KMS with customer-managed keys (CMK) or AWS-managed keys
Encryption in Transit: All API communications use TLS 1.2+ with perfect forward secrecy
KMS Integration: Use AWS Key Management Service for centralized key management and rotation
Knowledge Base Encryption: Vector embeddings and source data encrypted with customer-managed keys

Data Residency & Isolation

Regional Deployment: Control where your data is processed with regional Bedrock availability
Data Isolation: Your prompts and completions are never used to train foundation models
VPC Endpoints: Access Bedrock privately from your VPC without internet exposure
Dedicated Capacity: Provisioned throughput for isolated, dedicated model access

Compliance Certifications

AWS Bedrock inherits AWS's comprehensive compliance certifications, making it suitable for regulated industries:

Industry Standards

• SOC 1, 2, 3
• ISO 27001, 27017, 27018
• PCI DSS Level 1

Regional Compliance

• GDPR (EU)
• HIPAA BAA available
• FedRAMP (US Government)

Industry-Specific

• HITRUST (Healthcare)
• FINRA (Financial)
• FERPA (Education)

Network Security

VPC Integration & Private Access

Secure your Bedrock API calls by deploying them within your Amazon Virtual Private Cloud (VPC) using VPC endpoints. This ensures that traffic between your applications and Bedrock never traverses the public internet, reducing exposure to network-based attacks.

VPC Endpoint Configuration

Interface Endpoints: Create VPC endpoints for Bedrock API access within your private subnets, ensuring all traffic stays within AWS network
Security Groups: Configure security group rules to restrict Bedrock endpoint access to specific source IPs or security groups
Private Subnets: Deploy applications in private subnets without internet gateways for maximum isolation
VPC Peering: Connect multiple VPCs securely to share Bedrock access across accounts or regions
Transit Gateway: Centralize Bedrock access management across multiple VPCs and on-premises networks

Guardrails & Content Safety

Content Filtering & Safety Controls

AWS Bedrock Guardrails provide configurable content filters and safety controls to prevent harmful, inappropriate, or sensitive content from being generated or processed. These guardrails work alongside foundation model safety features to provide defense-in-depth content protection.

Content Filtering

• Hate speech and harassment detection
• Sexual content filtering
• Violence and self-harm prevention
• Misinformation and disinformation detection
• Custom word filters and content policies

PII & Sensitive Data

• PII detection and redaction
• Sensitive information filtering
• Custom sensitive data patterns
• Compliance-aware content filtering
• Audit logging of filtered content

Best Practice: Configure guardrails with appropriate severity levels for your use case. Test guardrail configurations thoroughly to balance content safety with application functionality. Monitor guardrail violation logs to identify potential security issues or false positives.

Security Best Practices

Key Management

Use AWS KMS customer-managed keys (CMK) for encryption. Rotate keys regularly, implement key policies with least privilege, and enable CloudTrail logging for all KMS operations.

• Enable automatic key rotation
• Use separate keys per environment
• Implement key access policies
• Monitor key usage metrics

Access Management

Follow the principle of least privilege. Grant only necessary permissions, use IAM roles instead of access keys, and regularly audit access permissions.

• Use IAM roles for applications
• Implement resource-level permissions
• Enable MFA for admin access
• Regular access reviews

Monitoring & Alerting

Enable comprehensive logging, set up CloudWatch alarms for anomalies, and implement automated responses to security events.

• Enable CloudTrail for all regions
• Set up cost anomaly detection
• Monitor API usage patterns
• Alert on guardrail violations

Cost Control & Abuse Prevention

Preventing Cost Overruns

Implement controls to prevent unauthorized usage and unexpected costs from Bedrock API calls. Configure budgets, quotas, and monitoring to detect and prevent abuse.

Budget Controls

• Set AWS Budgets with alerts
• Configure cost anomaly detection
• Implement spending limits per project
• Use Cost Allocation Tags

Rate Limiting

• Configure API throttling policies
• Set token consumption limits
• Implement request quotas
• Monitor usage per IAM principal

Related Resources

AWS AI Security Overview LLM Security Guide Multi-Cloud Security Security Resources

Frequently Asked Questions

What security features does AWS Bedrock provide?

AWS Bedrock provides comprehensive security features including IAM-based access control, AWS KMS encryption for data at rest and in transit, VPC endpoints for network isolation, CloudTrail for audit logging, and guardrails for content safety and filtering.

How do I control access to Bedrock models?

Access to Bedrock models is controlled through AWS IAM policies. You can create fine-grained policies that specify which models can be accessed, by which users/roles, from which networks, and with what rate limits. Use IAM conditions for additional restrictions.

Is data sent to Bedrock encrypted?

Yes, AWS Bedrock encrypts data in transit using TLS 1.2+ and supports encryption at rest using AWS KMS. You can use customer-managed KMS keys for additional control over encryption keys and compliance requirements.

How can I monitor Bedrock usage and security events?

AWS CloudTrail logs all Bedrock API calls including model invocations, configuration changes, and access attempts. CloudWatch provides metrics and alarms. You can also enable VPC Flow Logs for network-level monitoring.

What are Bedrock Guardrails and how do they work?

Bedrock Guardrails provide content safety controls that filter harmful content, block inappropriate prompts and responses, and enforce content policies. They use configurable filters for topics, words, and content categories to protect your applications.

Can I use Bedrock in a private network?

Yes, you can use AWS PrivateLink to create VPC endpoints for Bedrock, allowing you to access Bedrock services from your VPC without traversing the public internet. This provides network isolation and reduces exposure to internet-based threats.

Nessus Vulnerability Scanner

Partner Solution

The industry's most widely deployed vulnerability scanner. Identify security vulnerabilities, misconfigurations, and compliance issues across your infrastructure, cloud, and container environments. Essential for AI security assessments and penetration testing.

Explore Nessus

BlackBox AI Code Generation Platform

Partner Tool

AI-powered code generation platform for developers. Generate, test, and secure AI code with advanced security features. Perfect for building secure AI applications and testing code vulnerabilities.

Try BlackBox AI