MEDIUM Bedrock

Bedrock guardrails

Check ID: aws-bedrock-002

AWS-BEDROCK-002 is an AWS security check performed by cloud-audit, an open-source AWS security scanner. Checks if Amazon Bedrock guardrails are configured to filter harmful content, enforce topic restrictions, and prevent sensitive information disclosure.

Why it matters

Bedrock guardrails act as a safety layer between users and foundation models, filtering harmful content, enforcing topic boundaries, and preventing sensitive data from being included in model responses. Without guardrails, applications using Bedrock are vulnerable to prompt injection attacks that can bypass application-level controls, generate harmful or inappropriate content, and potentially leak sensitive information included in system prompts or retrieval-augmented generation (RAG) contexts. OWASP LLM Top 10 lists prompt injection as the number one risk for LLM applications. Guardrails provide defense-in-depth by operating at the API level regardless of how the application constructs prompts.

Common causes

Guardrails require explicit configuration per use case and are not applied by default to Bedrock model invocations. Development teams focused on functionality may treat content filtering as a post-launch concern. The variety of guardrail configuration options - content filters, topic policies, word filters, sensitive information filters - can feel overwhelming, leading teams to skip configuration entirely rather than start with basic content filtering.

Detection

Run cloud-audit to detect this issue:

pip install cloud-audit
cloud-audit scan -R

The -R flag includes remediation details for every finding, including this one.

Remediation: AWS CLI

aws bedrock create-guardrail --name 'content-filter' --blocked-input-messaging 'Request blocked by guardrail.' --blocked-outputs-messaging 'Response blocked by guardrail.' --content-policy-config '{"filtersConfig": [{"type": "SEXUAL", "inputStrength": "HIGH", "outputStrength": "HIGH"}, {"type": "VIOLENCE", "inputStrength": "HIGH", "outputStrength": "HIGH"}, {"type": "HATE", "inputStrength": "HIGH", "outputStrength": "HIGH"}, {"type": "INSULTS", "inputStrength": "HIGH", "outputStrength": "HIGH"}]}'

Remediation: Terraform

resource "aws_bedrock_guardrail" "main" {
  name                      = "content-filter"
  blocked_input_messaging   = "Request blocked by guardrail."
  blocked_outputs_messaging = "Response blocked by guardrail."

  content_policy_config {
    filters_config {
      type            = "SEXUAL"
      input_strength  = "HIGH"
      output_strength = "HIGH"
    }
    filters_config {
      type            = "VIOLENCE"
      input_strength  = "HIGH"
      output_strength = "HIGH"
    }
  }
}

This check is part of cloud-audit - install with pip install cloud-audit

Related Bedrock checks

HIGH aws-bedrock-001

Bedrock model invocation logging

← All checks