Claude on Amazon Bedrock: Everything You Need to Know

If you’ve been following the AI tooling space, you already know that Anthropic’s Claude is one of the most capable large language models available today. What you might not know is exactly how to deploy and use Claude inside AWS without standing up your own infrastructure, managing API keys across services, or negotiating enterprise deals with Anthropic directly.

That’s precisely what Amazon Bedrock solves. It bridges the gap between Claude’s raw capabilities and the AWS services your team likely already depends on — S3, Lambda, IAM, CloudWatch, VPCs — letting you embed AI into production systems with the governance, compliance, and security controls you already understand.

This guide walks through every major capability: the models available, how to make your first API call, building agentic workflows, wiring up a RAG pipeline with S3, locking things down with enterprise security, filtering outputs with Guardrails, and running cost-efficient bulk inference jobs.

Amazon Bedrock is AWS’s fully managed service for accessing, fine-tuning, and deploying foundation models from multiple AI providers — including Anthropic, AI21 Labs, Cohere, Meta, Mistral, and Stability AI — through a single, unified API surface. Think of it as a model marketplace layered on top of AWS infrastructure.

The key distinction from calling a provider’s API directly is that Bedrock is a native AWS service. This means your inference traffic never leaves the AWS network, model invocations are logged in CloudWatch, access is controlled through IAM policies, and you can attach the same security and compliance tooling you use for every other AWS service.

How Bedrock fits into the AWS ecosystem

Bedrock is not an isolated service — it’s deeply integrated with the AWS fabric. A few examples of how these integrations play out in practice:

Anthropic’s model lineup is tiered by capability, context window, and price. Bedrock exposes most of the current Claude family, though model availability varies by AWS region. Here’s a current snapshot:

Regional availability

Bedrock is available across multiple AWS regions, and Claude’s availability maps closely to the major commercial regions. At time of writing, Claude is generally available in:

Bedrock exposes Claude through a standard API that you call using the AWS SDK. For Python, that’s Boto3. The client you’ll use is bedrock-runtime, and the primary method is invoke_model for synchronous calls or invoke_model_with_response_stream for streaming.

Prerequisites

Before your first call: (1) enable the Claude model in your AWS account via the Bedrock console under Model access, (2) ensure your IAM role has the bedrock:InvokeModel permission, and (3) install Boto3 with pip install boto3.

Basic invocation

Python · Boto3 · basic inferenceimport boto3
import json

client = boto3.client(
    service_name="bedrock-runtime",
    region_name="us-east-1"
)

body = json.dumps({
    "anthropic_version": "bedrock-2023-05-31",
    "max_tokens": 1024,
    "messages": [
        {
            "role": "user",
            "content": "Summarise the key benefits of Amazon Bedrock in three bullet points."
        }
    ]
})

response = client.invoke_model(
    modelId="anthropic.claude-sonnet-4-5-20251001",
    body=body
)

result = json.loads(response["body"].read())
print(result["content"][0]["text"])

Streaming responses

For user-facing applications where latency matters, use streaming to pipe tokens back as they arrive rather than waiting for the complete response:

Python · Boto3 · streamingresponse = client.invoke_model_with_response_stream(
    modelId="anthropic.claude-sonnet-4-5-20251001",
    body=body
)

for event in response["body"]:
    chunk = json.loads(event["chunk"]["bytes"])
    if chunk.get("type") == "content_block_delta":
        print(chunk["delta"]["text"], end="", flush=True)

Basic inference — send prompt, receive response — only takes you so far. Real-world applications often need Claude to take actions: query a database, call an internal API, look up live pricing, or update a CRM record. Bedrock Agents is AWS’s framework for building these multi-step, tool-using workflows on top of Claude.

How Bedrock Agents work

An Agent consists of three core components that you configure once and then invoke repeatedly:

A practical example: customer support agent

Imagine a customer support bot that needs to look up order status, check inventory, and initiate refunds. You’d define three action groups, each backed by a Lambda that calls your internal systems. The agent handles the natural language understanding, decides which actions to call and in what order, and produces a coherent final response — all without you writing orchestration logic.

Python · invoking a Bedrock Agentagent_client = boto3.client("bedrock-agent-runtime", region_name="us-east-1")

response = agent_client.invoke_agent(
    agentId="ABCD1234",
    agentAliasId="TSTALIASID",
    sessionId="session-001",
    inputText="What's the status of order #78432, and can I get a refund?"
)

for event in response["completion"]:
    if "chunk" in event:
        print(event["chunk"]["bytes"].decode(), end="")

Retrieval Augmented Generation (RAG) is the technique of grounding Claude’s responses in your own documents rather than relying solely on its training data. Bedrock Knowledge Bases is AWS’s fully managed RAG implementation — you connect it to an S3 bucket, and Bedrock handles chunking, embedding, indexing, and retrieval automatically.

How a Knowledge Base is built

Querying a Knowledge Base directly

Python · Knowledge Base retrieve-and-generatekb_client = boto3.client("bedrock-agent-runtime", region_name="us-east-1")

response = kb_client.retrieve_and_generate(
    input={"text": "What is our refund policy for digital products?"},
    retrieveAndGenerateConfiguration={
        "type": "KNOWLEDGE_BASE",
        "knowledgeBaseConfiguration": {
            "knowledgeBaseId": "KBID1234ABCD",
            "modelArn": "arn:aws:bedrock:us-east-1::foundation-model/anthropic.claude-sonnet-4-5-20251001"
        }
    }
)

print(response["output"]["text"])
# Citations are in response["citations"] — each one maps text back to the source chunk

For many organisations — especially in healthcare, finance, and government — the ability to use a model like Claude isn’t just a performance decision. It’s a compliance decision. Bedrock is designed for exactly this context, with multiple layers of isolation and a set of compliance certifications that cover most enterprise requirements.

Compliance certifications

Amazon Bedrock is in scope for a number of AWS compliance programmes including SOC 1/2/3, ISO 27001/27017/27018, PCI DSS, FedRAMP Moderate, and GDPR data processing agreements. The specific list changes — always verify the current in-scope services on the AWS Compliance Programs page before making architecture decisions.

Even with a safety-focused model like Claude, enterprise deployments often need additional, configurable safeguards. Bedrock Guardrails provides a layer of content policies you configure independently of the model — meaning you can apply the same guardrail across multiple models and update it without redeploying your application.

What Guardrails can do

Applying a Guardrail to an invocation

Python · invoke model with guardrailresponse = client.invoke_model(
    modelId="anthropic.claude-sonnet-4-5-20251001",
    body=json.dumps({
        "anthropic_version": "bedrock-2023-05-31",
        "max_tokens": 1024,
        "messages": [{"role": "user", "content": user_input}]
    }),
    guardrailIdentifier="gr-abc123",    # your guardrail ID
    guardrailVersion="DRAFT",             # or a version number
    trace="ENABLED"                      # see which policies triggered
)

result = json.loads(response["body"].read())
# result["amazon-bedrock-guardrailResult"] contains policy trace details

Real-time inference — calling Claude one prompt at a time — is the right approach for interactive applications. But for workloads like processing thousands of support tickets overnight, classifying a product catalogue, or running evaluations across a test set, synchronous calls are expensive and unnecessary. This is what Bedrock Batch Inference is built for.

Batch inference is typically up to 50% cheaper per token than on-demand pricing, and it removes the need to manage rate limits, retries, and concurrency logic in your own code — Bedrock handles all of that.

How batch jobs work

Submitting a batch job

Python · create batch inference jobbedrock = boto3.client("bedrock", region_name="us-east-1")

job = bedrock.create_model_invocation_job(
    jobName="product-classification-march",
    modelId="anthropic.claude-haiku-4-5-20251001",
    roleArn="arn:aws:iam::123456789:role/BedrockBatchRole",
    inputDataConfig={
        "s3InputDataConfig": {
            "s3Uri": "s3://my-bucket/batch-input/requests.jsonl"
        }
    },
    outputDataConfig={
        "s3OutputDataConfig": {
            "s3Uri": "s3://my-bucket/batch-output/"
        }
    }
)
print(job["jobArn"])

Amazon Bedrock isn’t just a thin wrapper around Anthropic’s API — it’s a full platform for building production AI systems with the governance, security, and ecosystem integrations that enterprise AWS users expect. Claude sits at the centre of that platform as the highest-capability model family available on it.

If you’re just getting started, the path of least resistance is a simple Boto3 integration for a specific internal use case — a document summariser, a support ticket classifier, a code review assistant. From there, you can graduate to Knowledge Bases when you need factual grounding, Agents when you need tool use, Guardrails when you need policy enforcement, and Batch when the volume justifies it.

The components are composable. A production agentic workflow might use all of them simultaneously: an Agent backed by Claude Sonnet, augmented by a Knowledge Base, protected by a Guardrail, invocations logged via CloudTrail, all running inside a VPC with a PrivateLink endpoint. Each piece is independently useful, but they’re designed to work together.