AIP-C01 Study Hub
Day 15
All Days Day 17
Safety & Security Week 3 · Tuesday

Day 16: Security Infrastructure + IAM

Learning Objectives

  • - Design VPC endpoints (PrivateLink) for Bedrock
  • - Write IAM policies with bedrock:ModelId condition keys
  • - Implement Cognito + API Gateway + Lambda + Bedrock auth flows
  • - Use IAM Identity Center for SSO to Bedrock and Q Business
  • - Design defense-in-depth with multiple security layers

Tasks

Tasks

0/3 completed
  • Read45m

    Amazon Bedrock Security Documentation

    VPC endpoints, IAM policies, encryption, logging. Comprehensive security reference.

  • Read20m

    Amazon Cognito Documentation

    User authentication for GenAI apps. Cognito -> API Gateway -> Lambda -> Bedrock.

  • Study60m

    Security Patterns for GenAI Workloads

    Study VPC endpoints, IAM condition keys, Macie, Lake Formation, defense-in-depth architecture.

Exam Skills

Write your understanding, then reveal the reference answer.

0/3 reviewed

Hands-On Lab

Build real muscle memory with these activities.

intermediate 30 min

Set Up a VPC Endpoint for Amazon Bedrock

Create a PrivateLink endpoint to keep Bedrock traffic within your VPC.

  1. 1 Open VPC console → Endpoints → Create endpoint
  2. 2 Search for 'bedrock-runtime' and select com.amazonaws.<region>.bedrock-runtime
  3. 3 Select your VPC and at least 2 subnets in different AZs
  4. 4 Create or select a security group allowing HTTPS (port 443) from your application subnets
  5. 5 Test connectivity from an EC2 instance in the VPC: aws bedrock-runtime invoke-model --endpoint-url https://vpce-xxx.bedrock-runtime.<region>.vpce.amazonaws.com
Open Lab
intermediate 25 min

Write an IAM Policy with Bedrock Condition Keys

Create a restrictive IAM policy that limits which models can be invoked using condition keys.

  1. 1 Open IAM console → Policies → Create policy
  2. 2 Use the JSON editor to create a policy allowing bedrock:InvokeModel only for Claude models
  3. 3 Add a condition: 'StringLike': {'bedrock:ModelId': 'anthropic.claude-*'}
  4. 4 Add a second statement denying access to non-approved regions
  5. 5 Attach the policy to a test role and verify that invoking a non-Claude model returns AccessDenied
Open Lab

Scenarios

Think through each scenario before revealing the answer.

D3: Safety & SecurityHard
#12

Financial Institution Security Architecture

A regulated financial institution wants to use Bedrock but requires: (a) no data traversing public internet, (b) audit trail for every model invocation, (c) encryption at rest with customer-managed keys, (d) only specific teams can use specific models. Design the security architecture.
Think First
  • Which networking feature keeps traffic off the public internet?
  • Which services provide API-level and prompt-level audit trails?
  • How do you use KMS with Bedrock?
  • What IAM condition key restricts model access per team?

Practice Questions

17 questions across 3 difficulty levels.

Further Reading

Go deeper into today's topics.

VPC Endpoints (PrivateLink) for Amazon Bedrock

Private connectivity from VPC to Bedrock — never expose traffic to public internet, endpoint policies.

docs 20 min

AWS Managed Policies for Amazon Bedrock

All predefined IAM policies: AmazonBedrockFullAccess, ReadOnly, service roles — least-privilege patterns.

docs 20 min

Securing Amazon Bedrock: What Enterprises Need to Get Right

Enterprise security checklist: IAM layers, CloudTrail, CloudWatch AppSignals, compliance frameworks.

blog 25 min

Security Best Practices for Fine-Tuning in Bedrock

S3 encryption, VPC configs, IAM roles, CloudTrail logging during model customization.

blog 25 min

VPC Endpoints for AgentCore Gateway

Secure agent-to-tool traffic within VPC: configure interface endpoints, restrict with endpoint policies.

blog 25 min

Understanding IAM for Managed AWS MCP Servers

IAM permission model for MCP servers: tool-level access control, CloudTrail auditing, security boundaries.

blog 20 min
Day 15 Day 17