https://cloudy.dev/tags/security/ Recent content in Security on Tim's Tech Thoughts Hugo en Sat, 07 Mar 2026 10:32:00 -0400 https://cloudy.dev/article/amazon-bedrock-security/ Sat, 07 Mar 2026 10:32:00 -0400 https://cloudy.dev/article/amazon-bedrock-security/ <p>One of the most common blockers I hear from enterprise teams evaluating generative AI isn&rsquo;t about model quality — it&rsquo;s about trust. <em>Where does our data go? Can AWS see our prompts? Will our inputs be used to train someone else&rsquo;s model? Can we meet our compliance requirements?</em> These are the right questions to ask, and Amazon Bedrock has spent considerable engineering effort making sure the answers are satisfying.</p> <p>This post walks through the core pillars of Bedrock&rsquo;s security model: how inference stays private, what AWS commits to around your data, how to keep traffic off the public internet, what compliance certifications are in place, how IAM gives you fine-grained access control, and how AgentCore&rsquo;s Cedar policies extend that control to the level of individual agent tool calls.</p>