Changelog

Bug fixes

• The AWS > EKS > Node Group > CMDB control went into an error state because the cluster name wasn't passed correctly to the Lambda function. This is now fixed, and node group details sync into the CMDB as expected.

What's new?

• The AWS > Turbot > Event Handlers > Events > Rules > Custom Event Patterns calculated policy aggregator now handles descendant policies that return shapes other than the expected [{type, value}]. SETTING-class sibling policies authored by downstream mods (such as flat lists of excluded role or service names contributed by aws-ec2) are now skipped during aggregation, so adding new descendant policies in downstream mods no longer interferes with EventBridge rule updates.

What's new?

• Added the AWS > EC2 > Snapshot > CMDB > Excluded Services policy, a multi-select list (AWS Backup, AWS Elastic Disaster Recovery, AWS Application Migration Service) whose service-managed snapshots should be excluded from CMDB. Selected services are skipped at discovery and removed from CMDB on the next run, identified by the service-managed tag each one applies. This is now the recommended way to exclude service-managed snapshots; the existing Enabled for Snapshots not created with AWS Backup option still works and composes with this policy.
• Added the AWS > Turbot > Event Handlers > Events > Rules > Custom Event Patterns > @turbot/aws-ec2 > Excluded Roles policy. Set this to a list of IAM role names (e.g. AWS DRS or AWS MGN replication roles) to drop their aws.ec2 CloudTrail events at EventBridge before they reach Guardrails. Defaults to an empty list, so behavior is unchanged unless configured.

Policy Types

• AWS > EC2 > Snapshot > CMDB > Excluded Services
• AWS > Turbot > Event Handlers > Events > Rules > Custom Event Patterns > @turbot/aws-ec2 > Excluded Roles

What's new?

• The Turbot > Control Prevention > Discovery control now creates preventions for policy settings set below the accountable level. These preventions have a lower score than similar preventions created at the accountable level or higher.

Bug fixes

• The Turbot > Control Prevention > Discovery control now scores prevention objectives more accurately when they map to a single Guardrails control with multiple sub-policy sections. Previously, an objective whose specific protection area (e.g. topic policy) was fully configured could still receive a low score because the scoring inputs didn't distinguish per-objective intent.

What's new?

• Added the awsBedrockEnforcedGuardrailConfiguration prevention type and six new prevention objectives that score AWS Bedrock enforced guardrail configurations on content filters, sensitive-information protection, topic policy, contextual grounding, selective content guarding scope, and model enforcement coverage, mapped to NIST 800-53 SI-10 (Information Input Validation). The existing Enforce mandatory Bedrock Guardrail on AWS Bedrock invocations objective was also extended to recognize the enforced guardrail configuration as a valid enforcement mechanism alongside SCPs.
• Added a new prevention objective Safeguard AWS Bedrock enforced guardrail configuration from modification that detects SCPs denying bedrock:PutEnforcedGuardrailConfiguration and bedrock:DeleteEnforcedGuardrailConfiguration. Mapped to NIST 800-53 SI-7 (Software, Firmware, and Information Integrity).

Control Types

Added

• AWS > Bedrock > Enforced Guardrail Configuration > Prevention
• AWS > Bedrock > Enforced Guardrail Configuration > Prevention > Discovery

Prevention Types

Added

• AWS Bedrock Enforced Guardrail Configuration

Prevention Objectives

Added

• Enforce comprehensive selective content guarding for the AWS Bedrock enforced guardrail
• Enforce content filters for the AWS Bedrock enforced guardrail
• Enforce contextual grounding for the AWS Bedrock enforced guardrail
• Enforce guardrail applies to all models for AWS Bedrock invocations
• Enforce sensitive information protection for the AWS Bedrock enforced guardrail
• Enforce topic policy for the AWS Bedrock enforced guardrail
• Safeguard AWS Bedrock enforced guardrail configuration from modification

Prevention Examples

Added

• Configure a topic policy on the enforced AWS Bedrock guardrail
• Configure content filters on the enforced AWS Bedrock guardrail
• Configure contextual grounding on the enforced AWS Bedrock guardrail
• Configure sensitive information protection on the enforced AWS Bedrock guardrail
• Deny modification of the AWS Bedrock enforced guardrail configuration
• Enforce a Bedrock Guardrail at the account level for AWS Bedrock invocations
• Require Bedrock Guardrail attachment on AWS Bedrock agents
• Set model enforcement to ALL on the enforced AWS Bedrock guardrail
• Set selective content guarding to comprehensive for system and messages

Removed

• Require Bedrock Guardrail attachment on AWS Bedrock agents

Bug fixes

• The Lambda CloudWatch event patterns generated by the AWS > Turbot > Event Handlers stack previously ignored the AWS > Lambda > Function Version > CMDB and AWS > Lambda > Function Alias > CMDB policies. Because these policies target the function rather than the region, disabling either at the region or account level had no effect and Guardrails kept forwarding function version and alias events (for example PublishVersion). The event patterns now read the effective per-function CMDB value, so the function version and alias events are only forwarded when at least one function in the region still has the corresponding CMDB enabled.

Bug fixes

• The EKS CloudWatch event patterns generated by the AWS > Turbot > Event Handlers stack previously ignored the AWS > EKS > Node Group > CMDB policy. Because that policy targets the EKS cluster rather than the region, disabling it at the region or account level had no effect and Guardrails kept forwarding node group events (CreateNodegroup, DeleteNodegroup, UpdateNodegroupConfig, UpdateNodegroupVersion). The event patterns now read the effective per-cluster CMDB value, so the node group events are only forwarded when at least one cluster in the region still has the CMDB enabled.

Bug fixes

• The ECS CloudWatch event patterns generated by the AWS > Turbot > Event Handlers stack previously ignored the AWS > ECS > Service > CMDB policy. Because that policy targets the ECS cluster rather than the region, disabling it at the region or account level had no effect and Guardrails kept forwarding service events (CreateService, DeleteService, UpdateService). The event patterns now read the effective per-cluster CMDB value, so the service events are only forwarded when at least one cluster in the region still has the CMDB enabled.

Bug fixes

• The ECR CloudWatch event patterns generated by the AWS > Turbot > Event Handlers stack previously ignored the AWS > ECR > Image > CMDB policy. Because that policy targets the repository rather than the region, disabling it at the region or account level had no effect and Guardrails kept forwarding image events (PutImage, BatchDeleteImage). The event patterns now read the effective per-repository CMDB value, so the image events are only forwarded when at least one repository in the region still has the CMDB enabled.

Bug fixes

• The Control Tower CloudWatch event patterns generated by the AWS > Turbot > Event Handlers stack previously ignored the AWS > Control Tower > Enabled Control > CMDB policy. Because that policy targets the landing zone rather than the region, disabling it at the region or account level had no effect and Guardrails kept forwarding enabled control events (EnableControl, DisableControl, UpdateEnabledControl, ResetEnabledControl, and the related guardrail events). The event patterns now read the effective per-landing-zone CMDB value, so the enabled control events are only forwarded when at least one landing zone in the region still has the CMDB enabled.

What's new?

• Added the AWS > Bedrock > Enforced Guardrail Configuration resource type and its Settings reconciler control, which manages the account-level Bedrock guardrail enforcement (the bound guardrail's ARN and version, the selective-content-guarding mode, and the included/excluded model lists). Setting Settings to Enforce: Not configured removes any existing enforced configuration.
• Added the AWS > Bedrock > Guardrail > Settings control, which reconciles each guardrail's configuration against sub-policies for blocked messaging, KMS key, content filters, topic policy, word policy, sensitive information policy, contextual grounding, automated reasoning, and the cross-region profile. Setting Settings to Enforce: Configured without overriding any sub-policy enforces a baseline aligned with the AWS console "Default settings", and the existing guardrail configuration is preserved for any section left at defaults.

Resource Types

Added

• AWS > Bedrock > Enforced Guardrail Configuration

Control Types

Added

• AWS > Bedrock > Enforced Guardrail Configuration > Allowed
• AWS > Bedrock > Enforced Guardrail Configuration > Allowed > Custom
• AWS > Bedrock > Enforced Guardrail Configuration > Allowed > Region
• AWS > Bedrock > Enforced Guardrail Configuration > CMDB
• AWS > Bedrock > Enforced Guardrail Configuration > Discovery
• AWS > Bedrock > Enforced Guardrail Configuration > Settings
• AWS > Bedrock > Guardrail > Settings

Policy Types

Added

• AWS > Bedrock > Enforced Guardrail Configuration > Allowed
• AWS > Bedrock > Enforced Guardrail Configuration > Allowed > Custom
• AWS > Bedrock > Enforced Guardrail Configuration > Allowed > Custom > Rules
• AWS > Bedrock > Enforced Guardrail Configuration > Allowed > Region
• AWS > Bedrock > Enforced Guardrail Configuration > Allowed > Region > Regions
• AWS > Bedrock > Enforced Guardrail Configuration > CMDB
• AWS > Bedrock > Enforced Guardrail Configuration > Regions
• AWS > Bedrock > Enforced Guardrail Configuration > Settings
• AWS > Bedrock > Enforced Guardrail Configuration > Settings > Guardrail
• AWS > Bedrock > Enforced Guardrail Configuration > Settings > Guardrail > Identifier
• AWS > Bedrock > Enforced Guardrail Configuration > Settings > Guardrail > Version
• AWS > Bedrock > Enforced Guardrail Configuration > Settings > Model Enforcement
• AWS > Bedrock > Enforced Guardrail Configuration > Settings > Model Enforcement > Excluded Models
• AWS > Bedrock > Enforced Guardrail Configuration > Settings > Model Enforcement > Included Models
• AWS > Bedrock > Enforced Guardrail Configuration > Settings > Selective Content Guarding
• AWS > Bedrock > Enforced Guardrail Configuration > Settings > Selective Content Guarding > Messages
• AWS > Bedrock > Enforced Guardrail Configuration > Settings > Selective Content Guarding > System
• AWS > Bedrock > Guardrail > Settings
• AWS > Bedrock > Guardrail > Settings > Automated Reasoning Policy
• AWS > Bedrock > Guardrail > Settings > Automated Reasoning Policy > Confidence Threshold
• AWS > Bedrock > Guardrail > Settings > Automated Reasoning Policy > Policies
• AWS > Bedrock > Guardrail > Settings > Blocked Input Messaging
• AWS > Bedrock > Guardrail > Settings > Blocked Outputs Messaging
• AWS > Bedrock > Guardrail > Settings > Content Policy
• AWS > Bedrock > Guardrail > Settings > Content Policy > Hate Filter Input Strength
• AWS > Bedrock > Guardrail > Settings > Content Policy > Hate Filter Output Strength
• AWS > Bedrock > Guardrail > Settings > Content Policy > Insults Filter Input Strength
• AWS > Bedrock > Guardrail > Settings > Content Policy > Insults Filter Output Strength
• AWS > Bedrock > Guardrail > Settings > Content Policy > Misconduct Filter Input Strength
• AWS > Bedrock > Guardrail > Settings > Content Policy > Misconduct Filter Output Strength
• AWS > Bedrock > Guardrail > Settings > Content Policy > Prompt Attack Filter Input Strength
• AWS > Bedrock > Guardrail > Settings > Content Policy > Sexual Filter Input Strength
• AWS > Bedrock > Guardrail > Settings > Content Policy > Sexual Filter Output Strength
• AWS > Bedrock > Guardrail > Settings > Content Policy > Tier
• AWS > Bedrock > Guardrail > Settings > Content Policy > Violence Filter Input Strength
• AWS > Bedrock > Guardrail > Settings > Content Policy > Violence Filter Output Strength
• AWS > Bedrock > Guardrail > Settings > Contextual Grounding Policy
• AWS > Bedrock > Guardrail > Settings > Contextual Grounding Policy > Grounding Threshold
• AWS > Bedrock > Guardrail > Settings > Contextual Grounding Policy > Relevance Threshold
• AWS > Bedrock > Guardrail > Settings > Cross-Region Guardrail Profile
• AWS > Bedrock > Guardrail > Settings > Description
• AWS > Bedrock > Guardrail > Settings > KMS Key
• AWS > Bedrock > Guardrail > Settings > Sensitive Information Policy
• AWS > Bedrock > Guardrail > Settings > Sensitive Information Policy > PII Entities Config
• AWS > Bedrock > Guardrail > Settings > Sensitive Information Policy > Regexes Config
• AWS > Bedrock > Guardrail > Settings > Topic Policy
• AWS > Bedrock > Guardrail > Settings > Topic Policy > Tier
• AWS > Bedrock > Guardrail > Settings > Topic Policy > Topics Config
• AWS > Bedrock > Guardrail > Settings > Word Policy
• AWS > Bedrock > Guardrail > Settings > Word Policy > Managed Word Lists
• AWS > Bedrock > Guardrail > Settings > Word Policy > Words Config

Action Types

Added

• AWS > Bedrock > Enforced Guardrail Configuration > Delete
• AWS > Bedrock > Enforced Guardrail Configuration > Delete from AWS
• AWS > Bedrock > Enforced Guardrail Configuration > Router
• AWS > Bedrock > Enforced Guardrail Configuration > Update Settings
• AWS > Bedrock > Guardrail > Update Settings

Bug fixes

• The Athena CloudWatch event patterns generated by the AWS > Turbot > Event Handlers stack previously ignored the AWS > Athena > Named Query > CMDB policy. Because that policy targets the workgroup rather than the region, disabling it at the region or account level had no effect and Guardrails kept forwarding named query events (CreateNamedQuery, DeleteNamedQuery). The event patterns now read the effective per-workgroup CMDB value, so the named query events are only forwarded when at least one workgroup in the region still has the CMDB enabled.

Bug fixes

• Improved internal GraphQL queries for network interfaces so that high-volume RunInstances and CreateNetworkInterface real-time events are processed more efficiently and reliably.

What's new?

• Added 18 prevention objectives for Azure AI Foundry covering account-level, deployment-level, and connection-level controls. Account objectives cover Prohibit Public Network Access, Restrict Network Access, Restrict Account Outbound Access to Allowed FQDNs, Require Private Link, Prohibit Local Authentication, Require Managed Identity, Require Customer-Managed Keys, Require Customer-Owned Storage, and Require Diagnostic Logs. Deployment objectives cover Restrict deployments to approved models, Restrict deployments to approved SKUs, Enforce approved model version, Require approved RAI policy, and four Responsible AI content-filtering objectives (prompt filtering, completion filtering, multi-severity filtering, and filtering mode). Connection objective covers Restrict connections to approved auth types.

Prevention Objectives

Added

• Enforce approved model version for Azure AI Foundry deployments
• Enforce completion content filtering for Azure AI Foundry deployments
• Enforce content filtering mode for Azure AI Foundry deployments
• Enforce multi-severity content filtering for Azure AI Foundry deployments
• Enforce prompt content filtering for Azure AI Foundry deployments
• Prohibit local authentication for Azure AI Foundry accounts
• Prohibit public network access for Azure AI Foundry accounts
• Require Azure Private Link for Azure AI Foundry accounts
• Require approved RAI policy for Azure AI Foundry deployments
• Require customer-managed keys for Azure AI Foundry accounts
• Require customer-owned storage for Azure AI Foundry accounts
• Require diagnostic logs for Azure AI Foundry accounts
• Require managed identity for Azure AI Foundry accounts
• Restrict Azure AI Foundry account outbound access to allowed FQDNs
• Restrict Azure AI Foundry connections to approved auth types
• Restrict Azure AI Foundry deployments to approved SKUs
• Restrict Azure AI Foundry deployments to approved models
• Restrict network access for Azure AI Foundry accounts

Prevention Examples

Added

• Enforce approved model version for Azure AI Foundry deployments
• Enforce completion content filtering for Azure AI Foundry deployments
• Enforce content filtering mode for Azure AI Foundry deployments
• Enforce multi-severity content filtering for Azure AI Foundry deployments
• Enforce prompt content filtering for Azure AI Foundry deployments
• Prohibit local authentication for Azure AI Foundry accounts
• Prohibit local authentication for Azure AI Foundry accounts
• Prohibit public network access for Azure AI Foundry accounts
• Prohibit public network access for Azure AI Foundry accounts
• Require Azure Private Link for Azure AI Foundry accounts
• Require approved RAI policy for Azure AI Foundry deployments
• Require customer-managed keys for Azure AI Foundry accounts
• Require customer-managed keys for Azure AI Foundry accounts
• Require customer-owned storage for Azure AI Foundry accounts
• Require diagnostic logs for Azure AI Foundry accounts
• Require managed identity for Azure AI Foundry accounts
• Restrict Azure AI Foundry account outbound access to allowed FQDNs
• Restrict Azure AI Foundry connections to approved auth types
• Restrict Azure AI Foundry deployments to approved SKUs
• Restrict Azure AI Foundry deployments to approved model formats
• Restrict Azure AI Foundry deployments to approved model names
• Restrict Azure AI Foundry deployments to approved models
• Restrict network access for Azure AI Foundry accounts

Bug fixes

• When an AWS account has not subscribed to Anthropic's Claude Platform service in the AWS Marketplace, the Credential Vault > Discovery, Environment > Discovery, File > Discovery, Managed Agent > Discovery, Memory Store > Discovery, Skill > Discovery, User Profile > Discovery, and Workspace > Discovery controls now enter an invalid state with a clear reason explaining the subscription requirement, rather than failing with an error.
• The EventBridge rule generated by the Claude Platform > Custom Event Patterns policy has been renamed from turbot_aws_api_events_externalAnthropic to turbot_aws_api_events_externalanthropic to match the lowercase naming convention used by all other Guardrails AWS mods.

Bug fixes

• The EventBridge rule generated by the Bedrock AgentCore > Custom Event Patterns policy has been renamed from turbot_aws_api_events_bedrockAgentcore to turbot_aws_api_events_bedrockagentcore to match the lowercase naming convention used by all other Guardrails AWS mods.

Bug fixes

• Fixed the Guardrails control Terraform examples for the enforceApprovedFoundationModelsForAwsBedrock, enforceMandatoryGuardrailForAwsBedrockInvocations, and restrictAwsBedrockActionGroupsToApprovedSources prevention objectives. The previous examples embedded an unsupported inline rule engine inside the agentAllowedCustomRules and actionGroupAllowedCustomRules policy values, which would have failed schema validation and produced no evaluation. The examples now use proper calculated policies via the template_input and template arguments on turbot_policy_setting.

Bug fixes

• Lowered the priority of enforceApprovedFoundationModelsForAwsBedrock and enforceVpcEndpointForAwsBedrockInvocations from P1 to P2 since both enforce customer-defined allow lists for a single service rather than baseline account hygiene, and removed them from the AWS P1 Preventions benchmark to match.
• Fixed scoring for the Enforce approved foundation models for AWS Bedrock, Enforce VPC endpoint for AWS Bedrock invocations, and Restrict AWS Bedrock third-party knowledge bases to approved secret ARNs prevention objectives so preventions with custom approved values (model IDs, VPC endpoint IDs, secret ARNs) are scored against their own allow list instead of a fixed reference list.
• Strengthened the Enforce approved foundation models for AWS Bedrock prevention deny coverage to also block invocations routed through application inference profiles, closing a bypass where wrapping an unapproved model in an inference profile evaded the deny.
• Removed the Restrict AWS Bedrock Marketplace model endpoints to approved vendors prevention objective. The approved vendor identity is not present in the runtime event for AWS Bedrock Marketplace endpoint creation, so the allow list could not be evaluated and the objective scored zero in all workspaces.

What's new?

• Improved scoring for the Enforce VPC endpoint for AWS Bedrock invocations prevention objective so it no longer matches preventions that deny bedrock:InvokeModel without a VPC endpoint condition.

Prevention Fact Types

Added

• AWS Conditional Deny Scope

Prevention Objectives

Added

• Enforce Model Invocation Logging for AWS Bedrock
• Enforce mandatory Bedrock Guardrail on AWS Bedrock invocations

Removed

• Restrict AWS Bedrock Marketplace model endpoints to approved vendors

Prevention Examples

Added

• Enforce Model Invocation Logging for AWS Bedrock
• Require Bedrock Guardrail attachment on AWS Bedrock agents
• Require an approved Bedrock Guardrail on AWS Bedrock invocations

Removed

• Restrict AWS Bedrock Marketplace model endpoints

Resource Types

Added

• AWS > Bedrock > Agent Alias
• AWS > Bedrock > Application Inference Profile
• AWS > Bedrock > Flow
• AWS > Bedrock > Guardrail Version
• AWS > Bedrock > Prompt

Control Types

Added

• AWS > Bedrock > Agent Alias > Active
• AWS > Bedrock > Agent Alias > Allowed
• AWS > Bedrock > Agent Alias > Allowed > Custom
• AWS > Bedrock > Agent Alias > CMDB
• AWS > Bedrock > Agent Alias > Discovery
• AWS > Bedrock > Agent Alias > Tags
• AWS > Bedrock > Application Inference Profile > Active
• AWS > Bedrock > Application Inference Profile > Allowed
• AWS > Bedrock > Application Inference Profile > Allowed > Custom
• AWS > Bedrock > Application Inference Profile > Allowed > Region
• AWS > Bedrock > Application Inference Profile > CMDB
• AWS > Bedrock > Application Inference Profile > Discovery
• AWS > Bedrock > Application Inference Profile > Tags
• AWS > Bedrock > Flow > Active
• AWS > Bedrock > Flow > Allowed
• AWS > Bedrock > Flow > Allowed > Custom
• AWS > Bedrock > Flow > Allowed > Region
• AWS > Bedrock > Flow > CMDB
• AWS > Bedrock > Flow > Discovery
• AWS > Bedrock > Flow > Tags
• AWS > Bedrock > Guardrail Version > CMDB
• AWS > Bedrock > Guardrail Version > Discovery
• AWS > Bedrock > Prompt > Active
• AWS > Bedrock > Prompt > Allowed
• AWS > Bedrock > Prompt > Allowed > Custom
• AWS > Bedrock > Prompt > Allowed > Region
• AWS > Bedrock > Prompt > CMDB
• AWS > Bedrock > Prompt > Discovery
• AWS > Bedrock > Prompt > Tags

Policy Types

Added

• AWS > Bedrock > Agent Alias > Active
• AWS > Bedrock > Agent Alias > Active > Age
• AWS > Bedrock > Agent Alias > Active > Last Modified
• AWS > Bedrock > Agent Alias > Allowed
• AWS > Bedrock > Agent Alias > Allowed > Custom
• AWS > Bedrock > Agent Alias > Allowed > Custom > Rules
• AWS > Bedrock > Agent Alias > CMDB
• AWS > Bedrock > Agent Alias > Regions
• AWS > Bedrock > Agent Alias > Tags
• AWS > Bedrock > Agent Alias > Tags > Template
• AWS > Bedrock > Application Inference Profile > Active
• AWS > Bedrock > Application Inference Profile > Active > Age
• AWS > Bedrock > Application Inference Profile > Active > Last Modified
• AWS > Bedrock > Application Inference Profile > Allowed
• AWS > Bedrock > Application Inference Profile > Allowed > Custom
• AWS > Bedrock > Application Inference Profile > Allowed > Custom > Rules
• AWS > Bedrock > Application Inference Profile > Allowed > Region
• AWS > Bedrock > Application Inference Profile > Allowed > Region > Regions
• AWS > Bedrock > Application Inference Profile > CMDB
• AWS > Bedrock > Application Inference Profile > Regions
• AWS > Bedrock > Application Inference Profile > Tags
• AWS > Bedrock > Application Inference Profile > Tags > Template
• AWS > Bedrock > Flow > Active
• AWS > Bedrock > Flow > Active > Age
• AWS > Bedrock > Flow > Active > Last Modified
• AWS > Bedrock > Flow > Allowed
• AWS > Bedrock > Flow > Allowed > Custom
• AWS > Bedrock > Flow > Allowed > Custom > Rules
• AWS > Bedrock > Flow > Allowed > Region
• AWS > Bedrock > Flow > Allowed > Region > Regions
• AWS > Bedrock > Flow > CMDB
• AWS > Bedrock > Flow > Regions
• AWS > Bedrock > Flow > Tags
• AWS > Bedrock > Flow > Tags > Template
• AWS > Bedrock > Guardrail Version > CMDB
• AWS > Bedrock > Guardrail Version > Regions
• AWS > Bedrock > Prompt > Active
• AWS > Bedrock > Prompt > Active > Age
• AWS > Bedrock > Prompt > Active > Last Modified
• AWS > Bedrock > Prompt > Allowed
• AWS > Bedrock > Prompt > Allowed > Custom
• AWS > Bedrock > Prompt > Allowed > Custom > Rules
• AWS > Bedrock > Prompt > Allowed > Region
• AWS > Bedrock > Prompt > Allowed > Region > Regions
• AWS > Bedrock > Prompt > CMDB
• AWS > Bedrock > Prompt > Regions
• AWS > Bedrock > Prompt > Tags
• AWS > Bedrock > Prompt > Tags > Template

Action Types

Added

• AWS > Bedrock > Agent Alias > Delete
• AWS > Bedrock > Agent Alias > Delete from AWS
• AWS > Bedrock > Agent Alias > Router
• AWS > Bedrock > Agent Alias > Set Tags
• AWS > Bedrock > Agent Alias > Skip alarm for Active control
• AWS > Bedrock > Agent Alias > Skip alarm for Active control [90 days]
• AWS > Bedrock > Agent Alias > Skip alarm for Tags control
• AWS > Bedrock > Agent Alias > Skip alarm for Tags control [90 days]
• AWS > Bedrock > Agent Alias > Update Tags
• AWS > Bedrock > Application Inference Profile > Delete
• AWS > Bedrock > Application Inference Profile > Delete from AWS
• AWS > Bedrock > Application Inference Profile > Router
• AWS > Bedrock > Application Inference Profile > Set Tags
• AWS > Bedrock > Application Inference Profile > Skip alarm for Active control
• AWS > Bedrock > Application Inference Profile > Skip alarm for Active control [90 days]
• AWS > Bedrock > Application Inference Profile > Skip alarm for Tags control
• AWS > Bedrock > Application Inference Profile > Skip alarm for Tags control [90 days]
• AWS > Bedrock > Application Inference Profile > Update Tags
• AWS > Bedrock > Flow > Delete
• AWS > Bedrock > Flow > Delete from AWS
• AWS > Bedrock > Flow > Router
• AWS > Bedrock > Flow > Set Tags
• AWS > Bedrock > Flow > Skip alarm for Active control
• AWS > Bedrock > Flow > Skip alarm for Active control [90 days]
• AWS > Bedrock > Flow > Skip alarm for Tags control
• AWS > Bedrock > Flow > Skip alarm for Tags control [90 days]
• AWS > Bedrock > Flow > Update Tags
• AWS > Bedrock > Prompt > Delete
• AWS > Bedrock > Prompt > Delete from AWS
• AWS > Bedrock > Prompt > Router
• AWS > Bedrock > Prompt > Set Tags
• AWS > Bedrock > Prompt > Skip alarm for Active control
• AWS > Bedrock > Prompt > Skip alarm for Active control [90 days]
• AWS > Bedrock > Prompt > Skip alarm for Tags control
• AWS > Bedrock > Prompt > Skip alarm for Tags control [90 days]
• AWS > Bedrock > Prompt > Update Tags

Bug fixes

• The Azure > AI Foundry > Account > Encryption at Rest control in Enforce: Customer managed key mode previously failed with a KeyVaultPropertiesInvalid error from Azure. The control now passes the required keyVersion and a normalized keyVaultUri so customer-managed key enforcement completes successfully.