🚀Launch Week 13: June 8th - 12th, 2026🚀
← Changelog

aws-bedrock v5.8.0 - Enforced Guardrail Configuration resource type and Guardrail Settings control

May 27, 2026GuardrailsMods

What's new?

  • Added the AWS > Bedrock > Enforced Guardrail Configuration resource type and its Settings reconciler control, which manages the account-level Bedrock guardrail enforcement (the bound guardrail's ARN and version, the selective-content-guarding mode, and the included/excluded model lists). Setting Settings to Enforce: Not configured removes any existing enforced configuration.
  • Added the AWS > Bedrock > Guardrail > Settings control, which reconciles each guardrail's configuration against sub-policies for blocked messaging, KMS key, content filters, topic policy, word policy, sensitive information policy, contextual grounding, automated reasoning, and the cross-region profile. Setting Settings to Enforce: Configured without overriding any sub-policy enforces a baseline aligned with the AWS console "Default settings", and the existing guardrail configuration is preserved for any section left at defaults.

Resource Types

Added

  • AWS > Bedrock > Enforced Guardrail Configuration

Control Types

Added

  • AWS > Bedrock > Enforced Guardrail Configuration > Allowed
  • AWS > Bedrock > Enforced Guardrail Configuration > Allowed > Custom
  • AWS > Bedrock > Enforced Guardrail Configuration > Allowed > Region
  • AWS > Bedrock > Enforced Guardrail Configuration > CMDB
  • AWS > Bedrock > Enforced Guardrail Configuration > Discovery
  • AWS > Bedrock > Enforced Guardrail Configuration > Settings
  • AWS > Bedrock > Guardrail > Settings

Policy Types

Added

  • AWS > Bedrock > Enforced Guardrail Configuration > Allowed
  • AWS > Bedrock > Enforced Guardrail Configuration > Allowed > Custom
  • AWS > Bedrock > Enforced Guardrail Configuration > Allowed > Custom > Rules
  • AWS > Bedrock > Enforced Guardrail Configuration > Allowed > Region
  • AWS > Bedrock > Enforced Guardrail Configuration > Allowed > Region > Regions
  • AWS > Bedrock > Enforced Guardrail Configuration > CMDB
  • AWS > Bedrock > Enforced Guardrail Configuration > Regions
  • AWS > Bedrock > Enforced Guardrail Configuration > Settings
  • AWS > Bedrock > Enforced Guardrail Configuration > Settings > Guardrail
  • AWS > Bedrock > Enforced Guardrail Configuration > Settings > Guardrail > Identifier
  • AWS > Bedrock > Enforced Guardrail Configuration > Settings > Guardrail > Version
  • AWS > Bedrock > Enforced Guardrail Configuration > Settings > Model Enforcement
  • AWS > Bedrock > Enforced Guardrail Configuration > Settings > Model Enforcement > Excluded Models
  • AWS > Bedrock > Enforced Guardrail Configuration > Settings > Model Enforcement > Included Models
  • AWS > Bedrock > Enforced Guardrail Configuration > Settings > Selective Content Guarding
  • AWS > Bedrock > Enforced Guardrail Configuration > Settings > Selective Content Guarding > Messages
  • AWS > Bedrock > Enforced Guardrail Configuration > Settings > Selective Content Guarding > System
  • AWS > Bedrock > Guardrail > Settings
  • AWS > Bedrock > Guardrail > Settings > Automated Reasoning Policy
  • AWS > Bedrock > Guardrail > Settings > Automated Reasoning Policy > Confidence Threshold
  • AWS > Bedrock > Guardrail > Settings > Automated Reasoning Policy > Policies
  • AWS > Bedrock > Guardrail > Settings > Blocked Input Messaging
  • AWS > Bedrock > Guardrail > Settings > Blocked Outputs Messaging
  • AWS > Bedrock > Guardrail > Settings > Content Policy
  • AWS > Bedrock > Guardrail > Settings > Content Policy > Hate Filter Input Strength
  • AWS > Bedrock > Guardrail > Settings > Content Policy > Hate Filter Output Strength
  • AWS > Bedrock > Guardrail > Settings > Content Policy > Insults Filter Input Strength
  • AWS > Bedrock > Guardrail > Settings > Content Policy > Insults Filter Output Strength
  • AWS > Bedrock > Guardrail > Settings > Content Policy > Misconduct Filter Input Strength
  • AWS > Bedrock > Guardrail > Settings > Content Policy > Misconduct Filter Output Strength
  • AWS > Bedrock > Guardrail > Settings > Content Policy > Prompt Attack Filter Input Strength
  • AWS > Bedrock > Guardrail > Settings > Content Policy > Sexual Filter Input Strength
  • AWS > Bedrock > Guardrail > Settings > Content Policy > Sexual Filter Output Strength
  • AWS > Bedrock > Guardrail > Settings > Content Policy > Tier
  • AWS > Bedrock > Guardrail > Settings > Content Policy > Violence Filter Input Strength
  • AWS > Bedrock > Guardrail > Settings > Content Policy > Violence Filter Output Strength
  • AWS > Bedrock > Guardrail > Settings > Contextual Grounding Policy
  • AWS > Bedrock > Guardrail > Settings > Contextual Grounding Policy > Grounding Threshold
  • AWS > Bedrock > Guardrail > Settings > Contextual Grounding Policy > Relevance Threshold
  • AWS > Bedrock > Guardrail > Settings > Cross-Region Guardrail Profile
  • AWS > Bedrock > Guardrail > Settings > Description
  • AWS > Bedrock > Guardrail > Settings > KMS Key
  • AWS > Bedrock > Guardrail > Settings > Sensitive Information Policy
  • AWS > Bedrock > Guardrail > Settings > Sensitive Information Policy > PII Entities Config
  • AWS > Bedrock > Guardrail > Settings > Sensitive Information Policy > Regexes Config
  • AWS > Bedrock > Guardrail > Settings > Topic Policy
  • AWS > Bedrock > Guardrail > Settings > Topic Policy > Tier
  • AWS > Bedrock > Guardrail > Settings > Topic Policy > Topics Config
  • AWS > Bedrock > Guardrail > Settings > Word Policy
  • AWS > Bedrock > Guardrail > Settings > Word Policy > Managed Word Lists
  • AWS > Bedrock > Guardrail > Settings > Word Policy > Words Config

Action Types

Added

  • AWS > Bedrock > Enforced Guardrail Configuration > Delete
  • AWS > Bedrock > Enforced Guardrail Configuration > Delete from AWS
  • AWS > Bedrock > Enforced Guardrail Configuration > Router
  • AWS > Bedrock > Enforced Guardrail Configuration > Update Settings
  • AWS > Bedrock > Guardrail > Update Settings