How to Set Up Centralized Cross-Account Safeguards with Amazon Bedrock Guardrails

Introduction

Amazon Bedrock Guardrails now offers centralized cross-account safeguards, allowing you to enforce safety controls across multiple AWS accounts within an organization from a single management account. This capability ensures uniform protection for all generative AI applications using Bedrock, reducing administrative overhead while maintaining compliance with corporate responsible AI policies. In this guide, we'll walk you through the steps to configure both account-level and organization-level enforcement, including prerequisites, model filtering, and content guarding options.

What You Need

• Access to the AWS Management Console with permissions to create and manage guardrails in Amazon Bedrock.
• An existing guardrail with a specific version (created in Bedrock Guardrails) – the version must be immutable to prevent modifications by member accounts.
• Resource-based policies for guardrails that allow cross-account usage (see AWS documentation for details).
• For organization-level enforcement: AWS Organizations configured with a management account and member accounts, organizational units (OUs).
• IAM roles or users with permissions to invoke Bedrock models and manage guardrail policies.

Step-by-Step Instructions

Step 1: Prepare Your Guardrail and Prerequisites

Before enabling enforcement, you must create a guardrail with a specific version. This version will be used across accounts and cannot be changed by member accounts – ensuring consistency. In the Bedrock Guardrails console, create a new guardrail or use an existing one. Then:

• Navigate to Guardrails in the Bedrock console.
• Select your guardrail and create a new version (e.g., version 1). Note the version ID.
• Set up resource-based policies on the guardrail to allow access from other accounts or the organization. This is done using AWS RAM (Resource Access Manager) or direct policy statements.

These steps ensure the guardrail is ready for centralized enforcement.

Step 2: Enable Account-Level Enforcement

Account-level enforcement automatically applies the guardrail to all Bedrock model invocations in a specific AWS account and region. To set it up:

1. In the Bedrock Guardrails console, go to Account-level enforcement configurations.
2. Click Create.
3. Select the guardrail and version you prepared in Step 1. This guardrail will apply to all Bedrock inference calls from this account in the current region.
4. (Optional) Configure model filtering – see Step 3 below.
5. Save the configuration.

Repeat for each account where you want enforcement, or use organization-level enforcement to cover all at once.

Step 3: Configure Model Inclusion or Exclusion

With the new feature, you can define which models are affected by the enforcement. Use the Include or Exclude behavior:

• Include: Only applies the guardrail to the specified models.
• Exclude: Applies the guardrail to all models except those listed.

In the account-level enforcement configuration form, look for the model selection options and choose your preference. This granular control lets you apply safeguards to specific models while exempting others (e.g., test models).

Step 4: Set Content Guarding Controls

You can choose between Comprehensive and Selective content guarding for system prompts and user prompts:

• Comprehensive: Enforces guardrails on all prompts, both system and user, regardless of content.
• Selective: Allows you to define specific rules (e.g., only filter offensive language) – more flexible but requires careful configuration.

Select the appropriate option in the enforcement form. This step ensures that the guardrail's filters are applied as intended.

Step 5: Enable Organization-Level Enforcement (Optional)

For centralized management across all accounts and OUs in your AWS Organization, use organization-level enforcement:

1. In the Bedrock Guardrails console, navigate to Organization-level enforcement configurations.
2. Choose a guardrail and version from the management account.
3. Define the policy that applies this guardrail to all member accounts, OUs, or specific accounts.
4. Optionally, allow account-level overrides (but note: organization-level enforcement can be set as mandatory).
5. Save and deploy. This policy automatically enforces the guardrail on every Bedrock model invocation across the organization.

This eliminates the need to configure each account individually and ensures uniform protection.

Tips and Conclusion

• Test in a sandbox account first: Before rolling out organization-wide, test enforcement in a single account to verify that the guardrail doesn't break existing applications.
• Use versioning deliberately: Since guardrail versions are immutable for enforcement, plan updates carefully. Create a new version when you need to change filters.
• Monitor with AWS CloudTrail: Log enforcement events to audit compliance and troubleshoot issues.
• Combine with IAM policies: Restrict who can modify enforcement configurations to your security team.
• Consider Regional differences: Enforcement is per region; you may need to replicate configurations across regions if you use multiple Bedrock regions.

By following these steps, you can centrally manage responsible AI safeguards across your entire AWS organization, reducing manual oversight while maintaining high standards. The new cross-account capabilities simplify compliance with corporate AI policies and free up your security team from per-account configuration checks.