AWS Bedrock

Category: provider · Cloud + Local + Self-deploy · Status: v1 — production

Bedrock is AWS’s managed-foundation-model service. It hosts five model families behind one unified API:

• Anthropic — Claude 3.5/3.7/4 family
• Meta — Llama 3, 3.1, 3.3 (8B, 70B, 405B)
• Amazon — Titan
• Mistral — Mistral Large, Mixtral
• Cohere — Command R, Command R+

If your org is already AWS-heavy, Bedrock means one bill, IAM-native auth, and (frequently) procurement that’s already approved. prxy.monster ships a first-class Bedrock provider client that exposes every Bedrock model through the same canonical request shape as Anthropic / OpenAI / Google / Groq.

When to use it

✅ Org policy requires AWS-only inference egress ✅ You want Claude and Llama under one bill ✅ You have unused AWS credits to burn ✅ You’re using the AWS CDK self-deploy template (infra/aws-cdk/) — Bedrock is wired in by default ✅ Compliance / data-residency calls for in-region inference

❌ You only ever use one model and the vendor’s direct API is fine ❌ You need a feature Bedrock doesn’t surface yet (e.g. some Anthropic beta headers)

Model name format

Use bedrock/<model-id>:

bedrock/anthropic.claude-sonnet-4-20250514-v1:0
bedrock/meta.llama3-70b-instruct-v1:0
bedrock/amazon.titan-text-express-v1
bedrock/mistral.mistral-large-2402-v1:0
bedrock/cohere.command-r-plus-v1:0

The bedrock/ prefix is the routing signal — the provider router strips it before sending to the SDK.

Authentication

Pass an AWS credentials blob alongside the request, OR rely on the SDK default credential chain (env vars, shared config, IAM role, IRSA — preferred when running inside AWS).

IAM role (preferred)

Run the gateway on EC2, ECS, App Runner, or EKS with an instance role that has:

{
  "Effect": "Allow",
  "Action": [
    "bedrock:InvokeModel",
    "bedrock:InvokeModelWithResponseStream",
    "bedrock:Converse",
    "bedrock:ConverseStream"
  ],
  "Resource": "arn:aws:bedrock:*::foundation-model/*"
}

The infra/aws-cdk/ template wires this for you — App Runner instance role gets least-priv Bedrock access out of the box.

Static credentials

import { encodeBedrockCredentials } from '@prxy/provider-clients';
 
const creds = encodeBedrockCredentials({
  accessKeyId: 'AKIA...',
  secretAccessKey: '...',
  region: 'us-east-1',
});
 
await bedrockClient.complete(request, creds);

Streaming

Bedrock’s ConverseStream API is supported end-to-end:

for await (const chunk of bedrockClient.stream(request, creds)) {
  // canonical CanonicalChunk events — same shape as every other provider
}

Streaming chunks are translated to the canonical message_start → content_block_* → message_stop event surface so downstream modules (semantic-cache, ipc, patterns) work unchanged.

Tools

tool_use and tool_result translate to Bedrock’s toolUse / toolResult blocks. Tool definitions translate to toolConfig.tools[].toolSpec with inputSchema.json. The translator handles the Bedrock-specific JSON schema wrapping for you.

Pricing & cost-guard

cost-guard recognises the bedrock/ prefix and falls back to its catch-all pricing while we extend the static price map. Until the per-model Bedrock prices land in the cost map, set conservative caps on the front side:

cost-guard:
  perRequest: 0.50
  perDay: 50.0

Bedrock’s per-model pricing is published at aws.amazon.com/bedrock/pricing .

Region availability

Bedrock model availability is region-scoped. us-east-1 and us-west-2 have the broadest catalog at the moment. Set the right region in the credentials blob (or the AWS_REGION env var) — the SDK doesn’t auto-discover availability.