Use Customer-Managed Keys to Encrypt Amazon Bedrock Guardrails

Sign in to the AWS Management Console.

Navigate to Amazon Bedrock console available at https://console.aws.amazon.com/bedrock/.

In the main navigation panel, under Safeguards, select Guardrails.

In the Guardrails section, click on the name (link) of the Amazon Bedrock guardrail that you want to examine, available in the Name column.

In the Guardrail Overview overview section, check the KMS key attribute value to identify the Amazon KMS key used to encrypt the selected guardrail. If the KMS key attribute has no value (i.e. no KMS key ARN), the selected Amazon Bedrock guardrail is encrypted using an AWS-managed key (default key provided by AWS) instead of using a Customer Managed Key (CMK).

Repeat steps no. 4 and 5 for each Amazon Bedrock guardrail available within the current AWS region.

Change the AWS cloud region from the navigation bar to repeat the Audit process for other regions.

Run list-guardrails command (OSX/Linux/UNIX) to list the Amazon Resource Name (ARN) of each Amazon Bedrock guardrail available in the selected AWS cloud region:

aws bedrock list-guardrails
  --region us-east-1
  --query 'guardrails[*].arn'

The command output should return the requested guardrail identifiers (ARNs):

[
	"arn:aws:bedrock:us-east-1:123456789012:guardrail/abcd1234abcd",
	"arn:aws:bedrock:us-east-1:123456789012:guardrail/1234abcd1234"
]

Run get-guardrail command (OSX/Linux/UNIX) with the name of the Amazon Bedrock guardrail that you want to examine as the identifier parameter and custom output filters to describe the Amazon Resource Name (ARN) of the KMS key used to encrypt the selected guardrail:

aws bedrock get-guardrail
  --region us-east-1
  --guardrail-identifier arn:aws:bedrock:us-east-1:123456789012:guardrail/abcd1234abcd
  --query 'kmsKeyArn'

The command output should return the requested KMS key ARN:

null

If the get-guardrail command output returns null, as shown in the example above, the selected Amazon Bedrock guardrail is encrypted using an AWS-managed key (default key provided by Amazon Bedrock) instead of using a Customer Managed Key (CMK).

Repeat steps no. 3 and 4 for each Amazon Bedrock guardrail available in the selected AWS region.

Change the AWS cloud region by updating the --region command parameter value and repeat steps no. 1 – 5 to perform the Audit process for other regions.

Sign in to the AWS Management Console.

To create your own KMS Customer Managed Key (CMK), navigate to Key Management Service (KMS) console available at https://console.aws.amazon.com/kms/.

In the main navigation panel, choose Customer managed keys.

Choose Create Key to initiate the key setup process.

For Step 1 Configure key, perform the following actions:

1. Choose Symmetric for Key type.
2. Select KMS for Key usage.
3. Choose Advanced options, select KMS - recommended for Key material origin, and choose whether to allow your KMS key to be replicated into other AWS cloud regions. If Single-Region key is selected, the AWS region must match the region of your Amazon Bedrock guardrail.
4. Select Next to continue the key setup process.

For Step 2 Add labels, provide the following details:

1. Provide a unique name (alias) for your KMS key in the Alias box.
2. (Optional) Enter a short description in the Description box.
3. (Optional) Choose Add tag from the Tags - optional section to create any necessary tag sets. Tags can be used to categorize and identify your KMS keys and help you track your AWS costs.
4. Select Next to continue the setup.

For Step 3 Define key administrative permissions, perform the following operations:

1. For Key administrators, select which IAM users and/or roles can administer your new key through the KMS API. You may need to add additional permissions for the users or roles to administer the key from the AWS Management Console.
2. For Key deletion, choose whether to allow key administrators to delete your KMS key.
3. Select Next to continue the setup process.

For Step 4 Define key usage permissions, perform the following actions:

1. For Key users, select which IAM users and/or roles can use your KMS key in cryptographic operations.
2. (Optional) For Other AWS accounts section, specify the AWS accounts that can use your key. To configure cross-account access, choose Add another AWS account and enter the ID of the AWS cloud account that can use your KMS key for cryptographic operations. The administrators of the AWS accounts you specify at this step are responsible for managing the permissions that allow their IAM users and/or roles to use your key.
3. Select Next to continue the setup.

For Step 5 Review, review the key configuration and key policy, then choose Finish to create your new Amazon KMS Customer Managed Key (CMK).

Once your new KMS Customer Managed Key (CMK) is available, navigate to Amazon Bedrock console available at https://console.aws.amazon.com/bedrock/.

In the main navigation panel, under Safeguards, select Guardrails.

In the Guardrails section, select the Amazon Bedrock guardrail that you want to configure, and choose Edit.

Choose KMS key selection - optional, check the Encryption Info setting checkbox, and choose the ID of the Amazon KMS Customer Managed Key (CMK) created earlier in the Remediation process, from the Choose an AWS KMS key - optional dropdown list.

Choose Save and exit to apply the configuration changes and return to the Guardrails listing page.

Repeat steps no. 12 - 14 for each Amazon Bedrock guardrail available in the selected AWS region.

Change the AWS cloud region from the navigation bar and repeat the Remediation process for other regions.

Define the IAM policy that enables the selected users and/or roles to manage your new KMS Customer Managed Key (CMK), and to encrypt/decrypt your data using the KMS API. Create a new policy document (JSON format), name the file guardrail-kms-key-policy.json, and paste the following content (replace \<aws-account-id\> and \<role-name\> with your own AWS details):

{
	"Id": "aws-sagemaker-cmk-policy",
	"Version": "2012-10-17",
	"Statement": [
		{
			"Sid": "Enable IAM User Permissions",
			"Effect": "Allow",
			"Principal": {
				"AWS": "arn:aws:iam::<aws-account-id>:root"
			},
			"Action": "kms:*",
			"Resource": "*"
		},
		{
			"Sid": "Allow access for Key Administrators",
			"Effect": "Allow",
			"Principal": {
				"AWS": "arn:aws:iam::<aws-account-id>:role/service-role/<role-name>"
			},
			"Action": [
				"kms:Create*",
				"kms:Describe*",
				"kms:Enable*",
				"kms:List*",
				"kms:Put*",
				"kms:Update*",
				"kms:Revoke*",
				"kms:Disable*",
				"kms:Get*",
				"kms:Delete*",
				"kms:TagResource",
				"kms:UntagResource",
				"kms:ScheduleKeyDeletion",
				"kms:CancelKeyDeletion",
				"kms:RotateKeyOnDemand"
			],
			"Resource": "*"
		},
		{
			"Sid": "Allow use of the key",
			"Effect": "Allow",
			"Principal": {
				"AWS": "arn:aws:iam::<aws-account-id>:role/service-role/<role-name>"
			},
			"Action": [
				"kms:Encrypt",
				"kms:Decrypt",
				"kms:ReEncrypt*",
				"kms:GenerateDataKey*",
				"kms:DescribeKey"
			],
			"Resource": "*"
		},
		{
			"Sid": "Allow attachment of persistent resources",
			"Effect": "Allow",
			"Principal": {
				"AWS": "arn:aws:iam::<aws-account-id>:role/service-role/<role-name>"
			},
			"Action": [
				"kms:CreateGrant",
				"kms:ListGrants",
				"kms:RevokeGrant"
			],
			"Resource": "*",
			"Condition": {
				"Bool": {
					"kms:GrantIsForAWSResource": "true"
				}
			}
		}
	]
}

Run create-key command (OSX/Linux/UNIX) with the policy document created at the previous step (i.e.guardrail-kms-key-policy.json) as value for the --policy parameter, to create your new Amazon KMS Customer Managed Key (CMK):

aws kms create-key
  --region us-east-1
  --description 'KMS CMK for Amazon Bedrock guardrail encryption'
  --policy file://guardrail-kms-key-policy.json
  --query 'KeyMetadata.Arn'

The command output should return the ARN of the new Customer Managed Key (CMK):

"arn:aws:kms:us-east-1:123456789012:key/1234abcd-1234-abcd-1234-abcd1234abcd"

Run create-alias command (OSX/Linux/UNIX) to attach an alias to your new Customer Managed Key (CMK). The alias must start with the prefix "alias/" (the command does not produce an output):

aws kms create-alias
  --region us-east-1
  --alias-name alias/BedrockGuardrailCMK
  --target-key-id arn:aws:kms:us-east-1:123456789012:key/1234abcd-1234-abcd-1234-abcd1234abcd

Run update-guardrail command (OSX/Linux/UNIX) with the name of the Amazon Bedrock guardrail that you want to configure as the identifier parameter, to encrypt the selected guardrail with your new Amazon KMS Customer Managed Key (CMK). Use the --kms-key-id command paramater to specify the ARN of the Customer Managed Key (CMK) with which to encrypt your guardrail:

aws bedrock update-guardrail
  --region us-east-1
  --guardrail-identifier arn:aws:bedrock:us-east-1:123456789012:guardrail/abcd1234abcd
  --name tm-project5-ai-guardrail
  --content-policy-config 'filtersConfig=[{type="VIOLENCE",inputStrength="HIGH",outputStrength="NONE"},{type="HATE",inputStrength="HIGH",outputStrength="NONE"}]'
  --blocked-input-messaging "Sorry, the model cannot answer this question."
  --blocked-outputs-messaging "Sorry, the model cannot answer this question."
  --kms-key-id arn:aws:kms:us-east-1:123456789012:key/1234abcd-1234-abcd-1234-abcd1234abcd

The command output should return the identification details available for the configured guardrail:

{
	"guardrailId": "abcd1234abcd",
	"guardrailArn": "arn:aws:bedrock:us-east-1:123456789012:guardrail/abcd1234abcd",
	"version": "DRAFT",
	"updatedAt": "2024-06-10T12:06:16.668203+00:00"
}

Repeat steps no. 5 and 6 for each Amazon Bedrock guardrail available in the selected AWS region.

Change the AWS cloud region by updating the --region command parameter value and repeat the Remediation process for other regions.