Ensure that your Amazon Bedrock Managed Prompts (prompt resources created and stored using Bedrock Prompt management) are encrypted using Amazon KMS Customer-Managed Keys (CMKs) instead of the default AWS-managed key. Prompt templates created with Prompt management contain the core instructions, system prompts, variables, and (optionally) tool configurations that shape foundation model behavior across your application.
Prompt templates often encode sensitive business logic, proprietary instructions, guardrail-bypassing safety language, or references to internal systems and data. An identity or automation with the bedrock:UpdatePrompt permission can modify a prompt's template directly, for example injecting malicious instructions that alter model behavior across every workflow that consumes the prompt. Using your own Amazon KMS Customer-Managed Key (CMK) to encrypt your Managed Prompts provides an additional layer of protection: you can enforce strict key policies to control precisely which principals can use the key to encrypt or decrypt prompt data, you can disable or revoke the key independently of the Bedrock resource to immediately cut off access, and every use of the key is recorded in AWS CloudTrail, giving you an audit trail of all encryption and decryption operations performed against your prompt data.
Audit
To determine if your Amazon Bedrock Managed Prompts are encrypted using KMS Customer-Managed Keys (CMKs), perform the following operations:
Remediation / Resolution
To encrypt your Amazon Bedrock Managed Prompts with your own KMS Customer-Managed Key (CMK), create a CMK (if you don't already have one) and update each non-compliant prompt to use it, by performing the following operations:
Managed Prompts support changing the KMS key without recreating the prompt: the UpdatePrompt API and update-prompt CLI command accept a customerEncryptionKeyArn parameter directly. However, update-prompt performs a full replacement of the prompt configuration (an HTTP PUT) — the AWS documentation instructs you to "include both fields that you want to keep and fields that you want to replace." Only --prompt-identifier and --name are required parameters, but any field you omit (--variants, --default-variant, --description) is removed from the prompt. Because --variants holds the prompt's actual template content, you must re-supply it (along with --default-variant) or the prompt template will be wiped. Before running update-prompt, use get-prompt to retrieve the prompt's current name, defaultVariant, and variants, then re-supply them alongside the new --customer-encryption-key-arn.References
- AWS Documentation
- Construct and store reusable prompts with Prompt management in Amazon Bedrock - Amazon Bedrock
- GetPrompt - Amazon Bedrock
- ListPrompts - Amazon Bedrock
- Data encryption - Amazon Bedrock
- Create a prompt using Prompt management - Amazon Bedrock
- AWS KMS keys - AWS Key Management Service
- AWS Command Line Interface (CLI) Documentation
- list-prompts
- get-prompt
- create-prompt
- delete-prompt