Secure Amazon Bedrock AgentCore Runtime with AWS WAF

Puneeth Komaragiri· July 8, 2026 View original

▶ The 2-minute explainer

Summary

This post details two architectural patterns for securing Amazon Bedrock AgentCore Runtime using AWS WAF, an internet-facing Application Load Balancer (ALB), and a VPC Interface Endpoint. It covers both a Lambda-proxied approach for request transformation and a direct ALB-to-VPC Endpoint method, along with steps to enforce WAF-only traffic via resource policies and tested authentication methods.

A new guide outlines two distinct architectural approaches for enhancing the security of Amazon Bedrock AgentCore Runtime deployments. Both methods leverage an internet-facing Application Load Balancer (ALB) integrated with AWS WAF to manage incoming traffic, directing it through a VPC Interface Endpoint to the AgentCore Runtime. The first pattern introduces an AWS Lambda proxy between the ALB and the VPC Endpoint, offering granular control over request modifications. The second, more direct pattern, routes traffic from the ALB straight to the VPC Endpoint's Elastic Network Interface (ENI) IP addresses, eliminating the Lambda layer. The guide also provides instructions on implementing a resource policy to prevent direct access, ensuring all traffic is filtered through AWS WAF, and confirms end-to-end testing with SigV4 and OAuth (Amazon Cognito JWT) authentication.

Why it matters

For professionals deploying AI applications on AWS, understanding these security patterns is crucial for protecting sensitive data and ensuring compliance by properly securing access to AI services like Amazon Bedrock.

How to implement this in your domain

  1. 1Evaluate your security requirements for Amazon Bedrock AgentCore Runtime deployments.
  2. 2Choose between the Lambda-proxied or direct ALB-to-VPC Endpoint pattern based on your need for request transformation.
  3. 3Configure an internet-facing Application Load Balancer (ALB) and integrate it with AWS WAF for traffic filtering.
  4. 4Set up a VPC Interface Endpoint to privately connect your ALB to the AgentCore Runtime.
  5. 5Implement a resource policy to restrict direct access to AgentCore Runtime, forcing all traffic through AWS WAF.

Who benefits

Cloud ComputingCybersecuritySoftware DevelopmentFinancial ServicesHealthcare

Key takeaways

  • AWS WAF is essential for securing Amazon Bedrock AgentCore Runtime.
  • Two primary architectural patterns exist for secure deployment.
  • Lambda proxy offers request transformation control; direct method is simpler.
  • Resource policies can enforce WAF-only traffic.

Original post by Puneeth Komaragiri

"This post shows you two architecture patterns that address this problem. Both use an internet-facing ALB with AWS WAF and route traffic through a VPC Interface Endpoint to AgentCore Runtime. Pattern 1 places an AWS Lambda proxy between the ALB and the VPC Endpoint, giving you ful…"

View on X

Originally posted by Puneeth Komaragiri on X · view source

Want to go deeper?

Turn these trends into skills with Learnijoy's hands-on AI & tech courses.

Explore courses