← Back to brief
InfrastructureOfficialAWS Machine Learning Blog

AWS Introduces Two Patterns to Secure Bedrock AgentCore Runtime with AWS WAF

Jul 10, 2026

AWS published a blog post detailing two architecture patterns to secure Amazon Bedrock AgentCore Runtime using AWS WAF. Both patterns use an internet-facing Application Load Balancer (ALB) with AWS WAF and route traffic through a VPC Interface Endpoint. Pattern 1 adds a Lambda proxy for full request control, while Pattern 2 targets VPC Endpoint ENI IPs directly to reduce latency.

Why it matters: This provides enterprise customers with validated, secure access patterns for Bedrock AgentCore, closing direct-access backdoors and supporting both SigV4 and OAuth authentication.

Full story at: AWS Machine Learning Blog