AWS Introduces Two Patterns to Secure Bedrock AgentCore Runtime with AWS WAF
Jul 10, 2026
AWS published a blog post detailing two architecture patterns to secure Amazon Bedrock AgentCore Runtime using AWS WAF. Both patterns use an internet-facing Application Load Balancer (ALB) with AWS WAF and route traffic through a VPC Interface Endpoint. Pattern 1 adds a Lambda proxy for full request control, while Pattern 2 targets VPC Endpoint ENI IPs directly to reduce latency.
Why it matters: This provides enterprise customers with validated, secure access patterns for Bedrock AgentCore, closing direct-access backdoors and supporting both SigV4 and OAuth authentication.
Full story at: AWS Machine Learning Blog ↗