AWS Bedrock updated its AWS Service Terms on July 1, 2026, removing several AWS IQ marketplace provisions and adding new language around AWS Config third-party recorders. The change eliminates the 24-month exclusivity requirement for using AWS IQ to pay providers, removes obligations to revoke provider access immediately upon violations, and removes a blanket release of claims related to AWS IQ. The update adds explicit authorization for AWS to use and store Config Content to develop and improve AWS Config and related security services, with an opt-out mechanism available through AWS Organizations.
The updated terms remove the requirement that customers use AWS IQ exclusively for 24 months after identifying a provider through the marketplace, and eliminate the blanket release of claims related to AWS IQ use. For AWS Config users who enable third-party recorders, the revised terms authorize AWS to use and store configuration data to develop and improve AWS Config and related security services, including storage in AWS regions outside the region where you use Config. You can opt out of this data use by configuring an AI services opt-out policy through AWS Organizations.
The updated terms remove contractual restrictions on how customers can pay AWS IQ providers and eliminate a broad liability waiver, reducing friction in vendor payment arrangements. Simultaneously, the explicit authorization for AWS to use Config data for service improvement (including cross-region storage) represents an expanded data processing authority that organizations should evaluate against their data governance and privacy frameworks, though the opt-out mechanism preserves user control.
→ If you use AWS Config with third-party recorders, review whether the data-use authorization aligns with your data governance requirements.
→ Configure an AWS Organizations AI services opt-out policy if you prefer to prevent AWS from using Config data for service improvement.
→ If you use AWS Config third-party recorders without opting out, AWS will use and store your Config data to develop and improve AWS Config and related security services, potentially across AWS regions outside your home region.
→ The removal of the AWS IQ liability waiver means you no longer release all claims related to AWS IQ marketplace use, but this does not create an affirmative obligation.
Removed, allowing customers to use alternative payment methods for provider services after initial marketplace identification.
Added explicit authorization for AWS to use and store Config data to develop and improve services, with opt-out available via AWS Organizations.
Removed blanket waiver of claims and damages related to AWS IQ marketplace use.
This change record describes what was added, removed, or modified in the document. Analysis reflects what the updated agreement states or permits. It does not constitute a legal determination about enforceability. Applicability may vary by jurisdiction. Methodology
You are no longer required to pay AWS IQ providers exclusively through the AWS IQ marketplace for 24 months after you meet them.
AWS can now use your configuration data to improve its services and may store it outside your home region, but you can opt out through AWS Organizations.
+ 1 more obligation changes. Full breakdown available with Monitor.
Track changes →This change removes contractual restrictions on alternative payment methods for AWS IQ provider services and eliminates a broad liability waiver related to marketplace use. Simultaneously, it expands AWS's authority to use Config data for service improvement and cross-region storage. The opt-out mechanism for Config data use may reduce compliance friction under data protection frameworks that require user control over processing. No specific regulatory violation is apparent, but organizations should confirm that the opt-out mechanism aligns with their data governance policies and that third-party recorder deployments in AWS Config have been evaluated under applicable data protection regimes.
GDPR (data processing and storage authorization), CCPA (data use authorization), AWS regional data residency commitments
Full compliance analysis
Obligation analysis, escalation trigger, board language, and recommended action.
Monitor: regulatory citations + obligations. Compliance: full compliance memo.
ConductAtlas provides verified policy intelligence sourced directly from platform documents. All analysis is intended to support, not replace, legal and compliance review. Record CA-C-003393.
See the full side-by-side comparison of every sentence added, removed, and modified.
🔒 Full diff — MonitorAWS Bedrock added a new section (110) to its Service Terms governing free exploration services, which are technical consulting and …
AWS Bedrock updated its Service Terms on June 23, 2026 to add Amazon GuardDuty to the list of Services that …
Get alerted when this policy changes again — including what changed and why it matters.
Prefer a weekly summary instead?
Get the biggest policy changes across 320+ platforms every Sunday.