AWS promises it will not use the data you send to Bedrock, including your prompts and AI outputs, to train its own AI models.
This analysis describes what AWS Bedrock's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This clause defines a specific boundary on AWS's permitted uses of customer data within the Bedrock service. It establishes that model improvement through customer content training is excluded from AWS's operational scope for this service.
Interpretive note: The commitment's scope relative to third-party model providers and its enforceability mechanism are not fully detailed in the visible document text.
The updated terms establish new data-sharing mechanisms for users of Anthropic models on Amazon Bedrock. Specifically, AWS now explicitly authorizes notification to Anthropic of metadata present in requests sent to certain Anthropic products (e.g., Claude Code, computer use features), enabling Anthropic to conduct product-level usage attribution. Additionally, the terms introduce AWS WAF AI traffic monetization, which permits AWS to facilitate payment transactions between content publishers and buyers by sharing pricing, payment, and configuration information with payment providers and facilitators; the updated terms clarify that AWS does not provide regulated financial services and is not a party to fund flows, and that users' interactions with payment providers are governed by separate terms between the user and those parties. Users employing these features should review what metadata may be embedded in their requests and understand their own obligations to payment providers.
View change record →The updated terms establish that customers operating Amazon RDS databases on end-of-life software versions are now required to upgrade to supported versions. The agreement authorizes AWS to scan extension code used with Trusted Language Extensions for security and performance purposes, and establishes that extension code constitutes customer content. AWS disclaims responsibility for service failures caused by extensions or end-of-life database software. If a customer does not upgrade before an engine reaches end of life, AWS may snapshot the customer's data and delete the instance or cluster running the unsupported software, after providing prior notice of the engine end-of-life date.
View change record →The updated terms establish new operational requirements for any organization using Amazon Connect Talent to make or inform employment decisions. Customers must now obtain legally adequate privacy notices and consents from job applicants before their data is processed by the service. The terms require customers to review all AI output before making hiring decisions, implement processes for applicants to request information about the AI's role in decisions, and ensure their use of the tool complies with applicable labor, anti-discrimination, disability, data privacy, AI, wiretap, recordkeeping, and biometrics laws. Customers can configure an AI services opt-out policy through AWS Organizations to prevent their data from being used to train or improve AWS AI technologies.
View change record →Your inputs and outputs in Amazon Bedrock will not be used by AWS to train foundation models, providing a meaningful baseline protection for proprietary business data processed through the platform.
How other platforms handle this
After registration, you may create, upload or transmit files, documents, videos, images, data or information as part of your use of the Service (collectively, "User Content"). This includes any inputs you provide to our AI-powered support tools and outputs generated in response to your inputs. User ...
Fairness: AI systems should treat all people fairly. AI can help manage information and make decisions, but it can also reinforce existing societal biases or create new ones. We're committed to fairness in AI system design.
engage in any of the foregoing in connection with any use, creation, development, modification, prompting, fine-tuning, training, testing, benchmarking or validation of any artificial intelligence or machine learning tool, model, system, algorithm, product or other technology ("AI Tool").
Monitoring
AWS Bedrock has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"We will not use Your Content to train the underlying models that are made available to you in Amazon Bedrock.— Excerpt from AWS Bedrock's AWS Service Terms
REGULATORY LANDSCAPE: This commitment engages GDPR principles of purpose limitation, as it constrains how AWS may use customer personal data transmitted through the service. It also interacts with CCPA business purpose limitations on data use by service providers. The FTC's oversight of deceptive data practices is relevant; this commitment constitutes a material representation that, if violated, could support an unfair or deceptive practice claim. Relevant enforcement authority includes the FTC and EU supervisory authorities under GDPR. GOVERNANCE EXPOSURE: Medium. While the commitment is clearly stated, the document does not describe technical enforcement mechanisms, audit rights for customers, or consequences for breach beyond general contract remedies. Compliance teams should note that this commitment applies to AWS-operated infrastructure but the document indicates it does not extend to third-party model providers accessible through Bedrock. JURISDICTION FLAGS: EU/EEA customers will want to confirm this commitment is reflected in the AWS Data Processing Addendum and that it satisfies Article 28 GDPR processor obligations regarding restrictions on data use. California businesses should confirm this aligns with their CCPA service provider agreements. Customers in sectors with heightened data sensitivity (healthcare, finance, legal) face the greatest exposure if this commitment were not honored. CONTRACT AND VENDOR IMPLICATIONS: Procurement teams should verify that this commitment is incorporated by reference into the applicable DPA or master agreement, not only in service-level terms that AWS may update unilaterally. The absence of audit rights related to this commitment is a standard gap in cloud provider agreements but may be a negotiation point for enterprise customers. COMPLIANCE CONSIDERATIONS: Compliance teams should document this commitment in their AI vendor risk assessments and note its scope limitation to AWS's own models. Internal AI governance policies should specify that the no-training commitment does not apply when using third-party models through Bedrock, and separate data governance controls should be applied in those contexts.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
How Meta, TikTok, and Supabase restructured governance language across documents, jurisdictions, and consent frameworks through incremental document updates.
How 10 AI platforms describe the use of user data for model training, improvement, and development, based on archived governance provisions.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This clause defines a specific boundary on AWS's permitted uses of customer data within the Bedrock service. It establishes that model improvement through customer content training is excluded from AWS's operational scope for this service.
Your inputs and outputs in Amazon Bedrock will not be used by AWS to train foundation models, providing a meaningful baseline protection for proprietary business data processed through the platform.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by AWS Bedrock.