You are not allowed to try to bypass or disable the safety features and content filters that AWS and model providers have built into Bedrock models.
This analysis describes what AWS Bedrock's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The terms impose an explicit obligation on customers not to attempt to circumvent model safety mechanisms, which applies to prompt engineering techniques, fine-tuning approaches, or system prompt configurations designed to override content policies.
Interpretive note: The boundary between permitted system prompt customization and prohibited safety circumvention is not precisely defined in the document text, creating interpretive uncertainty for advanced use cases.
The updated terms establish new data-sharing mechanisms for users of Anthropic models on Amazon Bedrock. Specifically, AWS now explicitly authorizes notification to Anthropic of metadata present in requests sent to certain Anthropic products (e.g., Claude Code, computer use features), enabling Anthropic to conduct product-level usage attribution. Additionally, the terms introduce AWS WAF AI traffic monetization, which permits AWS to facilitate payment transactions between content publishers and buyers by sharing pricing, payment, and configuration information with payment providers and facilitators; the updated terms clarify that AWS does not provide regulated financial services and is not a party to fund flows, and that users' interactions with payment providers are governed by separate terms between the user and those parties. Users employing these features should review what metadata may be embedded in their requests and understand their own obligations to payment providers.
View change record →The updated terms establish that customers operating Amazon RDS databases on end-of-life software versions are now required to upgrade to supported versions. The agreement authorizes AWS to scan extension code used with Trusted Language Extensions for security and performance purposes, and establishes that extension code constitutes customer content. AWS disclaims responsibility for service failures caused by extensions or end-of-life database software. If a customer does not upgrade before an engine reaches end of life, AWS may snapshot the customer's data and delete the instance or cluster running the unsupported software, after providing prior notice of the engine end-of-life date.
View change record →The updated terms establish new operational requirements for any organization using Amazon Connect Talent to make or inform employment decisions. Customers must now obtain legally adequate privacy notices and consents from job applicants before their data is processed by the service. The terms require customers to review all AI output before making hiring decisions, implement processes for applicants to request information about the AI's role in decisions, and ensure their use of the tool complies with applicable labor, anti-discrimination, disability, data privacy, AI, wiretap, recordkeeping, and biometrics laws. Customers can configure an AI services opt-out policy through AWS Organizations to prevent their data from being used to train or improve AWS AI technologies.
View change record →Customers using Bedrock must ensure that their prompt engineering, system prompt design, and fine-tuning workflows do not attempt to override safety mechanisms or content filters, as these activities are prohibited under the service terms regardless of the intended use case.
How other platforms handle this
You are solely responsible for the content that you post, upload, or otherwise make available through the Services. Udemy may, in its sole discretion, remove or disable access to any content that violates these Terms or that Udemy determines, in its sole discretion, is otherwise objectionable.
You may not use the Services to generate content that violates applicable laws or regulations, including content that is defamatory, obscene, fraudulent, or that infringes the intellectual property rights of any third party.
Don't use AI to generate content that could unduly influence elections, including targeted political messaging, voting misinformation, or political rhetoric at scale.
Monitoring
AWS Bedrock has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"You must not attempt to disable, circumvent, or otherwise undermine safety mechanisms, content filters, or use policies built into the models or the Service.— Excerpt from AWS Bedrock's AWS Service Terms
(1) REGULATORY LANDSCAPE: This prohibition aligns with requirements under the EU AI Act for deployers of AI systems to maintain and not undermine safety measures, and with FTC guidance on AI safety practices. Non-compliance with this clause could also implicate the Computer Fraud and Abuse Act in the US context depending on the method used to circumvent safety mechanisms, though legal applicability would depend on the specific technique and jurisdiction. (2) GOVERNANCE EXPOSURE: Medium. The clause is broadly worded and the boundary between legitimate prompt engineering for specialized use cases and prohibited circumvention attempts is not precisely defined in the document, creating interpretive uncertainty for advanced enterprise users with legitimate specialized requirements. (3) JURISDICTION FLAGS: EU customers face heightened exposure under the EU AI Act's safety obligations for AI deployers. The restriction applies globally to all Bedrock customers. (4) CONTRACT AND VENDOR IMPLICATIONS: Organizations providing Bedrock-based services to their own customers should include downstream use restrictions in their own terms of service to avoid facilitating end-user circumvention attempts that could constitute a breach of the AWS Service Terms. (5) COMPLIANCE CONSIDERATIONS: AI governance teams should establish internal policies distinguishing permitted system prompt customization from prohibited safety mechanism circumvention, and conduct legal review of any fine-tuning or model customization workflows that modify model behavior to ensure compliance with this provision.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The terms impose an explicit obligation on customers not to attempt to circumvent model safety mechanisms, which applies to prompt engineering techniques, fine-tuning approaches, or system prompt configurations designed to override content policies.
Customers using Bedrock must ensure that their prompt engineering, system prompt design, and fine-tuning workflows do not attempt to override safety mechanisms or content filters, as these activities are prohibited under the service terms regardless of the intended use case.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by AWS Bedrock.