AWS can change or shut down Bedrock features at any time, and can cut off your access if it determines you have violated the terms.
This analysis describes what AWS Bedrock's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This clause establishes AWS's unilateral right to alter service functionality and configuration without advance notice requirements, and establishes termination as an authorized enforcement mechanism for violations of the governing agreements.
Interpretive note: The document does not specify notice periods for service modifications, and the applicable notice obligations may depend on the master agreement or DPA rather than the service terms alone.
The updated terms establish new data-sharing mechanisms for users of Anthropic models on Amazon Bedrock. Specifically, AWS now explicitly authorizes notification to Anthropic of metadata present in requests sent to certain Anthropic products (e.g., Claude Code, computer use features), enabling Anthropic to conduct product-level usage attribution. Additionally, the terms introduce AWS WAF AI traffic monetization, which permits AWS to facilitate payment transactions between content publishers and buyers by sharing pricing, payment, and configuration information with payment providers and facilitators; the updated terms clarify that AWS does not provide regulated financial services and is not a party to fund flows, and that users' interactions with payment providers are governed by separate terms between the user and those parties. Users employing these features should review what metadata may be embedded in their requests and understand their own obligations to payment providers.
View change record →The updated terms establish that customers operating Amazon RDS databases on end-of-life software versions are now required to upgrade to supported versions. The agreement authorizes AWS to scan extension code used with Trusted Language Extensions for security and performance purposes, and establishes that extension code constitutes customer content. AWS disclaims responsibility for service failures caused by extensions or end-of-life database software. If a customer does not upgrade before an engine reaches end of life, AWS may snapshot the customer's data and delete the instance or cluster running the unsupported software, after providing prior notice of the engine end-of-life date.
View change record →The updated terms establish new operational requirements for any organization using Amazon Connect Talent to make or inform employment decisions. Customers must now obtain legally adequate privacy notices and consents from job applicants before their data is processed by the service. The terms require customers to review all AI output before making hiring decisions, implement processes for applicants to request information about the AI's role in decisions, and ensure their use of the tool complies with applicable labor, anti-discrimination, disability, data privacy, AI, wiretap, recordkeeping, and biometrics laws. Customers can configure an AI services opt-out policy through AWS Organizations to prevent their data from being used to train or improve AWS AI technologies.
View change record →Production AI applications built on Bedrock are exposed to service changes or termination at AWS's discretion, which could require rapid redesign or migration and create business continuity risk.
How other platforms handle this
Grubhub reserves the right to modify or discontinue, temporarily or permanently, the Services (or any part thereof) with or without notice. Grubhub reserves the right to refuse service, terminate accounts, remove or edit content in its sole discretion.
Shopify reserves the right at any time to modify or discontinue the Service (or any part or content thereof) without notice at any time. Shopify shall not be liable to you or to any third party for any modification, suspension, or discontinuance of the Service.
We may terminate or suspend your access to our Services at any time without notice if we reasonably believe: (i) you have violated these Terms, including our Acceptable Use Policy; (ii) we must do so to comply with a legal requirement or court order; (iii) your use of our Services exposes us—or any ...
Monitoring
AWS Bedrock has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"AWS may modify or discontinue Amazon Bedrock features or services at any time, and may terminate your access to Amazon Bedrock if you violate these service terms or the AWS Customer Agreement.— Excerpt from AWS Bedrock's AWS Service Terms
REGULATORY LANDSCAPE: Broad service modification and termination rights are standard in cloud service agreements and are not directly regulated by AI-specific frameworks. However, for organizations subject to operational resilience requirements (such as EU DORA for financial services, or NHS digital service continuity standards in the UK), unilateral modification rights in critical AI service agreements create compliance considerations. Data portability requirements under GDPR may also be relevant if termination affects access to customer content stored in the service. GOVERNANCE EXPOSURE: Medium. The primary risk is operational rather than regulatory: businesses that have embedded Bedrock deeply in production workflows without alternative vendor capabilities face significant disruption risk if features change or access is terminated. The absence of specified notice periods for modifications (beyond what may be in the master agreement) is a standard but notable gap. JURISDICTION FLAGS: EU financial services firms subject to DORA must assess whether their Bedrock dependency creates concentration risk that exceeds permitted thresholds. UK financial services firms under FCA operational resilience rules face similar considerations. Public sector customers in various jurisdictions may have procurement rules that limit acceptable unilateral modification rights in critical service contracts. CONTRACT AND VENDOR IMPLICATIONS: Enterprise procurement teams should negotiate SLA provisions addressing notice periods for material service changes, particularly for features that are deeply integrated into production systems. Business continuity planning should include Bedrock migration or fallback scenarios. Vendor lock-in risk assessments should account for the breadth of the modification right. COMPLIANCE CONSIDERATIONS: Organizations with operational resilience obligations should document Bedrock as a critical third-party dependency and assess concentration risk. Data egress and portability procedures should be tested before termination events occur rather than in response to them.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This clause establishes AWS's unilateral right to alter service functionality and configuration without advance notice requirements, and establishes termination as an authorized enforcement mechanism for violations of the governing agreements.
Production AI applications built on Bedrock are exposed to service changes or termination at AWS's discretion, which could require rapid redesign or migration and create business continuity risk.
ConductAtlas has identified this type of provision across 1 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by AWS Bedrock.