AWS Bedrock Integration
Route your AWS Bedrock traffic through Rivaro for runtime enforcement. InvokeModel and Converse API styles, AWS SigV4 authentication, and streaming.
Authentication
Bedrock is different from other providers: there is no API key header. Authentication uses AWS SigV4 request signing, which your AWS SDK handles automatically.
Your AWS SDK signs the request, then sends it through the Rivaro proxy. Rivaro passes all AWS signature headers through to Bedrock unchanged.
SDK Configuration
Python (boto3)
import boto3
from botocore.config import Config
bedrock = boto3.client(
'bedrock-runtime',
region_name='us-east-1',
endpoint_url='https://your-org.rivaro.ai',
config=Config(
inject_host_prefix=False
)
)
# Add X-Detection-Key via event system
def add_detection_key(params, **kwargs):
params['headers']['X-Detection-Key'] = 'detect_live_your_key_here'
bedrock.meta.events.register('before-sign.bedrock-runtime.*', add_detection_key)
curl
# Note: AWS SigV4 signing is complex via curl.
# Use the AWS SDK for production. This example shows the URL structure.
curl https://your-org.rivaro.ai/model/anthropic.claude-3-sonnet-20240229-v1:0/invoke \
-H "Content-Type: application/json" \
-H "X-Detection-Key: detect_live_your_key_here" \
-H "Authorization: AWS4-HMAC-SHA256 ..." \
-H "X-Amz-Date: 20260221T100000Z" \
-d '{
"anthropic_version": "bedrock-2023-05-31",
"messages": [{"role": "user", "content": "Hello"}],
"max_tokens": 1024
}'
Supported Endpoints
InvokeModel API (model-specific)
| Endpoint | Method | Description |
|---|---|---|
/model/{modelId}/invoke | POST | Invoke a model (non-streaming) |
/model/{modelId}/invoke-with-response-stream | POST | Invoke with streaming |
The request and response body format depends on the model. Common formats:
- Claude: Anthropic Messages format (
messages,max_tokens) - Llama / Mistral: Model-specific JSON
- Titan: Amazon Titan format
Converse API (standardized)
| Endpoint | Method | Description |
|---|---|---|
/converse | POST | Standardized conversation API |
/converse-stream | POST | Standardized streaming conversation |
The Converse API provides a unified request/response format across all Bedrock models, including support for tool use and vision.
InvokeModel vs Converse
| Feature | InvokeModel | Converse |
|---|---|---|
| Request format | Model-specific | Standardized |
| Tool calling | Model-specific | Unified |
| Vision support | Model-specific | Unified |
| Streaming | /invoke-with-response-stream | /converse-stream |
| Recommendation | Legacy / specific needs | Preferred for new integrations |
Converse Example
response = bedrock.converse(
modelId='anthropic.claude-3-sonnet-20240229-v1:0',
messages=[{
'role': 'user',
'content': [{'text': 'What is quantum computing?'}]
}],
inferenceConfig={
'maxTokens': 1024,
'temperature': 0.7
}
)
print(response['output']['message']['content'][0]['text'])
Streaming
Bedrock streaming works through both API styles. The stream format varies by model family when using InvokeModel, but is standardized with Converse.
Enforcement follows the same pattern as other providers: content is forwarded in real time, detection runs on the accumulated response after the stream completes.
Completion markers by model format
| Format | Completion marker |
|---|---|
| Claude | "stop_reason":"end_turn" |
| Llama / Mistral | "stop_reason":"stop" |
| Titan | "completionReason":"FINISH" |
| Converse | "stopReason":"end_turn" |
Blocked Requests
When Rivaro blocks a request, the response format depends on the model format configured in the AppContext:
Claude format:
{
"content": [{"type": "text", "text": "Content blocked due to policy violations"}],
"stop_reason": "content_filtered"
}
Converse format:
{
"output": {
"message": {
"content": [{"text": "Content blocked due to policy violations"}]
}
},
"stopReason": "content_filtered"
}
AppContext Configuration
When creating an AppContext for Bedrock, the configuration map supports:
| Key | Description |
|---|---|
bedrockModelId | Full Bedrock model ARN (e.g. anthropic.claude-3-sonnet-20240229-v1:0) |
bedrockModelFormat | Request/response format: claude, llama, mistral, titan, or converse |
Required Headers
| Header | Required | Description |
|---|---|---|
X-Detection-Key | Yes | Your Rivaro detection key |
Authorization | Yes | AWS SigV4 signature (set by AWS SDK) |
X-Amz-Date | Yes | Request timestamp (set by AWS SDK) |
X-Amz-Security-Token | Conditional | Session token (if using temporary credentials) |
Content-Type | Yes | application/json |
Next steps
- Error Handling — Handle Rivaro-specific errors
- Understanding Detections — What Rivaro scans for
- API Reference — Full endpoint reference