Skip to main content
Legacy deployment path only. Amazon Bedrock is a model option for the legacy Terraform-based Amazon EKS deployment. New deployments use the Helm-based path, which serves models from local GPU workloads or external OpenAI-compatible APIs. See Model inference on Amazon EKS.

General principles

These principles apply to legacy Terraform-based Amazon EKS deployments that use Amazon Bedrock for inference:
  • Poolside does not access customer data models.
  • Amazon Bedrock does not store or log prompt or completion content. Communication uses Transport Layer Security (TLS) 1.2 or higher in transit and customer-managed AWS Key Management Service (KMS) keys at rest.
  • All data transfer between the customer virtual private cloud (VPC) and the Amazon Bedrock endpoint uses AWS PrivateLink. Data never traverses the internet.
  • Identity and Access Management (IAM) policies can restrict access to an authorized subset of models in your model deployment account.

Encryption

  • All endpoint communication uses TLS 1.2 or higher in transit.
  • Models remain encrypted at rest within an Amazon Bedrock model deployment account that Poolside cannot access, using customer-managed AWS KMS keys.
  • Customer data remains encrypted at rest with customer-managed AWS KMS keys in the customer VPC.
For customers requiring the use of FIPS 140-2 validated cryptographic modules when accessing Amazon Bedrock endpoints, the recommendation is to use a supported FIPS endpoint.

Architecture and networking

This section outlines how model inference workflows are architected in Amazon Bedrock.

Model inference

Access to models for inference is governed by IAM policies and requires customer-managed AWS KMS keys for decryption. Inference requests use AWS PrivateLink, so prompt and response/completion content never traverses the internet during communication between the customer VPC and Amazon Bedrock infrastructure. The host storing the model cannot initiate outbound connections and stores no data.

Cross-region deployments

Cross-region deployments apply when an Amazon Bedrock endpoint that supports Poolside is not available in the customer’s preferred VPC region. Inter-region VPC peering enables this configuration between the local customer VPC and a transit customer VPC in the Amazon Bedrock endpoint region.
  • VPC peering connections use private IP addresses only and do not involve internet gateways, network address translation (NAT) gateways, or virtual private network (VPN) connections.
  • Route tables in the local customer VPC direct traffic to the Amazon Bedrock endpoint through the transit customer VPC.
  • AWS PrivateLink establishes private connectivity between the transit customer VPC and the Amazon Bedrock endpoint.
Customer data remains encrypted at rest in the local customer VPC region and is never stored at rest in the Amazon Bedrock endpoint region.

Audit trails and logging

  • AWS CloudWatch is supported, in addition to Poolside-provided telemetry, and provides metrics on model invocation, latency, client-side and server-side errors, and throttling.
  • AWS CloudTrail audit trails are available, in addition to Poolside-provided logging, for all API calls made to Amazon Bedrock endpoints. They capture details such as caller identity, request time, and request parameters.
  • Amazon EventBridge event alerts are available so you can create rules that trigger actions in response to an event.