Category: Security, Identity, & Compliance

This post is part of an ongoing series on governing the machine learning (ML) lifecycle at scale. To start from the beginning, refer to Governing the ML lifecycle at scale, Part 1: A framework for architecting ML workloads using HAQM SageMaker. A multi-account strategy is essential not only for improving governance but also for enhancing […]

In this post, we explore a sample solution that you can use to deploy an image editing application by using AWS serverless services and generative AI services. We use HAQM Bedrock and an HAQM Titan FM that allow you to edit images by using prompts.

In this post, we demonstrate how to design fine-grained access controls using Verified Permissions for a generative AI application that uses HAQM Bedrock Agents to answer questions about insurance claims that exist in a claims review system using textual prompts as inputs and outputs.

In this post, we presented how to create a fully serverless voice-based contextual chatbot using HAQM Bedrock with Anthropic Claude.

In this post, we will harness the power of generative artificial intelligence (AI) and HAQM Bedrock to help organizations simplify and effectively manage remediations of AWS Security Hub control findings.

HAQM Q Business is a conversational assistant powered by generative artificial intelligence (AI) that enhances workforce productivity by answering questions and completing tasks based on information in your enterprise systems, which each user is authorized to access. In an earlier post, we discussed how you can build private and secure enterprise generative AI applications with HAQM Q Business and AWS IAM Identity Center. If you want to use HAQM Q Business to build enterprise generative AI applications, and have yet to adopt organization-wide use of AWS IAM Identity Center, you can use HAQM Q Business IAM Federation to directly manage user access to HAQM Q Business applications from your enterprise identity provider (IdP), such as Okta or Ping Identity. HAQM Q Business IAM Federation uses Federation with IAM and doesn’t require the use of IAM Identity Center. This post shows how you can use HAQM Q Business IAM Federation for user access management of your HAQM Q Business applications.

HAQM Q Business comes with rich API support to perform administrative tasks or to build an AI-assistant with customized user experience for your enterprise. With administrative APIs you can automate creating Q Business applications, set up data source connectors, build custom document enrichment, and configure guardrails. With conversation APIs, you can chat and manage conversations with Q Business AI assistant. Trusted identity propagation provides authorization based on user context, which enhances the privacy controls of HAQM Q Business. In this blog post, you will learn what trusted identity propagation is and why to use it, how to automate configuration of a trusted token issuer in AWS IAM Identity Center with provided AWS CloudFormation templates, and what APIs to invoke from your application facilitate calling HAQM Q Business identity-aware conversation APIs.

Traditionally, finding relevant information from documents has been a time-consuming and often frustrating process. Manually sifting through pages upon pages of text, searching for specific details, and synthesizing the information into coherent summaries can be a daunting task. This inefficiency not only hinders productivity but also increases the risk of overlooking critical insights buried within […]

This post is a continuation of Creating Natural Conversations with HAQM Lex QnAIntent and HAQM Bedrock Knowledge Base. In summary, we explored new capabilities available through HAQM Lex QnAIntent, powered by HAQM Bedrock, that enable you to harness natural language understanding and your own knowledge repositories to provide real-time, conversational experiences. In many cases, HAQM […]

In this post, we present a solution for configuring SageMaker notebook instances to connect to HAQM Bedrock and other AWS services with the use of AWS PrivateLink and HAQM Elastic Compute Cloud (HAQM EC2) security groups.