AWS Security ChangesHomeSearch

AWS bedrock documentation change

Service: bedrock · 2025-06-22 · Documentation medium

File: bedrock/latest/userguide/guardrails-sensitive-filters.md

Summary

Expanded sensitive information masking to cover both model requests and responses

Security assessment

Enhances data protection documentation by extending PII masking to input requests, improving defense against accidental sensitive data exposure. While security-related, there's no indication this addresses a specific vulnerability.

Diff

diff --git a/bedrock/latest/userguide/guardrails-sensitive-filters.md b/bedrock/latest/userguide/guardrails-sensitive-filters.md
index 8153df19d..df1b42632 100644
--- a//bedrock/latest/userguide/guardrails-sensitive-filters.md
+++ b//bedrock/latest/userguide/guardrails-sensitive-filters.md
@@ -13 +13 @@ You can configure the following modes for handling sensitive information that gu
-  * **Mask** — Sensitive information filter policies can anonymize or redact information from model responses. For example, guardrails mask PIIs while generating summaries of conversations between users and customer service agents. If sensitive information is detected in the model response, the guardrail masks it and replaces it with the PII type (for example, `{NAME}` or `{EMAIL}`).
+  * **Mask** — Sensitive information filter policies can anonymize or redact information from model requests or responses. For example, guardrails mask PIIs while generating summaries of conversations between users and customer service agents. If sensitive information is detected in the model request or response, the guardrail masks it and replaces it with the PII type (for example, `{NAME}` or `{EMAIL}`).