AWS Security ChangesHomeSearch

AWS bedrock documentation change

Service: bedrock · 2026-05-22 · Documentation low

File: bedrock/latest/userguide/claude-messages-extended-thinking.md

Summary

Updated token handling behavior documentation for Claude 3.7/4 models, replacing 'prior to' with 'before' and emphasizing strict max_tokens enforcement.

Security assessment

Clarifies model behavior change from automatic token adjustment to strict validation errors, but lacks evidence of patching security vulnerabilities or introducing security features.

Diff

diff --git a/bedrock/latest/userguide/claude-messages-extended-thinking.md b/bedrock/latest/userguide/claude-messages-extended-thinking.md
index b5152a904..5950ce8a5 100644
--- a//bedrock/latest/userguide/claude-messages-extended-thinking.md
+++ b//bedrock/latest/userguide/claude-messages-extended-thinking.md
@@ -641 +641 @@ This behavior is consistent whether using regular thinking or interleaved thinki
-In older Claude models (prior to Claude 3.7 Sonnet), if the sum of prompt tokens and max_tokens exceeded the model’s context window, the system would automatically adjust max_tokens to fit within the context limit. This meant you could set a large max_tokens value and the system would silently reduce it as needed. With Claude 3.7 and 4 models, `max_tokens` (which includes your thinking budget when thinking is enabled) is enforced as a strict limit. The system now returns a validation error if prompt tokens + max_tokens exceeds the context window size.
+In older Claude models (before Claude 3.7 Sonnet), if the sum of prompt tokens and max_tokens exceeded the model’s context window, the system would automatically adjust max_tokens to fit within the context limit. This meant you could set a large max_tokens value and the system would silently reduce it as needed. With Claude 3.7 and 4 models, `max_tokens` (which includes your thinking budget when thinking is enabled) is enforced as a strict limit. The system now returns a validation error if prompt tokens + max_tokens exceeds the context window size.