Create a guardrail in the Amazon Bedrock console or via CreateGuardrail API, configuring content filters, denied topics, word filters, and PII redaction policies as needed
Note the guardrailId and guardrailVersion returned after creation; you will pass these on every API call
Construct an ApplyGuardrail request with the source field set to INPUT or OUTPUT and the content array containing the text to evaluate
Call the ApplyGuardrail operation via the Bedrock Runtime client; inspect the action field in the response — GUARDRAIL_INTERVENED indicates the guardrail triggered
Examine the assessments array in the response to determine which policy (content filter, denied topic, PII) caused intervention and log the details
Integrate ApplyGuardrail calls into your application middleware so both user inputs and model outputs are evaluated before being used or returned
Known gotchas
ApplyGuardrail is available on the Bedrock Runtime endpoint, not the Bedrock management endpoint; using the wrong endpoint returns a service-not-found error
Guardrail versions are immutable; changes to filter thresholds require creating a new version, and the old version remains active for any callers still referencing it
PII redaction replaces entity types with placeholder tokens in the output text; downstream components that expect raw PII values will break unless they handle the redacted format
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp