Skip to content

feat(bedrock): add first-class guardrail configuration support#899

Open
dermdunc wants to merge 2 commits intoanthropics:mainfrom
dermdunc:feat/bedrock-guardrail-params
Open

feat(bedrock): add first-class guardrail configuration support#899
dermdunc wants to merge 2 commits intoanthropics:mainfrom
dermdunc:feat/bedrock-guardrail-params

Conversation

@dermdunc
Copy link

@dermdunc dermdunc commented Feb 5, 2026

Summary

  • Adds guardrailIdentifier and guardrailVersion as first-class ClientOptions on AnthropicBedrock, enabling Bedrock Guardrails without relying on custom header workarounds
  • Injects X-Amzn-Bedrock-GuardrailIdentifier and X-Amzn-Bedrock-GuardrailVersion headers in buildRequest() before SigV4 signing
  • Env var fallback via BEDROCK_GUARDRAIL_IDENTIFIER and BEDROCK_GUARDRAIL_VERSION
  • Constructor validates that guardrailVersion is required when guardrailIdentifier is set

Motivation

Users of Claude Code and the Bedrock SDK need to apply AWS Bedrock Guardrails to model invocations. The current workaround (ANTHROPIC_CUSTOM_HEADERS) is insufficient for IAM policy enforcement because AWS IAM condition keys (bedrock:GuardrailIdentifier) evaluate against request context populated by the API parameter layer, not raw HTTP headers. See anthropics/claude-code#23322.

Changes

packages/bedrock-sdk/src/client.ts

  • Extended ClientOptions type with guardrailIdentifier and guardrailVersion (with JSDoc)
  • Added instance properties to AnthropicBedrock class
  • Constructor reads env vars as defaults, validates required pairs
  • buildRequest() injects guardrail headers inside the MODEL_ENDPOINTS block

packages/bedrock-sdk/tests/guardrails.test.ts — 8 test cases covering:

  • Constructor params (non-streaming + streaming)
  • No headers when unconfigured
  • Env var fallback
  • Constructor overrides env vars
  • Validation error when version is missing
  • Coexistence with other custom headers
  • Dedicated params take precedence over custom guardrail headers

packages/bedrock-sdk/examples/guardrails.ts — Usage example

packages/bedrock-sdk/README.md — Guardrails documentation section

Test plan

  • All 10 tests pass (npx jest in packages/bedrock-sdk/)
  • Build succeeds (./build in packages/bedrock-sdk/)
  • Manual verification with a real Bedrock Guardrail and IAM policy

🤖 Generated with Claude Code

@coderturtle @claude
feat(bedrock): add first-class guardrail configuration support
4ad9672 
Add guardrailIdentifier and guardrailVersion as ClientOptions for
AnthropicBedrock, enabling Bedrock Guardrails without relying on
custom header workarounds. Headers are injected in buildRequest()
before SigV4 signing. Env var fallback via BEDROCK_GUARDRAIL_IDENTIFIER
and BEDROCK_GUARDRAIL_VERSION.

Closes anthropics/claude-code#23322

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@dermdunc dermdunc requested a review from a team as a code owner February 5, 2026 10:41
@coderturtle @claude
fix(bedrock): add symmetric validation, trace header, and test coverage
241940c 
- Add symmetric validation: throw when guardrailVersion is set without
  guardrailIdentifier (previously only the reverse was checked)
- Add trace option (ENABLED/DISABLED/ENABLED_FULL) with
  X-Amzn-Bedrock-Trace header and BEDROCK_TRACE env var
- Move jest.resetModules() to beforeEach for consistency across tests
- Add test for version-only misconfiguration scenario
- Add 4 trace-specific tests (constructor, ENABLED_FULL, env var,
  trace-independent-of-guardrails)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This was referenced Feb 5, 2026
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dermdunc @coderturtle