Compare
AWS Bedrock Guardrails vs Guard
Bedrock Guardrails protect models inside AWS. Guard sits in front of Bedrock and produces Australian regulatory evidence.
Why this comes up
If you run models on Amazon Bedrock, Bedrock Guardrails are the obvious built-in option. They filter harmful content, block denied topics, and redact a set of common PII entities. For a US-centric content-safety baseline, they work.
The gap for Australian regulated businesses is twofold. First, the PII set is generic — no Tax File Number, no Medicare number, no ABN, and none of the checksum validation those identifiers require. Second, Bedrock produces logs, not cryptographically signed per-call attestations mapped to APRA or the Privacy Act. Logs can be edited; a signed attestation cannot.
There’s also a supplier-risk angle. Under CPS 234 and CPS 230, AWS is a third-party (and potentially material) service provider. Relying on AWS’s own guardrails to evidence your oversight of AWS is exactly the gap APRA is pointing at. Guard provides an independent control layer in front of Bedrock.
Side by side
| Capability | Bedrock Guardrails | 40° South Guard |
|---|---|---|
| Content and harmful-topic filtering | ✓ | ~ |
| Generic PII redaction | ✓ | ✓ |
| Australian PII (TFN, Medicare, ABN) with checksums | ✗ | ✓ |
| Prompt injection detection inside uploaded documents | ~ | ✓ |
| Per-call cryptographically signed attestation | ✗ | ✓ |
| CPS 234 / CPS 230 supplier-oversight evidence | ✗ | ✓ |
| Works across non-AWS providers | ✗ | ✓ |
| Independent of the model host | ✗ | ✓ |
✓ = supported · ~ = partial · ✗ = not supported
Download the full comparison (PDF)Could you run them together?
Yes. Keep Bedrock Guardrails on for content safety inside AWS, and run Guard in front of Bedrock so every call also produces independent, Australian-mapped, signed evidence.
The two layers do different jobs — and APRA’s third-party expectations are easier to meet when your oversight control isn’t owned by the supplier you’re overseeing.
See Guard on your own AI calls
Book a demo and we’ll show you a signed attestation for a real call — mapped to your obligations under CPS 234, the Privacy Act, and ADM transparency.