AWS publishes Dynatrace-developed blueprint for secure Amazon Bedrock access at scale

Enterprises are rapidly expanding their use of generative AI with Amazon Bedrock to power intelligent agents and automate workflows. As adoption grows, so does the need for governance, control, and accountability. To address these challenges, Dynatrace, an early pioneer in AI at scale, has developed a robust AI gateway architecture. In collaboration with our partners at AWS, we’re now sharing this architecture as a reusable reference pattern that allows any organization to securely and efficiently control access to Amazon Bedrock services at scale.

Amazon Bedrock provides enterprises with fully managed access to leading foundation models through a single API, eliminating the complexity of managing underlying AI infrastructure. This simplicity accelerates innovation but also prompts enterprises to consider how best to govern and secure access to Amazon Bedrock as they’re using it at scale.

Without a secure AI gateway in place, organizations can quickly face challenges such as:

• Uncontrolled access and data exposure: Without integrated authentication and authorization, anyone with credentials can invoke models or send sensitive data without oversight.
• Compliance and audit gaps: Without consistent tracking and isolation, it’s difficult to demonstrate adherence to internal policies or regulatory requirements.
• Operational fragility: Developers must manage credentials and request signing manually, adding complexity and security risk.

These are the same challenges Dynatrace encountered while scaling its own generative AI workloads. In response, our engineering teams developed a secure AI gateway for Amazon Bedrock, which has proven effective in serving our global user base. We’re now sharing a reusable reference architecture for the AI gateway in close collaboration with our partners at AWS.

Enterprise-grade governance for real-world use cases

The Secure AI Gateway extends Amazon Bedrock with enterprise-grade governance and control. Built on Amazon API Gateway, the solution integrates seamlessly into existing enterprise environments and provides:

• Strong authentication and authorization through integration with corporate identity systems.
• Usage quotas and throttling to manage cost and ensure fair resource distribution.
• Multi-tenant support and tenant isolation with detailed usage tracking for security, auditability, and compliance.
• Zero-code compatibility with Bedrock features: Once the AI Gateway is deployed, all existing Bedrock capabilities remain available without any integration code changes.

Proven within Dynatrace’s own platform, this reference pattern provides enterprises with a practical path to securely operationalize Bedrock, maintaining the speed and flexibility developers expect while introducing the control and transparency that enterprise governance demands.

Find all the details and the full technical walkthrough here: AWS: Building a Secure AI Gateway to Amazon Bedrock.

AI Observability for continuous insights after deployment

Securing access is only the first step; ensuring everything continues to work as intended is the next. With Dynatrace observability for Bedrock-based workloads, your teams gain continuous insight into performance, reliability, and cost, verifying that governance controls remain effective and that AI workloads perform as expected.

You can read more about our solution here: Deliver secure, safe, and trustworthy GenAI applications with Amazon Bedrock and Dynatrace.