Protect sensitive data in RAG applications with Amazon Bedrock

Machine Learning Blog

The article discusses protecting sensitive data in Retrieval Augmented Generation (RAG) applications using Amazon Bedrock, focusing on two key security approaches:

Data redaction at storage level before ingesting into vector stores
Role-based access control for sensitive data during retrieval

Key highlights of the security strategies include:

Using Amazon Comprehend for PII identification and redaction
Employing Amazon Macie for secondary sensitive data verification
Implementing Amazon Bedrock Guardrails for input/output content filtering
Utilizing metadata filtering for role-based document access

The solution emphasizes a multi-layered security approach that protects sensitive information while maintaining the utility of RAG applications, with flexibility for customization across different organizational needs.

Go to article

The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.

Aug 26
2024

Secure RAG applications using prompt engineering on Amazon Bedrock

Mar 20
2025

Amazon Bedrock now supports RAG Evaluation (generally available)

Nov 20
2024

Streamline RAG applications with intelligent metadata filtering using Amazon Bedrock

Apr 23
2024

Building scalable, secure, and reliable RAG applications using Amazon Bedrock Knowledge Bases

The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.

Protect sensitive data in RAG applications with Amazon Bedrock

Related articles