Open in app

Sign in

Write

Sign in

GenAI — How AWS Bedrock Protects Customer Data While Serving LLMs

VerticalServe Blogs
4 min readJun 25, 2024

--

As enterprises increasingly leverage Large Language Models (LLMs) like Anthropic’s Claude and Meta’s LLaMA for various applications, ensuring robust security controls is paramount. AWS Bedrock provides a comprehensive framework for deploying, managing, and securing these foundational models. This blog post will delve into the security controls offered by AWS Bedrock for LLMs, including deployment architecture, data protection, model serving, fine-tuning, and private link integration.

AWS Bedrock Deployment Architecture

Key Components

  1. Customer Account: The AWS account owned by the enterprise using the LLM services.
  2. Bedrock Account: AWS’s managed account providing Bedrock services, including model hosting and management.
  3. Foundational Model Account: The account where the foundational model (e.g., Anthropic, LLaMA) is hosted and maintained.

Architecture Diagram

Deployment Architecture Overview

  1. Virtual Private Cloud (VPC): Each account (Customer, Bedrock, and Foundational Model) operates within its own isolated VPC, ensuring network-level segregation.
  2. Private Links: Securely connects the Customer VPC to the Bedrock VPC and further to the Foundational Model VPC, ensuring data never traverses the public internet.
  3. Endpoints: Model serving endpoints are provided by the Bedrock account, allowing secure access to the foundational models.

Enterprise Data Security

Data Isolation and Protection

  1. No Enterprise Data Passed to Foundational Model:
  • Enterprise data remains within the Customer VPC and is not passed to the foundational model directly.
  • Data preprocessing and tokenization occur within the Customer VPC.

2. Data Encryption:

  • All data in transit is encrypted using TLS.
  • Data at rest is encrypted using AWS Key Management Service (KMS).

Model Serving from Bedrock Account’s Endpoint

  1. Endpoint Management:
  • The Bedrock account provides managed endpoints for accessing the foundational models.
  • These endpoints are securely exposed to the Customer VPC via AWS PrivateLink.

2. API Gateway and Authentication:

  • API Gateway in the Bedrock account manages access to the model endpoints, ensuring only authenticated and authorized requests are processed.
  • IAM roles and policies enforce strict access controls.

Fine-Tuning with Customer Provided Encryption Keys

Fine-Tuning Process

  1. Data Preparation:
  • Fine-tuning datasets are prepared and encrypted using customer-provided encryption keys (CMEK) before being uploaded to AWS.

2. Secure Storage:

  • Encrypted datasets are stored in Amazon S3, with access restricted to specific IAM roles.

3. Model Fine-Tuning:

  • Bedrock services retrieve the encrypted datasets, decrypt them using CMEK, and perform fine-tuning within a secure environment.
  • Fine-tuned models are stored and managed in the Bedrock account, with encryption keys ensuring data confidentiality.

Encryption Key Management

  1. AWS KMS Integration:
  • AWS KMS allows customers to create and manage their own encryption keys.
  • Fine-tuning jobs leverage these keys to encrypt and decrypt data securely.

2. Access Control:

  • Fine-grained IAM policies control access to encryption keys and ensure only authorized entities can use them.

Private Links for Secure Connectivity

AWS PrivateLink Integration

  1. PrivateLink Configuration:
  • PrivateLink is used to establish secure, private connections between VPCs without exposing data to the internet.
  • Customer VPCs connect to Bedrock VPCs, which in turn connect to Foundational Model VPCs using PrivateLink.

2. Enhanced Security:

  • PrivateLink ensures that data remains within the AWS network, reducing the attack surface and enhancing security.
  • Network traffic is isolated and protected from potential threats on the public internet.

Deployment Steps

  1. VPC Endpoint Services:
  • Create VPC Endpoint Services in the Bedrock and Foundational Model accounts.
  • Configure Customer VPC to connect to these services using Interface VPC Endpoints.

2. Security Groups and NACLs:

  • Define security groups and Network Access Control Lists (NACLs) to control traffic flow between VPCs.
  • Implement least privilege access policies to minimize potential attack vectors.

Conclusion

AWS Bedrock provides a robust and secure framework for deploying and managing LLMs like Anthropic’s Claude and Meta’s LLaMA. By leveraging advanced security controls, including data encryption, fine-tuning with customer-provided encryption keys, and PrivateLink integration, enterprises can ensure their sensitive data remains protected throughout the process.

This architecture not only enhances security but also enables seamless integration and management of LLMs, empowering enterprises to harness the full potential of GenAI technologies. By following best practices and implementing these security measures, organizations can confidently deploy and utilize LLMs within their AWS environment.

Generative Ai Tools
AWS
Llm

--

--

VerticalServe Blogs
VerticalServe Blogs

Written by VerticalServe Blogs

73 Followers
1 Following

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams