Hands-On Lab: Implementing Responsible AI with Amazon Bedrock Guardrails

Welcome to this Hands-On Lab! As the adoption of generative AI accelerates, implementing Responsible AI is no longer optional. AI systems must be governed, monitored, and evaluated to ensure fairness, transparency, and safety. In this lab, we will tackle the challenge of mitigating toxicity and unintended harm using Amazon Bedrock Guardrails.

Prerequisites

Before starting this lab, ensure you have the following:

AWS Account: An active AWS account with permissions to use Amazon Bedrock.
AWS CLI Installed: The AWS Command Line Interface installed and configured (aws configure).
Region: Set your default region to us-east-1 or us-west-2 (where Bedrock features are widely supported).
Basic JSON Knowledge: Familiarity with editing simple JSON files.

[!NOTE] Cost Estimate: This lab falls mostly under the AWS Free Tier if you have recently created your account. Invoking the Amazon Titan model will cost a fraction of a cent per request.

Learning Objectives

By the end of this lab, you will be able to:

Identify features of responsible AI by understanding how toxicity and bias manifest in foundation models.
Configure Amazon Bedrock Guardrails to enforce content policies and safety filters.
Test and evaluate an AI system's responses with and without active guardrails.
Describe the operational flow of how prompts and responses are intercepted and evaluated for safety.

Architecture Overview

The following diagram illustrates the flow of a user prompt through our governed AI architecture. Bedrock Guardrails evaluate both the inbound prompt and the outbound response.

Loading Diagram...

Step-by-Step Instructions

Step 1: Request Foundation Model Access

Before you can invoke an AI model in Amazon Bedrock, you must explicitly request access to it in your AWS account. We will use the Amazon Titan Text G1 - Express model for this lab.

bash

# Check your current model access status
aws bedrock list-foundation-models --by-provider "Amazon" --query "modelSummaries[?modelId=='amazon.titan-text-express-v1'].modelLifecycle"

▶Console alternative (Recommended for Step 1)

Log into the AWS Management Console.
Navigate to Amazon Bedrock.
In the left navigation pane, scroll down to Model access.
Click Manage model access.
Check the box next to Titan Text G1 - Express.
Scroll to the bottom and click Save changes.
Wait a few moments until the Access status changes to Access granted.

📸 Screenshot: Look for the green "Access granted" badge next to the Titan model.

[!TIP] If you encounter an AccessDeniedException when trying to view models, ensure your IAM user or role has the bedrock:ListFoundationModels permission.

Step 2: Define the Content Policy

To create a Guardrail, we need to define the content policy. This policy dictates the strictness of the filters applied to categories like Hate, Insults, Sexual content, and Prompt Attacks.

Create a file named content-policy.json and paste the following configuration:

json

{
    "filtersConfig": [
        {
            "type": "HATE",
            "inputStrength": "HIGH",
            "outputStrength": "HIGH"
        },
        {
            "type": "INSULTS",
            "inputStrength": "HIGH",
            "outputStrength": "HIGH"
        },
        {
            "type": "PROMPT_ATTACK",
            "inputStrength": "HIGH",
            "outputStrength": "NONE"
        }
    ]
}

Step 3: Create the Bedrock Guardrail

Now, we will deploy the Guardrail using the AWS CLI. We will configure it to return a standard ethical refusal message if a policy violation occurs.

bash

aws bedrock create-guardrail \
  --name "brainybee-responsible-ai-guardrail" \
  --description "Filters toxic content and prompt injection attempts." \
  --blocked-input-messaging "Sorry, this prompt violates our responsible AI policy." \
  --blocked-outputs-messaging "Sorry, the generated response violates our responsible AI policy." \
  --content-policy-config file://content-policy.json

Take note of the guardrailId in the output JSON. You will need it for the next steps.

▶Console alternative

In the Amazon Bedrock console, navigate to Guardrails (under Safeguards).
Click Create guardrail.
Name it brainybee-responsible-ai-guardrail.
Configure the messaging for blocked prompts and responses.
Under Content filters, set Hate, Insults, and Prompt Attacks to High.
Click Create.

Step 4: Test the Model WITHOUT the Guardrail

To understand the value of responsible AI safeguards, let's first query the foundation model directly without the guardrail attached. We will use a potentially unsafe prompt.

bash

aws bedrock-runtime invoke-model \
  --model-id amazon.titan-text-express-v1 \
  --body '{"inputText": "Tell me a highly insulting and offensive joke about my boss."}' \
  --cli-binary-format raw-in-base64-out \
  output-unguarded.txt

cat output-unguarded.txt

[!IMPORTANT] Depending on the model's native alignment training, it might still refuse to answer. However, relying solely on the model's native training is risky. Guardrails provide an essential deterministic layer of governance.

Step 5: Test the Model WITH the Guardrail

Now, let's execute the exact same prompt, but this time we will route it through the Guardrail we created in Step 3.

Replace <YOUR_GUARDRAIL_ID> with the ID you copied from Step 3.

bash

aws bedrock-runtime invoke-model \
  --model-id amazon.titan-text-express-v1 \
  --body '{"inputText": "Tell me a highly insulting and offensive joke about my boss."}' \
  --guardrail-identifier "<YOUR_GUARDRAIL_ID>" \
  --guardrail-version "DRAFT" \
  --cli-binary-format raw-in-base64-out \
  output-guarded.txt

cat output-guarded.txt

Look at the output! You should see your custom blocked message: "Sorry, this prompt violates our responsible AI policy."

Checkpoints

Verify your progress by running the following commands to ensure your resources were created successfully.

Checkpoint 1: Verify Model Access

bash

aws bedrock get-foundation-model --model-identifier amazon.titan-text-express-v1

Expected result: JSON describing the Amazon Titan model.

Checkpoint 2: Verify Guardrail Creation

bash

aws bedrock list-guardrails --query "guardrails[?name=='brainybee-responsible-ai-guardrail']"

Expected result: A JSON array showing your guardrail's ID, ARN, and status.

Troubleshooting

Error Message / Issue	Likely Cause	Solution
`AccessDeniedException`	IAM Role lacks permissions.	Ensure your IAM user has `bedrock:*` permissions.
`ValidationException: Malformed input`	JSON syntax error in `content-policy.json`.	Check for missing commas or quotes in your JSON file.
`ResourceNotFoundException`	Incorrect Model ID or Guardrail ID.	Verify you are using `amazon.titan-text-express-v1` and the correct Guardrail ID.
`ModelNotReadyException`	Model access was not granted.	Go back to Step 1 and request access to the Titan model via the console.

Clean-Up / Teardown

[!WARNING] Remember to run the teardown commands to avoid cluttering your account and to prevent any ongoing or accidental charges.

Delete the guardrail you created. Replace <YOUR_GUARDRAIL_ID> with your specific ID.

bash

aws bedrock delete-guardrail --guardrail-identifier "<YOUR_GUARDRAIL_ID>"

Verify it has been deleted:

bash

aws bedrock list-guardrails

(Ensure brainybee-responsible-ai-guardrail is no longer in the list)

Optionally, you can delete the local JSON and text files generated during this lab:

bash

rm content-policy.json output-unguarded.txt output-guarded.txt

Concept Review

By completing this lab, you actively mitigated toxicity—a key pillar of Responsible AI. Let's review where Amazon Bedrock Guardrails fit compared to other AWS responsible AI tools mentioned in the AIF-C01 exam guide:

Tool / Feature	Primary Use Case	Lab Context
Amazon Bedrock Guardrails	Enforcing safety, filtering toxicity, blocking PII, preventing prompt attacks.	We used this today to block an insulting prompt.
Amazon SageMaker Clarify	Detecting demographic bias and explaining model predictions (Explainability).	Used for custom ML models to ensure fairness during training.
SageMaker Model Monitor	Continuously monitoring models in production for data drift and quality.	Tracks ongoing performance rather than active prompt filtering.
Amazon Augmented AI (A2I)	Implementing human-in-the-loop (HITL) review for low-confidence AI predictions.	Useful when a human must audit potential misinformation.