AWS WAF adds support for Amazon Bedrock AgentCore Gateway

AWS WAF Protection for Amazon Bedrock AgentCore Gateway

AWS has announced the general availability of AWS Web Application Firewall (AWS WAF) protection for Amazon Bedrock AgentCore Gateway, allowing you to safeguard your agentic AI workloads from common web exploits and abuse. This launch provides security and platform teams with the ability to apply consistent, customizable web protections at the Gateway layer as enterprises transition agentic applications from prototype to production.

You can now associate an AWS WAF protection pack with your AgentCore Gateway to enforce IP-based access controls, rate-based rules that throttle abusive traffic, and AWS Managed Rule Groups, including common rule sets, known bad inputs, and Bot Control. You configure the protection pack once at the Gateway level, and AWS WAF applies it consistently to every target behind that Gateway, ensuring a single configuration protects all downstream tools, agents, and integrations.

Support for AWS WAF on AgentCore Gateway is available in all AWS Regions where both AWS WAF and Amazon Bedrock AgentCore Gateway are available.

What to do

• Associate an AWS WAF protection pack with your AgentCore Gateway.
• Configure IP-based access controls, rate-based rules, and AWS Managed Rule Groups.
• Ensure a single configuration protects all downstream tools, agents, and integrations.

Source: AWS release notes

If you need further guidance on AWS, our experts are available at AWS@westloop.io. You may also reach us by submitting the Contact Us form.