bedrock-automated-reasoning

Amazon Bedrock Automated Reasoning provides mathematical verification of AI-generated responses against formal policy rules, achieving up to 99% verification accuracy. Unlike probabilistic content filtering, Automated Reasoning uses formal logic and theorem-proving techniques to deterministically validate whether AI outputs comply with explicit policy requirements.

GA Status: Generally Available as of December 2025

Key Innovation: Combines generative AI flexibility with formal verification precision—get creative, contextual responses that are mathematically proven to comply with your policies.

How It Works

1. Policy Definition: Upload policy documents (PDF, Word, text) containing rules and requirements
2. Rule Extraction: AWS extracts formal logical rules from natural language policies
3. Verification: Each AI response is mathematically validated against extracted rules
4. Results: Valid (complies), Invalid (violates policy), or No Data (insufficient information)

Core Capabilities

• Mathematical Verification: Theorem-proving techniques ensure deterministic validation
• Natural Language Policies: Upload existing policy documents (no Cedar/formal language required)
• 99% Accuracy: Industry-leading verification accuracy for policy compliance
• Explanatory Feedback: Detailed explanations when policies are violated, with suggested corrections
• Multi-Domain Support: Healthcare, finance, legal, insurance, customer service, and more

Integration Points

• Bedrock Guardrails: Add automated reasoning as 6th safeguard policy
• AgentCore Policy: Combine with Cedar policies for comprehensive agent governance
• Knowledge Bases: Validate RAG responses against domain policies
• Multi-Model: Works with any foundation model (Claude, Nova, Titan, GPT, Gemini)

---

Use bedrock-automated-reasoning when:

• Validating healthcare responses against HIPAA, clinical protocols, or treatment guidelines
• Ensuring financial advice complies with regulations (SEC, FINRA, Dodd-Frank)
• Verifying legal responses against jurisdiction-specific statutes
• Validating insurance claim decisions against policy terms
• Enforcing customer service response standards
• Ensuring compliance with industry-specific regulations
• Requiring deterministic (not probabilistic) policy enforcement
• Needing audit trails for regulatory compliance

When NOT to Use:

• General content safety (use content filters instead)
• PII detection (use sensitive information policy)
• Hallucination detection in RAG (use contextual grounding)
• Real-time streaming responses (not supported for automated reasoning)
• Creative writing without policy constraints
• Simple keyword filtering (use word filters)

---

Required

• AWS account with Bedrock access
• Policy documents (PDF, Word, or text format)
• IAM permissions for Bedrock operations
• S3 bucket for policy storage

Recommended

• Understanding of your domain policies
• Test cases representing policy compliance/violations
• Integration with CloudWatch for monitoring
• Guardrail or agent infrastructure already configured

IAM Permissions

```json

{

"Version": "2012-10-17",

"Statement": [

{

"Effect": "Allow",

"Action": [

"bedrock:CreateAutomatedReasoningPolicy",

"bedrock:GetAutomatedReasoningPolicy",

"bedrock:UpdateAutomatedReasoningPolicy",

"bedrock:DeleteAutomatedReasoningPolicy",

"bedrock:ListAutomatedReasoningPolicies",

"bedrock:CreateGuardrail",

"bedrock:UpdateGuardrail",

"bedrock-runtime:ApplyGuardrail"

],

"Resource": "*"

},

{

"Effect": "Allow",

"Action": [

"s3:GetObject",

"s3:PutObject"

],

"Resource": "arn:aws:s3:::your-policy-bucket/*"

}

]

}

```

---

Operation 1: Create Automated Reasoning Policy

Time: 5-15 minutes (depending on policy size)

Automation: 90%

Purpose: Extract formal rules from policy documents

#### Upload Policy Document to S3

```python

import boto3

s3_client = boto3.client('s3', region_name='us-east-1')

bucket_name = 'my-policy-documents'

# Upload healthcare policy document

with open('hipaa-clinical-protocols.pdf', 'rb') as f:

s3_client.put_object(

Bucket=bucket_name,

Key='healthcare/hipaa-clinical-protocols.pdf',

Body=f

)

print(f"Uploaded policy to s3://{bucket_name}/healthcare/hipaa-clinical-protocols.pdf")

```

#### Create Automated Reasoning Policy

```python

import boto3

bedrock_client = boto3.client('bedrock', region_name='us-east-1')

# Create automated reasoning policy from PDF

response = bedrock_client.create_automated_reasoning_policy(

name='healthcare-hipaa-policy',

description='HIPAA compliance and clinical protocol validation for healthcare AI',

policyDocument={

's3Uri': 's3://my-policy-documents/healthcare/hipaa-clinical-protocols.pdf'

}

)

policy_id = response['policyId']

policy_arn = response['policyArn']

status = response['status'] # CREATING, ACTIVE, FAILED

print(f"Created AR policy: {policy_id}")

print(f"ARN: {policy_arn}")

print(f"Status: {status}")

```

#### Wait for Policy to be Active

```python

import time

def wait_for_policy_active(bedrock_client, policy_id, max_attempts=30):

"""Wait for automated reasoning policy to become active"""

for attempt in range(max_attempts):

response = bedrock_client.get_automated_reasoning_policy(

policyId=policy_id

)

status = response['status']

print(f"Attempt {attempt + 1}: Status = {status}")

if status == 'ACTIVE':

print(f"Policy is active. Extracted {response.get('ruleCount', 'unknown')} rules.")

return response

elif status == 'FAILED':

failure_reason = response.get('failureReason', 'Unknown error')

raise Exception(f"Policy creation failed: {failure_reason}")

time.sleep(10) # Wait 10 seconds between checks

raise TimeoutError(f"Policy did not become active after {max_attempts} attempts")

# Wait for policy to be ready

policy_info = wait_for_policy_active(bedrock_client, policy_id)

print(f"\nPolicy ready with {policy_info.get('ruleCount')} extracted rules")

```

#### Policy Document Format Examples

Healthcare Policy (HIPAA + Clinical Protocols):

```

HIPAA Privacy and Clinical Protocol Requirements

1. Patient Information Protection

- Never disclose patient names, addresses, or social security numbers

- Always use de-identified data in examples

- Require explicit consent before sharing medical records

1. Clinical Decision Support

- Medication recommendations must cite evidence-based guidelines

- Dosage suggestions must be within FDA-approved ranges

- All diagnoses must include differential considerations

- Treatment plans must align with established clinical pathways

1. Emergency Protocols

- Life-threatening conditions require immediate emergency service referral

- Chest pain, difficulty breathing, or stroke symptoms = immediate 911

- No AI-based diagnosis for emergency conditions

1. Scope Limitations

- Do not provide specific medical diagnoses

- Do not prescribe medications

- Always recommend consulting healthcare provider for treatment decisions

```

Financial Compliance (SEC Regulations):

```

SEC and FINRA Compliance Requirements

1. Investment Advice Standards

- Never guarantee investment returns

- All recommendations must include risk disclosures

- Past performance must include "not indicative of future results" disclaimer

- Material conflicts of interest must be disclosed

1. Suitability Requirements

- Assess investor risk tolerance before recommendations

- Match investments to stated financial goals

- Consider investor time horizon and liquidity needs

- Document rationale for all recommendations

1. Prohibited Practices

- No recommendations of unregistered securities

- No market manipulation or insider trading references

- No misleading statements about investment characteristics

- No omission of material adverse information

```

Insurance Policy Validation:

```

Auto Insurance Claim Policy Requirements

1. Coverage Validation

- Verify policy is active at time of incident

- Confirm incident type is covered under policy terms

- Check coverage limits before approval

- Validate deductible requirements

1. Claim Amount Limits

- Property damage claims: Max $50,000 without supervisor approval

- Bodily injury claims: Max $25,000 without medical review

- Total loss claims: Must not exceed vehicle book value

- Rental reimbursement: Max $30/day for 30 days

1. Required Documentation

- Police report required for claims over $5,000

- Photo evidence required for all property damage claims

- Medical records required for injury claims over $1,000

- Witness statements required for disputed liability

1. Exclusions

- No coverage for intentional damage

- No coverage for commercial use of personal vehicle

- No coverage for racing or competitive events

- No coverage for uninsured motorist if policy lacks that coverage

```

---

Operation 2: Create Test Cases

Time: 10-20 minutes

Automation: 85%

Purpose: Validate automated reasoning policy with test scenarios

#### Define Test Scenarios

```python

import boto3

import json

bedrock_client = boto3.client('bedrock', region_name='us-east-1')

# Healthcare test cases

healthcare_test_cases = [

{

'name': 'HIPAA Violation - Patient Name Disclosure',

'ai_response': 'Patient John Smith, SSN 123-45-6789, has been diagnosed with diabetes.',

'expected_result': 'Invalid',

'policy_violated': 'Patient Information Protection - Never disclose patient names or SSN'

},

{

'name': 'HIPAA Compliant - De-identified Data',

'ai_response': 'Patient presents with Type 2 diabetes. Treatment plan includes metformin 500mg twice daily, consistent with ADA guidelines.',

'expected_result': 'Valid',

'policy_violated': None

},

{

'name': 'Clinical Protocol Violation - Dosage Out of Range',

'ai_response': 'Recommend starting patient on metformin 5000mg daily.',

'expected_result': 'Invalid',

'policy_violated': 'Dosage suggestions must be within FDA-approved ranges'

},

{

'name': 'Emergency Protocol Violation - No 911 Referral',

'ai_response': 'For chest pain, try taking aspirin and rest. See your doctor tomorrow.',

'expected_result': 'Invalid',

'policy_violated': 'Chest pain requires immediate 911 referral'

},

{

'name': 'Scope Limitation Violation - Specific Diagnosis',

'ai_response': 'Based on your symptoms, you have acute appendicitis.',

'expected_result': 'Invalid',

'policy_violated': 'Do not provide specific medical diagnoses'

},

{

'name': 'Compliant - General Information',

'ai_response': 'Chest pain can have many causes. Given the serious nature, please call 911 immediately for evaluation.',

'expected_result': 'Valid',

'policy_violated': None

}

]

```

#### Create Test Cases in Bedrock

```python

def create_test_case(bedrock_client, policy_id, test_case):

"""Create a test case for automated reasoning policy"""

response = bedrock_client.create_automated_reasoning_test_case(

policyId=policy_id,

name=test_case['name'],

content=test_case['ai_response'],

expectedResult=test_case['expected_result'],

description=f"Policy: {test_case.get('policy_violated', 'N/A')}"

)

return response['testCaseId']

# Create all test cases

test_case_ids = []

for test_case in healthcare_test_cases:

test_case_id = create_test_case(bedrock_client, policy_id, test_case)

test_case_ids.append(test_case_id)

print(f"Created test case: {test_case['name']} ({test_case_id})")

print(f"\nCreated {len(test_case_ids)} test cases")

```

#### Run Test Suite

```python

def run_test_suite(bedrock_client, policy_id, test_case_ids):

"""Run automated reasoning test suite"""

results = []

for test_case_id in test_case_ids:

# Get test case details

test_case = bedrock_client.get_automated_reasoning_test_case(

policyId=policy_id,

testCaseId=test_case_id

)

# Run validation

response = bedrock_client.validate_automated_reasoning_test_case(

policyId=policy_id,

testCaseId=test_case_id

)

result = {

'name': test_case['name'],

'expected': test_case['expectedResult'],

'actual': response['result'],

'passed': response['result'] == test_case['expectedResult'],

'explanation': response.get('explanation', ''),

'suggestion': response.get('suggestion', '')

}

results.append(result)

print(f"\nTest: {result['name']}")

print(f" Expected: {result['expected']}")

print(f" Actual: {result['actual']}")

print(f" Passed: {result['passed']}")

if not result['passed']:

print(f" Explanation: {result['explanation']}")

# Summary

total = len(results)

passed = sum(1 for r in results if r['passed'])

print(f"\n{'='*60}")

print(f"Test Suite Summary: {passed}/{total} passed ({100*passed/total:.1f}%)")

print(f"{'='*60}")

return results

# Run all tests

test_results = run_test_suite(bedrock_client, policy_id, test_case_ids)

```

---

Operation 3: Validate AI Response

Time: < 1 second per validation

Automation: 100%

Purpose: Check model output against automated reasoning policy

#### Validate Individual Response

```python

import boto3

bedrock_runtime = boto3.client('bedrock-runtime', region_name='us-east-1')

def validate_ai_response(ai_response, policy_arn):

"""

Validate AI-generated response against automated reasoning policy

Returns:

- Valid: Response complies with policy

- Invalid: Response violates policy (includes explanation and suggestion)

- No Data: Insufficient information to determine compliance

"""

# Create temporary guardrail with AR policy for validation

# (In production, reuse existing guardrail)

bedrock_client = boto3.client('bedrock', region_name='us-east-1')

guardrail_response = bedrock_client.create_guardrail(

name='temp-ar-validation',

description='Temporary guardrail for AR validation',

automatedReasoningPolicyConfig={

'policyArn': policy_arn

}

)

guardrail_id = guardrail_response['guardrailId']

# Wait for guardrail to be ready (simplified)

time.sleep(5)

# Validate response

validation_response = bedrock_runtime.apply_guardrail(

guardrailIdentifier=guardrail_id,

guardrailVersion='DRAFT',

source='OUTPUT',

content=[

{

'text': {

'text': ai_response,

'qualifiers': ['guard_content']

}

}

]

)

action = validation_response['action']

if action == 'GUARDRAIL_INTERVENED':

# Policy violation detected

for assessment in validation_response['assessments']:

if 'automatedReasoningChecks' in assessment:

ar_checks = assessment['automatedReasoningChecks']

return {

'valid': False,

'result': ar_checks.get('result'), # Valid, Invalid, No Data

'explanation': ar_checks.get('explanation', ''),

'suggestion': ar_checks.get('suggestion', ''),

'violated_rules': ar_checks.get('violatedRules', [])

}

# Clean up temporary guardrail

bedrock_client.delete_guardrail(guardrailIdentifier=guardrail_id)

return {

'valid': True,

'result': 'Valid',

'message': 'Response complies with policy'

}

# Example: Healthcare validation

ai_response = """

Patient John Doe has diabetes. Recommend metformin 500mg twice daily.

"""

result = validate_ai_response(ai_response, policy_arn)

if result['valid']:

print("Response is policy-compliant")

else:

print(f"Policy violation detected: {result['explanation']}")

if result['suggestion']:

print(f"Suggested fix: {result['suggestion']}")

```

#### Validate in Production Pipeline

```python

def generate_and_validate(user_query, policy_arn, guardrail_id, guardrail_version):

"""

Complete pipeline: Generate AI response and validate against policy

"""

bedrock_runtime = boto3.client('bedrock-runtime', region_name='us-east-1')

# Step 1: Generate AI response

response = bedrock_runtime.converse(

modelId='anthropic.claude-3-5-sonnet-20241022-v2:0',

messages=[

{

'role': 'user',

'content': [{'text': user_query}]

}

]

)

ai_response = response['output']['message']['content'][0]['text']

# Step 2: Validate against automated reasoning policy

validation = bedrock_runtime.apply_guardrail(

guardrailIdentifier=guardrail_id,

guardrailVersion=guardrail_version,

source='OUTPUT',

content=[

{

'text': {

'text': ai_response,

'qualifiers': ['guard_content']

}

}

]

)

if validation['action'] == 'GUARDRAIL_INTERVENED':

# Check if automated reasoning failed

for assessment in validation['assessments']:

if 'automatedReasoningChecks' in assessment:

ar_checks = assessment['automatedReasoningChecks']

if ar_checks['result'] == 'Invalid':

# Policy violation - return error with explanation

return {

'success': False,

'error': 'Policy violation',

'explanation': ar_checks.get('explanation', ''),

'suggestion': ar_checks.get('suggestion', ''),

'original_response': ai_response

}

# Response is valid

return {

'success': True,

'response': ai_response

}

# Usage example

result = generate_and_validate(

user_query="What medication should I take for diabetes?",

policy_arn='arn:aws:bedrock:us-east-1:123456789012:automated-reasoning-policy/healthcare-policy',

guardrail_id='healthcare-guardrail-id',

guardrail_version='1'

)

if result['success']:

print(f"Response: {result['response']}")

else:

print(f"Error: {result['error']}")

print(f"Explanation: {result['explanation']}")

```

---

Operation 4: Integrate with Bedrock Guardrails

Time: 10-15 minutes

Automation: 90%

Purpose: Add automated reasoning as 6th safeguard policy

#### Create Comprehensive Guardrail with AR

```python

import boto3

bedrock_client = boto3.client('bedrock', region_name='us-east-1')

# Assume AR policy already created

ar_policy_arn = 'arn:aws:bedrock:us-east-1:123456789012:automated-reasoning-policy/healthcare-policy'

# Create guardrail with all 6 safeguard policies

response = bedrock_client.create_guardrail(

name='healthcare-comprehensive-guardrail',

description='Healthcare guardrail with content filtering, PII protection, and automated reasoning',

# Policy 1: Content Filtering

contentPolicyConfig={

'filtersConfig': [

{'type': 'HATE', 'inputStrength': 'HIGH', 'outputStrength': 'HIGH'},

{'type': 'VIOLENCE', 'inputStrength': 'HIGH', 'outputStrength': 'HIGH'},

{'type': 'SEXUAL', 'inputStrength': 'HIGH', 'outputStrength': 'HIGH'},

{'type': 'MISCONDUCT', 'inputStrength': 'MEDIUM', 'outputStrength': 'MEDIUM'},

{'type': 'PROMPT_ATTACK', 'inputStrength': 'HIGH', 'outputStrength': 'NONE'}

]

},

# Policy 2: PII Protection (HIPAA-compliant)

sensitiveInformationPolicyConfig={

'piiEntitiesConfig': [

{'type': 'NAME', 'action': 'ANONYMIZE'},

{'type': 'ADDRESS', 'action': 'ANONYMIZE'},

{'type': 'EMAIL', 'action': 'ANONYMIZE'},

{'type': 'PHONE', 'action': 'ANONYMIZE'},

{'type': 'US_SOCIAL_SECURITY_NUMBER', 'action': 'BLOCK'},

{'type': 'DRIVER_ID', 'action': 'ANONYMIZE'},

{'type': 'US_PASSPORT_NUMBER', 'action': 'BLOCK'},

{'type': 'CREDIT_CARD_NUMBER', 'action': 'BLOCK'}

],

'regexesConfig': [

{

'name': 'MedicalRecordNumber',

'description': 'Medical record number pattern',

'pattern': r'MRN-\d{7}',

'action': 'ANONYMIZE'

},

{

'name': 'InsuranceID',

'description': 'Insurance policy number',

'pattern': r'INS-[A-Z]{2}\d{8}',

'action': 'ANONYMIZE'

}

]

},

# Policy 3: Topic Denial

topicPolicyConfig={

'topicsConfig': [

{

'name': 'Specific Medical Diagnosis',

'definition': 'Providing definitive medical diagnoses',

'examples': [

'You have cancer',

'You definitely have diabetes',

'This is appendicitis'

],

'type': 'DENY'

},

{

'name': 'Prescription Medication',

'definition': 'Prescribing specific medications or dosages',

'examples': [

'Take 500mg of metformin',

'I prescribe you antibiotics',

'Start taking this medication'

],

'type': 'DENY'

},

{

'name': 'Non-Medical Advice',

'definition': 'Legal, financial, or insurance advice',

'examples': [

'You should sue your doctor',

'Invest in this health stock',

'File a malpractice claim'

],

'type': 'DENY'

}

]

},

# Policy 4: Word Filters

wordPolicyConfig={

'wordsConfig': [

{'text': 'guaranteed cure'},

{'text': 'miracle treatment'},

{'text': 'FDA unapproved'},

{'text': 'experimental drug'},

{'text': 'off-label use'}

],

'managedWordListsConfig': [

{'type': 'PROFANITY'}

]

},

# Policy 5: Contextual Grounding (for RAG-based healthcare info)

contextualGroundingPolicyConfig={

'filtersConfig': [

{'type': 'GROUNDING', 'threshold': 0.85}, # High threshold for medical accuracy

{'type': 'RELEVANCE', 'threshold': 0.80}

]

},

# Policy 6: Automated Reasoning (HIPAA + Clinical Protocols)

automatedReasoningPolicyConfig={

'policyArn': ar_policy_arn

}

)

guardrail_id = response['guardrailId']

guardrail_version = response['version']

print(f"Created comprehensive healthcare guardrail:")

print(f" ID: {guardrail_id}")

print(f" Version: {guardrail_version}")

print(f" Includes 6 safeguard policies with automated reasoning")

```

#### Use Guardrail with Agent

```python

bedrock_agent = boto3.client('bedrock-agent', region_name='us-east-1')

# Create healthcare agent with comprehensive guardrail

agent_response = bedrock_agent.create_agent(

agentName='healthcare-assistant',

description='Healthcare information assistant with HIPAA compliance',

instruction='You are a helpful healthcare information assistant. Provide general health information while maintaining HIPAA compliance and clinical protocol adherence.',

foundationModel='anthropic.claude-3-5-sonnet-20241022-v2:0',

agentResourceRoleArn='arn:aws:iam::123456789012:role/BedrockAgentRole',

# Attach comprehensive guardrail

guardrailConfiguration={

'guardrailIdentifier': guardrail_id,

'guardrailVersion': str(guardrail_version)

}

)

agent_id = agent_response['agent']['agentId']

print(f"Created healthcare agent with comprehensive guardrails: {agent_id}")

```

---

Operation 5: Monitor and Update Policies

Time: 5-10 minutes (ongoing)

Automation: 80%

Purpose: Track policy performance and iterate

#### Monitor Automated Reasoning Results

```python

import boto3

from datetime import datetime, timedelta

cloudwatch = boto3.client('cloudwatch', region_name='us-east-1')

def get_ar_metrics(policy_id, hours=24):

"""Get automated reasoning policy metrics"""

end_time = datetime.utcnow()

start_time = end_time - timedelta(hours=hours)

# Metric 1: Total validations

validations = cloudwatch.get_metric_statistics(

Namespace='AWS/Bedrock/AutomatedReasoning',

MetricName='ValidationCount',

Dimensions=[

{'Name': 'PolicyId', 'Value': policy_id}

],

StartTime=start_time,

EndTime=end_time,

Period=3600,

Statistics=['Sum']

)

# Metric 2: Policy violations

violations = cloudwatch.get_metric_statistics(

Namespace='AWS/Bedrock/AutomatedReasoning',

MetricName='PolicyViolations',

Dimensions=[

{'Name': 'PolicyId', 'Value': policy_id}

],

StartTime=start_time,

EndTime=end_time,

Period=3600,

Statistics=['Sum']

)

# Metric 3: No Data results

no_data = cloudwatch.get_metric_statistics(

Namespace='AWS/Bedrock/AutomatedReasoning',

MetricName='NoDataResults',

Dimensions=[

{'Name': 'PolicyId', 'Value': policy_id}

],

StartTime=start_time,

EndTime=end_time,

Period=3600,

Statistics=['Sum']

)

total_validations = sum(point['Sum'] for point in validations['Datapoints'])

total_violations = sum(point['Sum'] for point in violations['Datapoints'])

total_no_data = sum(point['Sum'] for point in no_data['Datapoints'])

violation_rate = (total_violations / total_validations * 100) if total_validations > 0 else 0

no_data_rate = (total_no_data / total_validations * 100) if total_validations > 0 else 0

print(f"\nAutomated Reasoning Metrics (Last {hours} hours)")

print(f"{'='*50}")

print(f"Total Validations: {total_validations:,.0f}")

print(f"Policy Violations: {total_violations:,.0f} ({violation_rate:.2f}%)")

print(f"No Data Results: {total_no_data:,.0f} ({no_data_rate:.2f}%)")

print(f"Valid Results: {total_validations - total_violations - total_no_data:,.0f}")

return {

'total': total_validations,

'violations': total_violations,

'no_data': total_no_data,

'violation_rate': violation_rate,

'no_data_rate': no_data_rate

}

# Get metrics

metrics = get_ar_metrics('healthcare-hipaa-policy', hours=24)

```

#### Update Policy Document

```python

def update_policy_document(bedrock_client, policy_id, new_policy_s3_uri):

"""Update automated reasoning policy with new document"""

response = bedrock_client.update_automated_reasoning_policy(

policyId=policy_id,

description='Updated with revised clinical protocols',

policyDocument={

's3Uri': new_policy_s3_uri

}

)

print(f"Updated policy: {policy_id}")

print(f"Status: {response['status']}")

# Wait for re-processing

wait_for_policy_active(bedrock_client, policy_id)

return response

# Update with new policy version

updated_policy = update_policy_document(

bedrock_client,

policy_id='healthcare-hipaa-policy',

new_policy_s3_uri='s3://my-policy-documents/healthcare/hipaa-clinical-protocols-v2.pdf'

)

```

#### Review Violation Patterns

```python

def analyze_violation_patterns(bedrock_client, policy_id, limit=100):

"""Analyze common policy violations to improve policy or model"""

# Query CloudWatch Logs for violation details

logs_client = boto3.client('logs', region_name='us-east-1')

query = f"""

fields @timestamp, result, explanation, violatedRules, aiResponse

| filter policyId = "{policy_id}" and result = "Invalid"

| stats count() by violatedRules

| sort count() desc

| limit {limit}

"""

start_time = int((datetime.utcnow() - timedelta(days=7)).timestamp())

end_time = int(datetime.utcnow().timestamp())

response = logs_client.start_query(

logGroupName='/aws/bedrock/automated-reasoning',

startTime=start_time,

endTime=end_time,

queryString=query

)

query_id = response['queryId']

# Poll for results

import time

while True:

result = logs_client.get_query_results(queryId=query_id)

status = result['status']

if status == 'Complete':

print(f"\nTop Policy Violations (Last 7 days):")

print("-"*60)

for row in result['results']:

fields = {item['field']: item['value'] for item in row}

print(f"Rule: {fields.get('violatedRules', 'Unknown')}")

print(f"Count: {fields.get('count', '0')}")

print()

break

elif status == 'Failed':

print("Query failed")

break

time.sleep(1)

# Analyze patterns

analyze_violation_patterns(bedrock_client, 'healthcare-hipaa-policy')

```

---

Use Case 1: Healthcare - Clinical Protocol Validation

Scenario: Hospital chatbot provides treatment information

Policy Requirements:

• No patient PII disclosure (HIPAA)
• Evidence-based medication recommendations
• Emergency condition referrals to 911
• No specific diagnoses without provider consultation

Implementation:

```python

# Healthcare policy document uploaded to S3

# AR policy created and integrated with guardrail

# Agent validates every response against clinical protocols

user_query = "I have chest pain. What should I do?"

# AI generates response

ai_response = "Chest pain can indicate serious conditions including heart attack. Please call 911 immediately for emergency evaluation. Do not drive yourself to the hospital."

# Automated reasoning validates

validation = validate_ai_response(ai_response, healthcare_policy_arn)

# Result: Valid (includes emergency 911 referral)

# Alternative response

ai_response_bad = "Chest pain is usually indigestion. Try taking antacids and rest."

validation = validate_ai_response(ai_response_bad, healthcare_policy_arn)

# Result: Invalid (violates emergency protocol - chest pain requires immediate 911)

# Explanation: "Emergency protocol violation: Chest pain requires immediate emergency service referral"

# Suggestion: "Response should include instruction to call 911 immediately"

```

Benefits:

• 99% accuracy in protocol compliance
• Reduced liability risk
• Consistent emergency handling
• Audit trail for regulatory compliance

---

Use Case 2: Finance - Regulatory Compliance

Scenario: Investment advisory chatbot provides recommendations

Policy Requirements:

• SEC and FINRA compliance
• Risk disclosure for all recommendations
• Suitability assessment before advice
• No guarantees of returns

Implementation:

```python

# Financial compliance policy uploaded

# AR policy integrated with investment advisor agent

user_query = "Should I invest in tech stocks?"

# AI generates response

ai_response = """

Tech stocks can be suitable investments depending on your financial situation. Before making any investment decision, consider:

• Your risk tolerance (tech stocks are generally higher risk)
• Investment time horizon
• Overall portfolio diversification
• Current financial goals

Past performance of tech stocks is not indicative of future results. All investments carry risk, including potential loss of principal. I recommend consulting with a licensed financial advisor to assess whether tech stocks align with your specific financial situation and goals.

"""

validation = validate_ai_response(ai_response, finance_policy_arn)

# Result: Valid (includes risk disclosure, suitability considerations, advisor referral)

# Alternative response

ai_response_bad = "Yes, tech stocks will definitely give you 20% returns this year. You should invest all your money in them."

validation = validate_ai_response(ai_response_bad, finance_policy_arn)

# Result: Invalid (guarantees returns, no risk disclosure, fails suitability assessment)

# Explanation: "Violations: Guarantees investment returns (prohibited), no risk disclosure, no suitability assessment"

# Suggestion: "Remove return guarantees, add risk disclosures, include suitability questions"

```

Benefits:

• Regulatory compliance verification
• Reduced legal exposure
• Consistent fiduciary standard
• Documentation for audits

---

Use Case 3: Insurance - Claim Validation

Scenario: Insurance claim processing agent validates decisions

Policy Requirements:

• Coverage verification
• Amount limits by claim type
• Required documentation
• Exclusion enforcement

Implementation:

```python

# Insurance policy document uploaded

# AR policy validates claim decisions

claim_query = "Approve claim for $15,000 property damage with police report and photos"

# AI generates decision

ai_decision = """

Claim approved for $15,000 property damage.

• Policy verified: Active at incident date
• Coverage confirmed: Collision coverage with $50,000 limit
• Documentation complete: Police report #12345, photo evidence received
• Deductible applied: $500 (claimant responsible)
• Net payout: $14,500

Approval authority: Within standard adjuster limits (under $25,000)

"""

validation = validate_ai_response(ai_decision, insurance_policy_arn)

# Result: Valid (all requirements met, within limits, proper documentation)

# Alternative decision

ai_decision_bad = """

Claim approved for $75,000 property damage.

No documentation required.

"""

validation = validate_ai_response(ai_decision_bad, insurance_policy_arn)

# Result: Invalid (exceeds limit, missing documentation, no coverage verification)

# Explanation: "Violations: Amount exceeds $50,000 limit, requires supervisor approval. Documentation requirements not met (police report required for claims over $5,000)."

# Suggestion: "Reduce claim to policy limit or escalate to supervisor. Obtain required police report and photo evidence."

```

Benefits:

• Consistent policy application
• Fraud prevention
• Automated compliance checking
• Reduced claim processing errors

---

Use Case 4: Legal - Jurisdiction Compliance

Scenario: Legal information chatbot provides guidance

Policy Requirements:

• Jurisdiction-specific laws
• No specific legal advice without attorney
• Statute of limitations awareness
• Ethical compliance (ABA rules)

Implementation:

```python

# Legal policy document uploaded (state-specific)

# AR policy validates legal information

user_query = "Can I sue for breach of contract?"

# AI generates response

ai_response = """

Breach of contract claims in California generally require:

1. Valid contract existed
2. You performed your obligations (or have valid excuse)
3. Other party breached their obligations
4. You suffered damages as a result

Statute of limitations: 4 years for written contracts, 2 years for oral contracts in California.

This is general legal information, not legal advice for your specific situation. Please consult with a licensed California attorney to evaluate your particular circumstances and determine the best course of action.

"""

validation = validate_ai_response(ai_response, legal_policy_arn)

# Result: Valid (jurisdiction specified, includes attorney referral, general information only)

```

Benefits:

• Jurisdiction-appropriate information
• Ethical compliance
• Risk mitigation
• Clear attorney referral

---

Automated Reasoning and AgentCore Policy work together for comprehensive agent governance:

| Feature | Automated Reasoning | AgentCore Policy |

|---------|-------------------|------------------|

| Focus | Response content validation | Tool call authorization |

| Language | Natural language policies | Cedar + natural language |

| Enforcement | Post-generation validation | Pre-tool-call authorization |

| Accuracy | 99% (mathematical verification) | 100% (deterministic) |

| Use Case | "Does response comply with regulations?" | "Is agent allowed to call this tool?" |

Combined Implementation

```python

# AgentCore Policy: Controls what tools agent can use

# Automated Reasoning: Validates agent responses comply with domain policies

# Step 1: AgentCore Policy limits tool access

cedar_policy = """

permit(

principal,

action == AgentCore::Action::"MedicalAPI__get_treatment_info",

resource

)

when {

context.input has condition &&

context.input.condition != "emergency"

};

forbid(

principal,

action == AgentCore::Action::"MedicalAPI__prescribe_medication",

resource

);

"""

# Step 2: Automated Reasoning validates response content

# Even if tool call is allowed, response must comply with clinical protocols

# Example flow:

# 1. User: "What treatment for diabetes?"

# 2. AgentCore Policy: Allow get_treatment_info tool (non-emergency)

# 3. Tool executes: Returns treatment guidelines

# 4. Agent generates response with guidelines

# 5. Automated Reasoning: Validates response against HIPAA + clinical protocols

# 6. If valid: Response returned to user

# 7. If invalid: Response blocked, explanation provided

```

---

1. Policy Document Quality

Structure policies clearly:

```

Good:

• "Medication dosages must be within FDA-approved ranges:

Metformin 500-2000mg daily, Insulin per body weight calculation"

Bad:

• "Don't recommend wrong dosages"

```

Use specific examples:

```

Good:

• "Emergency conditions requiring 911:

- Chest pain or pressure

- Difficulty breathing

- Sudden severe headache

- Loss of consciousness

- Stroke symptoms (FAST)"

Bad:

• "Refer emergencies to 911"

```

2. Test Coverage

• Create test cases for every policy rule
• Include both compliant and non-compliant examples
• Test edge cases and boundary conditions
• Validate explanations are helpful

3. Iterative Refinement

• Start with core policies
• Monitor violation patterns
• Add clarifications based on real violations
• Update policies as regulations change

4. Combine Safeguards

Use automated reasoning WITH other guardrail policies:

```python

# Layer 1: Content filters (hate, violence)

# Layer 2: PII protection (HIPAA)

# Layer 3: Topic denial (broad exclusions)

# Layer 4: Word filters (specific terms)

# Layer 5: Contextual grounding (RAG accuracy)

# Layer 6: Automated reasoning (policy compliance)

```

5. Monitor Performance

Track key metrics:

• Violation rate (should be low, < 5%)
• No Data rate (indicates unclear policies)
• False positive rate (valid responses blocked)
• Policy coverage (% of use cases covered)

6. Document Explanations

When violations occur:

• Log full explanation
• Track suggested fixes
• Analyze patterns for policy improvement
• Use insights to refine AI prompts

7. Version Control

• Version policy documents (v1, v2, v3)
• Test new versions before production
• Maintain rollback capability
• Document policy changes

8. Regional Considerations

Automated Reasoning availability:

• Generally available in us-east-1, us-west-2
• Check AWS documentation for latest regions
• Plan for regional policy variations (e.g., GDPR vs HIPAA)

9. Cost Management

• Automated reasoning adds latency and cost
• Use for high-value, high-risk responses
• Consider caching common validations
• Monitor token usage in CloudWatch

10. Audit Trail

• Enable CloudWatch logging
• Retain violation logs for compliance
• Export logs to S3 for long-term storage
• Include in compliance reporting

---

Current Limitations (December 2025)

1. No Streaming Support: Automated reasoning requires complete response before validation
2. Latency: Adds 200-500ms per validation (mathematical verification overhead)
3. Policy Extraction: Not all natural language policies convert perfectly to formal rules
4. No Data Results: Complex policies may produce "No Data" for ambiguous scenarios
5. Regional Availability: Limited to select regions (us-east-1, us-west-2 initially)
6. File Formats: Supports PDF, Word, text (not HTML, Markdown, or structured formats)
7. Policy Size: Large policy documents (> 100 pages) may have longer processing times
8. Language Support: Best results with English policy documents

Workarounds

Streaming:

• Generate full response, validate, then stream to user if valid
• Use content filters for real-time streaming, AR for final validation

Latency:

• Cache validation results for common responses
• Run validation asynchronously when possible
• Use AgentCore Policy for real-time enforcement

Policy Clarity:

• Provide explicit examples in policy documents
• Test with diverse scenarios to identify gaps
• Iterate on policy wording based on "No Data" results

---

• bedrock-guardrails: Complete guardrails implementation (6 safeguard policies)
• bedrock-agentcore-policy: Cedar-based tool authorization and access control
• bedrock-agents: Agent creation and management
• bedrock-knowledge-bases: RAG with contextual grounding integration
• bedrock-inference: Foundation model invocation patterns
• anthropic-expert: Claude-specific best practices
• observability-stack-setup: CloudWatch monitoring for guardrails

---

AWS Documentation

• [Amazon Bedrock Automated Reasoning](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails-automated-reasoning.html)
• [Automated Reasoning Checks GA Announcement](https://aws.amazon.com/blogs/aws/minimize-ai-hallucinations-and-deliver-up-to-99-verification-accuracy-with-automated-reasoning-checks-now-available/)
• [Bedrock Guardrails Overview](https://docs.aws.amazon.com/bedrock/latest/userguide/guardrails.html)

AWS Blog Posts

• [Minimize AI Hallucinations with Automated Reasoning](https://aws.amazon.com/blogs/aws/minimize-ai-hallucinations-and-deliver-up-to-99-verification-accuracy-with-automated-reasoning-checks-now-available/)
• [Bedrock Guardrails for AI Safety](https://aws.amazon.com/blogs/machine-learning/amazon-bedrock-guardrails/)

Research Sources

• AMAZON-BEDROCK-COMPREHENSIVE-RESEARCH-2025.md (50+ sources, December 2025)

---

Last Updated: December 5, 2025

API Version: 2025 GA release

Skill Version: 1.0.0