AWS AI Professional (AIP-C01) Exam Learning Path

AWS Certified Generative AI Developer – Professional (AIP-C01) Overview

The AWS Certified Generative AI Developer – Professional (AIP-C01) is AWS’s professional-level certification for developers who build and deploy production-ready Generative AI solutions. Launched in 2025, this certification validates your ability to integrate foundation models into applications, implement RAG architectures, design agentic AI systems, and operationalize GenAI solutions on AWS.

Exam Detail Information
Exam Code AIP-C01
Full Name AWS Certified Generative AI Developer – Professional
Level Professional
Number of Questions 75 (+ 10 unscored)
Duration 180 minutes
Passing Score 750 / 1000
Cost $300 USD
Format Multiple choice & multiple response
Testing Pearson VUE (center or online proctored)
Languages English, Japanese, Korean, Simplified Chinese
Validity 3 years

Target Candidate Profile

  • 2+ years building production-grade applications on AWS
  • 1+ year hands-on experience implementing Generative AI solutions
  • Experience with AWS compute, storage, networking, and security services
  • Understanding of AWS deployment, IaC tools, and monitoring services
  • Familiarity with AI/ML concepts and data engineering

Recommended prior certifications (not required): AWS Certified AI Practitioner (AIF-C01), AWS Solutions Architect Associate, AWS Machine Learning Engineer Associate

AIP-C01 Exam Domains & Weightings

Domain Weight Key Topics
Domain 1: Foundation Model Integration, Data Management & Compliance 31% RAG implementation, vector stores, prompt engineering, FM selection & customization, data pipelines
Domain 2: Implementation & Integration 26% Agentic AI, tool integrations, model deployment, enterprise integration, CI/CD, troubleshooting
Domain 3: AI Safety, Security & Governance 20% Data privacy, model security, Guardrails, responsible AI, compliance, access control
Domain 4: Operational Efficiency & Optimization 12% Cost optimization, performance tuning, scaling, monitoring, A/B testing
Domain 5: Testing, Validation & Troubleshooting 11% Model evaluation metrics, benchmarking, quality assurance, debugging

Domain 1: Foundation Model Integration, Data Management & Compliance (31%)

This is the largest domain and covers the core of building GenAI solutions on AWS.

Key Topics

  • Solution Design: Architecture design using FMs, proof-of-concept implementations, Well-Architected Framework GenAI Lens
  • FM Selection & Configuration: Model benchmarking, cross-region inference, fine-tuning (LoRA, adapters), model lifecycle management via SageMaker Model Registry
  • Data Pipelines: Data validation workflows (AWS Glue Data Quality), multimodal data processing, input formatting for FM inference
  • Vector Stores: Vector database architecture (OpenSearch, Aurora pgvector, Bedrock Knowledge Bases), metadata frameworks, embedding solutions (Amazon Titan Embeddings)
  • Retrieval Mechanisms (RAG): Document chunking strategies, hybrid search (keyword + vector), reranking models, query expansion & decomposition
  • Prompt Engineering & Governance: Amazon Bedrock Prompt Management, parameterized templates, prompt flows, chain-of-thought patterns, quality assurance

AWS Services to Study

Domain 2: Implementation & Integration (26%)

This domain focuses on building production systems with agentic AI and enterprise integrations.

Key Topics

  • Agentic AI: Bedrock Agents, Strands Agents, AWS Agent Squad, MCP (Model Context Protocol), ReAct patterns, multi-agent systems
  • Tool Integrations: Function calling, MCP servers (Lambda & ECS), custom tool behaviors, error handling
  • Model Deployment: Lambda for on-demand inference, Bedrock provisioned throughput, SageMaker endpoints, container-based deployment
  • Enterprise Integration: API Gateway, EventBridge event-driven architectures, CI/CD pipelines (CodePipeline, CodeBuild), GenAI gateway architectures
  • Troubleshooting: Context window overflow, prompt debugging, retrieval system diagnostics, embedding drift monitoring

AWS Services to Study

  • Amazon Bedrock Agents – Autonomous AI agents with tool use
  • Amazon Q Developer – AI-powered development assistant
  • AWS Step Functions – Workflow orchestration for AI pipelines
  • AWS Lambda – Serverless inference, MCP servers
  • Amazon API Gateway – Enterprise API integrations
  • AWS CodePipeline / CodeBuild – CI/CD for GenAI

Domain 3: AI Safety, Security & Governance (20%)

Security and responsible AI are critical at the professional level.

Key Topics

  • Data Privacy: Data encryption (at rest/in transit), PII detection and redaction, data residency compliance
  • Model Security: IAM least-privilege access to FMs, identity federation, role-based access control
  • Guardrails: Amazon Bedrock Guardrails – content filtering, topic denial, PII redaction, grounding checks
  • Responsible AI: Bias detection, fairness evaluation, transparency, human-in-the-loop workflows
  • Compliance: Cross-jurisdiction deployments (Outposts, Wavelength), audit logging (CloudTrail), governance frameworks

AWS Services to Study

  • Amazon Bedrock Guardrails – Content filtering, responsible AI controls
  • AWS IAM – Fine-grained access control for AI services
  • AWS CloudTrail – Audit logging for AI operations
  • AWS KMS – Encryption key management
  • Amazon Macie – PII detection in data stores

Domain 4: Operational Efficiency & Optimization (12%)

Key Topics

  • Cost Optimization: Model cascading (smaller models for simple tasks), provisioned throughput vs. on-demand, right-sizing
  • Performance Tuning: Latency optimization, token processing capacity, GPU utilization
  • Scaling: Auto-scaling SageMaker endpoints, Bedrock cross-region inference, load balancing
  • Monitoring: CloudWatch metrics for AI workloads, observability pipelines (X-Ray), drift detection

Domain 5: Testing, Validation & Troubleshooting (11%)

Key Topics

  • Model Evaluation: Relevance scoring, hallucination detection, semantic drift, RAGAS metrics
  • Agent Evaluation: Task completion rates, tool usage effectiveness, Amazon Bedrock Agent evaluations
  • Retrieval Quality: Context matching verification, retrieval latency, embedding quality diagnostics
  • Deployment Validation: A/B testing, canary deployments, synthetic user workflows, automated quality checks

Recommended Study Resources

Video Courses

Course Platform Notes
Ultimate AWS Certified Generative AI Developer Professional by Stephane Maarek Udemy Comprehensive course with hands-on labs and 75-question practice exam
AWS Certified Generative AI Developer Professional AIP-C01 Udemy Security, governance, cost optimization focus
Exam Prep: AWS Certified Generative AI Developer AWS Skill Builder Official AWS exam prep (free with subscription)
Generative AI Developer Professional KodeKloud Hands-on labs with AWS sandbox environments

Practice Tests

Resource Platform Questions
[Practice Exams] AWS Certified Generative AI Developer Pro by Stephane Maarek & Abhishek Singh Udemy Multiple full-length exams with explanations
AWS Certification Official Practice Question Set AWS Skill Builder 20 official questions (free)
AWS Certification Official Pretest AWS Skill Builder Full-length readiness assessment
Whizlabs AIP-C01 Practice Tests Whizlabs Multiple practice exams with explanations

Documentation & Reading

10-Week Study Plan

Week Focus Area Activities
Week 1 Exam Overview & Foundations Read exam guide, review AI Services Cheat Sheet, understand all 5 domains and weightings
Week 2 Amazon Bedrock Core Study Amazon Bedrock, FM selection, model invocation APIs, Nova models, Titan Embeddings
Week 3 RAG & Vector Stores Study Bedrock Knowledge Bases, chunking strategies, OpenSearch vector search, hybrid search, reranking
Week 4 Prompt Engineering & Fine-tuning Bedrock Prompt Management, Prompt Flows, chain-of-thought, LoRA fine-tuning, SageMaker model customization
Week 5 Agentic AI & Tool Integration Study Bedrock Agents, Strands Agents, MCP, function calling, multi-agent orchestration, ReAct patterns
Week 6 Enterprise Integration & Deployment API Gateway integration, Step Functions workflows, CI/CD for GenAI (CodePipeline), container deployment patterns, Q Developer
Week 7 Security, Governance & Responsible AI Bedrock Guardrails, IAM for AI services, data privacy, PII handling, compliance, responsible AI practices
Week 8 Optimization & Monitoring Cost optimization (model cascading, provisioned throughput), performance tuning, CloudWatch metrics, X-Ray observability
Week 9 Testing, Evaluation & Troubleshooting Model evaluation metrics, agent evaluations, retrieval quality testing, deployment validation, debugging GenAI apps
Week 10 Review & Practice Exams Take 2-3 full practice exams, review weak areas, re-read exam guide, focus on scenario-based questions

Study Tips

  • Hands-on practice is essential – This is a professional-level exam; build actual RAG pipelines and deploy agents on AWS
  • Focus on Domain 1 & 2 – Together they represent 57% of the exam
  • Understand scenario-based questions – Questions are long and test architectural decision-making, not memorization
  • Know the trade-offs – When to use Bedrock vs. SageMaker, on-demand vs. provisioned throughput, different chunking strategies
  • Practice with time management – 180 minutes for 75 complex questions means ~2.4 minutes per question

AIP-C01 Practice Questions

Question 1

A company is building a customer support chatbot using Amazon Bedrock. The chatbot needs to answer questions based on 50,000 internal product documents that are updated weekly. The solution must minimize hallucinations and provide source citations. Which architecture best meets these requirements?

  1. Fine-tune a foundation model on all product documents monthly
  2. Use Amazon Bedrock Knowledge Bases with automatic chunking, vector store synchronization, and source attribution enabled
  3. Include all product documents in the system prompt for each request
  4. Train a custom model using Amazon SageMaker with the product documents as training data
Show Answer

Answer: B – Amazon Bedrock Knowledge Bases provides managed RAG with automatic document chunking, scheduled sync for weekly updates, vector store management, and built-in source attribution. Fine-tuning (A/D) doesn’t provide up-to-date factual recall, and including all documents in the prompt (C) exceeds context window limits.

Question 2

A developer is implementing an agentic AI solution that needs to query a company’s internal database, call external APIs, and generate reports. The solution must handle failures gracefully and maintain conversation state. Which combination of services should be used? (Select TWO)

  1. Amazon Bedrock Agents with action groups and Lambda functions
  2. Amazon Comprehend with custom entity recognition
  3. Amazon DynamoDB for conversation history and session state
  4. Amazon Kinesis Data Streams for real-time processing
  5. Amazon Rekognition for document analysis
Show Answer

Answer: A, C – Bedrock Agents with action groups handle tool orchestration (database queries, API calls) with built-in error handling and ReAct reasoning. DynamoDB stores conversation history for state management. Comprehend (B), Kinesis (D), and Rekognition (E) don’t address the agentic workflow requirements.

Question 3

An organization needs to ensure their GenAI application does not generate responses about competitor products, does not reveal PII from training data, and stays within approved topic boundaries. Which approach provides the MOST comprehensive solution?

  1. Implement input validation using AWS Lambda functions
  2. Configure Amazon Bedrock Guardrails with denied topics, PII filters, and content filters
  3. Use system prompts to instruct the model to avoid certain topics
  4. Fine-tune the model to remove knowledge about competitors
Show Answer

Answer: B – Amazon Bedrock Guardrails provides configurable denied topics, automated PII detection/redaction, and content filters that work at both input and output levels. System prompts (C) can be bypassed through prompt injection. Lambda validation (A) only handles input. Fine-tuning (D) cannot reliably remove specific knowledge.

Question 4

A team has deployed a GenAI application using Amazon Bedrock. After launch, they notice that response latency increases during peak hours and costs are 3x their budget. The application handles both simple FAQ queries and complex analytical questions. What is the MOST cost-effective optimization strategy?

  1. Switch all requests to the largest available model for better performance
  2. Implement model cascading: route simple queries to a smaller/cheaper model and complex queries to a larger model using a classification layer
  3. Purchase provisioned throughput for the maximum expected load
  4. Cache all responses in Amazon ElastiCache and serve cached answers for all queries
Show Answer

Answer: B – Model cascading routes simple queries to smaller, faster, cheaper models while reserving larger models for complex tasks. This optimizes both cost and latency. Using only the largest model (A) increases cost. Maximum provisioned throughput (C) over-provisions for average load. Caching all responses (D) doesn’t work for analytical questions requiring unique answers.

Question 5

A developer is building a RAG application and notices that retrieved documents are often irrelevant, leading to poor response quality. The documents are technical manuals with hierarchical structure (chapters, sections, subsections). Which combination of improvements will MOST effectively address retrieval quality? (Select TWO)

  1. Increase the chunk size to 10,000 tokens to capture more context
  2. Implement hierarchical chunking that preserves document structure and parent-child relationships
  3. Use hybrid search combining semantic vector search with keyword-based BM25 scoring
  4. Reduce the number of retrieved documents to 1 to increase precision
  5. Switch from vector search to simple keyword search
Show Answer

Answer: B, C – Hierarchical chunking preserves the document structure, maintaining context relationships between sections. Hybrid search combines the semantic understanding of vector search with the precision of keyword matching, improving relevance for technical content. Very large chunks (A) reduce precision. Only 1 document (D) may miss relevant information. Keyword-only search (E) loses semantic understanding.

Related Posts

References

Frequently Asked Questions

What is the AIP-C01 exam?

The AWS Certified AI Practitioner Professional (AIP-C01) validates ability to build, deploy, and operationalize generative AI solutions on AWS. It covers RAG implementation, agent design, MLOps, model security, and evaluation — requiring hands-on experience with Bedrock, SageMaker, and related services.

How does AIP-C01 differ from AIF-C01?

AIF-C01 (AI Practitioner) is foundational — testing conceptual knowledge of AI/ML. AIP-C01 (AI Professional) is advanced — testing hands-on ability to implement Gen AI solutions, fine-tune models, build agents, deploy with MLOps pipelines, and secure AI applications.

What experience do I need for AIP-C01?

AWS recommends 2+ years of hands-on experience building ML/Gen AI solutions on AWS, including working with Bedrock, SageMaker, and implementing RAG, fine-tuning, and agent architectures in production.

S3 vs EBS vs EFS – AWS Storage Services Compared

AWS S3 vs EBS vs EFS – Storage Services Compared

  • AWS provides three primary storage services: S3 (object storage), EBS (block storage), and EFS (file storage).
  • Each serves different use cases — choosing the right one depends on access patterns, performance requirements, and cost constraints.
  • Understanding the differences is critical for both architecture decisions and AWS certification exams (SAA-C03, SAP-C02).
AWS Storage — Access Pattern Comparison
S3 (Object)
App 1 → API →
App 2 → API →
Lambda → API →
S3 Bucket
(Unlimited)
Any # of clients via HTTP
EBS (Block)
EC2 Instance
↕ attached
EBS Volume
(1 GiB-64 TiB)
1 instance (same AZ)
EFS (File/NFS)
EC2 (AZ-1) →
EC2 (AZ-2) →
Lambda →
EFS Mount
(Auto-scales)
1000s clients (cross-AZ)

S3 vs EBS vs EFS Comparison Table

Feature Amazon S3 Amazon EBS Amazon EFS
Storage Type Object storage Block storage File storage (NFS)
Access Pattern HTTP/HTTPS API (any number of clients) Single EC2 instance (Multi-Attach for io1/io2 up to 16) Multiple EC2/ECS/Lambda (1000s concurrent)
Protocol REST API, S3 API Block device (like a hard drive) NFSv4.1
Capacity Unlimited (5 TB per object) 1 GiB – 64 TiB per volume Unlimited (automatic scaling)
Durability 99.999999999% (11 nines) 99.999% (within AZ) 99.999999999% (11 nines)
Availability 99.99% (Standard) 99.999% (io2 Block Express) 99.99% (Standard), 99.9% (One Zone)
Scope Regional (across AZs) Single AZ (snapshots are Regional) Regional (across AZs) or One Zone
Performance – Latency Milliseconds (first byte) Sub-millisecond (io2/gp3) Low milliseconds
Performance – IOPS 3,500+ PUT/s, 5,500+ GET/s per prefix Up to 256,000 (io2 Block Express) 500,000+ read IOPS (Elastic Throughput)
Performance – Throughput Aggregate scales with prefixes Up to 4,000 MiB/s (io2 Block Express) Up to 10+ GiB/s (Elastic Throughput)
Storage Classes/Types Standard, IA, One Zone-IA, Glacier IR, Glacier Flexible, Glacier Deep, Express One Zone gp3, gp2, io2 Block Express, io1, st1, sc1 Standard, Infrequent Access, Archive (with Intelligent-Tiering)
Pricing Model Per GB stored + requests + data transfer Per GB provisioned + IOPS (io1/io2) Per GB used (pay for what you store)
Cost (approx. US East) $0.023/GB (Standard) $0.08/GB (gp3) $0.30/GB (Standard), $0.016/GB (IA)
Encryption SSE-S3, SSE-KMS, SSE-C, client-side AES-256 (KMS or EBS-managed) At rest (KMS) + in transit (TLS)
Backup Versioning, Cross-Region Replication, S3 Batch Snapshots (incremental, to S3) AWS Backup, EFS-to-EFS replication
Cross-Region CRR, Multi-Region Access Points Snapshot copy to other Regions EFS Replication (async, RPO minutes)
OS Integration Not mountable as filesystem (use S3 Mountpoint for read-heavy) Mount as block device (format with ext4/xfs) Mount as NFS filesystem
Modify on Write No (replace entire object) Yes (modify bytes in place) Yes (modify files in place)
Use With Any AWS service, internet, on-premises EC2 only EC2, ECS, EKS, Lambda, on-premises (DataSync)

When to Use Each

Use S3 when:

  • Storing unlimited objects (media, logs, backups, data lakes)
  • Static website hosting
  • Data needs to be accessed by multiple services/applications via API
  • Long-term archival (Glacier classes)
  • Analytics/ML training data
Use EBS when:

  • Boot volumes for EC2 instances
  • Databases requiring low-latency block I/O (RDS, self-managed DBs)
  • Applications needing consistent sub-millisecond latency
  • High-IOPS transactional workloads
  • Single-instance access pattern
Use EFS when:

  • Shared filesystem across multiple EC2 instances/containers
  • Content management systems (WordPress, Drupal)
  • Home directories for development teams
  • Machine learning training data (shared across instances)
  • Container storage (ECS/EKS persistent volumes)
  • Lambda function storage (/mnt mount)

Pricing Comparison (US East-1)

Scenario S3 EBS EFS
1 TB stored (monthly) $23.55 (Standard) $81.92 (gp3) $307.20 (Standard) or $16.40 (IA)
1 TB infrequent access $12.50 (S3 IA) $45.00 (sc1) $16.40 (EFS IA)
1 TB archive $3.60 (Glacier IR) N/A $8.00 (EFS Archive)
High IOPS (50K) N/A $3,250/month (io2) Included (Elastic)

Common Architecture Patterns

  • Web Application: EBS for database, EFS for shared media/uploads, S3 for static assets via CloudFront
  • Data Lake: S3 for raw/processed data, EBS for compute nodes, EFS for shared notebooks
  • Containers (EKS/ECS): EFS for shared persistent volumes, EBS for StatefulSet per-pod storage, S3 for artifacts
  • Machine Learning: S3 for training data, EFS for shared model artifacts, EBS for GPU instance local storage

Key Differences Summary

  • S3 is cheapest for large-scale storage but has higher latency and no in-place modification
  • EBS is fastest (sub-ms latency) but limited to single AZ and single instance (unless Multi-Attach)
  • EFS is most flexible for shared access but most expensive per GB for frequently accessed data
  • All three support encryption at rest and in transit
  • S3 and EFS have 11 nines durability; EBS has 5 nines (use snapshots for DR)

Practice Questions

Question 1

A company runs a containerized application on EKS that requires a shared filesystem accessible by all pods across multiple Availability Zones. The data includes ML model artifacts that are written once and read frequently. Which storage solution is most appropriate?

Show Answer

Answer: – Amazon EFS with Infrequent Access lifecycle policy. EFS provides NFS-compatible shared storage across AZs, accessible by all pods. The lifecycle policy moves infrequently accessed files to IA tier automatically, reducing costs for write-once-read-occasionally patterns.

Question 2

An application requires 100,000 IOPS with sub-millisecond latency for a self-managed Oracle database running on a single EC2 instance. Which storage option should be used?

Show Answer

Answer: – Amazon EBS io2 Block Express. It provides up to 256,000 IOPS with sub-millisecond latency, designed for critical database workloads requiring consistent high performance on a single instance.

Question 3

A media company needs to store 500 TB of video files that are accessed via a web application and CDN. Files are never modified after upload. Which is the most cost-effective solution?

Show Answer

Answer: – Amazon S3 Standard with CloudFront distribution. S3 provides unlimited scalable object storage at $0.023/GB, supports direct CDN integration, and its immutable object model matches the write-once pattern. Cost: ~$11,750/month vs ~$40,000 (EBS) or $150,000 (EFS).

Question 4

A development team needs shared storage for home directories accessible from multiple EC2 instances. Storage usage varies between 100 GB and 2 TB monthly. Which option provides the best cost efficiency?

Show Answer

Answer: – Amazon EFS with Elastic Throughput and Intelligent-Tiering. EFS automatically scales capacity (no provisioning needed), and Intelligent-Tiering moves infrequently accessed files to cheaper tiers automatically. You only pay for what you use.

Question 5

An application stores user-uploaded images that must be accessible from any AWS Region with low latency. Which storage configuration provides this?

Show Answer

Answer: – Amazon S3 with Multi-Region Access Points (MRAP) or Cross-Region Replication. S3 MRAP routes requests to the nearest replicated bucket automatically, providing low-latency global access. EBS and EFS are regional services and cannot natively serve content globally.

Related Posts

What About Amazon FSx?

While S3, EBS, and EFS cover most use cases, Amazon FSx provides fully managed file systems for specialized workloads:

  • FSx for Lustre — High-performance parallel file system for HPC, ML training, and media processing (sub-ms latency, 100s of GB/s throughput)
  • FSx for Windows File Server — Fully managed Windows-native file shares with SMB protocol, Active Directory integration
  • FSx for NetApp ONTAP — Multi-protocol (NFS, SMB, iSCSI) enterprise storage with snapshots, cloning, and tiering
  • FSx for OpenZFS — High-performance file system with snapshots, compression, and up to 1M IOPS

When to choose FSx over EFS: Choose FSx when you need Windows compatibility (FSx for Windows), HPC-grade throughput (Lustre), or advanced enterprise features like data deduplication and multi-protocol access (ONTAP).

📖 For a detailed FSx comparison, see AWS S3 vs EBS vs EFS vs FSx – Complete Storage Guide.

Frequently Asked Questions

What is the difference between S3, EBS, and EFS?

S3 is object storage (unlimited, accessed via API). EBS is block storage (attached to single EC2, low-latency like a hard drive). EFS is file storage (NFS shared across multiple instances). Choose based on access pattern: API access → S3, single-instance database → EBS, shared filesystem → EFS.

Which AWS storage service is cheapest?

S3 Standard is cheapest at $0.023/GB/month for frequently accessed data. EBS gp3 costs $0.08/GB. EFS Standard costs $0.30/GB but with Intelligent-Tiering and IA classes, effective cost can drop to $0.016/GB for infrequently accessed files.

Can EBS be shared across multiple instances?

EBS Multi-Attach (io1/io2 only) allows up to 16 EC2 instances in the same AZ to access a single volume simultaneously. For true multi-AZ shared storage, use EFS instead.

References

AWS Security Specialty (SCS-C03) Exam Learning Path

AWS Certified Security – Specialty (SCS-C03) Exam Learning Path

The AWS Certified Security – Specialty (SCS-C03) exam validates advanced security skills for designing and implementing AWS security solutions. This updated version went live on December 2, 2025, replacing the SCS-C02. This comprehensive learning path covers everything you need to pass the exam — domains, study resources, an 8-week study plan, exam topics with links, and practice questions.

SCS-C03 Exam Overview

Detail Value
Exam Code SCS-C03
Format 65 questions (multiple-choice, multiple-response, ordering, matching)
Duration 170 minutes
Passing Score 750 / 1000
Cost $300 USD
Delivery Pearson VUE (testing center or online)
Prerequisite None required (5+ years security experience recommended)
Live Since December 2, 2025

Refer to the AWS Certified Security – Specialty (SCS-C03) Exam Guide

SCS-C03 Exam Domains

Domain Weight Key Topics
Domain 1: Detection 16% GuardDuty, Security Hub, Detective, CloudTrail, VPC Flow Logs, Security Lake (OCSF)
Domain 2: Incident Response 14% Automated remediation, forensics, containment, AWS Security Incident Response
Domain 3: Infrastructure Security 18% VPC, Network Firewall, WAF, Verified Access, Firewall Manager, Shield
Domain 4: Identity and Access Management 20% IAM policies, Verified Permissions/Cedar, Identity Center, SCPs, RCPs, Cognito
Domain 5: Data Protection 18% KMS, CloudHSM, ACM, inter-node encryption, data masking, Bedrock Guardrails
Domain 6: Security Foundations & Governance 14% Organizations, Control Tower, Config, compliance frameworks, AWS Audit Manager

What’s New in SCS-C03 vs SCS-C02

Key Changes in SCS-C03

  • Generative AI Security — Amazon Bedrock Guardrails, OWASP LLM Top 10 protections, AgentCore security, and SageMaker AI model protection are now in scope.
  • OCSF & Security Lake — Open Cybersecurity Schema Framework (OCSF) normalization and Amazon Security Lake for centralized security data analytics.
  • IAM Weight Increased — Domain 4 (IAM) increased from 16% to 20%, reflecting identity as the new security perimeter.
  • SNS/CloudWatch Data Protection — Data masking policies for CloudWatch Logs and Amazon SNS message data protection.
  • Inter-node Encryption — Encryption in-transit between nodes for Amazon EMR, EKS, SageMaker AI, and Nitro enclaves.
  • AWS Verified Access — Zero-trust network access without VPNs now explicitly tested.
  • Amazon Verified Permissions & Cedar — Fine-grained authorization using Cedar policy language with RBAC and ABAC models.
  • Domain Restructuring — Detection and Incident Response are now separate domains; “Management and Security Governance” renamed to “Security Foundations & Governance.”
  • New Question Types — Ordering (arrange steps in sequence) and matching (match services to functions) alongside traditional multiple-choice.

Recommended Study Resources

Online Courses

Practice Tests

AWS Official Resources

Whitepapers & Cheat Sheets

8-Week Study Plan

This plan assumes 1.5–2 hours of study per day. Adjust timelines based on your existing AWS security experience.

Week Focus Area Activities
Week 1 IAM Foundations (Domain 4)
  • IAM policies (identity-based, resource-based, permission boundaries)
  • IAM Access Analyzer, policy evaluation logic
  • SCPs, RCPs, and Declarative Policies
  • Hands-on: Write and test IAM policies with conditions
Week 2 Advanced IAM & Identity (Domain 4)
  • IAM Identity Center (SSO), federation (SAML, OIDC)
  • Amazon Verified Permissions & Cedar policy language
  • Cognito User Pools & Identity Pools
  • Cross-account access patterns, role chaining
  • Hands-on: Configure Verified Permissions with Cognito
Week 3 Data Protection (Domain 5)
  • KMS (key policies, grants, multi-region keys, imported key material, XKS)
  • Envelope encryption, S3 encryption options
  • CloudHSM, ACM, Private CA
  • Inter-node encryption (EMR, EKS, SageMaker, Nitro)
  • Data masking: CloudWatch Logs data protection, SNS message data protection
  • Hands-on: Create KMS keys with custom policies, enable S3 default encryption
Week 4 Infrastructure Security (Domain 3)
  • VPC security: Security Groups, NACLs, VPC endpoints, Flow Logs
  • AWS Network Firewall (stateful/stateless rules, IDS/IPS)
  • AWS WAF (Web ACLs, rate-based rules, managed rule groups)
  • AWS Verified Access (zero-trust without VPN)
  • Firewall Manager for centralized management
  • Shield & Shield Advanced, DDoS mitigation
  • Hands-on: Deploy Network Firewall with custom rules
Week 5 Detection (Domain 1)
  • GuardDuty (runtime monitoring, extended threat detection, malware protection)
  • Amazon Detective (behavior graphs, investigation)
  • Amazon Security Lake & OCSF format
  • Security Hub (controls, standards, cross-region aggregation)
  • CloudTrail (Lake, Insights, organization trails)
  • CloudWatch alarms, metric filters, anomaly detection
  • Hands-on: Enable GuardDuty with EKS runtime monitoring, query Security Lake
Week 6 Incident Response & GenAI Security (Domains 2 & 5)
  • AWS Security Incident Response service
  • Automated remediation (EventBridge → Lambda/Step Functions)
  • Forensics: EBS snapshots, memory dumps, isolated VPCs
  • Amazon Bedrock Guardrails (content filters, denied topics, PII detection)
  • OWASP LLM Top 10 (prompt injection, data poisoning, model DoS)
  • AgentCore security controls
  • Hands-on: Build automated remediation for GuardDuty findings
Week 7 Governance & Review (Domain 6)
  • AWS Organizations, Control Tower, landing zones
  • AWS Config rules and remediation
  • AWS Audit Manager, Artifact
  • Well-Architected Security Pillar review
  • Multi-account security strategies
  • Review all domains — focus on weak areas identified in practice tests
  • Take first full-length practice exam (target: 70%+)
Week 8 Practice Exams & Final Review
  • Take 2–3 full-length practice exams (target: 80%+ consistently)
  • Review incorrect answers — identify knowledge gaps
  • Re-read AWS FAQs for GuardDuty, KMS, IAM, Security Hub
  • Review ordering/matching question formats
  • Light review on exam day — no cramming

Pro tip: Start with IAM and KMS because they appear across every domain. If you’re scoring below 75% on practice exams by Week 7, extend to 10 weeks.

Exam Topics & Related Posts

Domain 1: Detection (16%)

  • AWS ALB – Application Load Balancer Features & Routing Rules
  • Amazon GuardDuty — Threat detection using CloudTrail, VPC Flow Logs, DNS logs, EKS audit logs. Covers runtime monitoring, extended threat detection, and malware protection.
  • Amazon Detective — Security investigation using behavior graphs from CloudTrail, VPC Flow Logs, and GuardDuty findings.
  • AWS Security Hub — Centralized security posture management, automated compliance checks (CIS, PCI DSS, AWS Foundational), and cross-account/cross-region aggregation.
  • Amazon Security Lake — Centralizes security data in OCSF format from AWS services, SaaS providers, and on-premises sources for security analytics.
  • AWS CloudTrail — Audit logging, CloudTrail Lake for SQL-based event querying, Insights for anomaly detection, organization trails.
  • Amazon CloudWatch — Metric filters, alarms, anomaly detection, CloudWatch Logs with data protection policies for sensitive data masking.
  • Amazon Inspector — Automated vulnerability scanning for EC2, ECR containers, and Lambda functions.
  • Amazon Macie — ML-powered sensitive data discovery and classification in S3.

Domain 2: Incident Response (14%)

  • AWS Security Incident Response — Automated triage of GuardDuty and Security Hub findings, AI-powered investigation, containment, and 24/7 CIRT access.
  • Automated Remediation Patterns:
    • GuardDuty → EventBridge → Lambda (isolate instance, revoke credentials)
    • Config Rule → EventBridge → Systems Manager Automation (remediate non-compliant resources)
    • Security Hub → EventBridge → Step Functions (multi-step workflows)
  • Forensics: EBS snapshot isolation, memory acquisition, VPC isolation for compromised instances, CloudTrail Lake investigation.
  • AWS Config — Resource configuration history, compliance rules, and automated remediation.

Domain 3: Infrastructure Security (18%)

  • AWS VPC — Security Groups, NACLs, VPC endpoints (Gateway & Interface/PrivateLink), VPC Flow Logs, VPC peering, Transit Gateway.
  • AWS Network Firewall — Stateful/stateless inspection, IDS/IPS, Suricata-compatible rules, centralized deployment via Firewall Manager.
  • AWS WAF — Web ACLs, managed rule groups, rate-based rules, Bot Control, Fraud Control (Account Takeover/Creation), IP reputation lists.
  • Network Firewall vs WAF vs Security Groups vs NACLs — Understanding when to use each layer.
  • Network Firewall vs Gateway Load Balancer — Choosing between AWS-managed and third-party appliances.
  • AWS Verified Access — Zero-trust access to corporate applications without VPN, evaluating requests against security policies in real-time.
  • AWS Firewall Manager — Centrally configure WAF, Shield Advanced, Security Groups, Network Firewall, and DNS Firewall rules across Organizations.
  • AWS Shield & Shield Advanced — DDoS protection for CloudFront, Route 53, ALB, and Global Accelerator.
  • AWS VPN — Site-to-site VPN, IPSec encryption, VPN over Direct Connect.

Domain 4: Identity and Access Management (20%)

  • AWS IAM Overview — Users, groups, roles, and policy evaluation logic.
  • IAM Access Management — Identity-based policies, resource-based policies, permission boundaries, session policies.
  • IAM Roles — Cross-account access, service roles, role chaining, confused deputy protection.
  • IAM Federation — SAML 2.0, OIDC, custom identity brokers.
  • IAM Best Practices — Least privilege, MFA enforcement, credential rotation.
  • Amazon Verified Permissions — Fine-grained authorization using Cedar policy language, supporting RBAC and ABAC models, integrating with Cognito and API Gateway.
  • IAM Identity Center (formerly SSO) — Centralized workforce identity management for multi-account access with SAML 2.0 and SCIM provisioning.
  • Amazon Cognito — User Pools for authentication, Identity Pools for temporary AWS credentials.
  • AWS OrganizationsSCPs, Resource Control Policies (RCPs), Declarative Policies, AI service opt-out policies.
  • IAM Access Analyzer — External access findings, unused access findings, custom policy checks, and policy generation based on access activity.

Domain 5: Data Protection (18%)

  • AWS KMS — Key policies, grants, multi-region keys, imported key material, External Key Store (XKS), ViaService conditions.
  • Envelope Encryption — Data keys encrypted by KMS CMKs for efficient large-data encryption.
  • S3 Encryption — SSE-S3, SSE-KMS, SSE-C, client-side encryption, bucket keys, default encryption.
  • S3 Security — Bucket policies, ACLs, Block Public Access, Access Points, Object Lock.
  • AWS Certificate Manager (ACM) — Public/private certificates, Private CA for internal resources, cross-region certificate management.
  • AWS Secrets Manager — Automatic rotation, cross-region replication, comparison with Parameter Store.
  • Inter-node Encryption — Amazon EMR (in-transit encryption), EKS (pod-to-pod with service mesh), SageMaker (inter-container training encryption), Nitro enclaves.
  • Data Masking — CloudWatch Logs data protection policies for masking PII/PHI, Amazon SNS message data protection for filtering sensitive data in messages.
  • Amazon Bedrock Guardrails — Content filters, denied topics, word filters, sensitive information filters (PII), contextual grounding checks for GenAI security.

Domain 6: Security Foundations & Governance (14%)

  • AWS Organizations — Multi-account strategy, OU structure, consolidated billing.
  • AWS Control Tower — Landing zone setup, guardrails (preventive, detective, proactive).
  • AWS Config — Configuration recording, managed/custom rules, conformance packs, remediation.
  • AWS RAM — Secure cross-account resource sharing within Organizations.
  • AWS Audit Manager — Automated evidence collection, prebuilt frameworks (SOC 2, PCI DSS, GDPR).
  • AWS Artifact — On-demand access to compliance reports and agreements.
  • CloudTrail — Organization trails, log file integrity validation, integration with Security Lake.

SCS-C03 Practice Questions

Test your readiness with these sample questions covering new SCS-C03 topics:

Question 1 — GenAI Security (Domain 5)

A company uses Amazon Bedrock to power a customer-facing chatbot. The security team needs to prevent the model from generating content about competitors, block personally identifiable information (PII) in responses, and log all denied requests. Which combination of actions should the security engineer take? (Choose TWO)

  1. Create a Bedrock Guardrail with denied topics for competitor names and enable the sensitive information filter for PII detection.
  2. Use an AWS WAF web ACL with custom rules to inspect Bedrock API request/response bodies.
  3. Configure CloudTrail data events for Bedrock model invocations and create a CloudWatch metric filter for guardrail interventions.
  4. Deploy a Lambda@Edge function on CloudFront to scan all responses for PII before delivery.
  5. Enable Bedrock model access logging to S3 and use Macie to scan the logs for PII.
Show Answer

Correct: A, C

Explanation: Bedrock Guardrails (A) provide native content filtering with denied topics and sensitive information filters for PII — this is the purpose-built solution for controlling model outputs. CloudTrail data events with CloudWatch metric filters (C) provide the logging and alerting for denied requests. WAF (B) operates at the HTTP layer and cannot inspect Bedrock model response content. Lambda@Edge (D) doesn’t have access to Bedrock API responses. Macie (E) discovers PII in S3 objects but doesn’t prevent PII in real-time responses.

Question 2 — Verified Permissions & Cedar (Domain 4)

A SaaS application needs fine-grained authorization where users can access only their own documents, and managers can access documents of all team members. The authorization decisions must be evaluated in under 10ms and support both role-based and attribute-based access control. Which solution meets these requirements?

  1. Write IAM policies with conditions for each user and attach them to Cognito Identity Pool roles.
  2. Use Amazon Verified Permissions with Cedar policies that define role-based rules for managers and attribute-based rules matching document owner to the requesting user.
  3. Deploy a custom authorization Lambda function that queries DynamoDB for user-document mappings on each request.
  4. Use API Gateway resource policies with IAM conditions to restrict document access based on the caller’s identity.
Show Answer

Correct: B

Explanation: Amazon Verified Permissions is purpose-built for fine-grained application authorization using the Cedar policy language. It supports both RBAC (role-based — managers can access team documents) and ABAC (attribute-based — users can access their own documents) in a single policy store with low-latency evaluation. IAM policies (A) are for AWS resource access, not application-level authorization. A custom Lambda (C) adds complexity and may not meet 10ms latency. API Gateway resource policies (D) are coarse-grained and don’t support per-document authorization.

Question 3 — Security Lake & OCSF (Domain 1)

A security operations team needs to centralize security findings from GuardDuty, Security Hub, CloudTrail, and VPC Flow Logs across 50 AWS accounts into a single queryable data store using a standardized schema. Third-party SIEM tools must be able to consume this data. Which approach meets these requirements with the LEAST operational overhead?

  1. Configure each account to send findings to a centralized S3 bucket using EventBridge rules, then use Athena for querying.
  2. Enable Amazon Security Lake as a delegated administrator in the Organizations management account, which automatically collects and normalizes data to OCSF format and provides subscriber access for third-party tools.
  3. Deploy a Kinesis Data Firehose in each account to stream logs to a central OpenSearch cluster with custom parsing rules.
  4. Use CloudTrail Lake with organization-level event data stores for all accounts and grant third-party tools direct query access.
Show Answer

Correct: B

Explanation: Amazon Security Lake automatically collects security data from multiple sources (GuardDuty, Security Hub, CloudTrail, VPC Flow Logs, Route 53, S3, Lambda, EKS), normalizes it to the Open Cybersecurity Schema Framework (OCSF), and stores it in a purpose-built data lake. It supports subscriber access for third-party SIEM tools with minimal operational overhead. Option A requires custom schema normalization. Option C adds significant operational complexity. Option D (CloudTrail Lake) only covers CloudTrail events, not all the required sources.

Question 4 — Inter-node Encryption (Domain 5)

A company runs distributed machine learning training jobs on Amazon SageMaker AI using multiple instances. The compliance team requires that all data transmitted between training instances during distributed training is encrypted in transit. How should the security engineer meet this requirement?

  1. Deploy the training instances in a private subnet with a security group that only allows HTTPS traffic between instances.
  2. Enable inter-container traffic encryption in the SageMaker training job configuration.
  3. Configure a VPN connection between each training instance using AWS Site-to-Site VPN.
  4. Use AWS PrivateLink endpoints for all communication between SageMaker training instances.
Show Answer

Correct: B

Explanation: SageMaker AI provides a native inter-container traffic encryption option that encrypts all data transmitted between training instances during distributed training. This is enabled via the EnableInterContainerTrafficEncryption parameter in the training job configuration. Security groups (A) control traffic flow but don’t encrypt it. Site-to-Site VPN (C) is for on-premises to AWS connectivity. PrivateLink (D) is for accessing AWS services privately, not for inter-instance communication within a training job.

Question 5 — Verified Access & Zero Trust (Domain 3)

A company wants to provide remote employees access to internal web applications without requiring a VPN. Access must be granted based on the user’s identity (from the corporate IdP), device security posture, and the specific application being accessed. All access decisions must be logged. Which solution meets these requirements?

  1. Deploy an Application Load Balancer with OIDC authentication action rules that validate tokens from the corporate IdP.
  2. Configure AWS Client VPN with certificate-based mutual authentication and posture assessment.
  3. Set up AWS Verified Access with trust providers for the corporate IdP and a device management solution, create access policies per application, and enable access logs.
  4. Use Amazon CloudFront with Lambda@Edge functions that validate JWT tokens and check device certificates.
Show Answer

Correct: C

Explanation: AWS Verified Access provides zero-trust network access to corporate applications without a VPN. It evaluates each request against access policies using trust providers (identity providers for user identity and device management solutions for device posture). Access logs capture all authorization decisions. ALB with OIDC (A) validates identity but doesn’t assess device posture or provide zero-trust per-request evaluation. Client VPN (B) contradicts the no-VPN requirement. CloudFront with Lambda@Edge (D) requires custom development and doesn’t natively integrate with device posture providers.

Exam Day Tips

  • Time management: 170 minutes for 65 questions = ~2.5 minutes per question. Ordering and matching questions take longer — budget 3–4 minutes for those.
  • Mark and move: Flag difficult questions and return after completing all others.
  • Elimination strategy: On multi-choice questions, eliminate 2 obviously wrong answers first, then focus on the remaining 2.
  • Read carefully: Questions have significant prose. Identify the key requirement (cost, security, least operational overhead) before evaluating answers.
  • Ordering questions: Think about logical dependencies — what must happen before what? E.g., you must isolate before you investigate.
  • Online exam: Join 30 minutes early. Clear your desk. No external monitors, phones, or watches.
  • ESL accommodation: Request 30 extra minutes if English is not your first language.

All the best! 🎯

AWS Architecture Patterns for SCS-C03

Frequently Asked Questions

What is the AWS SCS-C03 exam?

The AWS Certified Security – Specialty (SCS-C03) is an advanced certification for security professionals. It has 65 questions over 170 minutes, requires 750/1000 to pass, costs $300, and covers 6 domains: Detection, Incident Response, Infrastructure Security, IAM, Data Protection, and Security Foundations.

What changed from SCS-C02 to SCS-C03?

Key changes include: GenAI security topics (Bedrock Guardrails, OWASP LLM Top 10), OCSF/Security Lake integration, IAM weight increased from 16% to 20%, new services (Verified Access, Verified Permissions), inter-node encryption, SNS data protection, and domain restructuring (Detection + Incident Response split).

How long should I study for SCS-C03?

With 2+ years of AWS security experience, 8-10 weeks of dedicated study is recommended. Focus on hands-on labs with IAM policies, KMS, GuardDuty, Security Hub, and the new GenAI security features in Bedrock.

SCS-C03 Architecture Pattern Posts

Amazon Quick – Enterprise AI Productivity Assistant

Amazon Quick – AI Assistant for Enterprise Productivity

Overview

Amazon Quick is AWS’s AI-powered enterprise productivity assistant, designed to work across all your business applications, tools, and data in one unified experience. Originally launched as Amazon Q Business (GA April 2024), it evolved into Amazon Quick Suite (October 2025) and received major autonomous agent capabilities at AWS Summit NYC in June 2026.

Unlike traditional AI assistants locked into a single vendor ecosystem, Amazon Quick breaks free from “walled gardens” — it connects to Slack, Microsoft Teams, Outlook, Gmail, Salesforce, ServiceNow, Jira, and dozens more applications seamlessly. It lives on your desktop, learns your work patterns, and gets smarter and more proactive the longer you use it.

Key Principles

  • Built for how you actually work — connects to every tool you use, not just one vendor’s ecosystem
  • Enterprise security your company will approve — no trade-off between capability and governance
  • Always learning, always improving — builds a personal knowledge graph from your interactions
  • Proactive, not reactive — runs continuously in the background, surfacing what needs attention
  • No coding required — accessible to every knowledge worker, not just developers

Key Features

Activity Feed (Redesigned June 2026)

The redesigned activity feed consolidates email, messaging, calendar, and tasks into a single prioritized view:

  • Unified inbox — see updates from email, Slack, Teams, calendar, and tasks in one place
  • Learns your patterns — knows which messages you always answer fast, which threads you skip, and what topics drive your week
  • Prioritization via feedback — use thumbs up/down to train Quick on what matters to you
  • Direct actions — reply to emails, respond to Slack messages, and approve requests without switching apps
  • Conversational interface — interact with your activity feed using natural language

Personal Knowledge Graph

Quick builds a persistent knowledge graph that understands:

  • Your preferences and communication style
  • Team contacts and organizational relationships
  • Key projects, brand guidelines, and business context
  • Work patterns — what you do, when, and with whom

This “long-term memory” means Quick remembers context across sessions. When drafting a customer win note, it pulls relevant stakeholders, references earlier conversations, and suggests actions based on historical patterns.

Proactive Recommendations

Unlike reactive AI tools that wait for prompts, Quick runs continuously in the background:

  • Meeting preparation — surfaces relevant Slack threads, documents, and briefing notes before your meetings
  • Conflict detection — catches double-bookings and urgent deadlines before they become problems
  • Follow-up nudges — reminds you of stalled conversations and pending actions
  • Context-aware suggestions — recommends next steps based on your current workflow

Content Creation

Generate deliverables directly from the chat interface:

  • Polished documents and presentations (PowerPoint)
  • Live dashboards and intelligent apps
  • Infographics and images
  • Custom web applications (no coding required)

Autonomous Agents (June 2026)

Announced at AWS Summit NYC 2026, autonomous agents are the marquee new capability that transforms Quick from an interactive assistant into a continuous automation platform.

How Autonomous Agents Work

  • Natural language creation — describe what you want the agent to do in plain English; no coding required
  • Granular autonomy levels — set agents from step-by-step approval to broad goal-based execution
  • Continuous operation — agents work in the background 24/7, not just when you’re actively using Quick
  • Specific expertise — configure each agent with domain knowledge, tone, and tool access

Example Agents

Agent Type What It Does
Finance Agent Processes purchase orders as they come in, flags anomalies, routes for approval
Sales Agent Monitors CRM, emails, and Slack; proactively drafts follow-ups, flags risks, recommends next steps
Deal Follow-up Agent Follows up on stalled business deals automatically
Compliance Agent Summarizes regulatory changes and flags relevant items to the legal team
Operations Agent Monitors dashboards and alerts teams when KPIs deviate from targets

Key Benefits

  • Eliminates manual repetitive work and notification overload
  • Accessible to business users — no developer involvement needed
  • Full audit trail and explainability for every action taken
  • Respects existing security permissions and data access controls

Integrations

Amazon Quick connects to 56+ applications and data sources, with 16 new built-in integrations announced at AWS Summit NYC 2026.

New Integrations (June 2026)

  • Adobe — Creative Cloud and Document Cloud workflows
  • Moody’s — Financial risk data and analytics
  • Snowflake — Data warehouse querying via natural language
  • Plus 13 additional enterprise integrations

Existing 40+ Connectors

  • Communication — Slack, Microsoft Teams, Zoom, Google Workspace
  • Email & Calendar — Microsoft Outlook, Gmail
  • Productivity — Microsoft 365 (Word, PowerPoint, Excel), Airtable, Dropbox
  • CRM & Sales — Salesforce, HubSpot
  • Project Management — Jira, Asana, ServiceNow
  • E-Commerce — Shopify
  • Finance — QuickBooks
  • Data Sources — Amazon S3, Amazon Redshift, PostgreSQL, MySQL, Oracle, AWS Glue, Databricks Unity Catalog, Collibra
  • Developer Tools — Kiro CLI, Claude Code, browser-based workflows
  • Document Stores — SharePoint, Confluence, Google Drive

Multi-Dataset Analytics

The new multi-dataset analytics feature (June 2026) enables:

  • Query across multiple data sources using natural language — no SQL required
  • Inherits semantic intelligence from existing data catalogs (AWS Glue, Databricks Unity Catalog, Collibra)
  • No pre-joining datasets or technical data preparation needed
  • Security enforced through identity propagation respecting existing permissions

Microsoft 365 Extensions

Quick embeds directly into Microsoft Office applications:

  • Available in Outlook, Word, PowerPoint, and Excel (preview)
  • Proactively surfaces insights, drafts content, and takes action within each app
  • No context switching required

Architecture

Knowledge Graph Technology (AWS Context)

Amazon Quick is built on the same knowledge graph technology that powers AWS Context, a new service announced at AWS Summit NYC 2026:

  • Automatic relationship inference — discovers connections between data assets, business rules, and domain knowledge
  • Organizational data connectivity — connects to all structured, unstructured, and domain data across the enterprise
  • Agentic search layer — enables agents to navigate organizational information and find the right answers
  • Continuous learning — learns which sources produce correct results, which paths get used, and which business rules matter
  • Metadata stored in Iceberg format on S3 Tables — build against it with existing tools

Desktop Architecture

  • Runs as a native desktop application (Windows and Mac)
  • Connects directly to local files on your machine
  • Stays connected to calendar, email, and apps in the background
  • Always-on — works whether you’re actively prompting or not
  • Can automate browser-based workflows and connect to developer tools

Shared Spaces

  • Team workspaces where dashboards, agents, automations, and knowledge compound across people
  • Share Quick applications as public websites for collaboration beyond the organization
  • Certified and published assets managed by Enterprise admins

Security

Amazon Quick addresses the fundamental security trade-off that plagues enterprise AI adoption:

The “Walled Garden” vs “Wild Garden” Problem

  • Walled Gardens (Microsoft Copilot, Google Gemini) — AI locked into one vendor ecosystem; can’t work across all your systems
  • Wild Gardens (standalone ChatGPT, open tools) — broad access but little concern for security and data governance
  • Amazon Quick — works across ALL your tools while maintaining enterprise-grade security

Enterprise Security Features

  • Data privacy — Quick never uses your data to train someone else’s model
  • Access control — respects existing ACL permissions from connected data sources
  • Identity propagation — user-level security enforced across all queries and actions
  • RBAC and SSO — enterprise identity management integration
  • Data sovereignty controls — available on Professional and Enterprise plans
  • Admin controls — centralized management, user provisioning, and audit capabilities
  • SAML 2.0 integration — works with Okta, Azure AD, Ping Identity
  • Built on AWS — inherits AWS security, compliance, and governance standards
  • HIPAA eligible — suitable for healthcare workloads

Governance for Agents

  • Granular autonomy levels — define exactly what agents can and cannot do
  • Full audit trail for all autonomous actions
  • Administrators can verify, approve, and remove published automations
  • Integration with Amazon Bedrock Guardrails for content safety

Pricing

Amazon Quick offers four tiers across two sign-up methods:

Sign Up with Email (No AWS Account Required)

Feature Free ($0/user/month) Plus ($20/user/month)
AI chat assistant
Desktop app
Custom chat agents
Shared Spaces for teams
Quick Flows (automation)
App integrations (Slack, M365, Google)
Browser & M365 extensions

Sign Up with AWS Account (Enterprise)

Feature Professional ($20/user/month) Enterprise ($40/user/month)
All Plus features
Quick Sight analytics View only Create & certify
Multi-step workflow automation (Quick Automate)
RBAC, SSO, admin controls
Data sovereignty controls
Index storage per user 25 GB 50 GB
Agent hours included/user/month 4 hours 8 hours
Infrastructure fee $250/account/month $250/account/month
24/7 AWS Support

Additional costs: Agent hours beyond entitlement are $3/hour (metered to the second). Index storage overages are $5/GB/month. A 30-day free trial is available for up to 25 users on the Enterprise plan.

Evolution: Amazon Q Business → Amazon Quick

Timeline Product Key Milestone
Nov 2023 Amazon Q Business (Preview) Announced at re:Invent 2023 as enterprise AI assistant
Apr 2024 Amazon Q Business (GA) Generally available with 40+ connectors, plugins, Q Apps
Oct 2025 Amazon Quick (Suite) Rebrand and expansion; merges QuickSight BI capabilities; launched as “AI teammate for work”
Apr 2026 Amazon Quick Desktop Desktop app launch; M365 extensions; always-on proactive mode; content creation
Jun 2026 Amazon Quick (Autonomous Agents) Autonomous agents, multi-dataset analytics, redesigned activity feed, 16 new integrations

Migration path: Existing Q Business customers can continue using their current service or leverage their existing Q index with Quick Suite to access new agents for research, insights, and automation.

Competitive Positioning

Amazon Quick vs Microsoft Copilot vs Google Gemini vs ChatGPT Enterprise

Capability Amazon Quick Microsoft 365 Copilot Google Gemini for Workspace ChatGPT Enterprise
Pricing $0–$40/user/month $30/user/month (add-on) $20–$30/user/month (add-on) ~$60/user/month (custom)
Cross-platform integrations 56+ (vendor-agnostic) Microsoft ecosystem + connectors Google Workspace ecosystem Limited (API-based)
Autonomous agents ✓ (no-code, continuous) ✓ (Copilot Studio) Limited — (Codex for code only)
Always-on desktop app ✓ (proactive) Embedded in M365 apps Embedded in Workspace Desktop app (reactive)
Personal knowledge graph ✓ (learns over time) Work IQ (memory) Limited personalization Memory feature
BI & analytics built-in ✓ (Quick Sight) Excel/Power BI integration Looker integration
Requires base subscription No (standalone) Yes (M365 license required) Yes (Workspace license) No (standalone)
Data stays in your environment ✓ (AWS infrastructure) ✓ (Microsoft cloud) ✓ (Google cloud) ✓ (OpenAI servers)
Multi-dataset NL analytics ✓ (cross-source) Limited to M365 data BigQuery integration

Key Differentiators for Amazon Quick

  • Vendor-agnostic — doesn’t require you to be locked into Microsoft or Google ecosystems
  • Free tier available — no base subscription prerequisite (unlike M365 Copilot which requires M365 license)
  • Unified BI + AI — Quick Sight analytics natively integrated (not a separate tool)
  • Proactive by design — always-on desktop presence vs. app-embedded reactive AI
  • AWS ecosystem advantage — native integration with Bedrock, S3, Redshift, Glue for data-heavy enterprises

Use Cases

Prioritized Inbox

A product manager receives 200+ emails and 50+ Slack messages daily. Quick’s activity feed consolidates everything into a single prioritized view, learns which messages require immediate attention (from the CEO, from direct reports, from key customers), and surfaces them first. Low-priority notifications are batched for end-of-day review.

Proactive Follow-ups

A sales rep closes a deal and needs to notify multiple stakeholders. Quick’s autonomous agent monitors the CRM, detects the deal closure, drafts personalized follow-up emails to the manager, leadership, marketing, and customer success teams — pulling relevant details from prior conversations and suggesting next steps based on historical playbooks.

Order Processing

A finance team deploys a Quick autonomous agent that continuously monitors incoming purchase orders. The agent validates order details against inventory systems, flags anomalies (unusual quantities, pricing discrepancies), routes standard orders for automatic approval, and escalates exceptions to the appropriate reviewer — all without human initiation.

CRM Monitoring

A sales leader creates an agent that monitors all team interactions across email, Slack, and Salesforce. The agent identifies deals that haven’t had customer contact in 7+ days, drafts suggested follow-up messages, flags competitive mentions, and generates a weekly pipeline health report — delivered proactively every Monday morning.

Meeting Preparation

Before a customer meeting, Quick automatically surfaces: the customer’s recent support tickets, last quarter’s usage data from the BI dashboard, relevant product roadmap items discussed in internal Slack channels, and the sales engineer’s technical notes — all compiled into a pre-meeting briefing without being asked.

Customer Adoption

  • 3M — saves sales reps 5+ hours per week gathering information for customer meetings
  • Amazon Books — reduced time leaders spend developing coordination documents by 80%; engineering cut factory test times by 67%
  • New York Life — replaced multi-report manual processes with conversational agents for reconciliation, premium processing, and compliance reporting
  • Mondelēz International — employees complete tasks in minutes instead of hours; AI-powered analysis across complex data sets
  • Southwest Airlines — adopted Quick as part of their AWS cloud modernization, alongside 2,700 developers using Kiro
  • Other adopters: BMW, GoDaddy, AstraZeneca, NFL, Kitsa

Practice Questions

  1. A company uses Microsoft Teams for messaging, Salesforce for CRM, Jira for project management, and Snowflake for analytics. They want an AI assistant that works across ALL these tools without requiring them to migrate to a single vendor ecosystem. Which solution best meets this requirement?
    1. Microsoft 365 Copilot
    2. Google Gemini for Workspace
    3. Amazon Quick
    4. ChatGPT Enterprise
    Show Answer

    Answer: C. – Amazon Quick is designed to be vendor-agnostic with 56+ integrations spanning Microsoft, Google, Salesforce, Snowflake, and others. Microsoft Copilot and Google Gemini are primarily optimized for their own ecosystems. ChatGPT Enterprise has limited native enterprise integrations.

  2. A sales operations team wants to create an AI agent that continuously monitors their CRM for deals inactive for more than 7 days, automatically drafts follow-up suggestions, and flags risks — without any developer involvement. Which Amazon Quick capability should they use?
    1. Quick Flows
    2. Quick Sight scenarios
    3. Autonomous Agents
    4. Quick Automate
    Show Answer

    Answer: C. – Autonomous Agents (launched June 2026) allow users to create agents in natural language that work continuously in the background with specific expertise and tool access — no coding required. Quick Flows handle simpler daily automation. Quick Automate handles multi-step workflows but requires the Enterprise tier. Quick Sight is for BI analytics.

  3. An enterprise security team evaluates AI assistants and requires: (1) user data is never used to train external models, (2) existing data access permissions are respected, and (3) the solution works across tools from multiple vendors. Which statements about Amazon Quick’s security model are correct? (Select TWO)
    1. Quick uses customer data to improve its foundation models for other customers
    2. Quick enforces identity propagation that respects existing ACL permissions from connected data sources
    3. Quick requires all connected data sources to be migrated to AWS S3 first
    4. Quick never uses your data to train someone else’s model
    5. Quick only supports SSO through AWS IAM Identity Center
    Show Answer

    Answer: B, D – Amazon Quick enforces identity propagation and ACL permissions (B) and explicitly guarantees that customer data is never used to train other models (D). It connects to data sources in place without migration (eliminates C). It supports SAML 2.0 providers including Okta and Azure AD (eliminates E).

  4. A company is currently using Amazon Q Business with 40+ connectors configured. They want to take advantage of the new autonomous agents and activity feed features. What is the recommended migration path?
    1. Rebuild the entire configuration from scratch on Amazon Quick
    2. Leverage their existing Q index with Quick Suite to access new capabilities
    3. Wait for automatic migration scheduled for Q4 2026
    4. Deploy a separate Amazon Quick instance alongside Q Business
    Show Answer

    Answer: B. – AWS explicitly states that existing Q Business customers can continue using their current service or leverage their existing Q index with Quick Suite to access new agents for research, insights, and automation — no rebuild required.

  5. An organization needs Amazon Quick for 500 users with full governance, dashboard creation, multi-step workflow automation, and certified assets. They estimate each user will consume approximately 10 agent hours per month. What is the minimum monthly cost? (Select the correct calculation)
    1. 500 × $20 = $10,000/month
    2. 500 × $40 + $250 = $20,250/month
    3. 500 × $40 + $250 + (500 × 2 × $3) = $23,250/month
    4. 500 × $40 + $250 + (500 × 6 × $3) = $29,250/month
    Show Answer

    Answer: C. – Enterprise tier is required for dashboard creation, multi-step automation, and certified assets ($40/user/month × 500 = $20,000). Infrastructure fee is $250/account/month. Enterprise includes 8 agent hours/user/month, so overage is 2 hours/user × 500 users × $3/hour = $3,000. Total: $20,000 + $250 + $3,000 = $23,250/month.

Frequently Asked Questions

What is Amazon Quick?

Amazon Quick is AWS’s enterprise AI assistant that consolidates email, messaging, calendar, and tasks into a single AI-prioritized view. It creates autonomous agents for background work (finance, sales, HR) and connects to 56+ enterprise applications with full security controls.

How does Amazon Quick differ from Q Business?

Amazon Quick is the evolution of Q Business. While Q Business focuses on knowledge Q&A over company data, Quick adds an AI-powered activity feed, autonomous background agents, proactive recommendations, and a desktop application — becoming a full work productivity layer.

Can I create custom agents in Amazon Quick?

Yes. Quick’s autonomous agents require no coding — you define the agent’s expertise, tone, and tool access. Examples include a finance agent processing invoices, a sales agent monitoring CRM interactions, or an HR agent handling onboarding workflows.

References

AWS Transform – AI-Powered Code Modernization

AWS Transform – AI-Powered Code Modernization

📢 AWS Transform – Launched May 2025

AWS Transform is a collaborative enterprise IT transformation workbench powered by agentic AI that accelerates cloud migration, application modernization, and continuous tech debt reduction. Built on 20 years of AWS migration expertise, it deploys specialized AI agents to automate complex tasks like assessments, code analysis, refactoring, dependency mapping, validation, and transformation planning.

Key Milestone (May 2026): 4.5+ billion lines of code processed, 1.6+ million hours of manual effort saved (equivalent to 929 developer years).

What is AWS Transform?

  • AWS Transform is an agentic AI-powered service that modernizes enterprise workloads at scale — including full-stack Windows/.NET applications, mainframe systems, VMware infrastructure, and custom code transformations.
  • It evolved from AWS’s migration and modernization tools (including AWS Migration Hub, AWS Schema Conversion Tool, and Porting Assistant for .NET) into a unified, AI-driven platform.
  • The service uses specialized task agents built on decades of migration experience combined with enterprise-specific context.
  • Agents use goal-driven orchestration ranging from deterministic execution to dynamic plans, with humans in the loop for oversight.
  • Learning capability is built-in at every level — agents continually self-debug, improve outcomes, and provide recommendations.
  • Available through a unified web experience, CLI, IDE integrations (Visual Studio, Kiro, Claude Code, Cursor), and MCP server.
  • Supports collaborative workspaces where architects define target states, developers execute, leads review, and partners deliver at scale.

AWS Transform Key Capabilities

1. AWS Transform for .NET

  • Purpose: Modernize .NET Framework applications to cross-platform .NET (e.g., .NET 8) that runs on Linux.
  • First agentic AI service for modernizing .NET applications at scale — launched GA in May 2025.
  • Ports entire applications including dependencies — handles MVC, WCF, Web APIs, and console applications.
  • Automates code analysis, dependency mapping, compatibility assessment, and refactoring tasks.
  • Accelerates .NET modernization by up to 4x compared to traditional manual approaches.
  • Reduces Windows licensing costs by up to 40% by enabling Linux deployment.
  • Applications run 1.5–2x faster with improved performance and 50% better scalability on Linux.
  • Includes a conversational AI assistant for Visual Studio for developer-level application work.
  • Supports deployment to Amazon EC2 Linux, Amazon ECS, Amazon EKS, and AWS Lambda.
  • Customer Example: Experian modernized 7 legacy .NET applications (687,600 lines of code), saving ~300 engineering days with ~40% developer effort reduction.
  • Customer Example: Signaturit Group cut Windows .NET to Linux migration from 6-8 months to a few days.

2. AWS Transform for Mainframe

  • Purpose: Modernize mainframe workloads (COBOL, PL/I, JCL) to cloud-native applications.
  • Supports multiple modernization patterns: Refactor (automated code conversion) and Reimagine (business logic extraction → cloud-native redesign).
  • Reimagine Capabilities:
    • Extracts business rules from legacy COBOL/PL/I code with full traceability
    • Converts to syntax-independent specifications
    • Generates cloud-native Java microservices with REST APIs and entity mappings
    • Every requirement traces back to source code for auditable transformation decisions
  • Automated Testing: Generates test cases, test data collection scripts, and test automation scripts for validation.
  • Supports IBM z/OS COBOL, VSAM, IMS, DB2, and expanded to PL/I (common in financial services and insurance).
  • Connected assessment-to-code-generation workflow compresses months of discovery into hours.
  • Native integration with Kiro IDE — developers steer forward engineering conversationally.
  • Automates analysis of mainframe codebases: JCL, BMS, COBOL programs, and copybooks.
  • Customer Example: BMW Group reduced test case creation from 10 days to hours, increased test coverage by 60%, and migrated 7 applications in 6 months — targeting 12-month reduction in overall transformation timeline.

3. AWS Transform for SQL Server

  • Purpose: Modernize SQL Server databases to Amazon Aurora PostgreSQL — the successor to AWS Schema Conversion Tool (SCT).
  • Accelerates SQL Server to Aurora PostgreSQL modernization by up to 5x through intelligent schema conversion.
  • Handles the complete migration lifecycle:
    • Schema analysis and conversion
    • Stored procedure transformation to PostgreSQL-compatible format
    • Application code refactoring (Entity Framework configs, connection strings)
    • Data migration
  • Three layers of validation: syntax validation, semantic equivalence, and functional verification with synthetic data.
  • Supports virtual sources so teams don’t need direct production database access to start.
  • Iterative workflow: get an assessment with level of effort → DBAs review and approve → Transform executes.
  • Coordinates database modernization with application code changes simultaneously.

4. AWS Transform Custom

  • Purpose: Learn your organization’s specific patterns and automate transformations across repositories at scale.
  • Transforms any code pattern — version upgrades, runtime migrations, framework transitions, language translations, and architecture decompositions.
  • Pre-built transformations include: Java upgrades, Node.js upgrades, Python upgrades, boto2→boto3, AWS SDK migrations, x86→Graviton, Spring Boot updates, Angular→React, Vue.js upgrades, Log4j→SLF4J, Progress 4GL→Java, ColdFusion→React/Java, and more.
  • Continual Learning: The agent automatically captures patterns, fixes, and edge cases as reusable knowledge items, so transformations get faster and more reliable with every run.
  • Define once, transform everywhere — capture transformation knowledge and execute repeatable tasks across your entire organization.
  • Up to 85% efficacy rate for out-of-the-box transformations (Java, Node.js upgrades).
  • Available via CLI, web experience, Kiro Power, Claude Code, VS Code, and can be embedded in any pipeline.
  • Customer Example: Air Canada achieved 90% efficacy rate and 80% reduction in expected time and costs upgrading thousands of Lambda functions from Node.js 16 to 20.
  • Customer Example: Twitch achieved 70% acceleration on AWS SDK v1→v2 Golang migration across 913 repositories, saving ~2,876 developer days (11 developer years).
  • Customer Example: Coupang transformed 70+ Java applications in 2 months with a team of 5 — a 90% timeline reduction.

5. AWS Transform – Continuous Modernization (Preview, June 2026)

  • Purpose: Always-on, autonomous portfolio management that continuously finds tech debt, fixes it, validates, and learns.
  • Announced at AWS Summit New York 2026 — shifts code transformation from periodic projects into an automated, pipeline-driven practice (CI/CD/CM — Continuous Modernization).
  • Continuous Analysis:
    • Automatically scans code repositories against configurable baselines
    • Generates findings in hours, not weeks
    • Detects end-of-life dependencies, deprecated frameworks, security vulnerabilities
    • Extend with organization-specific policies (approved libraries, internal coding standards)
    • Provides ground truth directly from code — no manual compliance tracking
  • Autonomous Remediation at Scale:
    • Generates pull requests for affected repositories automatically
    • Notifies owning teams with context and proposed fix
    • Teams review, merge, or remediate using their own approach
    • Detects when fixes are in place without manual confirmation
  • Integrations: GitHub organizations, GitLab groups, Bitbucket workspaces, local repositories, AWS CodePipeline, Jenkins, GitHub Actions.
  • Integrates with AWS Security Agent for source-code-level security vulnerability remediation.
  • Available through the AWS Transform web application, Kiro Power, or MCP for integration with existing coding agents.

6. AWS Transform for Full-Stack Windows Modernization

  • Purpose: Coordinated transformation across all layers — application code, UI framework, database, and deployment.
  • Accelerates full-stack Windows modernization by up to 5x using specialized domain-expert agents.
  • Reduces operating costs by up to 70% by moving away from costly Windows/SQL Server licenses.
  • Four Transformation Layers:
    • Application Layer: .NET Framework → cross-platform .NET (Linux-ready)
    • UI Layer: ASP.NET Web Forms → Blazor (modern, cross-platform)
    • Database Layer: SQL Server → Amazon Aurora PostgreSQL (schema + stored procedures + app code)
    • Deployment Layer: Automated CI/CD pipeline generation, CloudFormation templates, ECS/EC2 Linux deployment
  • Unified web experience with natural language interaction for coordinated modernization plans.
  • Agents assess complexity, sequence work into waves, and execute transformations end-to-end with human oversight.
  • Architects can step in at any point to steer decisions without breaking the autonomous flow.
  • Up to 40% better price-performance running modernized apps on AWS Graviton vs. x86 instances.

AWS Transform vs. Manual Refactoring vs. Third-Party Tools

Criteria Manual Refactoring Third-Party Tools (Snyk, SonarQube) AWS Transform
Scope Single app at a time Detection + limited auto-fix Full-stack transformation at scale (code + DB + UI + deployment)
Approach Developer-driven, line by line Rule-based scanning + suggestions Agentic AI with goal-driven orchestration
Speed Months to years per application Fast detection, manual remediation Up to 5x faster end-to-end transformation
Scale Limited by team size Portfolio scanning, per-repo fixes Hundreds of applications in parallel
Learning Tribal knowledge, inconsistent Static rule updates Continual learning from every execution (knowledge items)
Mainframe Support Specialist consulting required Not supported Full COBOL/PL/I → cloud-native with traceability
Database Migration Manual schema + stored proc conversion Not supported Intelligent schema conversion + coordinated app code changes
Continuous Tech Debt Periodic sprints, reactive Continuous detection, manual fix Autonomous detection + remediation + PR generation
Validation Manual testing Linting and SAST Multi-layer: syntax, semantic equivalence, functional verification
Cost Model Engineering headcount Per-developer licensing Pay per transformation job

Customer Results

  • Overall Impact: 4.5+ billion lines of code processed, 1.6+ million hours saved (929 developer years), hundreds of thousands of servers migrated in the first year.
  • BMW Group: Used AWS Transform for mainframe modernization — reduced test case creation from 10 days to hours, increased test coverage by 60%, migrated 7 applications in 6 months.
  • Experian: Modernized 7 .NET Framework applications (687,600 LOC) to .NET 8 using AWS Transform for .NET — saved ~300 engineering days with ~40% developer effort reduction.
  • Air Canada: Upgraded thousands of Lambda functions from Node.js 16 to 20 — achieved 90% efficacy rate and 80% reduction in time/costs. Made AWS Transform their internal standard.
  • Twitch: AWS SDK v1→v2 Golang migration across 913 repositories — 70% acceleration, saving ~2,876 developer days (11 developer years).
  • Coupang: Transformed 70+ Java applications in 2 months with 5 developers — 90% timeline reduction vs. traditional manual approaches.
  • CSL: Planned migrations for thousands of servers in days — a 10x acceleration over prior approaches.
  • ADP: Modernized complex mainframe using Transform’s mainframe and custom capabilities — now scaling for 1.1 million clients with results in weeks.
  • 4 out of 5 customers return to do additional projects; roughly half use multiple transformation capabilities.

How AWS Transform Works – Architecture

  • Expert Task Agents: Dozens of specialized agents for network generation, business rule extraction, .NET porting, schema conversion, etc.
  • Agentic Orchestration: Goal-driven orchestration that adapts per workload — deterministic where precision is needed, dynamic where flexibility is required.
  • Built-in Learning: Knowledge items captured from debugging steps, human input, and code observations improve future executions.
  • Human-in-the-Loop: Teams supervise, approve plans, override decisions, and step in/out of autonomous workflows.
  • Shared Context: Seamless handoffs between stages — no re-entry, no lost progress across web, CLI, and IDE surfaces.
  • Composability: Customers, partners, and ISVs can build custom agents using Agent Builder Toolkit and integrate with AWS Transform via MCP server.

AWS Transform Pricing

  • AWS Transform pricing is based on the specific capability used and transformation scope.
  • Custom transformations are priced per transformation job.
  • Continuous modernization pricing is based on repository connections and remediation volume.
  • Some capabilities (like model-to-model migration assessment) are available at no additional charge beyond standard pricing.
  • Refer to the AWS Transform Pricing page for current details.

AWS Certification Exam Practice Questions

1. A company wants to modernize 200 .NET Framework applications running on Windows Server to reduce licensing costs and improve performance. Which AWS service should they use to accelerate this transformation?

  1. AWS Migration Hub
  2. AWS App2Container
  3. AWS Transform for .NET
  4. AWS Elastic Beanstalk
Show Answer

Answer: C –

Explanation: AWS Transform for .NET is specifically designed to modernize .NET Framework applications to cross-platform .NET at scale, accelerating modernization by up to 4x and reducing Windows licensing costs by up to 40%.

2. An enterprise is modernizing a legacy COBOL mainframe system. They need to convert business logic into cloud-native microservices while maintaining full traceability from source to target. Which AWS Transform capability should they use?

  1. AWS Transform Custom
  2. AWS Transform for .NET
  3. AWS Transform for Mainframe – Reimagine
  4. AWS Transform – Continuous Modernization
Show Answer

Answer: C –

Explanation: AWS Transform for Mainframe’s Reimagine capability extracts business rules from COBOL/PL/I code with full traceability and generates cloud-native Java microservices with REST APIs, maintaining an audit trail from source to modernized code.

3. A platform engineering team manages 2,000+ repositories and wants to continuously detect and remediate tech debt (end-of-life dependencies, deprecated frameworks) without periodic maintenance sprints. Which capability best fits this requirement?

  1. AWS Transform Custom with CLI automation
  2. AWS Transform – Continuous Modernization
  3. Amazon CodeGuru Reviewer
  4. AWS Config Rules
Show Answer

Answer: B –

Explanation: AWS Transform – Continuous Modernization (Preview, June 2026) provides always-on, autonomous tech debt analysis and remediation at scale. It continuously scans repositories, generates prioritized findings, and autonomously creates pull requests for remediation — shifting from periodic projects to CI/CD/CM.

4. A company needs to upgrade Java versions, migrate AWS SDK v1 to v2, and convert Angular to React across hundreds of applications consistently. They want the transformation agent to learn from each execution and improve over time. Which capability should they use?

  1. AWS Transform for Full-Stack Windows Modernization
  2. Amazon Q Developer
  3. AWS Transform Custom
  4. AWS Transform for Mainframe
Show Answer

Answer: C –

Explanation: AWS Transform Custom provides pre-built and custom transformations for diverse code patterns (Java upgrades, SDK migrations, framework transitions). It features continual learning through knowledge items — capturing patterns, fixes, and edge cases from every execution to improve future transformations.

5. An organization is modernizing its Windows technology stack and needs coordinated transformation across .NET applications, ASP.NET Web Forms UI, SQL Server databases, and deployment processes. Which approach provides unified modernization across all layers?

  1. Use separate tools: AWS Transform for .NET + AWS DMS + manual UI rewrite
  2. AWS Transform for Full-Stack Windows Modernization
  3. AWS Elastic Beanstalk with Docker migration
  4. AWS Transform Custom with multiple transformation definitions
Show Answer

Answer: B –

Explanation: AWS Transform for Full-Stack Windows Modernization provides coordinated transformation across all four layers — application (.NET → cross-platform), UI (Web Forms → Blazor), database (SQL Server → Aurora PostgreSQL), and deployment (CI/CD pipeline generation). It uses domain-expert agents in a unified experience for cohesive modernization.

Frequently Asked Questions

What is AWS Transform?

AWS Transform is an agentic AI service for large-scale code modernization. It handles .NET Framework to cross-platform .NET, mainframe COBOL to cloud-native, SQL Server migrations, and custom transformations — having eliminated 1.6M+ hours of manual effort for customers like BMW and Experian.

What is Transform Continuous Modernization?

Launched in June 2026, Continuous Modernization is an always-on capability that autonomously monitors your code repositories, identifies tech debt as it accumulates, fixes it, validates the fix, and integrates with your existing CI/CD pipelines (GitHub Actions, Jenkins, GitLab, CodePipeline).

Can AWS Transform modernize mainframe applications?

Yes. Transform for Mainframe can convert COBOL, PL/I, and other legacy code to cloud-native Java or .NET using its Reimagine capability. It also provides automated testing to validate functional equivalence, reducing modernization timelines from years to months.

References

AWS Context – Knowledge Graph for AI Agents

AWS Context Overview

  • AWS Context is a new service announced at AWS Summit New York City (June 17, 2026) that automatically builds a knowledge graph from your existing organizational data so AI agents can find the right information, provide correct answers, and take the right actions.
  • AWS Context maps the relationships across existing data into a knowledge graph and provides agentic search so AI agents can access governed data relationships, business rules, and domain knowledge at runtime.
  • It eliminates the need to build custom retrieval pipelines, provision infrastructure, or manually wire agents to individual data sources.
  • AWS Context is currently in “Coming Soon” status (as of June 2026).
  • The service is built on the same knowledge graph technology that powers Amazon Quick (formerly Amazon Q), where hundreds of thousands of users interact daily with a production knowledge graph processing millions of requests per day.

Key Features

Automatic Relationship Mapping

  • Automatically infers relationships between data assets, business rules, and domain knowledge across the organization.
  • Understands what tables exist, what’s stored in different columns, which sources are the most authoritative, and how they relate to each other.
  • Data stewards and curators manage the graph through an intuitive console experience, reviewing inferred relationships, promoting them to production, and attaching domain-specific knowledge.

Broad Data Source Connectivity

  • Connects to all organizational data including:
    • Databases (relational, NoSQL, data warehouses)
    • Slack messages and team communications
    • Documents and wikis
    • Emails
    • CRM systems
    • Data lakes, data warehouses, and lakehouses
    • Data streams
  • Designed to connect to third-party catalogs, so context from systems beyond AWS can be brought into the same graph.

Context That Learns (Continuous Learning Loop)

  • AWS Context gets smarter the more agents use it.
  • As agents query the graph, it observes:
    • Which sources produce correct results
    • Which join paths agents rely on
    • Which curated rules get applied
  • Ranks sources by actual usage and shares learnings across the organization.
  • When one agent discovers a correct join path or resolves a schema ambiguity, other agents pick it up automatically without requiring human re-curation.
  • Every agent improves based on the findings of a single query.

Open and Portable by Design

  • All key metadata from structured and unstructured sources is published into Apache Iceberg format in Amazon S3 Tables.
  • Context can be queried with Amazon Athena, Amazon Redshift, Apache Spark, or any Iceberg-compatible engine.
  • Build downstream systems on it, audit it, or migrate it — your context stays fully yours.
  • Agents query it through agentic search APIs and MCP tools, whether built on Amazon Bedrock AgentCore, deployed on Amazon EKS, or running on MCP-compatible frameworks.

Identity-Aware Governance

  • Every query is identity-aware — each call inherits the calling user’s IAM and Lake Formation permissions.
  • An agent can only see and traverse the relationships its identity is authorized to access.
  • Every interaction is auditable — security and compliance teams can verify what an agent accessed and under what authority.
  • Uses the same access controls organizations already rely on (IAM, Lake Formation).

Zero Infrastructure Management

  • No infrastructure to provision — fully managed service.
  • No retrieval pipeline to build — agents navigate the knowledge graph directly.
  • Begin gathering and curating context with just a few clicks in the AWS Management Console.

Architecture & How It Works

  • Knowledge Graph Foundation: Built on the same technology that powers Amazon Quick’s production knowledge graph (catalogs datasets, dashboards, and metadata at scale).
  • From Personal to Organizational: Extends what was a personal knowledge graph (Amazon Quick) into an organizational one — a shared, governed context layer for all agents and applications.
  • Integration Points:
    • AWS Glue Data Catalog
    • Amazon SageMaker Unified Studio
    • AWS Lake Formation
    • Amazon Bedrock AgentCore
    • Amazon Bedrock Managed Knowledge Base
  • Agent Access: Agents query through agentic search APIs and MCP tools — framework agnostic.
  • Data Flow:
    1. AWS Context connects to organizational data sources (databases, documents, Slack, CRMs, etc.)
    2. Automatically maps relationships and infers context
    3. Data stewards review, promote, and curate inferred relationships via console
    4. Metadata published in Iceberg format to S3 Tables
    5. Agents query the graph at runtime with identity-aware permissions
    6. Learning loop continuously improves source ranking and path resolution

Integration with AWS Services

  • Amazon Quick: When AWS Context is enabled, Quick’s agents gain access to the broader enterprise knowledge graph, including cross-system relationships, business rules, and curated context beyond any single user’s personal graph.
  • AWS Glue Data Catalog: Integrates with the knowledge graph; supports new business context, semantic search, and skill assets (preview).
  • Amazon Bedrock Managed Knowledge Base: Plugs into AWS Context to enable agentic search across all structured, unstructured, and domain data.
  • AWS Lake Formation: Provides permission governance layer — agents inherit Lake Formation permissions.
  • Amazon S3 Tables: Stores all metadata in Iceberg format for open, queryable access.
  • Amazon S3 Annotations (GA): Attach rich, queryable business context directly to S3 objects — up to 1 GB of context per object, mutable, and automatically queryable through S3 Metadata.

AWS Context vs. Bedrock Knowledge Bases vs. Neptune vs. Glue Data Catalog

Feature AWS Context Bedrock Knowledge Bases Amazon Neptune AWS Glue Data Catalog
Primary Purpose Organizational knowledge graph for AI agents RAG over unstructured documents General-purpose graph database Metadata catalog for data assets
Data Type Structured + unstructured + institutional knowledge Primarily unstructured (documents, PDFs, web pages) Structured graph data (nodes, edges, properties) Technical metadata (schemas, tables, partitions)
Relationship Handling Automatically infers and learns relationships No explicit relationships — vector similarity only Manually defined graph relationships (RDF/Property Graph) Catalog lineage only — no semantic relationships
Learning/Improvement Continuous learning from agent usage patterns No learning — static retrieval pipeline No learning — requires manual graph updates No learning — manual catalog maintenance
Governance Identity-aware (IAM + Lake Formation per query) Basic access control on knowledge base level IAM-based cluster access Lake Formation fine-grained access
Infrastructure Fully managed — no provisioning needed Managed — requires data ingestion setup Self-managed clusters or serverless (must provision) Managed catalog service
Agent Integration Native agentic search APIs + MCP tools Integrated with Bedrock agents via RAG retrieval Custom integration via query APIs (Gremlin/SPARQL) API-based catalog lookup
Data Sources Databases, Slack, emails, CRMs, documents, streams S3, SharePoint, Confluence, Google Drive, web crawlers Application-loaded graph data AWS data service schemas (S3, RDS, Redshift, etc.)
Metadata Format Apache Iceberg in S3 Tables (open, portable) Vector embeddings in managed/custom vector stores Property Graph / RDF triples Hive-compatible catalog format
Best For Enterprise agents needing cross-system business context QA over document collections (policies, manuals, docs) Complex graph traversal, fraud detection, social networks ETL pipeline management, schema discovery
Use with AI Agents Purpose-built for agents — agents navigate graph directly Agents retrieve relevant chunks via similarity search Agents query graph via custom code Agents discover table metadata only

When to Use Which Service

  • AWS Context: Use when you need agents to understand business relationships across multiple systems — understanding how customer data in your CRM relates to orders in your database and communications in Slack.
  • Bedrock Knowledge Bases: Use when agents need to answer questions from unstructured document collections (policy documents, product manuals, knowledge bases) via RAG.
  • Amazon Neptune: Use when you have complex, explicitly defined graph relationships requiring traversal queries — fraud detection rings, social networks, recommendation engines.
  • AWS Glue Data Catalog: Use for ETL pipeline management, schema discovery, and technical metadata governance across your data lake.
  • Combined Approach: AWS Context integrates with Bedrock Managed Knowledge Base to provide agentic search across all structured, unstructured, and domain data together.

Use Cases

Customer Support Agents

  • A customer support agent triaging an issue needs to pull up purchase history, shipping status, and return eligibility across multiple different sources.
  • With AWS Context, the agent navigates the knowledge graph to find all relevant data without custom integrations per data source.
  • The next time a similar issue arises, the agent knows exactly where to go, reducing resolution time.

Data Analyst Agents

  • Agents can discover authoritative data sources, understand join paths between tables, and know which filters and aggregation rules apply.
  • Business rules (like “always exclude test accounts from revenue calculations”) are captured in the knowledge graph and applied automatically.
  • Reduces time spent searching for the right data and understanding how to use it correctly.

Compliance & Audit Agents

  • Compliance agents can trace data lineage and access patterns across the organization.
  • Every agent interaction is auditable — security teams can verify what was accessed and under whose authority.
  • Identity-aware governance ensures agents only access data they’re authorized to see, maintaining regulatory compliance.

Sales & CRM Agents

  • Agents can see the latest interactions with a customer in the CRM and recommend the best follow-up actions.
  • Cross-referencing emails, Slack conversations, and deal history provides complete customer context.
  • Without context, agents confidently give recommendations that are wrong — AWS Context solves this.

Enterprise Knowledge Management

  • Captures institutional knowledge that has never been written down — business rules, domain expertise, tribal knowledge.
  • Makes organizational wisdom available to every agent, not just the humans who happen to know it.
  • New agents benefit immediately from the accumulated context of the entire organization.

Key Benefits

  • Faster Time to Value: No retrieval pipeline to build, no infrastructure to provision — start with a few clicks.
  • Compounding Intelligence: Gets smarter with every agent interaction across the organization.
  • Reduced Token Consumption: Agents navigate directly to the right information instead of processing large context windows.
  • Enterprise Governance: Built-in identity-aware access control using existing IAM and Lake Formation policies.
  • Open Standards: Iceberg format means no vendor lock-in for metadata — query with any compatible tool.
  • Cross-Agent Learning: One agent’s discovery benefits all agents in the organization.
  • Framework Agnostic: Works with Bedrock AgentCore, EKS-deployed agents, or any MCP-compatible framework.

AWS Certification Exam Practice Questions

Question 1: A company wants to enable its AI agents to access business context from multiple data sources including databases, Slack messages, and CRM systems, with automatic relationship inference and identity-aware governance. The solution should require no infrastructure provisioning. Which AWS service should they use?

  1. Amazon Neptune with GraphRAG
  2. AWS Context
  3. Amazon Bedrock Knowledge Bases
  4. AWS Glue Data Catalog with Lake Formation
Show Answer

Answer: B –

Explanation: AWS Context automatically builds a knowledge graph from existing organizational data (databases, Slack, CRMs, documents, emails), infers relationships, provides identity-aware governance, and requires no infrastructure provisioning. Neptune requires cluster management, Bedrock Knowledge Bases focus on unstructured RAG, and Glue Data Catalog only manages technical metadata.

Question 2: How does AWS Context store its metadata to ensure portability and avoid vendor lock-in?

  1. In Amazon DynamoDB tables with proprietary format
  2. In Amazon Neptune graph database clusters
  3. In Apache Iceberg format in Amazon S3 Tables
  4. In Amazon OpenSearch vector indexes
Show Answer

Answer: C –

Explanation: AWS Context publishes all key metadata from structured and unstructured sources into Apache Iceberg format in Amazon S3 Tables. This open format allows customers to query context with Amazon Athena, Amazon Redshift, Apache Spark, or any Iceberg-compatible engine, ensuring portability and no vendor lock-in.

Question 3: A customer support agent built with AWS Context discovered the correct join path between order data and shipping status. What happens when another agent in the organization faces a similar query?

  1. The other agent must independently discover the same join path
  2. A data engineer must manually configure the path for the other agent
  3. The other agent automatically benefits from the discovered path through the learning loop
  4. The organization must rebuild the knowledge graph to include the new path
Show Answer

Answer: C –

Explanation: AWS Context features a continuous learning loop. When one agent discovers a correct join path or resolves a schema ambiguity, it ranks sources by actual usage and shares what it learns across the organization. Other agents automatically pick up these discoveries without requiring human re-curation.

Question 4: Which of the following statements about AWS Context governance are correct? (Select TWO)

  1. Each query inherits the calling user’s IAM and Lake Formation permissions
  2. All agents have unrestricted access to the entire knowledge graph
  3. Every agent interaction is auditable by security and compliance teams
  4. Governance rules must be configured separately from existing AWS permissions
  5. Access control only applies at the knowledge graph level, not per-query
Show Answer

Answer: A, C

Explanation: AWS Context makes every query identity-aware. Each call inherits the calling user’s IAM and Lake Formation permissions, so an agent can only see relationships its identity is authorized to access. Because access runs through identity, every interaction is auditable — security teams can verify exactly what was accessed and under what authority.

Question 5: A company needs to ground its AI agents in both structured business relationships (from databases and CRMs) AND unstructured documents (policy manuals, product guides). Which approach provides the most comprehensive solution?

  1. Use Amazon Neptune for all data types
  2. Use AWS Context alone for both structured and unstructured data
  3. Use AWS Context integrated with Amazon Bedrock Managed Knowledge Base
  4. Use AWS Glue Data Catalog with Amazon Bedrock Knowledge Bases
Show Answer

Answer: C –

Explanation: AWS Context integrates with Amazon Bedrock Managed Knowledge Base to enable agentic search across all structured, unstructured, and domain data. AWS Context provides the knowledge graph for structured relationships and business rules, while Bedrock Managed Knowledge Base handles unstructured document retrieval — together they provide comprehensive coverage.

Frequently Asked Questions

What is AWS Context?

AWS Context is a service that automatically builds a knowledge graph from your organizational data — databases, documents, Slack messages, CRMs, emails. It infers relationships between data assets and makes them navigable by AI agents with built-in governance controls.

How does AWS Context differ from Bedrock Knowledge Bases?

Bedrock Knowledge Bases provide RAG over unstructured documents (PDFs, web pages). AWS Context builds a structured knowledge graph that understands relationships between entities, business rules, and data lineage across all your systems — giving agents navigational intelligence, not just text retrieval.

Does AWS Context require infrastructure setup?

No. AWS Context is fully managed with no infrastructure to provision and no retrieval pipeline to build. It stores metadata in Iceberg format in S3 Tables and learns continuously from agent interactions to improve accuracy over time.

References

AWS Continuum – AI-Native Security at Machine Speed

AWS Continuum Overview

AWS Continuum is an AI-native security platform announced at AWS Summit New York City on June 17, 2026. It delivers full-lifecycle vulnerability management at machine speed — continuously discovering, prioritizing, validating, and remediating security risks across the software lifecycle, within guardrails you define.

Continuum represents a fundamental shift in how AWS approaches security. The traditional operating model — collect telemetry, store it, query it, build dashboards — can no longer keep pace with the speed at which vulnerabilities emerge. Frontier AI models like Claude Mythos can now autonomously discover zero-day vulnerabilities and reason through complex attack paths at machine speed, creating an exponentially growing backlog that human teams cannot manage alone.

AWS Continuum addresses this by moving from passive monitoring to active reasoning and automated action — telemetry → context → reasoning → actions.

Key Capabilities

1. Continuous Discovery

  • Ingests an organization’s existing vulnerability backlog from multiple sources and scanning tools
  • Performs its own comprehensive vulnerability scans across the full environment
  • Scans both first-party code (your own applications) and third-party dependencies (libraries, packages, containers)
  • Covers infrastructure, permissions, network topology, and application code
  • Creates a comprehensive view of vulnerabilities and associated attack paths
  • Operates continuously rather than on periodic scan schedules

2. Validation

  • Determines which vulnerabilities are genuinely exploitable — not just theoretically risky
  • Contextualizes vulnerabilities against the actual environment configuration
  • Constructs working exploit examples in a sandboxed environment
  • Provides concrete, reproducible evidence of exploitability
  • Surfaces false positives before they waste security team time
  • Dramatically reduces alert fatigue by proving what’s real vs. theoretical

3. Prioritization

  • Evaluates, enriches, and prioritizes every finding using deep environmental context
  • Considers whether the affected component is deployed, reachable, and in a production path
  • Assesses business impact if exploited — blast radius analysis
  • Uses both structured data (infrastructure, permissions, network topology) and unstructured data (documents, communications, business priorities)
  • Produces an evidence-backed priority list so teams focus on what matters most
  • Ranks by exploitability, business context, and blast radius — not just CVSS scores

4. Remediation

  • Assesses existing defenses including blocking controls, compensating controls, and detection mechanisms
  • Recommends mitigation or remediation via network changes, policy changes, or code patches
  • Patch recommendations are validated by the same system that confirmed the vulnerability
  • Provides blast radius visibility and rollback paths where feasible
  • Operates within guardrails you define — you control what actions Continuum can take autonomously
  • Supports graduated trust: starts with human-approved actions, scales to automated enforcement

5. Threat Modeling (Preview)

  • Automatically generates comprehensive threat models from design documents or source code
  • Outputs results in STRIDE format (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege)
  • Performs deep reasoning over architecture, data flows, and trust boundaries
  • Provides prioritized, actionable mitigations across all six STRIDE categories
  • Enables security-by-design before code ships to production
  • Eliminates the manual, time-intensive threat modeling process

6. Model Agnostic Architecture

  • Uses multiple frontier AI models depending on which performs best for each task
  • Built to incorporate the latest and most capable models as they emerge
  • Not locked into a single AI provider — leverages diverse model strengths
  • Different models may excel at code analysis, exploit construction, natural language reasoning, or pattern recognition
  • Ensures Continuum stays at the cutting edge as AI capabilities advance

7. Explainability & Auditability

  • Every recommendation includes the reasoning behind it
  • Every action is auditable with full decision trail
  • Outcomes feed back into the system for continuous improvement
  • Supports compliance and governance requirements with transparent decision-making
  • Enables trust graduation — teams can verify reasoning before expanding automation scope

Continuum Platform Components

Component Status Description
Continuum for Code Vulnerabilities Gated Preview Full lifecycle vulnerability management — discovery, prioritization, validation, remediation
Continuum for Penetration Testing Available On-demand AI-driven pen testing — transforms weeks into hours with reproducible proof
Continuum for Code Scanning Preview Deep security analysis against compliance requirements, exploit patterns, and emerging threat vectors
Continuum for Threat Modeling Preview Automated STRIDE threat models from design docs or source code

Trust Graduation Model

Continuum implements a graduated trust model that puts you in control:

  1. Learn Mode (Default): Continuum proposes actions and a human approves. Every recommendation includes full reasoning and evidence.
  2. Selective Enforcement: You define categories and risk profiles where Continuum can act autonomously (e.g., auto-patch low-risk dependencies).
  3. Full Enforce Mode: Increasingly automated remediation within guardrails you define and can change at any time.

This approach ensures organizations can build confidence incrementally while maintaining compliance with change management processes.

How Continuum Differs from Existing AWS Security Services

AWS Continuum complements rather than replaces existing security services. Here’s how they differ:

Capability Amazon Inspector Amazon GuardDuty AWS Security Hub AWS Continuum
Primary Function Vulnerability scanning Runtime threat detection Findings aggregation & compliance Full lifecycle vulnerability management
Approach Point-in-time scanning Continuous monitoring of runtime behavior Centralized dashboard & compliance checks AI-native continuous reasoning & action
Coverage EC2, ECR, Lambda packages & code VPC Flow Logs, DNS, CloudTrail, EKS, S3 Aggregates from 70+ AWS & partner services Full stack — code, infrastructure, design docs, business context
Validation CVE matching (no exploit proof) Threat intelligence correlation No — surfaces findings as-is Sandbox-based exploit proof (reproducible evidence)
Prioritization CVSS + network reachability Severity levels (Low/Med/High) Severity + compliance framework mapping Business context + exploitability + blast radius
Remediation Suggests patches (manual) None (detection only) Automated responses via EventBridge AI-generated fixes, validated & applied within guardrails
AI-Native No (rule-based) ML-based anomaly detection No Yes — multi-model AI architecture
Lifecycle Stage Pre-deployment & runtime scanning Runtime only Post-detection aggregation Design → Development → Deployment → Runtime

Key Differentiators

  • Inspector tells you what vulnerabilities exist (CVE matching) — Continuum proves which ones are exploitable and fixes them.
  • GuardDuty detects threats at runtime after they happen — Continuum prevents vulnerabilities from reaching production and remediates them when found.
  • Security Hub centralizes findings from multiple services — Continuum ingests those same findings, then reasons over them to prioritize, validate, and resolve.
  • Continuum can consume findings from Inspector, GuardDuty, and Security Hub as inputs to its own reasoning pipeline.

CI/CD Pipeline Integration

AWS Continuum integrates into the software development lifecycle at multiple stages:

Design Phase

  • Threat Modeling: Automatically generates STRIDE threat models from architecture design documents before any code is written
  • Identifies potential attack surfaces and recommends mitigations early in the process

Development Phase

  • Code Scanning: Analyzes code as it’s written against compliance requirements, known exploit patterns, and emerging threat vectors
  • Provides actionable remediation guidance with validated fixes during development

Pre-Deployment (CI Pipeline)

  • Penetration Testing: On-demand pen testing that transforms weeks of manual assessment into hours
  • Multi-step attack scenarios with reproducible proof and ready-to-implement fixes
  • Can be triggered as part of CI pipeline gates before deployment

Post-Deployment (CD Pipeline & Runtime)

  • Continuous Vulnerability Management: Ongoing discovery, prioritization, validation, and remediation of vulnerabilities in running systems
  • Monitors for new CVEs affecting deployed components
  • Automated remediation within defined guardrails (graduated trust)

Feedback Loop

  • Every outcome feeds back into the system — improving future recommendations
  • Findings from runtime inform development-time scanning patterns
  • Maintains security posture between scheduled reviews and audits

Machine Speed Security in an Agentic World

The shift to “machine speed” security is driven by a fundamental asymmetry:

The Problem

  • AI models like Claude Mythos (Anthropic) can autonomously discover zero-day vulnerabilities across every major OS and browser
  • Mythos identified 10,000+ high-severity zero-day vulnerabilities in controlled evaluations, including a 27-year-old bug in OpenBSD
  • These capabilities were not explicitly trained — they emerged from general improvements in code, reasoning, and autonomy
  • The same improvements that make models better at patching vulnerabilities make them better at exploiting them
  • Attackers with access to frontier models can discover and weaponize vulnerabilities in hours or minutes rather than days

Why Traditional Security Fails

  • Manual triage takes days to weeks — AI-discovered vulnerabilities can be exploited in hours
  • Security teams face exponentially growing backlogs they cannot process manually
  • Point-in-time scanning misses the continuous emergence of new threats
  • Dashboard-watching is reactive, not proactive
  • Cross-team coordination for remediation introduces weeks of delay

The Continuum Response

  • Matches attacker speed with defender speed — AI vs. AI
  • Continuous operation eliminates scan-gap exposure windows
  • Automated validation proves exploitability instantly rather than waiting for manual analysis
  • Graduated remediation eliminates coordination bottlenecks
  • Model-agnostic architecture ensures defensive capabilities evolve as fast as offensive ones

Specialized Security Models Changing the Threat Landscape

The emergence of specialized security-focused AI models is fundamentally reshaping cybersecurity:

  • Claude Mythos (Anthropic): Discovered 10,000+ zero-days autonomously; can chain multiple low-severity bugs into high-severity exploit paths; turns N-day vulnerabilities into N-hour exploits
  • Defensive applications: AWS partnered with Anthropic through Project Glasswing to use Mythos defensively — fixing vulnerabilities before they can be exploited
  • The dual-use challenge: Every advancement in AI reasoning benefits both attackers and defenders — making automated defense non-optional
  • AWS Continuum leverages these same frontier models defensively, using them to find and fix vulnerabilities before adversaries can exploit them

Architecture & Data Sources

Continuum reasons over the full environment using two categories of data:

Structured Data (Already in AWS)

  • Infrastructure configuration and topology
  • IAM permissions and access policies
  • Network topology and connectivity
  • Application code and dependencies
  • Existing security findings (Inspector, GuardDuty, Security Hub, third-party tools)

Unstructured Data (Organizational Context)

  • Documents and design specifications
  • Communications and business priorities
  • Risk profiles and compliance requirements
  • Organizational policies and change management processes

This dual-data approach allows Continuum to understand business context rather than applying generic rules uniformly — built on lessons from securing AWS and Amazon.com across different industries.

Design Partners & Availability

  • Status: Gated Preview (as of June 2026)
  • Design Partners: Capital One, MongoDB, Rivian, Robinhood
  • Industries: Financial services, automotive, technology
  • Initial Scope: First-party and third-party code vulnerabilities, expanding to other security domains

AWS Certification Exam Practice Questions

Question 1

A security team receives thousands of vulnerability findings weekly from multiple scanning tools. They spend 80% of their time triaging findings that turn out to be false positives or unexploitable in their environment. Which AWS service specifically addresses this problem by proving exploitability with reproducible evidence in a sandboxed environment?

  1. Amazon Inspector with enhanced scoring
  2. AWS Security Hub with automated workflows
  3. AWS Continuum for code vulnerabilities
  4. Amazon GuardDuty with threat intelligence
Show Answer

Answer: C –

Explanation: AWS Continuum validates findings by constructing working exploit examples in a sandboxed environment, providing concrete reproducible evidence of exploitability. This specifically addresses the false positive problem. Inspector provides CVE matching without exploit proof, Security Hub aggregates findings without validation, and GuardDuty detects runtime threats rather than validating code vulnerabilities.

Question 2

An organization wants to automatically generate threat models from their architecture design documents before development begins, with output in an industry-standard format. Which AWS Continuum capability should they use?

  1. Continuum for Code Scanning
  2. Continuum for Penetration Testing
  3. Continuum for Threat Modeling
  4. Continuum for Code Vulnerabilities
Show Answer

Answer: C –

Explanation: Continuum for Threat Modeling automatically generates comprehensive threat models from design documents or source code and outputs results in STRIDE format (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege). This enables security-by-design in the earliest stages of development.

Question 3

A company wants to implement AWS Continuum but their compliance team requires that all automated remediation actions be explainable and auditable. They also want to start with human approval and gradually increase automation. How does Continuum address these requirements? (Choose TWO)

  1. Continuum operates only in fully automated mode for maximum speed
  2. Continuum starts in learn mode with human-in-the-loop approval
  3. Every recommendation includes the reasoning behind it for auditability
  4. Continuum requires manual configuration of AI model parameters
  5. Automated actions cannot be restricted once Continuum is deployed
Show Answer

Answer: B, C

Explanation: Continuum implements a graduated trust model. It starts in learn mode where a human approves every action, and every recommendation includes its full reasoning. Organizations can graduate to enforce mode over time, defining categories and risk profiles for autonomous action. Trust can be adjusted at any time, and all decisions remain auditable.

Question 4

How does AWS Continuum’s approach to vulnerability prioritization differ from Amazon Inspector’s prioritization? (Choose the BEST answer)

  1. Continuum uses CVSS scores while Inspector uses custom scoring
  2. Continuum prioritizes based on business context, exploitability proof, and blast radius analysis using both structured and unstructured organizational data
  3. Continuum only prioritizes based on network reachability
  4. Both services use identical prioritization algorithms
Show Answer

Answer: B –

Explanation: AWS Continuum prioritizes findings using deep environmental and business context — including structured data (infrastructure, permissions, network topology) and unstructured data (documents, business priorities, risk profiles). It considers whether components are deployed, reachable, in production paths, and what the business impact would be. Inspector uses CVSS scores enhanced with network reachability but doesn’t incorporate business context or prove exploitability.

Question 5

A DevSecOps team wants to integrate security checks at every stage of their CI/CD pipeline. Which combination of AWS Continuum capabilities covers the full pipeline from design through runtime? (Choose the BEST answer)

  1. Continuum for Code Scanning at all stages
  2. Threat Modeling (design) → Code Scanning (development) → Penetration Testing (pre-deployment) → Code Vulnerabilities (runtime)
  3. Penetration Testing only — it covers all stages
  4. Code Vulnerabilities at design phase, Threat Modeling at runtime
Show Answer

Answer: B –

Explanation: The full Continuum pipeline maps to the development lifecycle: Threat Modeling generates STRIDE models from design docs during architecture/design; Code Scanning analyzes code during development against compliance and exploit patterns; Penetration Testing validates security with multi-step attack scenarios pre-deployment; and Code Vulnerabilities provides continuous lifecycle management for deployed systems. Each capability feeds findings into the broader Continuum reasoning loop.

Frequently Asked Questions

What is AWS Continuum?

AWS Continuum is an AI-native security service announced at AWS Summit NYC 2026 that manages the full lifecycle of code vulnerabilities at machine speed — continuously discovering, validating exploitability, prioritizing by business context, and remediating within guardrails you define.

How does Continuum differ from AWS Inspector?

Inspector performs point-in-time vulnerability scanning and reports findings. Continuum goes further — it validates which vulnerabilities are genuinely exploitable, prioritizes by real business risk, and can autonomously remediate them within your defined guardrails using AI agents.

What is Continuum Threat Modeling?

Continuum Threat Modeling automatically generates comprehensive threat models from design documents or source code, outputting results in industry-standard formats. It replaces manual threat modeling sessions that typically take days with AI-generated models in minutes.

References

Amazon Q Business – Enterprise AI Assistant Guide

Amazon Q Business Overview

  • Amazon Q Business is a fully managed, generative AI-powered enterprise assistant built on Amazon Bedrock that answers questions, provides summaries, generates content, and completes tasks based on enterprise data.
  • Provides permissions-aware responses with citations from enterprise data sources for use cases such as IT helpdesk, HR, benefits, and compliance.
  • Supports Retrieval Augmented Generation (RAG) — combining enterprise knowledge retrieval with LLM-powered response generation.
  • Integrates with 40+ data source connectors, built-in and custom plugins, and Amazon Q Apps for citizen-developed AI applications.
  • Available through a web experience, browser extensions (Chrome, Firefox, Edge), Slack, and Microsoft Teams integrations.
  • Important: Amazon Q Business will no longer be open to new customers starting July 31, 2026. Existing customers remain fully supported. AWS recommends migrating to Amazon Quick for similar and enhanced capabilities.

Amazon Q Business Architecture

Amazon Q Business Architecture

Core Components

  • Application
    • Top-level container that encapsulates the entire Q Business deployment.
    • Each application has its own configuration, data sources, plugins, guardrails, and web experience.
    • Linked to an IAM Identity Center instance or IAM Federation for user authentication.
    • Supports both authenticated (IAM Identity Center/IAM Federation) and anonymous access modes.
  • Index
    • Stores and organizes ingested enterprise documents for retrieval.
    • Two index types available:
      • Starter Index — runs in 1 AZ, ideal for proof-of-concept; includes 20,000 documents or 200 MB extracted text capacity and 100 hours connector usage.
      • Enterprise Index — runs across 3 AZs for high availability; same base capacity with support for customer managed key (CMK) encryption.
    • Capacity can be scaled by adding additional index units.
  • Retriever
    • Responsible for fetching relevant documents from the index to answer user queries.
    • Two retriever options:
      • Native Retriever — built-in retriever managed by Amazon Q Business with semantic search capabilities.
      • Amazon Kendra Retriever — uses an existing Amazon Kendra index for retrieval, ideal for organizations already using Kendra with advanced search tuning.
  • Data Sources
    • Connectors that crawl, ingest, and synchronize enterprise content into the index.
    • Support scheduled sync (incremental and full) to keep index current.
    • Crawl Access Control Lists (ACLs) by default for document-level security.
  • Web Experience
    • Managed chat interface for end users to interact with Amazon Q Business.
    • Customizable with organization branding, visual themes, and conversation starters.
    • Supports single sign-on (SSO) via IAM Identity Center.
    • Can be embedded directly into applications and websites.

How RAG Works in Q Business

  1. User submits a natural language query through the web experience or integration.
  2. The retriever searches the index for relevant enterprise documents.
  3. ACLs are evaluated to ensure the user has permission to access retrieved documents.
  4. Retrieved documents (with citations) are passed to the underlying LLM.
  5. The LLM generates a comprehensive, contextual response grounded in enterprise data.
  6. Response is returned with source citations for verification.

Data Source Connectors

  • Amazon Q Business provides 40+ pre-built connectors to synchronize data from enterprise content repositories.
  • Connectors can be scheduled for automatic sync (full or incremental) to keep the index up-to-date.
  • All connectors crawl ACLs by default to maintain document-level security.

Cloud Storage & File Systems

Connector Description
Amazon S3 Indexes documents stored in S3 buckets. Supports PDF, HTML, Word, PowerPoint, Excel, CSV, and text files. Configurable with prefix filters.
Amazon FSx for Windows Indexes documents from FSx Windows file shares with NTFS ACL support.
Box Crawls files, folders, comments, and tasks from Box enterprise accounts.
Dropbox Indexes files, paper documents, and shared folders from Dropbox Business accounts.
Google Drive Crawls Google Docs, Sheets, Slides, PDFs, and shared drives with Google Workspace ACL support.
Microsoft OneDrive Indexes personal and shared files from Microsoft 365 OneDrive accounts.

Collaboration & Productivity

Connector Description
Confluence (Cloud) Crawls spaces, pages, blogs, comments, and attachments from Atlassian Confluence Cloud.
Confluence (Server) Indexes on-premises Confluence Server/Data Center instances.
Microsoft SharePoint (Cloud) Crawls sites, document libraries, lists, and pages from SharePoint Online with Microsoft 365 ACLs.
Microsoft SharePoint Server Supports SharePoint Server 2016, 2019, and Subscription Edition for on-premises deployments.
Microsoft Teams Indexes channel messages, files, wikis, and meeting notes from Teams.
Slack Crawls public and private channel messages, threads, and shared files.
Smartsheet Indexes sheets, reports, and dashboards from Smartsheet workspaces.
Quip Crawls documents, spreadsheets, and chat threads from Salesforce Quip (legacy connector).

Communication & Email

Connector Description
Gmail Indexes email messages and attachments from Google Workspace Gmail accounts.
Google Calendar (Preview) Crawls calendar events and descriptions from Google Workspace.
Microsoft Exchange Indexes emails, calendar events, contacts, and attachments from Exchange Online.

Project Management & ITSM

Connector Description
Jira Crawls issues, projects, comments, attachments, and worklogs from Jira Cloud.
ServiceNow Online Indexes knowledge articles, incidents, catalog items, and attachments from ServiceNow.
Zendesk Crawls tickets, articles, comments, and community posts from Zendesk.
Asana (Preview) Indexes tasks, projects, and comments from Asana workspaces.

CRM & Business Applications

Connector Description
Salesforce Online Crawls knowledge articles, accounts, cases, opportunities, feeds, and custom objects.

Source Code & Development

Connector Description
GitHub (Cloud) Indexes repositories, issues, pull requests, READMEs, and wiki pages from GitHub.com.
GitHub (Server) Crawls on-premises GitHub Enterprise Server instances.

Web & Custom

Connector Description
Amazon Q Web Crawler Crawls and indexes content from specified websites with configurable depth and URL filters.
Custom Data Source Connector Enables integration with any data source using the Amazon Q Business API. Developers push documents programmatically via BatchPutDocument API.

Database Connectors (via Custom Connector)

  • Database sources like MySQL, PostgreSQL, and Oracle can be integrated using the Custom Data Source Connector.
  • Developers extract data from databases, format as documents, and push to Q Business via the BatchPutDocument API.
  • Supports any structured data source that can be programmatically accessed.

Plugins & Actions

  • Plugins enable Amazon Q Business users to perform actions in third-party applications directly from the chat interface.
  • Users can create tickets, update records, send notifications, and query application data using natural language.
  • Plugins are only available with the Pro subscription tier.
  • Amazon Q Business supports 50+ action types across built-in and custom plugins.

Built-in Plugins

Plugin Capabilities
Jira Cloud Create issues, update status, add comments, assign tickets, search issues, transition workflows
ServiceNow Create/update incidents, search knowledge base, manage change requests, catalog items
Zendesk Create/update tickets, search articles, manage users, add comments
Salesforce Create/update cases, search accounts and contacts, manage opportunities
PagerDuty Create/acknowledge/resolve incidents, manage on-call schedules, escalation policies
Smartsheet Create/update rows, search sheets, manage attachments, update cells

Custom Plugins

  • Custom plugins allow integration with any third-party application using an OpenAPI schema definition.
  • Steps to create a custom plugin:
    1. Define an OpenAPI 3.0 specification describing the API endpoints, parameters, and responses.
    2. Configure authentication (OAuth 2.0, API key, or no auth).
    3. Upload the schema to Amazon Q Business and configure the plugin.
    4. Amazon Q Business automatically discovers available actions from the schema.
  • Use cases: submit time-off requests, send meeting invites, query internal APIs, trigger CI/CD pipelines.
  • Custom plugins support OAuth 2.0 authorization code flow for secure per-user authentication.

Chat Orchestration

  • Amazon Q Business automatically orchestrates end user chat requests across configured plugins and data sources.
  • Determines whether a query requires knowledge retrieval, plugin action execution, or both.
  • Enables multi-step workflows combining data retrieval and actions in a single conversation.

Amazon Q Apps

  • Amazon Q Apps enables users to build lightweight, purpose-built AI applications without any coding — empowering citizen developers.
  • Available exclusively to Pro subscription users (since July 1, 2024).
  • Users create Q Apps directly from the web experience interface using natural language descriptions or by converting chat conversations into reusable apps.

App Builder

  • Q Apps are composed of cards — modular building blocks that define inputs, processing, and outputs:
    • Text Input Card — accepts user text input
    • File Upload Card — allows file uploads (up to 10 MB per card)
    • Query Card — sends a prompt to the LLM with optional enterprise data context
    • Output Card — displays generated responses
  • Cards can be connected in sequence to create multi-step workflows.
  • Apps can leverage enterprise data sources configured in the Q Business application.

Sharing & Permissions

  • Private sharing — share apps with specific users within the Q Business application environment.
  • Library publishing — publish apps to the organization’s app library for broader discovery.
  • App creators control visibility and access at a granular level.
  • Administrators can enable/disable Q Apps at the application level.

Data Collection

  • Q Apps support data collection forms that allow shared apps to collect structured data from multiple users.
  • Useful for surveys, feedback collection, intake forms, and structured workflows.

Example Use Cases

  • Meeting summary generator — upload meeting notes, get action items and summaries
  • RFP response assistant — input requirements, generate proposal drafts from company knowledge
  • Onboarding checklist app — guide new hires through company policies and procedures
  • Competitive analysis tool — input competitor info, get insights from internal research documents

Admin Controls & Guardrails

  • Amazon Q Business provides configurable guardrails (chat controls) to manage and control the end user chat experience.
  • Controls are organized into global controls and topic-level controls.

Global Controls

  • Response source controls — specify whether responses use:
    • Enterprise data only (strict RAG mode)
    • Enterprise data + LLM model knowledge (when enterprise data lacks answers)
  • Blocked phrases — define specific words or phrases that Amazon Q Business must never include in responses.
  • File upload control — enable or disable end user file uploads during chat sessions.
  • Chat personalization — control whether responses are personalized using IAM Identity Center user attributes (address, job info).
  • Chat orchestration — enable/disable automatic routing of requests across plugins and data sources.
  • Hallucination detection — enable automatic checking and correction of responses for inconsistencies.
  • Global controls cannot be created or deleted — only updated.

Topic-Level Controls

  • Define natural language topics that Amazon Q Business should handle in specific ways.
  • For each topic, configure:
    • Topic description — natural language description of the topic area
    • Example user messages — sample queries that fall under this topic
    • Response behavior:
      • Allow responses from enterprise data only
      • Allow responses from enterprise data + model knowledge
      • Block the topic entirely (refuse to answer)
    • Custom response message — provide a specific response for blocked topics
  • Topic controls can be scoped to specific users and groups for fine-grained governance.

Blocked Topics

  • Administrators can block entire topics to prevent the assistant from discussing sensitive subjects.
  • Common blocked topics: competitor information, executive compensation, unreleased products, legal opinions.
  • When a blocked topic is detected, Q Business returns the configured custom response message.

Access Control & Security

  • Amazon Q Business implements defense-in-depth security with multiple layers of access control.
  • Built on Amazon Bedrock, inheriting automated abuse detection and responsible AI controls.

IAM Identity Center Integration

  • AWS IAM Identity Center (recommended) provides centralized identity management for Q Business.
  • Supports single sign-on (SSO) with external identity providers (Okta, Azure AD, Ping Identity, etc.).
  • Manages user subscriptions, group memberships, and application access centrally.
  • Enables automatic subscription deduplication across multiple Q Business applications sharing the same Identity Center instance.
  • IAM Federation (alternative) — supports OIDC and SAML identity providers for organizations not using Identity Center.

Document-Level Security (ACL Crawling)

  • Amazon Q Business crawls Access Control Lists (ACLs) from data sources by default.
  • Maps source system users/groups to IAM Identity Center identities via a User Store.
  • Ensures users only receive answers from documents they have permission to access in the source system.
  • ACL crawling supports:
    • User-level permissions
    • Group-level permissions
    • Inherited permissions (folder hierarchies)
  • Once ACL crawling is enabled, it cannot be disabled — this is a permanent setting.
  • Documents without ACL entries are accessible to all authenticated users by default.

Encryption

  • Encryption at rest — all data in the index is encrypted using AWS KMS keys.
  • Customer Managed Keys (CMK) — supported with Enterprise index type for full key control.
  • Encryption in transit — all communications use TLS 1.2+.
  • Data source credentials stored securely in AWS Secrets Manager.

Network Security

  • Amazon Q Business supports VPC endpoints (AWS PrivateLink) for private connectivity.
  • Data source connections can traverse VPCs for on-premises connectors.
  • All API calls are logged in AWS CloudTrail for auditing.

Subscription Management

  • Amazon Q Business uses a per-user subscription model with charges for both user subscriptions and index capacity.

User Subscription Tiers

Feature Lite Plan ($3/user/month) Pro Plan ($20/user/month)
Ideal for Enterprise-wide deployment, frontline workers Knowledge workers, power users
Q&A on knowledge bases ✅ With citations ✅ With citations
Q&A on LLM knowledge
File upload to chat
Content generation
Amazon Q Apps
Built-in plugins
Custom plugins
Slack/Teams integrations Browser extensions only ✅ Full integrations
QuickSight integration ✅ Reader Pro
Chat orchestration
Web experience (SSO)
Permissions-aware responses

Index Pricing

Index Type Pricing Included Capacity
Starter $0.14/hour per unit 20,000 docs or 200 MB text, 100 hrs connector usage
Enterprise $0.264/hour per unit 20,000 docs or 200 MB text, 100 hrs connector usage + CMK support

Subscription Billing Details

  • Charges start only after first use by the user.
  • Subscriptions are prorated when created or upgraded (based on remaining days in the month).
  • Cancellations and downgrades are not prorated — they apply at the start of the next billing month.
  • AWS deduplicates subscriptions across Q Business applications sharing the same IAM Identity Center instance — each user is charged only once at their highest subscription level.
  • For IAM Federation, users are charged once per IAM Identity Provider.

Amazon Q Business vs Bedrock Knowledge Bases vs Amazon Kendra

Feature Amazon Q Business Bedrock Knowledge Bases Amazon Kendra
Primary Purpose Enterprise AI assistant (turnkey RAG + actions) Managed RAG for custom AI applications Intelligent enterprise search
Target User Business users & admins (no-code) Developers building AI apps Developers & search admins
Built-in Chat UI ✅ Web experience, browser extensions ❌ (requires custom UI) ❌ (search UI only, needs custom chat)
Data Connectors 40+ managed connectors S3, Confluence, SharePoint, Web Crawler, Google Drive, OneDrive 30+ managed connectors
Retrieval Method Native or Kendra retriever Vector search (OpenSearch, Pinecone, etc.) Semantic + keyword search
LLM Integration Built-in (managed by AWS) Choose any Bedrock FM Requires custom LLM integration
Plugins/Actions ✅ Built-in + custom (OpenAPI) ✅ Via Bedrock Agents
Citizen Developer Apps ✅ Q Apps
Access Control ACL crawling, IAM Identity Center Metadata filtering ACL crawling, token-based
Admin Guardrails ✅ Topic controls, blocked phrases ✅ Bedrock Guardrails (separate) ❌ (search-level only)
Pricing Model Per user/month + index capacity Per KB storage + retrieval queries Per index hour + connector usage
Best For Rapid enterprise AI assistant deployment Custom RAG applications with specific FMs Enterprise search with NLP ranking
Availability Status Closing to new customers July 31, 2026 (migrate to Amazon Quick) GA, actively developed Closing to new customers (migrate to Quick)

Use Cases

Internal Knowledge Base

  • Connect company wikis, SharePoint, Confluence, and file shares to provide instant answers about policies, procedures, and institutional knowledge.
  • Reduce time employees spend searching across multiple systems.
  • Maintain permissions — users only see information they’re authorized to access.

IT Helpdesk

  • Index IT documentation, runbooks, and knowledge articles from ServiceNow.
  • Use plugins to create/update tickets directly from the chat interface.
  • Automate common L1 support queries (password resets, VPN setup, software installation guides).
  • Escalate complex issues by creating tickets with pre-populated context.

HR Assistant

  • Answer employee questions about benefits, PTO policies, expense procedures, and onboarding.
  • Connect to HR systems via plugins for actions like submitting time-off requests.
  • Reduce HR ticket volume by providing instant self-service answers.
  • Use topic-level controls to block sensitive HR topics (individual salaries, disciplinary actions).

Customer Support (Internal)

  • Equip support agents with instant access to product documentation, troubleshooting guides, and customer history.
  • Reduce average handle time by surfacing relevant solutions in real-time.
  • Create Zendesk/Salesforce tickets with full context directly from the assistant.

Compliance & Legal Q&A

  • Index regulatory documents, compliance policies, audit reports, and legal guidelines.
  • Provide rapid answers about compliance requirements with document citations.
  • Use guardrails to ensure responses don’t constitute legal advice (blocked topic with custom message).
  • Maintain strict access controls — only compliance team members can access sensitive regulatory documents.

Migration to Amazon Quick

  • AWS announced that Amazon Q Business will no longer accept new customers starting July 31, 2026.
  • Existing customers remain fully supported with bug fixes and security updates, but no new features.
  • AWS recommends migrating to Amazon Quick — the next evolution of Q Business with enhanced capabilities.
  • Amazon Quick provides:
    • Quick Flows — workflow automation (replacing Q Apps)
    • QuickSight integration — structured data analysis and visualization
    • Quick Research — in-depth analysis and expert insights
    • Spaces — unified knowledge management
    • MCP (Model Context Protocol) — open standard for connecting to external tools and data sources
  • Migration path: Use Bring Your Own Index (BYOI) to connect existing Q Business index to Quick without disrupting current operations.
  • Q Apps must be manually migrated to Quick Flows.
  • Guardrails and User Store configurations are not included in BYOI — must be recreated in Quick.

AWS Certification Exam Practice Questions

Question 1: A company wants to deploy Amazon Q Business for their 5,000 employees. Frontline workers need basic Q&A access, while 200 knowledge workers need full capabilities including content generation and plugins. What is the most cost-effective subscription approach?

  1. Subscribe all 5,000 users to Pro plan
  2. Subscribe 4,800 users to Lite plan and 200 users to Pro plan
  3. Subscribe all users to Lite plan and upgrade on request
  4. Use anonymous access for all users to avoid subscription costs
Show Answer

Answer: B –

Explanation: The Lite plan ($3/user/month) provides Q&A on knowledge bases with citations and permissions-aware responses, sufficient for frontline workers. The Pro plan ($20/user/month) adds content generation, plugins, Q Apps, and integrations needed by knowledge workers. This gives $14,400/month for Lite users + $4,000/month for Pro users = $18,400/month vs. $100,000/month for all Pro.

Question 2: An organization uses Amazon Q Business with documents stored across SharePoint, Confluence, and S3. A user asks a question, but receives no answer despite the information existing in Confluence. What is the MOST likely cause?

  1. The Confluence connector has not completed its sync schedule
  2. The user does not have ACL permissions to access the Confluence document
  3. Amazon Q Business does not support Confluence as a data source
  4. The Enterprise index type is required for multiple data sources
Show Answer

Answer: B –

Explanation: Amazon Q Business crawls ACLs by default and provides permissions-aware responses. If a user doesn’t have access to a document in the source system (Confluence), Q Business will not include that document in its response, even if the information exists. Option A is possible but less likely if the connector is configured for regular syncs.

Question 3: A company wants to prevent Amazon Q Business from answering questions about competitor pricing and executive compensation. Which feature should the administrator configure?

  1. IAM policies to restrict user access
  2. Global controls with blocked phrases
  3. Topic-level controls with blocked topic behavior
  4. Remove all documents mentioning competitors from data sources
Show Answer

Answer: C –

Explanation: Topic-level controls allow administrators to define natural language topics (e.g., “competitor pricing,” “executive compensation”) and configure blocked behavior with custom response messages. Global blocked phrases only block specific words/phrases in responses, not entire topics. Topic-level controls provide more comprehensive governance over sensitive subjects.

Question 4: A development team wants Amazon Q Business users to create Jira tickets directly from the chat interface when they encounter issues. Which component is needed?

  1. Jira data source connector
  2. Jira built-in plugin
  3. Custom data source connector with Jira API
  4. Amazon Q Apps with Jira integration
Show Answer

Answer: B –

Explanation: The Jira built-in plugin enables users to perform actions (create issues, update status, add comments) in Jira directly from the Q Business chat interface. The Jira data source connector is for indexing/reading Jira content, not performing actions. Plugins enable write operations while connectors enable read/index operations.

Question 5: An organization is evaluating whether to use Amazon Q Business or Amazon Bedrock Knowledge Bases for their enterprise AI assistant. They need a turnkey solution with built-in chat UI, 40+ data connectors, no-code setup, and citizen developer app capabilities. Which service best fits their requirements?

  1. Amazon Bedrock Knowledge Bases with custom UI
  2. Amazon Q Business
  3. Amazon Kendra with custom LLM integration
  4. Amazon Bedrock Agents with Confluence connector
Show Answer

Answer: B –

Explanation: Amazon Q Business provides all requested capabilities: built-in web experience chat UI, 40+ managed data connectors, no-code admin setup, and Q Apps for citizen developers. Bedrock Knowledge Bases requires custom UI development and has fewer native connectors. Kendra provides search but not a conversational AI assistant. Q Business is the fully managed turnkey enterprise AI assistant solution.

Frequently Asked Questions

What is Amazon Q Business?

Amazon Q Business is a fully managed generative AI assistant for enterprises. It connects to 40+ data sources (SharePoint, Confluence, Salesforce, etc.), understands your company’s information, and provides accurate answers with citations while respecting existing access controls.

How much does Amazon Q Business cost?

Q Business Lite costs $3/user/month (Q&A and search only). Q Business Pro costs $20/user/month (includes plugins, actions, Q Apps, and advanced features). There’s also a per-index-unit and document storage charge.

What is the difference between Q Business and Bedrock Knowledge Bases?

Q Business is a ready-to-use enterprise assistant with built-in web UI, 40+ connectors, plugins, and admin controls. Bedrock Knowledge Bases is a developer building block for custom RAG applications that you integrate into your own apps via API.

References

Amazon Bedrock Agents & Knowledge Bases – Complete Guide [2026]

Amazon Bedrock Agents, Knowledge Bases & Guardrails – Complete Guide

Amazon Bedrock provides a comprehensive platform for building, deploying, and managing generative AI applications. This deep-dive guide covers the advanced capabilities of Bedrock’s key components: Knowledge Bases for RAG, Agents for autonomous task execution, AgentCore for production deployment, Guardrails for safety, Model Evaluation, Fine-tuning, and Prompt Management.

Amazon Bedrock Knowledge Bases

Amazon Bedrock Knowledge Bases is a fully managed RAG (Retrieval-Augmented Generation) capability that connects foundation models to proprietary data sources. It handles the entire workflow from data ingestion, chunking, embedding, storage, to retrieval and prompt augmentation.

Knowledge Base Types

  • Custom Knowledge Base – You choose the vector store, embedding model, chunking strategy, and data sources. Provides full control over the RAG pipeline.
  • Managed Knowledge Base (GA June 2026) – Amazon Bedrock manages the underlying infrastructure including vector storage, embeddings, re-ranking, and retrieval optimization. Supports auto-scaling, agentic retrieval for multi-hop reasoning, and multimodal data ingestion.

Data Sources

  • Amazon S3 – Primary data source supporting documents in PDF, TXT, MD, HTML, CSV, DOC/DOCX, XLS/XLSX, and JSON formats.
  • Confluence – Connects to Atlassian Confluence workspaces for ingesting wiki pages and documentation.
  • Microsoft SharePoint – Ingests documents from SharePoint Online sites and libraries.
  • Salesforce – Connects to Salesforce objects like Knowledge Articles and custom objects.
  • Web Crawler – Crawls and ingests web pages from specified URLs with configurable depth and scope.
  • Google Drive – Connects to Google Drive for document ingestion (Managed KB).
  • OneDrive – Connects to Microsoft OneDrive (Managed KB).

Chunking Strategies

  • Default Chunking – Splits content into chunks of approximately 300 tokens, honoring sentence boundaries.
  • Fixed-size Chunking – Splits content into chunks of a user-defined token size (1–8192 tokens) with configurable overlap percentage for context continuity.
  • Semantic Chunking – Groups text by meaning using embedding similarity. Breakpoints are created when semantic similarity between consecutive sentences drops below a threshold. Produces more coherent chunks but is computationally more expensive.
  • Hierarchical Chunking – Creates parent-child chunk relationships. Parent chunks provide broader context while child chunks contain specific details. During retrieval, child chunks are returned with parent context for better comprehension.
  • No Chunking – Treats each document as a single chunk. Best for short documents or pre-chunked data.

Embedding Models

  • Amazon Titan Text Embeddings V2 – AWS native model supporting configurable output dimensions (256, 512, or 1024). Supports text normalization and multiple languages. Optimized for RAG workloads with high accuracy-to-cost ratio.
  • Cohere Embed – Multilingual embedding model available in English and multilingual variants. Supports input types (search_document, search_query) for optimized retrieval.
  • Amazon Titan Multimodal Embeddings – Supports both text and image embeddings in a unified vector space.

Vector Stores

  • Amazon OpenSearch Serverless – Default option with serverless scaling. Supports hybrid search (semantic + keyword), metadata filtering, and automatic index management.
  • Amazon OpenSearch Service (Managed Cluster) – Added March 2025. Provides more control over cluster configuration, instance types, and scaling policies.
  • Amazon Aurora PostgreSQL – Uses pgvector extension. Supports hybrid search (added April 2025) and integrates with existing Aurora databases.
  • Pinecone – Third-party managed vector database with serverless and pod-based options.
  • Redis Enterprise Cloud – In-memory vector store for low-latency retrieval.
  • MongoDB Atlas – Document database with vector search capabilities. Supports hybrid search (added April 2025).
  • Amazon Neptune Analytics – Graph + vector search for knowledge graph use cases.
  • Amazon S3 – Added July 2025 for cost-effective vector storage with S3-native retrieval.

Hybrid Search

  • Combines semantic (vector) search with keyword (lexical) search for improved retrieval accuracy.
  • Semantic search captures meaning and handles paraphrasing; keyword search handles exact matches, names, and codes.
  • Supported on OpenSearch Serverless, OpenSearch Managed Clusters, Aurora PostgreSQL (April 2025), and MongoDB Atlas (April 2025).
  • Results are combined using Reciprocal Rank Fusion (RRF) to produce a unified ranking.

Metadata Filtering

  • Each document can have a metadata JSON file (up to 10 KB) with custom attributes.
  • Filters are applied as pre-filtering before vector search, reducing the search space.
  • Supports operators: equals, notEquals, greaterThan, lessThan, in, notIn, startsWith, stringContains.
  • Enables multi-tenant RAG by filtering documents based on tenant ID, access controls, or document categories.

Advanced Parsing

  • Foundation Model Parsing – Uses an FM (e.g., Claude) to extract and interpret content from complex documents including PDFs with tables, charts, and images. Provides customizable extraction prompts.
  • Amazon Textract Parsing – OCR-based parsing for scanned documents and images.
  • Standard Parsing – Default text extraction for supported document formats.
  • FM parsing is ideal for documents with complex layouts, embedded images, or non-standard formatting that standard parsers cannot handle accurately.

📖 Deep Dive Guides: Bedrock vs SageMaker | RAG Architecture | Prompt Engineering | Responsible AI | AI Services Decision Guide

Amazon Bedrock Agents

Amazon Bedrock Agents enables developers to build autonomous AI agents that can plan multi-step tasks, invoke APIs, and interact with knowledge bases to accomplish complex goals. Agents use foundation models for reasoning and orchestration.

Agent Architecture

  • Foundation Model – The reasoning engine that interprets user requests, plans actions, and generates responses.
  • Instructions – System-level prompts that define the agent’s persona, capabilities, and behavioral guidelines.
  • Action Groups – Collections of tools/APIs the agent can invoke, defined via OpenAPI schemas or function definitions.
  • Knowledge Bases – Connected data sources for RAG-based retrieval to ground responses in proprietary data.
  • Guardrails – Safety filters applied to agent inputs and outputs.

Orchestration

  • Agents use a ReAct (Reasoning + Acting) orchestration loop by default: the FM reasons about the task, decides on an action, executes it, observes results, and iterates.
  • Custom Orchestration – Use a Lambda function to define custom orchestration logic, overriding the default ReAct loop for specialized workflows.
  • The orchestration loop continues until the agent determines it has sufficient information to generate a final response or reaches the maximum iteration limit.

Action Groups & Tool Use

  • Action groups define the tools available to the agent using either OpenAPI schemas or simplified function definitions.
  • Lambda Functions – Backend logic executed when the agent invokes an action. Receives the API operation, parameters, and session context.
  • Return of Control (ROC) – Instead of executing a Lambda, the agent returns control to the calling application with the action details. The application executes the action and returns results to continue the conversation.
  • Code Interpreter – Built-in action group that allows the agent to generate and execute Python code in a secure sandbox for data analysis, calculations, and chart generation.
  • User Confirmation – Configurable step where the agent asks for user approval before executing sensitive actions.

Multi-Step Reasoning

  • Agents decompose complex requests into sequential sub-tasks, executing each step and using results to inform the next.
  • Supports query decomposition for knowledge base retrieval – breaking a complex question into simpler sub-queries.
  • Chain-of-thought traces are available for debugging and observability.

Inline Agents

  • Dynamically configure agent capabilities at runtime without pre-creating agent resources.
  • Specify instructions, action groups, knowledge bases, and guardrails in the API call itself.
  • Enables dynamic workflow adaptation where agent roles and tools change based on context.
  • Launched with multi-agent collaboration GA (March 2025).

Multi-Agent Collaboration (Supervisor/Child)

  • Supervisor Agent – Orchestrates the workflow by breaking requests into sub-tasks and delegating to specialized child agents.
  • Child Agents (Collaborator Agents) – Specialized agents focused on specific domains (e.g., checking maintenance, analyzing alarms, evaluating KPIs).
  • Supervisor routes tasks, consolidates outputs, and generates unified final responses.
  • Supports both SUPERVISOR mode (supervisor decides routing) and SUPERVISOR_ROUTER mode (classifier-based routing).
  • GA since March 2025 with support for up to 5 collaborator agents per supervisor.

Agent Memory

  • Session Memory (Short-term) – Maintains conversation context within a session. Automatically managed within the session window (configurable idle timeout).
  • Long-term Memory – Persists information across sessions. Extracts key facts, preferences, and context from conversations and stores them for future sessions.
  • Memory enables personalized experiences where agents remember user preferences, past interactions, and ongoing tasks.
  • Supports metadata on memory records for organizing, filtering, and routing retrieval.

Prompt Engineering for Agents

  • System Instructions – Define the agent’s role, personality, constraints, and response format.
  • Advanced Prompts – Customize prompts at each orchestration step: pre-processing, orchestration, knowledge base response generation, and post-processing.
  • Prompt Templates – Use variables (e.g., $tool_results$, $knowledge_base_results$) to structure how the agent processes information.
  • Best practices: Be specific about capabilities, define clear boundaries, provide examples of expected behavior, and specify output formats.

Amazon Bedrock AgentCore

Amazon Bedrock AgentCore (GA June 2026) is a code-first platform to build, deploy, connect, and optimize AI agents at scale. It provides production-grade infrastructure including runtime, identity, tools, memory, observability, and evaluation — regardless of the framework or model used.

Managed Deployment (AgentCore Runtime & Harness)

  • AgentCore Harness – The managed orchestration layer (“body”) for agents. Handles the orchestration loop, tool execution, context window management, state persistence, failure recovery, and session isolation.
  • Define agents via configuration: model, tools, skills, instructions. AgentCore assembles and runs the agent loop.
  • Each agent runs in its own isolated environment with filesystem, shell, memory, and web browsing capabilities.
  • Supports any open-source framework (LangGraph, CrewAI, Strands) and any model.
  • Provides MicroVM-based isolation for secure execution of tools and code.

AgentCore Identity & Access

  • AgentCore Identity – Provides robust identity and access management for agents at scale.
  • Agents can access resources/tools on behalf of users or themselves with pre-authorized user consent.
  • Compatible with existing identity providers (Okta, Auth0, Entra ID) — no user migration required.
  • Workload Identities – Unique identities assigned to agents for authentication and authorization.
  • Centralized identity management regardless of deployment environment (AgentCore Runtime, self-hosted, hybrid).
  • Eliminates need for custom access controls and identity infrastructure.

Tool Management (AgentCore Gateway)

  • AgentCore Gateway – Unified MCP (Model Context Protocol) gateway for tool discovery and invocation.
  • Serves as a single endpoint for accessing tools from different teams, organizations, and applications.
  • Fine-grained access control with gateway interceptors for per-principal permissions.
  • Supports the AWS-curated skills catalog accessible with a single toggle.
  • Web Search tool enables agents to ground responses in current web knowledge.

Memory Management

  • Memory provisions automatically when a harness is created.
  • Extracts useful information from short-term memory and stores as long-term memory records.
  • Supports strictly consistent metadata on memory records for organized retrieval.
  • Agents recognize returning users without additional setup.

Quality Evaluations

  • Batch Evaluation – Define what “good” looks like and measure candidate changes against quality bars at scale.
  • Customers specify evaluation criteria and AgentCore runs assessments across multiple test cases.
  • Supports comparison of agent versions before deployment.

A/B Testing

  • Controlled comparison between agent versions by splitting live production traffic.
  • Measures outcomes side-by-side to confirm improvements hold under real conditions.
  • Enables data-driven decisions about agent updates and configuration changes.

Policy Controls

  • AgentCore Policy – Authorization capability that controls which actions agents are authorized to take.
  • Integrates with Amazon Bedrock Guardrails for content safety and prompt injection protection.
  • Provides enterprise defenses against security and safety risks in agent workloads.
  • Supports sensitive data exposure prevention and prompt injection attack detection.

Amazon Bedrock Guardrails

Amazon Bedrock Guardrails provides configurable safeguards for generative AI applications. It helps detect and filter harmful content, block undesirable topics, redact sensitive information, and reduce hallucinations — applied to both user inputs and model responses.

Content Filters

  • Detect and filter harmful content across six categories with configurable strength levels (None, Low, Medium, High):
  • Hate – Content that discriminates, criticizes, insults, or dehumanizes based on identity attributes.
  • Insults – Content that demeans, bullies, or includes negative/derogatory language.
  • Sexual – Content that indicates sexual interest, activity, or arousal.
  • Violence – Content that glorifies or threatens physical harm to individuals or groups.
  • Misconduct – Content related to criminal activity, including fraud, theft, and illegal substance use.
  • Prompt Attacks – Detects prompt injection and jailbreak attempts designed to bypass safety controls.
  • Supports tiered filtering (announced June 2025) for cost-optimized content moderation at scale.

Image Content Filters (GA March 2025)

  • Extends content filtering to image modality — moderates both image and text content.
  • Applies to all categories: hate, insults, sexual, violence, misconduct, and prompt attacks.
  • Blocks up to 88% of harmful multimodal content.
  • Industry-leading safeguards for applications handling user-uploaded images or model-generated images.

Denied Topics

  • Define custom topics that the AI should refuse to engage with.
  • Provide a natural language definition and optional sample phrases for each denied topic.
  • Example: A bank’s AI assistant can deny conversations about investment advice or cryptocurrencies.
  • Applied to both user inputs (block the question) and model outputs (block the response).

Word Filters

  • Block specific words or phrases from appearing in inputs or outputs.
  • Supports exact match and managed word lists (e.g., profanity lists).
  • Useful for blocking competitor names, internal project codes, or inappropriate terminology.

Sensitive Information Filters

  • PII Detection – Identifies personally identifiable information including names, email addresses, phone numbers, SSNs, credit card numbers, and more.
  • Regex Patterns – Define custom patterns for domain-specific sensitive data (e.g., account numbers, internal IDs).
  • Actions: Block (reject the entire message) or Anonymize/Redact (mask the PII and allow the message through).
  • Supports over 30 built-in PII entity types.

Contextual Grounding Check

  • Detects hallucinations in RAG and summarization use cases.
  • Grounding – Validates that model responses are factually consistent with the provided reference source/context.
  • Relevance – Checks that the response is relevant to the user’s query.
  • Configurable thresholds for grounding and relevance scores.
  • Filters over 75% of hallucinated responses in RAG applications.

Automated Reasoning Checks

  • Uses formal verification methods grounded in mathematical logic to validate AI-generated outputs.
  • Detects hallucinations, suggests corrections, and highlights unstated assumptions.
  • Provides provably correct, auditable assessments with deterministic formal logic.
  • First and only safeguard using Automated Reasoning to prevent factual errors.
  • Policy refinement workflows added June 2026 for iterative improvement.

ApplyGuardrail API

  • Standalone API to apply guardrails independently of model invocation.
  • Enables guardrail evaluation on any text content — even from non-Bedrock models or external systems.
  • Use cases: validate content from third-party LLMs, pre-screen user inputs, post-process outputs from any source.
  • InvokeGuardrailChecks API – Enhanced API for agentic AI applications requiring step-level guardrail checks.

Code Domain Support (Jan 2025)

  • Protects against undesirable content within code elements.
  • Inspects user prompts, comments, variables, function names, and string literals.
  • Prevents injection of harmful content via code constructs.

Amazon Bedrock Model Evaluation

Amazon Bedrock Evaluations helps you compare, evaluate, and select foundation models for your specific use cases. It supports automatic evaluation, human evaluation, and LLM-as-a-judge workflows.

Automatic Evaluation

  • Evaluate models using built-in metrics without human involvement.
  • Accuracy – Measures correctness of model responses using metrics like BERTScore, ROUGE, and exact match.
  • Robustness – Tests model consistency across paraphrased inputs and adversarial perturbations.
  • Toxicity – Measures harmful or inappropriate content in model outputs.
  • Supports custom datasets in JSONL format with prompt-response-reference triples.
  • Can evaluate models running on Bedrock, other cloud providers, or on-premises (GA April 2025).

LLM-as-a-Judge (Preview Dec 2024)

  • Uses a foundation model to evaluate other models with human-like quality assessment.
  • Fraction of the cost and time of human evaluations.
  • Supports custom evaluation criteria and scoring rubrics.

RAG Evaluation

  • Evaluate end-to-end RAG systems including retrieval quality and generation accuracy.
  • Metrics: context relevance, answer faithfulness, answer relevance.
  • Can evaluate fully built applications, not just individual model responses.

Human Evaluation Workflows

  • Set up human evaluation jobs with custom work teams.
  • Evaluators rate model responses on custom criteria (helpfulness, harmlessness, coherence).
  • Supports comparison of multiple models side-by-side.
  • Integrates with Amazon SageMaker Ground Truth for workforce management.

Model Comparison

  • Compare multiple foundation models on the same evaluation dataset.
  • Side-by-side results with statistical significance testing.
  • Helps select optimal model balancing quality, latency, and cost for specific use cases.

Amazon Bedrock Fine-Tuning & Customization

Amazon Bedrock provides multiple model customization techniques to adapt foundation models to specific tasks and domains.

Continued Pre-Training

  • Extend a model’s knowledge by training on unlabeled, domain-specific data.
  • Adapts the model’s language understanding to specialized vocabularies and concepts.
  • Training data format: Plain text documents in S3 (no prompt-completion pairs needed).
  • Best for: Domain adaptation (medical, legal, financial terminology).

Instruction Fine-Tuning

  • Train models on labeled prompt-completion pairs to improve task-specific performance.
  • Training data format: JSONL with {"prompt": "...", "completion": "..."} or chat-format messages.
  • Supports validation datasets for monitoring overfitting.
  • Configurable hyperparameters: epochs, batch size, learning rate, warmup steps.
  • Best for: Improving performance on specific tasks like classification, extraction, or formatting.

Reinforcement Fine-Tuning (RFT) – GA December 2025

  • Advanced customization using reward-based learning without requiring large labeled datasets.
  • Bring your own prompts or use existing Bedrock API invocation logs as training data.
  • Delivers 66% accuracy gains on average over base models.
  • Supported models: Amazon Nova, OpenAI GPT OSS 20B, Qwen 3 32B (Feb 2026).
  • Automates the reinforcement workflow — accessible to developers without deep ML expertise.
  • Built-in evaluation tools to compare RFT model against the base model.
  • Supports iterative fine-tuning: build upon previously customized models for continuous improvement.
  • Training data: JSONL with prompts; rewards are computed by a verifier/judge function you define.

Model Distillation

  • Transfer knowledge from a larger “teacher” model to a smaller “student” model.
  • Provide input prompts in JSONL; Bedrock generates responses from the teacher model and uses them to fine-tune the student.
  • Achieves teacher-model quality at student-model cost and latency.
  • Best for: Reducing inference costs while maintaining quality for specific use cases.

Training Data Format Summary

Method Data Format Data Requirements
Continued Pre-Training Plain text files Unlabeled domain corpus
Instruction Fine-Tuning JSONL (prompt/completion) Min ~100 examples, recommended 1000+
Reinforcement Fine-Tuning JSONL (prompts) + verifier Prompts + reward/judge function
Distillation JSONL (input prompts) Prompts only; teacher generates completions

Amazon Bedrock Prompt Flows & Management

Amazon Bedrock provides tools for creating, managing, and orchestrating prompts and generative AI workflows.

Prompt Management (GA November 2024)

  • Streamlined interface to create, evaluate, version, and share prompts.
  • Prompt Versioning – Each version is linked to its evaluation results. Supports rollback, audit trails, and A/B testing.
  • Prompt Variables – Template variables (e.g., {{context}}, {{question}}) for dynamic prompt construction.
  • Model Selection – Test the same prompt across different foundation models to compare performance.
  • Sharing – Share prompts across teams and projects for collaboration and reuse.
  • Treats prompts as critical as code — version-controlled and reproducible.

Bedrock Flows (Visual Flow Builder)

  • Intuitive visual builder to create, test, and deploy generative AI workflows.
  • Drag-and-drop interface to link Prompts, Agents, Knowledge Bases, Guardrails, and AWS services.
  • Node Types:
    • Prompt Node – Invokes a foundation model with a configured prompt.
    • Agent Node – Invokes a Bedrock Agent for autonomous task execution.
    • Knowledge Base Node – Retrieves relevant information from a Knowledge Base.
    • Condition Node – Routes flow based on conditional logic.
    • Lambda Node – Executes custom business logic.
    • Lex Node – Integrates with Amazon Lex for conversational interfaces.
    • Iterator Node – Loops over collections of items.
    • Collector Node – Aggregates results from parallel or iterated executions.
  • Serverless execution — pricing based on resources consumed (model invocations, Lambda, etc.).
  • Supports versioning and aliases for deployment management.

A/B Testing for Prompts

  • Version-control prompts and compare performance across versions.
  • Use Bedrock Evaluations to measure quality differences between prompt versions.
  • Deploy prompt versions with aliases and switch traffic between versions.
  • Combine with AgentCore A/B testing for full agent-level experimentation.

Comparison: Bedrock Knowledge Bases vs Amazon Kendra vs OpenSearch

Feature Bedrock Knowledge Bases Amazon Kendra Amazon OpenSearch Service
Primary Purpose RAG for generative AI Intelligent enterprise search Full-text search, analytics, vector search
Search Type Semantic + hybrid (keyword) Semantic + keyword (NLU-based) Full-text, keyword, vector (k-NN), hybrid
RAG Integration Native (fully managed) Via Retrieve API + custom orchestration Custom implementation required
Management Fully managed Fully managed Managed clusters or serverless
Data Sources S3, Confluence, SharePoint, Salesforce, Web Crawler, Google Drive, OneDrive 40+ connectors (S3, SharePoint, Salesforce, databases, ServiceNow, etc.) Custom ingestion pipelines
Chunking Fixed, semantic, hierarchical, no chunking Automatic (document passages) Custom (application-managed)
Vector Store Managed or BYO (OpenSearch, Aurora, Pinecone, Redis, MongoDB) Built-in (not configurable) Native k-NN plugin
Metadata Filtering Yes (custom JSON metadata) Yes (document attributes) Yes (field-level filtering)
Access Control Via metadata filtering Native ACL integration (SharePoint, etc.) Fine-grained access control
Multimodal Yes (FM parsing for images/tables) Limited (document text extraction) Yes (with custom embeddings)
Re-ranking Yes (Managed KB) Built-in semantic re-ranking Custom (Learning to Rank plugin)
Best For GenAI applications, RAG pipelines, AI agents Enterprise search portals, FAQ systems, document discovery Custom search, log analytics, observability, full control over retrieval
Pricing Model Pay per query + storage (vector store) Index-based (provisioned capacity) Instance/serverless OCU hours

AWS Certification Exam Practice Questions

Question 1:

A company is building a RAG application using Amazon Bedrock Knowledge Bases. Their documents contain complex tables, charts, and embedded images in PDF format. Standard text extraction is losing critical information. Which parsing approach should they use to improve data quality?

  1. Fixed-size chunking with 512 tokens
  2. Foundation model parsing with a customized extraction prompt
  3. Semantic chunking with sentence boundary detection
  4. Amazon Textract with default settings
Show Answer

Answer: B – Foundation model parsing uses an FM (e.g., Claude) to interpret complex document layouts including tables, charts, and images. It allows customizable extraction prompts to capture the specific information needed. While Textract handles OCR, FM parsing provides superior understanding of document structure and semantics.

Question 2:

A financial services company wants their Bedrock Agent to execute a trade only after receiving explicit user approval. Which feature should they implement?

  1. Guardrails with denied topics
  2. Return of Control with user confirmation
  3. Custom orchestration with Lambda
  4. Multi-agent collaboration with a supervisor
Show Answer

Answer: B – Return of Control (ROC) allows the agent to return the proposed action to the calling application instead of executing it directly. Combined with user confirmation configuration, this ensures sensitive actions like trade execution require explicit user approval before proceeding.

Question 3:

An organization is deploying multiple AI agents that need to access different enterprise tools and data sources on behalf of users. Each agent requires its own identity with scoped permissions and integration with their existing Okta identity provider. Which service should they use?

  1. Amazon Bedrock Agents with IAM roles
  2. Amazon Bedrock AgentCore Identity
  3. AWS IAM Identity Center with SAML federation
  4. Amazon Cognito User Pools
Show Answer

Answer: B – Amazon Bedrock AgentCore Identity provides robust identity and access management for agents at scale. It’s compatible with existing identity providers (including Okta) without requiring user migration, assigns unique workload identities to agents, and provides centralized identity management regardless of deployment environment.

Question 4:

A healthcare company uses Amazon Bedrock to generate patient-facing content. They need to ensure responses don’t contain hallucinated medical information and are always grounded in the reference documents provided. Which Guardrails feature provides the MOST reliable hallucination detection?

  1. Content filters set to High
  2. Contextual grounding check
  3. Denied topics for medical advice
  4. Automated Reasoning checks
Show Answer

Answer: D – Automated Reasoning checks use formal verification methods grounded in mathematical logic to validate AI-generated outputs. They provide provably correct, auditable assessments and can detect hallucinations, suggest corrections, and highlight unstated assumptions — making them the most reliable option for critical healthcare content. Contextual grounding is useful but probabilistic, while Automated Reasoning is deterministic.

Question 5:

A company wants to improve their foundation model’s performance on a specific classification task but has limited labeled data (only 50 examples). They do have access to a high-quality larger model and 5,000 unlabeled prompts representative of their use case. Which customization approach is MOST appropriate?

  1. Instruction fine-tuning with the 50 labeled examples
  2. Continued pre-training with domain documents
  3. Model distillation using the larger model as teacher
  4. Reinforcement fine-tuning with a reward function
Show Answer

Answer: C – Model distillation transfers knowledge from a larger “teacher” model to a smaller “student” model. The company provides their 5,000 unlabeled prompts, Bedrock generates high-quality responses from the teacher model, and uses those to fine-tune the student. This achieves teacher-model quality at lower cost without requiring labeled data. With only 50 labeled examples, instruction fine-tuning would likely underperform.

Frequently Asked Questions

What is a Bedrock Knowledge Base?

A Bedrock Knowledge Base connects your data sources (S3, web pages, Confluence, etc.) to foundation models via RAG. It automatically chunks documents, generates embeddings, stores them in a vector database, and retrieves relevant context to ground model responses in your data.

What are Bedrock Guardrails?

Guardrails are configurable safety controls that filter harmful content, block denied topics, mask PII, and verify response grounding. They can be applied to any Bedrock model call, agent, or knowledge base to ensure responsible AI usage within your organization’s policies.

How do Bedrock Agents work?

Bedrock Agents use a foundation model to break down user requests into steps, determine which tools/APIs to call (action groups), execute them, and synthesize results. They support multi-step reasoning, code execution, memory across sessions, and can collaborate with other agents.

References

AWS AI & ML Services Cheat Sheet – AIF-C01 & AIP-C01

AWS AI & Generative AI Services – Cheat Sheet

This is the definitive cheat sheet covering AI, Machine Learning, and Generative AI services on AWS — designed as the anchor page for both the AWS Certified AI Practitioner (AIF-C01) and AWS Certified Generative AI Developer – Professional (AIP-C01) exams.

Related Posts:

AI/ML/Generative AI Fundamentals

AI vs ML vs Deep Learning vs Generative AI

Concept Definition Examples
Artificial Intelligence (AI) Broad field of computer science focused on creating systems that can perform tasks requiring human intelligence Rule-based systems, expert systems, robotics
Machine Learning (ML) Subset of AI where systems learn from data without being explicitly programmed Fraud detection, recommendations, forecasting
Deep Learning (DL) Subset of ML using neural networks with multiple layers (deep neural networks) to learn complex patterns Image recognition, NLP, speech recognition
Generative AI (GenAI) Subset of DL that creates new content (text, images, code, video, audio) by learning patterns from training data ChatGPT, DALL-E, Amazon Nova, Claude

Learning Paradigms

  • Supervised Learning — model learns from labeled data (input-output pairs). Used for classification (spam/not spam) and regression (price prediction).
  • Unsupervised Learning — model finds patterns in unlabeled data. Used for clustering (customer segmentation), anomaly detection, and dimensionality reduction.
  • Semi-supervised Learning — combines small amount of labeled data with large amounts of unlabeled data.
  • Reinforcement Learning (RL) — agent learns by interacting with an environment, receiving rewards/penalties. Used for game playing, robotics, and RLHF in LLMs.
  • Self-supervised Learning — model generates its own labels from input data (e.g., predicting masked tokens). Used for pre-training foundation models.

Neural Networks Basics

  • Neurons/Nodes — basic computation units that receive inputs, apply weights, add bias, and pass through an activation function.
  • Layers — Input layer (receives data), Hidden layers (process data), Output layer (produces result).
  • Weights & Biases — parameters learned during training that determine the model’s behavior.
  • Activation Functions — introduce non-linearity (ReLU, Sigmoid, Softmax, Tanh).
  • Backpropagation — algorithm to compute gradients and update weights by propagating errors backward.
  • Loss Function — measures how far the model’s predictions are from actual values.
  • Transformer Architecture — foundation of modern LLMs; uses self-attention mechanism to process entire sequences in parallel (introduced in “Attention is All You Need” paper, 2017).
  • CNNs (Convolutional Neural Networks) — specialized for image/spatial data.
  • RNNs/LSTMs — sequential data processing (largely superseded by Transformers for NLP).
  • GANs (Generative Adversarial Networks) — generator + discriminator for image generation.
  • Diffusion Models — generate images/video by learning to denoise (e.g., Stable Diffusion, Nova Canvas).

📖 Deep Dive Guides: Bedrock vs SageMaker | RAG Architecture | Prompt Engineering | Responsible AI | AI Services Decision Guide

Foundation Model Concepts

Pre-training

  • Training a model on massive datasets (trillions of tokens) to learn general language/world knowledge.
  • Extremely expensive and resource-intensive (millions of GPU hours).
  • Results in a base model with broad capabilities but no specific task alignment.
  • Common objectives: next-token prediction (GPT-style), masked language modeling (BERT-style).

Fine-tuning Techniques

  • Instruction Tuning — fine-tuning on instruction-response pairs to make the model follow instructions better.
  • RLHF (Reinforcement Learning from Human Feedback) — trains a reward model from human preferences, then uses RL (PPO) to optimize the language model against that reward. Used to align models with human values.
  • DPO (Direct Preference Optimization) — simpler alternative to RLHF that directly optimizes on preference pairs without a separate reward model. More stable training.
  • LoRA / QLoRA — Parameter-Efficient Fine-Tuning (PEFT) that freezes base model and trains small adapter layers. Reduces compute by 90%+.
  • Continued Pre-training — further pre-training on domain-specific data to teach the model new knowledge (e.g., medical, legal, financial).
  • Distillation — training a smaller “student” model to mimic a larger “teacher” model’s outputs. Reduces inference cost while retaining most capability.

RAG (Retrieval Augmented Generation)

  • Combines information retrieval with text generation to ground LLM responses in external knowledge.
  • How it works: Query → Retrieve relevant documents from knowledge base → Augment prompt with retrieved context → Generate response.
  • Benefits: Reduces hallucinations, enables up-to-date responses, no model retraining needed, source attribution.
  • Components: Document ingestion, chunking strategy, embedding model, vector database, retrieval algorithm, re-ranking.
  • AWS Implementation: Amazon Bedrock Knowledge Bases, Amazon Kendra (GenAI Index), OpenSearch vector search.

Prompt Engineering

  • Zero-shot — asking the model to perform a task without any examples. Relies on pre-trained knowledge.
  • Few-shot (In-Context Learning) — providing a few examples in the prompt to guide the model’s output format and behavior.
  • Chain-of-Thought (CoT) — asking the model to “think step by step” to improve reasoning on complex tasks.
  • System Prompts — instructions that define the model’s role, behavior, and constraints.
  • Prompt Templates — reusable prompt structures with placeholders for dynamic content.
  • Prompt Chaining — breaking complex tasks into sequential prompts where output of one feeds input of next.

Key Parameters & Concepts

  • Tokenization — splitting text into tokens (subwords/words). Models process tokens, not characters. Affects context limits and pricing.
  • Embeddings — dense vector representations of text/images in high-dimensional space. Semantically similar items have similar embeddings. Used for search, RAG, and clustering.
  • Temperature — controls randomness of output. Low (0-0.3) = deterministic/focused, High (0.7-1.0) = creative/diverse. 0 = greedy decoding.
  • Top-p (Nucleus Sampling) — considers only tokens whose cumulative probability exceeds p. Top-p 0.9 = considers top 90% probability mass.
  • Top-k — limits token selection to the k most likely next tokens.
  • Context Window — maximum number of tokens (input + output) the model can process at once. Ranges from 4K to 1M+ tokens in modern models.
  • Max Tokens — limits the length of generated output.
  • Stop Sequences — tokens that signal the model to stop generating.
  • Hallucination — when a model generates plausible-sounding but factually incorrect information.
  • Grounding — techniques to anchor model responses in factual data (RAG, tool use, citations).

Responsible AI

Core Principles

  • Fairness & Bias — ensuring models don’t discriminate based on protected attributes (race, gender, age). Types: selection bias, measurement bias, representation bias, confirmation bias.
  • Explainability — ability to understand and explain how/why a model made a specific prediction. Techniques: SHAP, LIME, attention visualization, feature importance.
  • Transparency — openly communicating model capabilities, limitations, and intended use cases to users.
  • Robustness — model performs reliably across different inputs, including adversarial examples and edge cases.
  • Privacy & Security — protecting training data, user inputs, and model outputs. Preventing data leakage and prompt injection.
  • Governance — organizational policies, processes, and controls for responsible AI development and deployment.
  • Safety — preventing harmful outputs including toxic content, misinformation, and dangerous instructions.

AWS Responsible AI Tools

  • AWS AI Service Cards — transparency documentation for AWS AI services covering intended use cases, limitations, responsible AI design choices, and deployment best practices.
  • Amazon Bedrock Guardrails — configurable safeguards for GenAI applications:
    • Content filters (hate, insults, sexual, violence, misconduct)
    • Denied topics (topic avoidance policies)
    • Word/phrase filters
    • Sensitive information filters (PII redaction)
    • Contextual grounding checks (hallucination detection)
    • Automated Reasoning Checks (logical verification)
  • SageMaker Clarify — detects bias in data and models, provides feature attributions for explainability (note: moving to maintenance July 2026 for new customers).
  • Model Cards — documentation that describes a model’s intended use, performance metrics, limitations, and ethical considerations. Supported in SageMaker Model Registry.
  • Human-in-the-Loop (HITL) — keeping humans involved in AI decision-making for high-stakes scenarios. AWS A2I (Augmented AI) provided review workflows (note: moving to maintenance July 2026 for new customers).
  • Amazon Bedrock Model Evaluation — automatic evaluation (accuracy, robustness, toxicity), human evaluation, and LLM-as-a-judge for quality assessment.

Bias Mitigation Strategies

  • Pre-processing: Balance training data, remove sensitive attributes, data augmentation.
  • In-processing: Regularization techniques, adversarial debiasing, fairness constraints during training.
  • Post-processing: Calibrate outputs, threshold adjustment, reject option classification.
  • Monitoring: Continuously track model performance across demographic groups in production.

Agentic AI

What are AI Agents?

  • AI systems that can autonomously plan, reason, and execute multi-step tasks to achieve goals.
  • Go beyond simple prompt-response by taking actions, using tools, and adapting based on outcomes.
  • Can operate for extended periods, making decisions and course-correcting without human intervention.

Key Concepts

  • Tool Use (Function Calling) — agents invoke external tools (APIs, databases, code execution) to gather information or perform actions.
  • Multi-step Reasoning — breaking complex problems into steps, executing sequentially with intermediate evaluations.
  • Orchestration — coordinating multiple agents or components to complete complex workflows. Patterns: sequential, parallel, routing, supervisor.
  • Memory — maintaining context across interactions:
    • Short-term memory (conversation context within a session)
    • Long-term memory (persistent knowledge across sessions)
    • Episodic memory (past experiences and outcomes)
  • Planning — decomposing goals into actionable sub-tasks, determining execution order, handling dependencies.
  • Reflection — agents evaluate their own outputs and self-correct errors before responding.
  • Model Context Protocol (MCP) — open standard for connecting AI agents with external tools and data sources.
  • Agent2Agent (A2A) — protocol for inter-agent communication and collaboration.

AWS Agentic AI Services

  • Amazon Bedrock Agents — create agents that can break down tasks, call APIs, and access knowledge bases (transitioning to Bedrock Agents Classic, July 2026).
  • Amazon Bedrock AgentCore (GA 2025/2026) — enterprise-grade infrastructure for deploying and operating AI agents at scale:
    • AgentCore Runtime — serverless, scalable environment to host agents
    • AgentCore Gateway — MCP-compatible tool connectivity
    • AgentCore Identity — per-agent identity and least-privilege access
    • AgentCore Observability — monitoring, tracing, and debugging
    • AgentCore Code Interpreter — secure sandboxed code execution
    • AgentCore Optimization — continuous quality evaluation and improvement
  • Amazon Nova Act — browser automation agent for web-based tasks.
  • AWS Step Functions — orchestrate multi-step agent workflows with state management.

AWS AI Service Stack

AWS organizes AI/ML services into three layers:

Layer 1: AI Infrastructure (Compute & Silicon)

Service/Chip Purpose Key Details
AWS Trainium Custom chip for ML training Trainium2 (4x perf vs gen1), Trainium3 (3nm, 4.4x vs Trn2, GA Dec 2025)
AWS Inferentia Custom chip for ML inference Inferentia2 (4x throughput, 10x lower latency vs gen1), Inf2 instances
EC2 UltraServers Multi-instance AI clusters Trn2 UltraServers (64 Trainium2 chips, NeuronLink interconnect), Trn3 UltraServers
AWS AI Factories On-premises AI infrastructure Deploy AI training/inference infrastructure in customer data centers
AWS Neuron SDK Software for Trainium/Inferentia Integrates with PyTorch, JAX, TensorFlow. Compiler, runtime, profiler
EC2 P5/P5e/P5en GPU instances (NVIDIA) H100/H200 GPUs for training and inference
EC2 G6/G6e GPU instances (NVIDIA) L4/L40S GPUs for inference and graphics
AWS Graviton Arm-based general compute Best price-performance for inference serving and general ML workloads
Amazon EFA Elastic Fabric Adapter Low-latency networking for distributed training across instances

Layer 2: ML Platform (SageMaker AI)

  • Amazon SageMaker AI (rebranded from SageMaker, late 2024) — end-to-end ML platform for building, training, and deploying models.
Component Purpose
SageMaker Unified Studio Single IDE for data, analytics, and ML/AI development (integrates Bedrock)
SageMaker Canvas No-code ML for business analysts — point-and-click model building
SageMaker HyperPod Managed clusters for large-scale distributed training with auto-recovery
SageMaker Pipelines CI/CD for ML — define, automate, and manage ML workflows
SageMaker Feature Store Centralized repository for ML features (online + offline store)
SageMaker MLflow Managed MLflow for experiment tracking, model versioning, deployment
SageMaker Model Registry Central catalog to version, manage, and deploy models with approval workflows
SageMaker JumpStart Model hub with 400+ pre-trained models, one-click deploy, fine-tuning
SageMaker Endpoints Real-time inference hosting (single model or multi-model endpoints)
SageMaker Training Managed training with built-in algorithms, distributed training, spot instances
SageMaker Processing Run data processing and evaluation jobs at scale
SageMaker Lakehouse Unified access to data lakes and warehouses for ML

Layer 3: AI Applications & Services

Amazon Bedrock (Generative AI Platform)

  • Amazon Bedrock — fully managed service for building GenAI applications with foundation models.
  • Model Providers: Amazon (Nova), Anthropic (Claude), Meta (Llama), Mistral, Cohere, AI21 Labs, OpenAI, Stability AI.
  • Key Capabilities:
    • Model Inference — Converse API, InvokeModel, streaming, batch inference, cross-region inference
    • Knowledge Bases — managed RAG with vector stores (OpenSearch, Aurora, Pinecone, etc.)
    • Managed Knowledge Base (2026) — fully managed RAG primitive (storage + retrieval + embeddings + re-ranking)
    • Agents — multi-step task execution with tool use (transitioning to AgentCore)
    • Guardrails — content filtering, topic avoidance, PII protection, grounding checks
    • Model Customization — fine-tuning, continued pre-training, distillation
    • Model Evaluation — automatic metrics, human evaluation, LLM-as-judge
    • Flows — visual workflow builder for chaining prompts, agents, and knowledge bases

Amazon Nova Models

  • Nova Micro — text-only, fastest, lowest cost (128K context). Ideal for classification, summarization.
  • Nova Lite — multimodal (text + image + video input), cost-effective (300K context).
  • Nova Pro — balanced multimodal, strong accuracy/speed/cost trade-off (300K context).
  • Nova Premier — most capable, complex reasoning, agentic workflows, teacher model (1M context).
  • Nova Canvas — image generation with editing controls and watermarking.
  • Nova Reel — video generation (1280×720, 24fps, up to 6 seconds).
  • Nova Sonic — speech-to-speech for real-time conversational AI.
  • Nova 2 (Dec 2025) — next generation with extended thinking (adjustable levels), 1M token context, built-in tools:
    • Nova 2 Lite — fast, cost-effective reasoning model
    • Nova 2 Pro — most intelligent, complex agentic tasks
    • Nova 2 Sonic — next-gen speech with async tool calling
    • Nova 2 Omni — unified multimodal I/O (text + image generation)
  • Nova Act — browser automation agent for web tasks.
  • Nova Forge — custom model building program (open training).

Amazon Q Developer & Q Business

  • Amazon Q Developer — AI-powered coding assistant (evolved from CodeWhisperer):
    • Code generation, completion, and inline suggestions (15+ languages)
    • Agentic coding (autonomous multi-step development)
    • Security vulnerability scanning
    • Code transformation and modernization (Java, .NET upgrades)
    • CLI integration (natural language → commands)
    • Debugging and troubleshooting with CloudWatch integration
  • Amazon Q Business — AI assistant for enterprise knowledge (connects to 40+ data sources):
    • Natural language answers from company data
    • Document summarization and content creation
    • Task automation with plugins
    • Access control respecting existing permissions (ACL-aware)
  • Amazon Q in Console — chat assistant in AWS Management Console for troubleshooting and guidance.
⚠️ Note (July 2026): Amazon Q Developer IDE plugins reaching end-of-support April 2027. Successor is Kiro — AWS’s agentic development environment. Amazon Q Business and Amazon Kendra entering maintenance mode for new customers July 30, 2026.

AWS AI/ML Application Services

Service Category Purpose
Amazon Comprehend NLP Sentiment analysis, entity recognition, key phrase extraction, language detection, topic modeling
Amazon Rekognition Computer Vision Object/face detection, content moderation, celebrity recognition, text in images, custom labels
Amazon Polly Speech Text-to-speech with neural voices (60+ voices, 30+ languages), SSML support
Amazon Transcribe Speech Speech-to-text (ASR), real-time and batch, custom vocabularies, speaker identification
Amazon Translate Language Neural machine translation (75+ languages), real-time and batch, custom terminology
Amazon Textract Document AI OCR + intelligent document processing, extracts text, tables, forms, and queries from documents
Amazon Lex Conversational AI Build chatbots and voice bots with automatic speech recognition and NLU
Amazon Kendra Search Enterprise search with NLP, semantic understanding, GenAI index for RAG ⚠️ Maintenance mode July 2026
Amazon Personalize Recommendations Real-time personalization and recommendations (same tech as Amazon.com)
Amazon Forecast Time Series Time series forecasting using ML (closed to new customers since 2024)
Amazon HealthScribe Healthcare Generate clinical documentation from patient-clinician conversations
Amazon Bedrock AgentCore Agentic AI Deploy, manage, and optimize AI agents at scale (GA 2025/2026)

Decision Matrix: Use Case → Recommended Service

Use Case Recommended Service Why
Build GenAI apps with FMs (no ML expertise) Amazon Bedrock Serverless, multi-model, fully managed
Custom model training from scratch SageMaker AI + Trainium Full control over training, data, and infrastructure
Enterprise Q&A over company documents Amazon Q Business / Bedrock Knowledge Bases Connects to 40+ data sources, ACL-aware
AI coding assistant Amazon Q Developer / Kiro Inline completions, security scanning, agentic coding
Build and deploy AI agents Bedrock AgentCore Serverless runtime, MCP tools, identity, observability
Chatbot / virtual assistant Amazon Lex + Bedrock Lex for structure, Bedrock for natural responses
Document processing (forms, invoices) Amazon Textract Extracts structured data from documents at scale
Content moderation (images/video) Amazon Rekognition Pre-built moderation labels, custom labels for specifics
Sentiment analysis on customer feedback Amazon Comprehend Pre-built NLP models, no training needed
Real-time product recommendations Amazon Personalize Same ML tech as Amazon.com, real-time updates
Transcribe meetings/calls Amazon Transcribe Real-time ASR, speaker diarization, custom vocab
Generate speech from text Amazon Polly Neural TTS, SSML support, multiple voices
Translate content at scale Amazon Translate 75+ languages, real-time, custom terminology
No-code ML for business users SageMaker Canvas Point-and-click, AutoML, visual interface
Fine-tune FMs on proprietary data Bedrock Custom Models / SageMaker JumpStart Bedrock for serverless; SageMaker for full control
Prevent harmful GenAI outputs Amazon Bedrock Guardrails Content filters, PII, grounding checks, topic avoidance
Cost-effective GenAI inference at scale Bedrock + Nova models (or Inferentia2/Trainium) Nova = lowest cost in class; custom silicon for self-hosted
Clinical documentation from conversations Amazon HealthScribe Purpose-built for healthcare, HIPAA eligible

Quick Reference: All AWS AI/ML Services

Service One-Liner
Amazon Bedrock Fully managed GenAI platform with multi-provider foundation models
Amazon Bedrock AgentCore Enterprise infrastructure for deploying and operating AI agents at scale
Amazon Nova Amazon’s family of foundation models (text, multimodal, speech, image, video)
Amazon Q Developer AI coding assistant with code generation, security scanning, and transformation
Amazon Q Business Enterprise AI assistant for Q&A and task automation over company data
Amazon SageMaker AI End-to-end ML platform for building, training, and deploying custom models
Amazon Comprehend NLP service for sentiment, entities, key phrases, language detection
Amazon Rekognition Computer vision for object/face detection, moderation, and custom labels
Amazon Polly Text-to-speech with neural and standard voices
Amazon Transcribe Automatic speech recognition (speech-to-text)
Amazon Translate Neural machine translation for 75+ languages
Amazon Textract Extract text, tables, and forms from documents (OCR+)
Amazon Lex Build conversational chatbots and voice bots
Amazon Kendra Intelligent enterprise search with NLP and GenAI index
Amazon Personalize Real-time ML-powered personalization and recommendations
Amazon HealthScribe Generate clinical notes from patient-clinician conversations
AWS Trainium Custom AI chip optimized for training (Trn2, Trn3 instances)
AWS Inferentia Custom AI chip optimized for inference (Inf2 instances)
AWS Neuron SDK SDK for running ML workloads on Trainium and Inferentia chips
Amazon SageMaker Canvas No-code ML model building for business analysts
Amazon SageMaker HyperPod Managed clusters for distributed training with auto fault recovery

Exam Tips

AIF-C01 — AWS Certified AI Practitioner

  • Format: 65 questions, 90 minutes, 700/1000 passing score.
  • Domains:
    • Domain 1: Fundamentals of AI and ML (20%)
    • Domain 2: Fundamentals of Generative AI (24%)
    • Domain 3: Applications of Foundation Models (28%) — largest domain, most technical
    • Domain 4: Guidelines for Responsible AI (14%)
    • Domain 5: Security, Compliance, and Governance for AI Solutions (14%)
  • Key Focus Areas:
    • Domains 2+3 = 52% of exam — master Bedrock, RAG, prompt engineering, fine-tuning
    • Know the difference between AI vs ML vs DL vs GenAI
    • Understand when to use Bedrock vs SageMaker
    • RAG architecture and when to use it vs fine-tuning
    • Responsible AI principles and Bedrock Guardrails
    • Temperature, top-p effects on output
    • Know all AWS AI services at a high level (what each does)

AIP-C01 — AWS Certified Generative AI Developer – Professional

  • Format: 85 questions, 180 minutes, 750/1000 passing score.
  • Domains:
    • Domain 1: FM Selection and Integration (26%)
    • Domain 2: Data Management and Optimization (22%)
    • Domain 3: Model Performance and Compliance (31%) — largest domain
    • Domain 4: Security and Governance (21%)
  • Key Focus Areas:
    • Deep hands-on knowledge of Bedrock APIs, agents, knowledge bases, guardrails
    • RAG implementation details (chunking strategies, embedding models, vector stores)
    • Model customization (when fine-tuning vs RAG vs prompt engineering)
    • Agentic AI patterns (tool use, multi-step, AgentCore)
    • SageMaker for custom training and deployment
    • Model evaluation and monitoring in production
    • Security: data encryption, VPC endpoints, IAM for Bedrock, prompt injection mitigation
    • Cost optimization (model selection, batch inference, provisioned throughput)

Common Exam Scenarios

  • “Least operational overhead” → Bedrock (serverless) over SageMaker (managed infrastructure)
  • “Custom model with proprietary data” → Fine-tuning on Bedrock or SageMaker depending on control needed
  • “Reduce hallucinations” → RAG with Knowledge Bases + Guardrails grounding checks
  • “Enterprise search over internal docs” → Amazon Q Business or Bedrock Knowledge Bases
  • “Control AI outputs for safety” → Bedrock Guardrails
  • “Lowest cost inference” → Nova Micro (text) or Nova Lite (multimodal) on Bedrock
  • “Deploy agents in production” → Bedrock AgentCore (serverless, scalable, observable)
  • “Train trillion-parameter model” → Trainium3 UltraServers + SageMaker HyperPod

Practice Questions

Question 1 (AIF-C01)

A company wants to reduce hallucinations in their generative AI application that answers customer questions about company policies. The application uses Amazon Bedrock. What is the MOST effective approach?

  1. Increase the model temperature to generate more diverse responses
  2. Implement Retrieval Augmented Generation (RAG) with Amazon Bedrock Knowledge Bases
  3. Fine-tune the foundation model on company documents
  4. Switch to a larger foundation model
Show Answer

Answer: B – RAG grounds responses in actual company documents, directly reducing hallucinations. Fine-tuning (C) teaches style/format but doesn’t guarantee factual accuracy for specific documents. Higher temperature (A) increases randomness. Larger models (D) don’t inherently reduce hallucinations.

Question 2 (AIF-C01)

Which combination of techniques helps ensure responsible AI in a generative AI application? (Select TWO)

  1. Increase the context window size
  2. Configure Amazon Bedrock Guardrails with content filters and denied topics
  3. Use the lowest-cost foundation model available
  4. Implement human review workflows for high-stakes decisions
  5. Maximize the temperature parameter for creative outputs
Show Answer

Answer: B, D – Bedrock Guardrails (B) provides configurable safety controls to filter harmful content. Human-in-the-loop (D) ensures human oversight for critical decisions. Context window size (A), model cost (C), and temperature (E) are not responsible AI techniques.

Question 3 (AIP-C01)

A developer is building an AI agent that needs to autonomously execute multi-step workflows, call external APIs, and maintain state across interactions. The solution must be production-grade with monitoring and minimal infrastructure management. Which AWS service should they use?

  1. Amazon Lex with Lambda fulfillment functions
  2. Amazon Bedrock AgentCore with AgentCore Runtime and Observability
  3. AWS Step Functions with SageMaker endpoints
  4. Amazon Q Business with custom plugins
Show Answer

Answer: B – Bedrock AgentCore provides serverless runtime for agents, MCP-compatible tool connectivity (Gateway), built-in observability, and identity management — purpose-built for production AI agents. Lex (A) is for chatbots, not autonomous agents. Step Functions (C) requires more infrastructure management. Q Business (D) is for enterprise knowledge, not custom agent workflows.

Question 4 (AIP-C01)

A team needs to fine-tune a foundation model on their proprietary dataset with minimal compute cost. The dataset contains 10,000 instruction-response pairs. Which approach provides the BEST balance of performance improvement and cost?

  1. Full fine-tuning of the entire model on Amazon SageMaker with P5 GPU instances
  2. Continued pre-training on Amazon Bedrock with the full dataset
  3. Parameter-efficient fine-tuning (LoRA) through Amazon Bedrock custom models
  4. Distilling the model into a smaller variant using Nova Premier as teacher
Show Answer

Answer: C – LoRA fine-tuning on Bedrock trains only small adapter layers (reduces compute by 90%+) while the base model stays frozen. It’s ideal for instruction-tuning with limited data. Full fine-tuning (A) is expensive. Continued pre-training (B) is for teaching new knowledge, not task alignment. Distillation (D) creates a smaller model but doesn’t directly fine-tune on task data.

Question 5 (AIF-C01 / AIP-C01)

A company wants to deploy a generative AI solution with the following requirements: lowest possible latency for text summarization, minimal cost, and no infrastructure management. Which combination should they choose?

  1. Amazon Nova Premier on Bedrock with provisioned throughput
  2. Amazon Nova Micro on Bedrock with on-demand pricing
  3. Claude 3 Opus on Bedrock with batch inference
  4. Self-hosted Llama model on SageMaker with Inferentia2 instances
Show Answer

Answer: B – Nova Micro is the fastest text-only model (200+ tokens/sec), lowest cost, and Bedrock provides serverless (no infrastructure). Premier (A) is more capable but slower and costlier. Batch (C) has high latency. Self-hosted (D) requires infrastructure management.

Frequently Asked Questions

What is the difference between AI, ML, and Generative AI?

AI is the broadest category — machines performing tasks that typically require human intelligence. ML is a subset that learns from data without explicit programming. Generative AI is a subset of ML that creates new content (text, images, code) using foundation models trained on vast datasets.

What is the difference between Amazon Bedrock and SageMaker?

Bedrock provides access to pre-built foundation models for generative AI applications without ML expertise. SageMaker is a full ML platform for building, training, and deploying custom models from scratch. Use Bedrock for gen AI apps; SageMaker when you need complete control over model training.

What AWS certifications cover AI and Generative AI?

AWS offers two AI-focused certifications: AIF-C01 (AI Practitioner) for foundational knowledge of AI/ML/Gen AI concepts and AWS services, and AIP-C01 (AI Professional) for practitioners building and deploying Gen AI solutions. Both require knowledge of Bedrock, SageMaker, and responsible AI.

Detailed Guides

Exam Prep: AWS AI Professional (AIP-C01) Exam Learning Path

References