AWS Bedrock Guardrails: Pricing, Tiers and What's Actually Covered
AWS native LLM guardrails. Per-1K-text-unit pricing with separate line items for prompt attacks, content filters, denied topics, sensitive info and contextual grounding.
Where this rate sits
Position bar across the cluster of vendors with a paid published rate. Open-source and free-tier offerings are excluded so the bar reflects only commercial published prices.
Bedrock Guardrails sits at $0.08. Cheapest paid published rate is Bedrock Guardrails at $0.08. Dearest is Model Armor at $0.1. Across 2 vendors with a paid published rate.
Pricing tiers
Verbatim from the Bedrock Guardrails pricing page on 2026-06-19. Quote-only tiers are surfaced as such, never with an inferred price.
| Tier | Price | Free allowance | Notes |
|---|---|---|---|
| Prompt attack (InvokeGuardrailChecks) | $0.08 per 1K text units | - | Standalone prompt-injection check API |
| Sensitive information filters | $0.1 per 1K text units | - | PII and custom regex |
| Contextual grounding checks | $0.1 per 1K text units | - | RAG grounding |
| Content filters (text) | $0.15 per 1K text units | - | Harm categories |
| Denied topics | $0.15 per 1K text units | - | Topic blocklist |
| Image content filtering | $0.00075 per image | - | Per image processed |
| Word filters and regex SIF | Free / request | Unlimited | No charge |
Source: https://aws.amazon.com/bedrock/pricing/ | Verified 2026-06-19
OWASP LLM Top 10 coverage
What Bedrock Guardrails defends against, as claimed on its product pages and security documentation. Coverage flags are binary: an item is listed only if the vendor names the attack class explicitly.
- LLM01 Prompt injection
- LLM02 Sensitive information disclosure
- LLM03 Supply chain
- LLM04 Data and model poisoning
- LLM05 Improper output handling
- LLM06 Excessive agency
- LLM07 System prompt leakage
- LLM08 Vector and embedding weaknesses
- LLM09 Misinformation
- LLM10 Unbounded consumption
Hidden costs
Beyond the line-item price, every runtime AI guardrail carries operating costs the vendor page does not surface. Plan for these in any board paper.
- Per-call latency overhead. Guardrail check sits in the request path; budget 50 to 300 ms extra per LLM call.
- False-positive remediation. Allocate engineering time to tune policies after every guardrail rule change.
- Logging and retention. Guardrail decisions need to land in your SIEM. See siemcostcalculator.com.
- On-call coverage. Treat AI security alerts like SOC alerts. See securityoperationscost.com.
What Bedrock Guardrails is best for
AWS native LLM guardrails. Per-1K-text-unit pricing with separate line items for prompt attacks, content filters, denied topics, sensitive info and contextual grounding.