Integrating AWS Bedrock

Bedrock is the natural runtime for federal civilian and other FedRAMP-relevant deployments. The Verdifax integration is one extra call after each invoke_model.

Install

pip install verdifax boto3

Bedrock + Claude

import json
import boto3
import verdifax

bedrock = boto3.client("bedrock-runtime", region_name="us-east-1")

prompt = "Summarize this benefits-eligibility determination..."
body = json.dumps({
    "anthropic_version": "bedrock-2023-05-31",
    "max_tokens": 1024,
    "messages": [{"role": "user", "content": prompt}],
})

resp = bedrock.invoke_model(
    modelId="anthropic.claude-sonnet-4-6-v1:0",
    body=body,
)
payload = json.loads(resp["body"].read())
output = payload["content"][0]["text"]

receipt = verdifax.attest(
    payload=f"model:claude-sonnet-4-6\nprompt:{prompt}\nresponse:{output}",
    program_id="a" * 64,
    route_id="bedrock-eligibility-v1",
    registry_record_hash="b" * 64,
)
print(receipt.manifest_hash)

Why FedRAMP buyers care

FedRAMP authorization at Moderate and High baselines requires demonstrable audit trails for AI systems making determinations about federal employees, beneficiaries, or contractors. A Verdifax manifest hash satisfies the integrity half of that requirement (cryptographic proof the run is what the operator says it was) — paired with Bedrock's authorization boundary, that closes the gap between "audit trail exists" and "audit trail is independently verifiable."

See Compliance — FedRAMP for the explicit mapping.

Continue

Compliance — FedRAMP
Integrating Anthropic Claude (non-Bedrock)