Integrating AWS Bedrock

Bedrock is the natural runtime for federal civilian and other FedRAMP-relevant deployments. The Verdifax integration is one extra call after each invoke_model.

Install

pip install verdifax boto3

Bedrock + Claude

import json
import boto3
import verdifax

bedrock = boto3.client("bedrock-runtime", region_name="us-east-1")

prompt = "Summarize this benefits-eligibility determination..."
body = json.dumps({
    "anthropic_version": "bedrock-2023-05-31",
    "max_tokens": 1024,
    "messages": [{"role": "user", "content": prompt}],
})

resp = bedrock.invoke_model(
    modelId="anthropic.claude-sonnet-4-6-v1:0",
    body=body,
)
payload = json.loads(resp["body"].read())
output = payload["content"][0]["text"]

receipt = verdifax.attest(
    payload=f"model:claude-sonnet-4-6\nprompt:{prompt}\nresponse:{output}",
    program_id="a" * 64,
    route_id="bedrock-eligibility-v1",
    registry_record_hash="b" * 64,
)
print(receipt.manifest_hash)

Why FedRAMP buyers care

FedRAMP authorization at Moderate and High baselines requires demonstrable audit trails for AI systems making determinations about federal employees, beneficiaries, or contractors. A Verdifax manifest hash satisfies the integrity half of that requirement (cryptographic proof the run is what the operator says it was), paired with Bedrock's authorization boundary, that closes the gap between "audit trail exists" and "audit trail is independently verifiable."

See Compliance, FedRAMP for the explicit mapping.

Continue

Compliance, FedRAMP
Integrating Anthropic Claude (non-Bedrock)