It's for people that can easily pump their AWS bill but not a new vendor.
easton•Jun 1, 2026
The AWS pricing page says 10% more than OpenAI, which is probably because they’re forcing all inference through the US and data residency is at a 10% premium from the model vendors for whatever reason (because you’ll pay for it).
If they put in a global endpoint like with Claude (or OpenAI directly) then it’ll probably match the direct pricing, if the pattern holds.
It also could be to provide room for enterprise discount pricing without it being money-losing for one of the companies.
yojo•Jun 2, 2026
I have worked at places that have negotiated flat percentage discounts on all AWS spend.
This explanation seems plausible to me.
cebert•Jun 2, 2026
It’s even more expensive for GovCloud customers. We pay a 30% premium on top of that.
_pdp_•Jun 1, 2026
As usual the more options the better for everyone. While this is not a direct replacement it is good that it exists.
Aurornis•Jun 1, 2026
If you are wondering why anyone would spend more money to use these APIs through AWS instead of going direct: In some companies it’s nearly impossible to get new vendors approved. If the company has an AWS contract then you have to use what AWS offers.
powvans•Jun 2, 2026
Even if you can get it approved you are adding surface area to your annual security audits, adding another vendor that needs to be disclosed on security assessments, spreading your data to yet another processor, and adding another invoice and budget discussion. Depending on your customer contracts you may need to notify them of a new vendor. This might trigger a new security review. Oh it’s just another model on Bedrock? Bliss.
morpheuskafka•Jun 2, 2026
Every CEO, board, and middle manager in the world is AI buzzword-obsessed now. Surely asking to sign a contract with the frontier labs directly would not get held up?
stronglikedan•Jun 2, 2026
Every CEO, board, and middle manager in the world still has to go through infosec in large orgs.
crubier•Jun 2, 2026
The hard part is not the CEO, it's the CISO
qurren•Jun 2, 2026
If you're an engineer in the trenches of the company, good luck convincing the people above to sign that contract. You'll waste thousands of hours just trying.
Animats•Jun 2, 2026
Wait, is AWS just reselling access to some AI company's servers, or is AWS running the models on their own hardware?
ykl•Jun 2, 2026
AWS Bedrock is other companies’ models running on separate dedicated AWS hardware, metered through AWS billing. AWS owns and operates all of the infrastructure and the client interface; the model provider basically hands over the model and weights to AWS and AWS Bedrock take it from there.
So, as an example, if you use Codex through Bedrock, that’s a totally separate instance of Codex from anything you would be interfacing with if you directly used OpenAI’s API; if you use Codex via Bedrock, OpenAI never sees your data or prompts because they stay sandboxed in an ephemeral Bedrock instance. For many large enterprise deployments this hard boundary is a big big deal.
Over the past year, Claude being available via Bedrock and ChatGPT/Codex not being available via Bedrock has been a huge competitive advantage for Anthropic in the enterprise space.
ykl•Jun 1, 2026
If you've used AI coding models in a large corporate setting, you'll know that a lot of big corporate deployments basically require using AWS Bedrock for two simple reasons:
1. Large companies tend to already have an existing relationship with AWS, which makes things way easier to go through vs. setting up a new vendor relationship
2. Large companies tend to have strong internal requirements about making sure that internal data stays under company control. With AWS Bedrock, you can be a lot more confident that what you're feeding into the models is not going to end up in someone's training set somewhere. For where I work, this requirement is a dealbreaker for going directly through OpenAI's API instead of going through AWS Bedrock.
rho138•Jun 1, 2026
How is one certain bedrock data isn’t being shuttled to external providers?
cortesoft•Jun 2, 2026
Contracts and the force of law?
ai_fry_ur_brain•Jun 2, 2026
Which notoriously are always holding the largest corporations accountable /s
SOLAR_FIELDS•Jun 2, 2026
Actually yes, when it’s other huge corporations holding them accountable. It’s only when politicians who are much more cheaply bought get involved that creates problems. When the other side has a significant war chest to combat you with, suddenly behavior improves
ch4s3•Jun 2, 2026
Any sufficiently large company will be prepared to fight this out in court where Amazon would eventually lose.
harrall•Jun 2, 2026
Laws and rules don’t hold anyone accountable. Anyone can say anything and then break that trust the next second.
Instead you trust your best friend because you have known them for 15 years and seen them in enough situations. It’s long term observation and predictability they ultimately gives trust.
AWS has been around 20 years and has never once shown a sign that that they would sell customer data. Could they still try? Sure, in the same way they my friend who hates seafood his entire life could suddenly flip 180 and love it. Yeah I guess it’s possible.
avianlyric•Jun 2, 2026
Contractual obligation, external third party audits, and above all, AWS’s reputation.
AWS isn’t going to risk their reputation, and thus huge chunks of their business, just so a few AI labs can get some extra training data. That’s an insane risk with zero upside for AWS. AWS knows full well they will make insane quantities of cash without breaking legal contracts with companies who pay them billions each year for infra.
jofzar•Jun 2, 2026
What other people are saying, but also because Amazon does not want to fuck around in this space. They don't want the legal fight or the reputational damage that would come with it.
trollbridge•Jun 2, 2026
They also don't really stand to benefit from doing so, unlike basically everyone else in this space.
They have access to a ridiculous amount of private customer data and so far have not shown any predilection to misusing that access.
xingped•Jun 2, 2026
To take an easy example that has actually had lawsuits I can link to, you must be unfamiliar with the lawsuits against Amazon for misusing sellers' data in order to undercut them with their own products... https://www.reuters.com/sustainability/13-bln-uk-lawsuit-acc...
There's zero reason to "trust" Amazon about anything. (And yes, I know the retail and AWS sides of the company are different, but it's still the same company. The same rot is always there, just shuffled around.)
bijowo1676•Jun 2, 2026
this is not related to AWS, but merely to amazon's retail business and their sellers know and sign up for the deal when they sell via amazon.
every single retail company does this, they allow suppliers to sell the product using retails's infrastructure, and then retailer turns around and create private label products using sales data (Costco's Kirkland Signature, Walmart's Great Value, are just some examples)
fragmede•Jun 2, 2026
Yes, but Kirkland's signature comes from the same factory. If I'm the factory owner and Costco vis going to guarantee me sales albeit at a slightly lower margin, so long as I slap a different sticker on it, that's different than from Amazon finding out which of my products sells best and then gets someone else to rip it off so I don't get paid anything.
bijowo1676•Jun 2, 2026
First of all, we don't know which factory kirkland's products are coming from. Even if they are coming from the same factory, who guarantees the same ingredients and quality control was used???
everything from amazon is coming from China, I dont understand why does a random person who resells stuff from Chinese factories via Amazon FBA feels entitled for exclusivity arrangement with Amazon?
Was such exclusivity encoded in some form of legally enforceable agreement ?
basch•Jun 2, 2026
That’s not the case at all. Kirkland just ditched Huggies making their diapers. They just introduced a breaded chicken tender nug to compete with one on the shelf.
They absolutely go out and find who can make the product and the quality and price they want. It’s not always an identical product to the brand name on the same shelf. Sometimes it displaces the brand name.
trollbridge•Jun 2, 2026
The retail side is completely different from AWS.
jimbokun•Jun 2, 2026
They have very little to gain and a hell of a lot to lose.
650REDHAIR•Jun 2, 2026
Bezos and Altman pinky-promised and are super trustworthy.
azinman2•Jun 2, 2026
Seems like trusting AWS with your data has been a good bet for a long time. They wouldn’t have the size/scale otherwise.
SXX•Jun 2, 2026
Bezos is not in AI gold rush. AWS is shovel rental.
Also unlike Altman they are trustworthy - a lot of Amazon competitors do run on AWS for decades.
glzone1•Jun 2, 2026
You really don't understand what AWS offers if you think this is what is getting them workloads (including competitors and highly sensitive govt workloads).
wmf•Jun 2, 2026
Andy Jassy is actually trustworthy.
nh2•Jun 2, 2026
In contrast to Microsoft, OpenAI, and Anthropic, AWS has never done anything close to sneaking in unwanted training opt-outs after the fact.
They are the only ones I trust not to do that so far. And their terms are extremely clear on that, no fuzzy language. Exactly what we want to see. So we use Bedrock.
kopirgan•Jun 2, 2026
Having worked with lots of companies, I can say that trust is there. But true test is competitors of Amazon. Does Walmart use them? Ebay? Although not in exact same business.
33MHz-i486•Jun 2, 2026
they’re crap on a lot dimensions of how they treat customers but data privacy/security is one thats taken pretty seriously at AWS, perhaps owing to the massive reputational damage that would result if they played loose with it.
But it seems tremendously unlikely with how explicit they are being with it. It is clearly one of the top selling features for the service.
Eridrus•Jun 2, 2026
To go a step further, the reason it's often impossible to add a new vendor if that you've signed a bunch of contracts with your customers saying you're not going to send their data to other vendors in all sorts of various flavors.
xtracto•Jun 2, 2026
And the pain of the procurement process, specially when you follow a certification such as iso27001, soc2 or similar.
kopirgan•Jun 2, 2026
A very interesting comment.
Curious to understand how AI will continue to grow if this is the trend. Assuming most valuable data is behind such firewalls. And whatever is public has been harvested, trained on top of whatever has been acquired illegally (this is a grey area).
Will it become a closed ecosystem without outside input?!
kennethops•Jun 2, 2026
imo it will slowly turn into where people run their own AI
bitmasher9•Jun 2, 2026
The pace of data creation is only increasing, and our capabilities of sharing and storing it is growing as well. Lots of this is out in the open, ready for anyone to crawl and scrape.
There probably is a point of “peak data” where the amount of new data will start decreasing, but that’s likely a 22nd or 24rd century problem.
avianlyric•Jun 2, 2026
Pace of data creation ignores the fact that the majority of the big gains in LLM “intelligence” has come from scraping and feeding in the huge amount of public data that already exists.
Unless we’re producing data on the order of an entire new internet every couple of years, then it’s hard to see how LLMs can achieve further huge leaps in capability compared to training on effectively 0% of the internet vs 100% of the internet.
kopirgan•Jun 2, 2026
That is without going into fact that many already use AI to type out and write stuff. I have a customer in Far East that routinely uses it even for simple emails, he is not so familiar with English.
fragmede•Jun 2, 2026
The majority of the gains come from the size of the supercomputers used to train them on. That's still growing. The algorithms used, and how the data is annotated is also some secret sauce.
watwut•Jun 2, 2026
If anything, trend will go towards sharing data less. It will become more important to keep the knowhow and data to yourself so the companies will do that.
And individuals will loose motivation to share, because it wont be that pro-social activity anymore anyway.
a_bonobo•Jun 2, 2026
3. from my opportunity - For many (not all) LLMs, Bedrock gives you control over which country the data stays in. You have no control over that with the Claude API, for example. We do not work in the US and have strong requirements for the data to stay in our country, which Bedrock gives us control over.
regularfry•Jun 2, 2026
4. AWS billing is already cross-charged to different departments per account. Copilot/Claude/Codex would need that setting up all over again, and is (probably) all coming out of a central bucket right now. Switching to Bedrock APIs is really easy, and solves a problem for people high enough up in the organisation that they can insist on it.
stymaar•Jun 2, 2026
> We do not work in the US and have strong requirements for the data to stay in our country, which Bedrock gives us control over.
It doesn't actually. The US can request data from whatever country US companies store it, and companies must comply.
So if you have strong requirements for data to stay in your country, using a US provider, whatever it is, is out of question no matter what the company's marketing claims (they are not maintaining these claims under oath for what it's worth: https://www.senat.fr/compte-rendu-commissions/20250609/ce_co... )
phillipcarter•Jun 2, 2026
Absolutely huge news for OpenAI. Unimaginable amount of enterprises picked up Claude just because it was available in AWS, and now there's serious competition.
AgentOrange1234•Jun 2, 2026
This is great news. I wish they were keeping their other models updated. With Gemma 4 and Qwen 3.7 already available on OpenRouter, bedrock is just not keeping up at all.
2001zhaozhao•Jun 2, 2026
Good news for competition.
Claude Code keeps omitting new features from people using it through Amazon Bedrock (e.g. auto mode, ultra plan, Claude for Chrome). Hopefully some more competition can get them to rethink their strategy.
chrisballinger•Jun 2, 2026
Auto mode works on Bedrock now!
Manouchehri•Jun 2, 2026
It's so odd, because Claude models on Amazon Bedrock do support all those features.
For awhile now, I've had a api.anthropic.com emulator that "secretly" forwards requests to Amazon Bedrock. Works great and now I get all the nice first-party only features right away.
kube-system•Jun 2, 2026
Is that anything you could share?
iandanforth•Jun 2, 2026
This is a great move for OpenAI and one that should worry Anthropic. Bedrock was the only way I could use foundation models for a while given AWS lock-in and security requirements.
onion2k•Jun 2, 2026
Claude is already available as both a pass-through to Anthropic's servers from AWS and in Bedrock. https://aws.amazon.com/claude-platform/ I imagine they're not thrilled that their first mover advantage has gone now, but they'll have seen it coming a mile off.
kylemaxwell•Jun 2, 2026
Every time somebody questions why you might "trust" AWS (or Azure or GCP or whatever), or why you'd pay this premium, I realize they are not accustomed to working in enterprise environments.
In my case, I work at a large enterprise with strict data governance built into customer contracts, and (partly related, partly not) our own governance concerns. Using vendors where you not only have infosec permission, but they are also listed as data processors in our contracts with our customers is the way not to get fired and sued.
If I'm playing around at home, with my own code and data, I can do whatever I want. But with my employer and customer? Absolutely not. It's the same reason we don't use whatever is the flavor of the month frontier model is.
Side hustles and startups just have an entirely different set of constraints and considerations.
sntran•Jun 2, 2026
I have just moved from a free environment in which I was able to use any AI harnesses or models to a strict enterprise environment.
I was shocked to realize how difficult it has been to have a GitHub CoPilot license on Azure. I mean, they're both Microsoft products. But no, the IT now has to figure out how to set up a GitHub enterprise, link to Azure subscription, and all that.
philipwhiuk•Jun 2, 2026
and set reasonable global and user token limits to avoid burning a year's IT spend cause Dave in Legal went ham on tokenmaxxing by uploading his entire legal case history.
in a company of 12 you can do that by saying 'we're all generalists, just don't be an idiot'. In a company of 10,000, you hired Dave cause he's good at legal merger mumbo jumbo not because he's an IT generalist.
foolfoolz•Jun 2, 2026
while true, everyone signed this same data privacy agreement with anthropic / openai a long tiem ago
bunderbunder•Jun 2, 2026
It’s not just that. Oftentimes contracts stipulate that the client’s data can’t be transferred across certain boundaries. If you have signed such an agreement, even sending the data to a service on the same cloud provider but in a different region could be a huge compliance violation.
kube-system•Jun 2, 2026
The agreements that Anthropic/OpenAI are pretty general and there’s a lot of use cases they don’t meet.
The list of compliance standards that AWS meets is so big they have a separate product just to deliver the compliance documents. They basically do everything imaginable.
btown•Jun 2, 2026
On top of this, there's a vast difference between "what do you mean that team spent $1000 on AI in their expense report, what did we get for that?" vs. "oh, the company-wide AWS bill went up by a few percent, let's look into that when we have time." The latter makes projects far more viable.
cubefox•Jun 2, 2026
But note that this difference is the result of bad accounting.
raincole•Jun 2, 2026
Or to put it simply, nobody ever got fired for buying IBM.
jimbokun•Jun 2, 2026
-> Microsoft -> AWS.
petesergeant•Jun 2, 2026
I would absolutely fire someone for using Azure without extenuating circumstances.
hdgvhicv•Jun 2, 2026
Are you the CTO of a $1b+ revenue company?
petesergeant•Jun 2, 2026
Are they the only people allowed to fire someone?
IMTDb•Jun 2, 2026
What GP meant is that the CTO of a $1b company wold absolutely not fire someone for going Azure because at those scale it's very likely they have a set of customers that exclusively want to work on Azure, so that choice makes sense.
It's easy to do blanket statements like "never choose azure", "avoid GCP at all cost" or "never again on AWS". Until real world comes your way and you are forced to deal with it.
That being said: I'd fire anyone choosing to deploy a workload on GCP.
mitchitized•Jun 2, 2026
Another reality is that at that scale you need to diversify your vendor portfolio so you never get stuck in a single-vendor scenario (for contracts, liability or scale). Many companies half this size have infrastructure across all three - AWS, Azure and GCP. The primary reason is redundancy, but that also gives them potential leverage for contract negotiation.
glzone1•Jun 2, 2026
The security posture at AWS is different. AI startups are going to get hacked and leak data etc. All the startup webapp builder tools, vscode plugin players etc.
AWS could still be hacked, but they've taken some care to make it a bit less likely, a bit easier to track which customers affected etc. If you dig into AWS logging for example, there is a TON if you turn it on, you can really go back and see who did what to the permissions / environment etc. I imagine they've got pretty good logging of their staffs access to things as well. I had to jump through some hoops once to have their staff on my account.
gobdovan•Jun 2, 2026
Have you considered checking the actual AWS contract and the limited liability they explicitly stipulate in contracts and even linked docs from marketing materials?
If you read the fine print, you'll notice something funny. You are largely responsible for data loss, SLA claims require you to present concrete evidence, and the remediation you accepted is usually credits for future spend on specifically the same product you lost your data on.
And AWS fine print is actually quite reasonable compared with, say, GCP, where the SLA seems mostly useful so the enterprise acquisition team can say "they have SLA, I can't get fired for choosing them since I did my due diligence!", while GCP can say "you already accepted the proposed remedy when signing the contract, sue us and we'll just point you to it. Thanks for your trust.". [0]
^ Standard multi-region or dual-region storage has a 99.95% availability SLA, regional Standard has 99.9%, and regional Nearline, Coldline, or Archive can be as low as 99.0%. The credits are 10%, 25%, or 50% of the monthly bill for the affected service tier, with 50% as the aggregate monthly cap, applied to future use. Google also says the customer must request the credit within 30 days or forfeit it.
citrin_ru•Jun 2, 2026
Nobody ever got fired for buying I̵B̵M̵ AWS. Most corporations already use AWS, used to its legal terms and accepted the risk. Any new provider will be scrutinised by legal more than an existing one.
saidnooneever•Jun 2, 2026
this..it doesnt really matter whats on the contract they all sell same things. in enterprise things just should not get u sacked :p then it workks perfectly.
regularfry•Jun 2, 2026
Models on Bedrock can have different and additional terms and conditions, there's even variety within the same provider for some of them. The Anthropic ones certainly have their own EULA. It's a bit frustrating because ideally it should be a known legal status, but in fact it still needs legal review if you're doing anything interesting.
fabian2k•Jun 2, 2026
They didn't mention anything about SLAs. This is about all the time, effort, paperwork and risk it takes to add yet another vendor. Having fewer vendors does actually reduce risk, as long as your chosen vendors are reasonably good. Though the bigger reason is certainly avoiding the additional bureaucracy, which is partly self-inflicted in larger companies but also not without merit.
gobdovan•Jun 2, 2026
Yeah, I understood the original point. And I'm tired of it.
I'm just tired of the 'everyone follows their immediate incentives while the system stays incoherent' as the de facto reality. I think shedding some light over the actual mechanics would maybe make someone consider 'perhaps we shouldn't allow our acquisition team just turn off their brain and choose the default to cover their bottoms; maybe vendors are worth more decision investment via actual thinking instead of performatively ending up on the default choice after a little ritualistic game of "eeny, meeny, miny, AWS"'.
I think it's worth pointing out that Jeff Bezos would fight this tooth and nail from happening in his companies. He popularised 'process as proxy'. Yet AWS as sold to external enterprises is the exact proxy Bezos warned against internally. Do what Bezos does, and even what Bezos preaches, just don't do by default what Bezos sells.
johndhi•Jun 2, 2026
Which vendor would you rather use in this context, with your sensitive customer data?
-vendor A's list of sub-processors is a mile long and includes providers of questionable repute;
-vendor B's list is short and includes AWS and GCP
hectormalot•Jun 2, 2026
We have a vendor with almost no subprocessors because they run their own hardware in a colo.
It is refreshing actually. They can accurately answer questions on how everything works and there is no subsubsubprocessors to worry about.
gobdovan•Jun 2, 2026
I think he's arguing about OpenAI vendoring specifically, where OpenAI has a lot of subprocessors, but AWS doesn't and there's not really a 3rd camp to choose from, yet. But even there you can't just choose AWS as I tried to illustrate in uncle comment.
alchemism•Jun 2, 2026
The politics of multimillion dollar contracts for public clouds go far, far, far beyond the preferences of an acquisition team, or what the engineers may think.
Our corporate lawyers have all reviewed these things. And like others mentioned, the SLAs are not the concern, its related to data security and someone to blame if things go boom.
kylemaxwell•Jun 2, 2026
I mean, I'm not really senior management, just an EM trying to get through life under the rules somebody else made.
Also, this isn't about SLA at all.
ok123456•Jun 2, 2026
They're motivated not by the actual loss, but the checkmark of having attestation for a compliance framework.
So the fact that Microsoft let remote hands-on-keyboards in the PRC fix problems on GCC-High Azure nodes used by DoD contractors doesn't matter, since they're too big to censure in any meaningful way without impacting tens of thousands of businesses that rely on them to get a letter that satisfies a compliance assessor.
Actually knowing what you're doing, or being able to critically assess the risks of using a specific provider, doesn't matter.
comandillos•Jun 2, 2026
In my company is simpler, we deal with data under EU Export Control so we cannot use any US provider due to the CLOUD Act.
notepad0x90•Jun 2, 2026
Yeah, cloud agents come with nice things like being able to filter content, implement guardrails like preventing PII or prompt injection from taking place. even if they sucked, at least liability wise you're set. I don't know how someone could even come close to this capability by doing it on their own. If anyone does, please share what tools, platforms and projects you're using.
gordonhart•Jun 2, 2026
Are they? I don't see them in the Model Catalog on Bedrock.
jgbuddy•Jun 2, 2026
great for consumers, great for OpenAI, great for Amazon, not so great for MS / Azure (seems like they don't care anyways)
rohansood15•Jun 2, 2026
Anthropic better get that IPO out soon. Their incredible revenue run-up was basically a result of botched Gemini releases and OpenAI having their hands-tied behind their Azure backs.
Anthropic models were quite literally the only viable serverless API (i.e. Bedrock) models on AWS. They didn't even bother releasing the recent Qwen 3.5/3.6 series. Combined with the token efficiency/ROI focus, I would really like to see how Antrhopic ends Q3.
chasd00•Jun 2, 2026
Sucks for Azure. They were the chosen one but couldn’t keep up with demand. Once OpenAI got out of that exclusivity deal saying Azure wasn’t reliable I knew AWS was where they were headed.
hooch•Jun 2, 2026
No 5.5 Pro
whatever1•Jun 2, 2026
Frontier labs provide “frozen” builds of their models that hyperscalers just serve without collecting data. This is a prerequisite from most of the companies that store sensitive data and still want to use frontier LLMS.
chopete3•Jun 2, 2026
This is the best thing to happen to AwS. Aws won't push their junk Bedrock equivalents at least.
Enterprises can focus on paying for AWS OpenAI models and get going.
notatoad•Jun 2, 2026
Their “junk bedrock equivalents” like opus?
retinaros•Jun 2, 2026
I guess he meant nova models? Which are definitely not even on the same table than thsoe models so its irrelevant
chopete3•Jun 2, 2026
Yes. The Nova models.
CSMastermind•Jun 2, 2026
One of the most attractive things a company can offer its engineers right now is a large token/compute budget.
shay_ker•Jun 2, 2026
It's fascinating that cloud providers like AWS/GCP/Azure are now immovable "enterprise" technologies, in the way that IBM, Oracle, SAP, etc. were 15 years ago (and still are!).
Fond memories when only startups used S3 and EC2....
It's both an incredible triumph and tremendously sad that cloud providers are now the dinosaurs. So many companies are locked in, just as they were before. It's only going to get worse.
I wish the "cloud" was more fungible.
MagicMoonlight•Jun 2, 2026
But their contract with Microslop prevents this?!?!? They specifically said like a month ago that they wouldn’t sell API access on AWS, they would only release specific products.
jorisw•Jun 2, 2026
Google 'openai azure contract dissolution'
aifusenno1•Jun 2, 2026
Do they use Trainium/Inferentia?
epicepicurean•Jun 2, 2026
any explanation of why the context window is only 272K?
ElenaDaibunny•Jun 2, 2026
was only a matter of time. enterprise teams on aws werent going to rearchitect their stack just for model access, easier to bring the models to where the workloads already are
24 Comments
If they put in a global endpoint like with Claude (or OpenAI directly) then it’ll probably match the direct pricing, if the pattern holds.
(https://aws.amazon.com/bedrock/pricing/, scroll to OpenAI)
This explanation seems plausible to me.
So, as an example, if you use Codex through Bedrock, that’s a totally separate instance of Codex from anything you would be interfacing with if you directly used OpenAI’s API; if you use Codex via Bedrock, OpenAI never sees your data or prompts because they stay sandboxed in an ephemeral Bedrock instance. For many large enterprise deployments this hard boundary is a big big deal.
Over the past year, Claude being available via Bedrock and ChatGPT/Codex not being available via Bedrock has been a huge competitive advantage for Anthropic in the enterprise space.
1. Large companies tend to already have an existing relationship with AWS, which makes things way easier to go through vs. setting up a new vendor relationship 2. Large companies tend to have strong internal requirements about making sure that internal data stays under company control. With AWS Bedrock, you can be a lot more confident that what you're feeding into the models is not going to end up in someone's training set somewhere. For where I work, this requirement is a dealbreaker for going directly through OpenAI's API instead of going through AWS Bedrock.
Instead you trust your best friend because you have known them for 15 years and seen them in enough situations. It’s long term observation and predictability they ultimately gives trust.
AWS has been around 20 years and has never once shown a sign that that they would sell customer data. Could they still try? Sure, in the same way they my friend who hates seafood his entire life could suddenly flip 180 and love it. Yeah I guess it’s possible.
AWS isn’t going to risk their reputation, and thus huge chunks of their business, just so a few AI labs can get some extra training data. That’s an insane risk with zero upside for AWS. AWS knows full well they will make insane quantities of cash without breaking legal contracts with companies who pay them billions each year for infra.
They have access to a ridiculous amount of private customer data and so far have not shown any predilection to misusing that access.
There's zero reason to "trust" Amazon about anything. (And yes, I know the retail and AWS sides of the company are different, but it's still the same company. The same rot is always there, just shuffled around.)
every single retail company does this, they allow suppliers to sell the product using retails's infrastructure, and then retailer turns around and create private label products using sales data (Costco's Kirkland Signature, Walmart's Great Value, are just some examples)
everything from amazon is coming from China, I dont understand why does a random person who resells stuff from Chinese factories via Amazon FBA feels entitled for exclusivity arrangement with Amazon?
Was such exclusivity encoded in some form of legally enforceable agreement ?
They absolutely go out and find who can make the product and the quality and price they want. It’s not always an identical product to the brand name on the same shelf. Sometimes it displaces the brand name.
Also unlike Altman they are trustworthy - a lot of Amazon competitors do run on AWS for decades.
They are the only ones I trust not to do that so far. And their terms are extremely clear on that, no fuzzy language. Exactly what we want to see. So we use Bedrock.
https://docs.aws.amazon.com/bedrock/latest/userguide/data-pr...
But it seems tremendously unlikely with how explicit they are being with it. It is clearly one of the top selling features for the service.
Curious to understand how AI will continue to grow if this is the trend. Assuming most valuable data is behind such firewalls. And whatever is public has been harvested, trained on top of whatever has been acquired illegally (this is a grey area).
Will it become a closed ecosystem without outside input?!
There probably is a point of “peak data” where the amount of new data will start decreasing, but that’s likely a 22nd or 24rd century problem.
Unless we’re producing data on the order of an entire new internet every couple of years, then it’s hard to see how LLMs can achieve further huge leaps in capability compared to training on effectively 0% of the internet vs 100% of the internet.
And individuals will loose motivation to share, because it wont be that pro-social activity anymore anyway.
It doesn't actually. The US can request data from whatever country US companies store it, and companies must comply.
So if you have strong requirements for data to stay in your country, using a US provider, whatever it is, is out of question no matter what the company's marketing claims (they are not maintaining these claims under oath for what it's worth: https://www.senat.fr/compte-rendu-commissions/20250609/ce_co... )
Claude Code keeps omitting new features from people using it through Amazon Bedrock (e.g. auto mode, ultra plan, Claude for Chrome). Hopefully some more competition can get them to rethink their strategy.
For awhile now, I've had a api.anthropic.com emulator that "secretly" forwards requests to Amazon Bedrock. Works great and now I get all the nice first-party only features right away.
In my case, I work at a large enterprise with strict data governance built into customer contracts, and (partly related, partly not) our own governance concerns. Using vendors where you not only have infosec permission, but they are also listed as data processors in our contracts with our customers is the way not to get fired and sued.
If I'm playing around at home, with my own code and data, I can do whatever I want. But with my employer and customer? Absolutely not. It's the same reason we don't use whatever is the flavor of the month frontier model is.
Side hustles and startups just have an entirely different set of constraints and considerations.
I was shocked to realize how difficult it has been to have a GitHub CoPilot license on Azure. I mean, they're both Microsoft products. But no, the IT now has to figure out how to set up a GitHub enterprise, link to Azure subscription, and all that.
in a company of 12 you can do that by saying 'we're all generalists, just don't be an idiot'. In a company of 10,000, you hired Dave cause he's good at legal merger mumbo jumbo not because he's an IT generalist.
The list of compliance standards that AWS meets is so big they have a separate product just to deliver the compliance documents. They basically do everything imaginable.
It's easy to do blanket statements like "never choose azure", "avoid GCP at all cost" or "never again on AWS". Until real world comes your way and you are forced to deal with it.
That being said: I'd fire anyone choosing to deploy a workload on GCP.
AWS could still be hacked, but they've taken some care to make it a bit less likely, a bit easier to track which customers affected etc. If you dig into AWS logging for example, there is a TON if you turn it on, you can really go back and see who did what to the permissions / environment etc. I imagine they've got pretty good logging of their staffs access to things as well. I had to jump through some hoops once to have their staff on my account.
If you read the fine print, you'll notice something funny. You are largely responsible for data loss, SLA claims require you to present concrete evidence, and the remediation you accepted is usually credits for future spend on specifically the same product you lost your data on.
And AWS fine print is actually quite reasonable compared with, say, GCP, where the SLA seems mostly useful so the enterprise acquisition team can say "they have SLA, I can't get fired for choosing them since I did my due diligence!", while GCP can say "you already accepted the proposed remedy when signing the contract, sue us and we'll just point you to it. Thanks for your trust.". [0]
[0] https://docs.cloud.google.com/storage/docs/storage-classes
^ Standard multi-region or dual-region storage has a 99.95% availability SLA, regional Standard has 99.9%, and regional Nearline, Coldline, or Archive can be as low as 99.0%. The credits are 10%, 25%, or 50% of the monthly bill for the affected service tier, with 50% as the aggregate monthly cap, applied to future use. Google also says the customer must request the credit within 30 days or forfeit it.
I'm just tired of the 'everyone follows their immediate incentives while the system stays incoherent' as the de facto reality. I think shedding some light over the actual mechanics would maybe make someone consider 'perhaps we shouldn't allow our acquisition team just turn off their brain and choose the default to cover their bottoms; maybe vendors are worth more decision investment via actual thinking instead of performatively ending up on the default choice after a little ritualistic game of "eeny, meeny, miny, AWS"'.
I think it's worth pointing out that Jeff Bezos would fight this tooth and nail from happening in his companies. He popularised 'process as proxy'. Yet AWS as sold to external enterprises is the exact proxy Bezos warned against internally. Do what Bezos does, and even what Bezos preaches, just don't do by default what Bezos sells.
It is refreshing actually. They can accurately answer questions on how everything works and there is no subsubsubprocessors to worry about.
Also, this isn't about SLA at all.
So the fact that Microsoft let remote hands-on-keyboards in the PRC fix problems on GCC-High Azure nodes used by DoD contractors doesn't matter, since they're too big to censure in any meaningful way without impacting tens of thousands of businesses that rely on them to get a letter that satisfies a compliance assessor.
Actually knowing what you're doing, or being able to critically assess the risks of using a specific provider, doesn't matter.
Anthropic models were quite literally the only viable serverless API (i.e. Bedrock) models on AWS. They didn't even bother releasing the recent Qwen 3.5/3.6 series. Combined with the token efficiency/ROI focus, I would really like to see how Antrhopic ends Q3.
Enterprises can focus on paying for AWS OpenAI models and get going.
Fond memories when only startups used S3 and EC2....
It's both an incredible triumph and tremendously sad that cloud providers are now the dinosaurs. So many companies are locked in, just as they were before. It's only going to get worse.
I wish the "cloud" was more fungible.