>
    Strata Copilot
    AWS Bedrock Connection Method
    Focus
    Download PDF
    Focus
    1. Home
    2. Prisma AIRS
    3. AI Red Teaming
    4. Identify AI System Risks with AI Red Teaming
    5. Get Started with Prisma AIRS AI Red Teaming
    6. Targets
    7. AWS Bedrock Connection Method
    Download PDF
    Prisma AIRS

    AWS Bedrock Connection Method

    Table of Contents

    AWS Bedrock Connection Method

    Use AWS Bedrock connection method for adding targets.
    An AWS Bedrock connection method leverages the fully managed service provided by Amazon Web Services to facilitate the ability to build and scale generative AI applications. When you use the AWS Bedrock connection method you configure AWS authentication and model details.
    1. After specifying Target Details, set the Connection Method to AWS Bedrock.
    2. Select Next: Add/Verify Parameters.
    3. In the Add/Verify Parameters page, you'll need to set the authentication mechanism and additional connection details. In the AWS Authentication Details section:
      1. Specify the Region.
      2. Enter the IAM Access ID.
      3. Enter the IAM Access Secret.
      4. Optionally enter the Session Token.
    4. In the Model Details section:
      1. Enter a Model Name. For example, gpt 3.5 turbo.
      2. Enable or disable Model Streaming.
    5. Select Next: Verify & Edit JSON.
    6. In the Verify & Edit JSON page, specify the JSON structure of the request.
    7. Click Next: Advanced Configurations.
      In the Advanced Configurations page you'll configure Rate Limits and set Guardrails/Content Filters.
    8. (Optional) Enable Rate Limits for applications on the target endpoint.
      1. Specify the Endpoint Rate Limit. This value represents the maximum number of allowed requests per minute for the specified endpoint.
      2. Specify the Endpoint Rate Limit Error Code. This field represents the error code your system uses for rate limiting violations.
      3. Provide a Sample Exception JSON.
    9. (Optional) Enable Guardrails/Content Filters. These fields are used for output guardrails or content filters applicable on the target endpoint.
      1. Specify the Error code for Guardrails or Content Filters. This field represents the error code your system uses when a response is prevented by filters or safeguards.
      2. Provide a Sample Exception JSON.
      3. Select
        .
        Only after a target is successfully validated, you can add target background information.
    10. Configure Target Background.
      Agentic Profiling in Red Teaming helps gather all relevant context about a target endpoint such as its business use case, background, key capabilities, technical architecture and other critical information. This is carried out by an autonomous agent probing the target endpoint with the right prompts. All information gathered through this exercise is presented as the Target's profile and is used downstream in Red Teaming Scans using the Agent.
      Target profiling allows you to either manually provide the required background information or use Agentic profiling (Fetch through Agentic Profiling) to automatically discover and populate these fields through AI-driven analysis of your endpoints. You can also modify the information collected with Agentic Profiling by updating the fields.
      1. Add Industry information.
      2. Add Use Case, that is specific role of the target such as customer service or additional comments.
      3. (Optional) Select Add Competitor to add the list of Competitors.
      AI Red Teaming collects and organizes critical information about your target endpoint, such as:
      • Target background—Encompasses mandatory elements such as, industry classification, use case definition, and competitive landscape analysis, along with optional documentation uploads including company policy documents and other relevant materials.
        • Target background information is mandatory for AI applications and AI agents but optional for AI models, which may result in different levels of contextual analysis depending on your endpoint type.
        • Company policy documents and other relevant materials are limited to PDF format uploads only.
      • (Optional) Additional Context—Captures technical architecture details including base models, core architecture patterns such as single LLM implementations, LLM with RAG, tool-calling capabilities, or multi-agent systems, accessibility scope, supported languages, banned keywords, accessible tools for agents, and system prompt configurations that govern endpoint behavior.
      When you add a target, the target profiling process begins. Once a target is successfully added to your environment, AI Red Teaming continues background profiling to gather comprehensive details across all categories, ensuring your target profiles remain current and complete without requiring constant manual intervention.
      • If you attempt to start a scan while Agentic profiling is still in progress, you will need to either wait for completion or manually enter the required fields to proceed immediately.
      • The Target Profile view clearly highlights fields that were populated using AI (Agentic Profiling) so that users can edit it if it is not accurate or needs more nuance.
      • AI Red Teaming maintains awareness of your ongoing profiling activities, providing you with appropriate notifications when background discovery is in progress and offering you options to proceed with manual configuration or wait for automated completion, ensuring you can balance your immediate assessment needs with comprehensive contextual analysis for optimal security evaluation outcomes.
      When you access individual target profiles through the Target endpoint interface, you can view and modify all gathered context information, with clear distinctions between user-provided data and system-discovered information.
    11. Configure additional context related to target.
      If you populate the Target Background information automatically by selecting Fetch through Agentic Profiling, AI Red Teaming will also auto-fill the Additional Context fields.
      When conducting a thorough assessment of an AI agent or language model system, it's essential to gather detailed information across multiple dimensions.
      • Base Model—The underlying foundation model that powers the AI system. This represents the pre-trained language model at the core of the agent's intelligence. For example, GPT-4o, Claude 3.5 Sonnet, Claude 3 Opus, and Llama 3 / Llama 3.1.
      • Core Architecture—The structural implementation and design pattern of the AI agent system, determining how the base model is deployed and augmented. For example, Single LLM, LLM with RAG (Retrieval-Augmented Generation), LLM with Tool Calling / Function Calling, Multi-Agent System, and Hybrid Architectures.
      • System Prompt—The foundational instructions, persona definitions, and behavioral guidelines that govern the agent's responses and decision-making processes. For example, role definition, behavioral guidelines, and safety instructions.
      • Languages Supported—The complete set of natural languages the target system can understand, process, and generate responses in, including proficiency levels. For example, English, Spanish, French, and German.
      • Banned Keywords—Trigger words, phrases, or patterns that cause the target to refuse a response, activate safety filters, or modify behavior regardless of the prompt's actual intent or context. For example, self-harm, violence, illegal activity keywords.
      • Tools Accessible—The complete schema and specifications for all external functions, APIs, and capabilities available to the agent for extending its functionality beyond text generation.
    12. Select Submit.
      Once the target is created you can start a scan, or view previously created targets:

    © 2026 Palo Alto Networks, Inc. All rights reserved.