The Standard
The 841 Dimensions Regulatory Mapping Version History Assurance Framework
Compliance
Compliance Leaderboard Platform Comparison
Verification
Submit for Verification Self-Assessment Tool
About
About AgentGoverning Press & Media
Contact
Contact
Home/ Compliance Leaderboard/ Amazon Bedrock Agents — Agent Audit
← Back to Compliance Leaderboard
ESTIMATED SCORE — NOT VERIFIED
This assessment is based solely on publicly available documentation, marketing materials, and product announcements. Amazon Bedrock Agents has not submitted to AgentGoverning for independent adversarial verification. This score is an estimate only and may not reflect actual platform capabilities. Amazon Bedrock Agents is invited to submit for formal assessment at framework@agentgoverning.com. Estimated scores carry no certification status.
How This Score Is Calculated

This estimated score reflects publicly documented agent deployment governance capabilities assessed across 10 capability categories against the 508 Agent Audit dimensions of AGS v2.2:
• Mandate & autonomy (27 dims)
• Agent orchestration (65 dims)
• Trust & identity (30 dims)
• Detection & containment (35 dims)
• Financial controls (45 dims)
• Human oversight (7 dims)
• Memory & knowledge (18 dims)
• Sector-specific (180 dims)
• Other core governance (93 dims)
• Deployment & lifecycle (8 dims)

Each category scored 0–100% based on public documentation coverage. Overall score = weighted average across all 10 categories.

Based solely on publicly available documentation as of April 2026.

24 / 508 ESTIMATED

Amazon Bedrock Agents

24% estimated AGS Agent Audit compliance
Assessment: April 2026 · AGS v2.2 Agent Audit (Track 2) · Estimated (not independently verified)
ESTIMATED Agent Audit — Track 2
What This Score Means
Amazon Bedrock Agents scores highest among competitors on the Agent Audit due to its Cedar declarative policy language and AgentCore Gateway — a genuine deterministic enforcement layer operating outside the LLM reasoning loop. The supervisor/sub-agent architecture provides real multi-agent orchestration. However, agent-specific governance capabilities beyond Cedar policy enforcement are limited: no inter-agent trust attestation, no graduated autonomy framework, no delegation depth governance, and no cryptographic state sealing. The majority of Agent Audit dimensions require structural enforcement mechanisms beyond policy-level controls..
Mandate
55%
Orchestration
30%
Trust
20%
Detection
20%
Financial
15%
Oversight
15%
Memory
15%
Sector
20%
Core
25%
Deployment
20%
Key Strengths
AG-001
Operational Boundary Enforcement
Cedar declarative policy language provides genuine deterministic enforcement of operational boundaries outside the LLM reasoning loop via AgentCore Gateway.
Score: 2 / 3
AG-057
Delegation Chain Governance
Supervisor/sub-agent architecture provides real multi-agent orchestration with structured delegation patterns.
Score: 1 / 3
AG-060
Deployment Gates
AWS deployment infrastructure provides basic deployment gate controls through standard AWS service deployment mechanisms.
Score: 1 / 3
The following gap analysis is based on publicly available documentation only. These are estimated structural gaps, not verified findings. Amazon Bedrock Agents may have implemented controls not visible in public documentation.
Critical Gaps
AG-058
Inter-Agent Trust Attestation
No inter-agent trust handshake or attestation framework. Agents cannot cryptographically verify the governance status of other agents before delegation.
Score: 0 / 3 — Structurally Absent
AG-786
Cryptographic State Sealing
No cryptographic seal or tamper-resistance mechanism for agent state. Agent state integrity cannot be independently verified.
Score: 0 / 3 — Structurally Absent
AG-788
Federated Broadcast Governance
No federated broadcast mechanism for governance policy propagation across distributed agent deployments.
Score: 0 / 3 — Structurally Absent
Full Dimension Assessment
AreaStrongest CapabilitiesStatus
Strongest Documented Capabilities
MandateMandate boundary enforcement (Cedar + AgentCore Gateway)Evidenced
OrchestrationMulti-agent orchestration (supervisor/sub-agent architecture)Evidenced
IdentityAgent identity (IAM)Evidenced
DocumentationProvider documentationEvidenced
Structurally Absent Capabilities
TrustInter-agent trust handshakesAbsent
TrustGovernance passportsAbsent
OversightGraduated autonomyAbsent
OrchestrationDelegation chain governanceAbsent
CoreCryptographic seal resistanceAbsent
CoreFederated broadcastAbsent
CoreComposite scoringAbsent
MemoryMemory/RAG governanceAbsent
FinancialAgent-level financial crimeAbsent
Sources
  • Amazon Bedrock AgentCore documentation
  • AWS re:Invent 2025
  • Bedrock Guardrails
  • AgentCore Gateway GA March 2026
  • Cedar policy specification
Sources reviewed: April 2026.
Agent Audit Industry Average (estimated): 15% · Based on publicly documented agent deployment governance capabilities across assessed platforms. Full leaderboard →
Submit for Free Verification
Replace this estimated score with an independently verified assessment. Verification is free and adversarial.
Submit for Verification
Legal Disclaimer. This assessment is an independent estimate based on publicly available documentation and does not constitute legal, compliance, or certification advice. AgentGoverning is not affiliated with, endorsed by, or sponsored by Amazon Web Services, Inc. or its affiliates. "Amazon Bedrock Agents", "Cedar", "AgentCore", and "AWS" are trademarks of Amazon.com, Inc. or its affiliates. All scores are estimated and unverified. This page does not constitute a certification, endorsement, or guarantee of any kind. The assessment methodology, scoring criteria, and dimension definitions are the intellectual property of AgentGoverning and are licensed under CC BY 4.0. For formal verification, platforms must submit to independent adversarial assessment. Estimated scores may change as new documentation becomes available. AgentGoverning accepts no liability for decisions made based on estimated scores.