Claude Code on Amazon Bedrock & AWS: Infrastructure Requirements, Setup & Deployment Guide

Claude Code is Anthropic's AI-powered coding assistant that lives in your terminal, IDE, or browser. It reads your codebase, runs commands, writes and edits files, and handles complex multi-step engineering tasks — from debugging to feature implementation to refactoring — all guided by natural-language instructions.

For organizations running on AWS, Claude Code can connect directly to Amazon Bedrock, Claude Desktop can use Cowork on third-party (3P) mode with Bedrock for the Cowork and Code tabs, and self-hosted models can still be exposed inside your own VPC when that extra control is required. This guide walks through the paths end to end: prerequisites, configuration, IAM setup, model pinning, networking, enterprise rollout, and operational best practices.

Infrastructure Requirements at a Glance

Teams planning a Claude Code deployment on AWS usually need four things in place before rollout: model access, IAM permissions, a network path, and operational guardrails.

• Model access: enable Anthropic models in Amazon Bedrock or expose an Anthropic-compatible self-hosted endpoint inside your VPC.
• Identity and permissions: configure IAM for Bedrock invocation, inference profile access, Marketplace subscription, and a credential refresh path for teams using SSO.
• Network path: decide the region, confirm TLS and routing, and use PrivateLink, VPC connectivity, or private subnets where your deployment model requires them.
• Deployment controls: pin model versions, define logging and telemetry, and add Bedrock Guardrails or equivalent controls before broad rollout.

If any of these prerequisites are missing, deployment slows down quickly: authentication breaks, model calls fail, or teams fall back to manual workarounds. The sections below walk through each requirement in detail.

Quick Decision Matrix

Bedrock vs. Claude Team/Enterprise: AWS-Native Control or First-Party SaaS

The choice comes down to AWS-native control versus the first-party Claude app experience. Anthropic's own deployment overview positions Claude Team/Enterprise as the best experience for most organizations, while Bedrock is the best fit for AWS-native deployments.

Claude on Amazon Bedrock

Bedrock is the right fit for organizations with AWS-native deployments that want:

• AWS billing and governance. Bedrock consumption is usage-based and appears on your standard AWS bill. AWS also offers reserved capacity, batch inference, and other pricing tiers beyond on-demand. Bedrock spend may draw down an existing AWS Enterprise Discount Program (EDP) commitment; confirm eligibility with your AWS account team, as terms vary.
• Security controls anchored in AWS. Requests are governed through AWS IAM, processed within your selected region, encrypted at rest and in transit, and not shared with model providers. Optional PrivateLink and VPC connectivity provide additional network-level isolation.
• AWS application-building services. Beyond model invocation, Bedrock provides evaluation, fine-tuning, RAG (knowledge bases), agents, guardrails, and collaborative workflows through SageMaker Unified Studio.

The important caveat is now narrower: direct Bedrock access is a model/API path, not a Claude Team or Enterprise app subscription. Bedrock by itself does not include the standard Claude web, iOS, or Android apps, Claude plan administration, Anthropic-hosted conversation history, Projects, Artifacts, or Anthropic-managed connectors. Claude Desktop can now run in Cowork on 3P mode with inference routed through Bedrock, but that is a separately configured Desktop deployment with local storage, MDM/OS-managed settings, and different feature/admin parity from the standard Claude SaaS experience. If you need the simplest managed Claude app rollout with built-in collaboration and workplace connectors, compare Bedrock and Desktop 3P against Claude Team or Enterprise.

Claude Team and Enterprise (Seat-Based SaaS)

Claude Team and Enterprise plans operate outside the AWS ecosystem with a seat-based subscription model (standard and premium tiers, with optional extra usage and spend controls). What they deliver is fastest end-user adoption:

• Native web, iOS, Android, and desktop access to Claude
• Projects, Artifacts, and collaboration workflows
• Workplace connectors (Google Workspace available broadly; custom connectors also available beyond Team)
• Claude Code and Claude Cowork included
• Organizational admin, centralized billing, and security controls
• Enterprise adds SSO/SCIM, expanded retention, and advanced admin controls

Which Path Is Right?

Many of our customers adopt both: Bedrock for engineering teams and custom applications, plus a Claude Team or Enterprise plan for business users. Elevata can help you design this hybrid approach.

Scenario 1: Claude Code with Amazon Bedrock

AWS Bedrock provides fully managed access to Anthropic's Claude models without hosting or scaling infrastructure. For teams already operating on AWS, this is the most direct path to enabling Claude Code.

Prerequisites

• An AWS account with Bedrock access enabled
• Required AWS Marketplace permissions (detailed below)
• AWS CLI installed and configured (optional)

Step 1: Enable Model Access

To use Claude through Amazon Bedrock, ensure your account has the required AWS Marketplace permissions, then complete Anthropic's one-time First Time Use form. After the form, access is granted immediately, though the initial subscription/setup can take several minutes before calls succeed consistently.

1. Navigate to Amazon Bedrock in the AWS Console.
2. Go to Model access and select the desired Claude models.
3. Complete Anthropic's use-case form (once per account). Access is granted immediately after submission.
4. Allow a few minutes for the initial subscription to process before making your first API call.

Step 2: Request Service Quota Increases

Default quotas may be insufficient for team-wide usage. Request increases proactively:

Step 3: Configure IAM Permissions

Create an IAM policy with the minimum permissions for Claude Code:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "AllowModelAndInferenceProfileAccess",
      "Effect": "Allow",
      "Action": [
        "bedrock:InvokeModel",
        "bedrock:InvokeModelWithResponseStream",
        "bedrock:ListInferenceProfiles"
      ],
      "Resource": [
        "arn:aws:bedrock:*:*:inference-profile/*",
        "arn:aws:bedrock:*:*:application-inference-profile/*",
        "arn:aws:bedrock:*:*:foundation-model/*"
      ]
    },
    {
      "Sid": "AllowMarketplaceSubscription",
      "Effect": "Allow",
      "Action": [
        "aws-marketplace:ViewSubscriptions",
        "aws-marketplace:Subscribe"
      ],
      "Resource": "*",
      "Condition": {
        "StringEquals": {
          "aws:CalledViaLast": "bedrock.amazonaws.com"
        }
      }
    }
  ]
}

Scope permissions to specific model ARNs for more restrictive access. Create a dedicated AWS account for Claude Code to simplify cost tracking and access control.

Step 4: Configure Claude Code Environment Variables

# Enable Bedrock integration
export CLAUDE_CODE_USE_BEDROCK=1
export AWS_REGION=us-east-1  # or your preferred region

# Optional: Override the region for the small/fast model (Haiku)
export ANTHROPIC_SMALL_FAST_MODEL_AWS_REGION=us-west-2

Important: AWS_REGION must be set explicitly. Claude Code does not read from .aws/config. When using Bedrock, /login and /logout commands are disabled.

Step 5: Configure AWS Authentication

Note on Bedrock API Keys: API-key usage is governed by the bedrock:CallWithBearerToken permission. AWS recommends long-term Bedrock API keys mainly for exploration; for production, prefer temporary credentials (SSO, instance roles) for stronger security.

For SSO with credential refresh, add awsAuthRefresh to your Claude Code configuration:

{
  "awsAuthRefresh": "aws sso login --profile myprofile",
  "env": {
    "AWS_PROFILE": "myprofile"
  }
}

Step 6: Pin Model Versions

Critical for production stability. Without pinning, Claude Code may attempt to use a newer model version unavailable in your Bedrock account.

export ANTHROPIC_DEFAULT_OPUS_MODEL='us.anthropic.claude-opus-4-6-v1'
export ANTHROPIC_DEFAULT_SONNET_MODEL='us.anthropic.claude-sonnet-4-6'
export ANTHROPIC_DEFAULT_HAIKU_MODEL='us.anthropic.claude-haiku-4-5-20251001-v1:0'

For multiple model versions, use modelOverrides:

{
  "modelOverrides": {
    "claude-opus-4-6": "arn:aws:bedrock:us-east-2:123456789012:application-inference-profile/opus-46-prod",
    "claude-opus-4-5-20251101": "arn:aws:bedrock:us-east-2:123456789012:application-inference-profile/opus-45-prod"
  }
}

Step 7: Enable AWS Guardrails (Optional)

Create a Guardrail in the Bedrock console, publish a version, then add the headers:

{
  "env": {
    "ANTHROPIC_CUSTOM_HEADERS": "X-Amzn-Bedrock-GuardrailIdentifier: your-guardrail-id\nX-Amzn-Bedrock-GuardrailVersion: 1"
  }
}

Cross-Region Inference

Cross-region inference profiles (model IDs prefixed with us. or eu.) allow Bedrock to route requests across configured regions to improve throughput and performance. Enable cross-region inference on your Guardrails if using these profiles.

Scenario 2: Claude Desktop Cowork on 3P with Bedrock

Anthropic now documents Cowork on third-party (3P) as a Claude Desktop deployment mode that routes inference for the Cowork and Code tabs through a configured provider, including Amazon Bedrock. The app runs as a bundled local application, conversation history stays on the user device, and, when the provider is Bedrock, Anthropic documents that prompts, responses, files, and tool outputs go to the configured inference endpoint rather than Anthropic first-party infrastructure.

This path is different from terminal-based CLAUDE_CODE_USE_BEDROCK=1. Use direct Claude Code on Bedrock when the main audience is engineers working in the CLI. Use Claude Desktop 3P when the organization wants the Cowork experience, plugins, workspace controls, MDM, egress controls, telemetry, and the Code tab inside Desktop, but needs inference to run through Bedrock for security, residency, or contractual reasons.

How to enable the setup UI

For single-machine evaluation, the official setup path is to open Claude Desktop, go to Help -> Troubleshooting -> Enable Developer mode, then Developer -> Configure third-party inference. That screen validates provider fields and exports a .mobileconfig file on macOS or a .reg file on Windows for MDM distribution. For rollout, prefer MDM over manual per-user configuration.

Minimum Bedrock configuration

The relevant Bedrock keys are inferenceProvider=bedrock, inferenceBedrockRegion, one credential method, and inferenceModels. Anthropic documents two authentication methods: inferenceBedrockBearerToken, which requires bedrock:CallWithBearerToken on the underlying principal, or inferenceBedrockProfile, which uses an AWS profile from ~/.aws/config and requires bedrock:InvokeModel and bedrock:InvokeModelWithResponseStream for the inference profiles and foundation models used. If the organization uses AWS SSO, the AWS profile path is the most natural pilot route; for production, validate credential refresh and MDM distribution.

{
  "enterpriseConfig": {
    "inferenceProvider": "bedrock",
    "inferenceBedrockRegion": "us-east-1",
    "inferenceBedrockProfile": "claude-bedrock",
    "inferenceModels": "[\"us.anthropic.claude-sonnet-4-5-20250929-v1:0\"]",
    "deploymentOrganizationUuid": "REPLACE_WITH_REAL_UUID"
  }
}

Important: array-typed keys such as inferenceModels must be written as JSON strings. In .mobileconfig, that means one string value containing [...], not a native plist array. Configure a real UUID for deploymentOrganizationUuid before rollout; if you leave a shared placeholder, telemetry is tagged with a generic value that Anthropic cannot distinguish from other unconfigured deployments. For Bedrock, use model IDs or inference-profile IDs available in the selected region and validate with aws bedrock list-inference-profiles before rollout.

Base URL, PrivateLink, and Bedrock gateway

If you leave inferenceBedrockBaseUrl unset, Desktop uses the public regional Bedrock endpoint. For environments that require a private path, the key can point to a Bedrock endpoint through PrivateLink or to an LLM gateway representing Bedrock, always over https://. Even with a gateway, keep the scope Bedrock-centered: IAM, CloudTrail, region, model, quota, and cost remain the primary decisions.

Code tab: still validate separately

The Code tab in Cowork on 3P uses the same Claude Code CLI engine, but Anthropic notes that some Cowork on 3P keys do not yet propagate to Code-tab sessions exactly the way they apply to the Cowork tab. For enterprise deployment, treat the Code tab as a separate validation path and also distribute Claude Code managed-settings.json when you need to pin policies, models, or sandboxing directly for coding sessions.

Desktop 3P + Bedrock validation checklist

• Confirm the Claude Desktop version and that the third-party inference setup UI appears.
• Validate inferenceProvider=bedrock, region, AWS profile or bearer token, and exposed models.
• Confirm the AWS profile inside the sandbox resolves credentials and refreshes through SSO or a credential process.
• Test Cowork and Code separately against a small repository before opening monorepos.
• Configure allowedWorkspaceFolders, coworkEgressAllowedHosts, disabled tools, OTel, and token limits where applicable.
• Confirm CloudTrail, budgets, Bedrock metrics, and local logs before broad rollout.

Scenario 3: Self-Hosted Models on AWS

Organizations that need to run open-source or third-party models can host them within their own AWS VPC and connect Claude Code to these self-managed inference endpoints. This provides full control over model selection, data residency, and cost, but requires additional infrastructure management and comes with compatibility limitations.

Provision GPU Compute

Deploy an Inference Server

Your server must implement the Anthropic Messages API format (/v1/messages):

• vLLM (Recommended): Natively supports the Anthropic Messages API with high-throughput inference. vLLM has first-party documentation specifically for Claude Code via its Anthropic-compatible API.
• LiteLLM Proxy: Translation layer for models that only support OpenAI-compatible endpoints.

Compatibility Notes

• Limited features: When ANTHROPIC_BASE_URL points to a non-first-party host, MCP tool search is disabled by default unless the proxy forwards the needed blocks.
• LiteLLM security: Be aware that LiteLLM versions 1.82.7 and 1.82.8 were flagged with a security advisory in Anthropic's gateway docs. Verify you are using a patched version.
• Feature parity: Parity depends on the server/proxy and model capabilities. For example, MCP tool search is disabled by default on non-first-party hosts unless the proxy forwards tool_reference blocks.

Networking and Security

• Inference server in a private subnet via VPN or AWS Client VPN
• Internal ALB with TLS termination
• Restrictive security groups + CloudWatch monitoring
• AWS PrivateLink for zero-trust patterns

Configure Claude Code

export ANTHROPIC_BASE_URL=https://your-vllm-endpoint.internal
export ANTHROPIC_AUTH_TOKEN=your-auth-token

Scenario Comparison

Enterprise Rollout

For deployments at scale, Anthropic documents enterprise management features that go beyond basic configuration:

Managed settings

Distribute Claude Code configuration centrally using server-managed settings when the organization uses Claude Team or Enterprise. For Bedrock, Vertex, or Foundry deployments, use file-based, plist, or registry managed settings depending on the operating system and MDM. These paths let platform teams define model versions, authentication policies, and security settings that users cannot override locally.

Managed Permissions

Configure managed permissions to control which tools and actions Claude Code can execute. This gives security teams granular control over what Claude Code can do in each developer's environment.

Analytics and Monitoring

Deploy analytics dashboards to track adoption, usage, and ROI. Claude Code supports OpenTelemetry (OTel) based telemetry for sending detailed usage metrics to your observability stack.

Best Practices for Production

Application Inference Profiles

Use Bedrock application inference profiles for tagged cost tracking and CloudWatch metrics by team, project, or environment. This provides granular visibility that simple Cost Explorer tags cannot.

Prompt Caching

Claude Code is a strong fit for Bedrock prompt caching, which can significantly reduce latency and costs for repetitive system context and codebase content. Check regional availability, as prompt caching may not be available in all regions.

Enterprise LLM Gateway

For centralized authentication, rate limiting, and cost controls, deploy an LLM Gateway in front of Bedrock via ANTHROPIC_BEDROCK_BASE_URL.

OTel Telemetry

Use Claude Code's OpenTelemetry telemetry to send usage, latency, and adoption metrics to your existing observability stack. Combine with application inference profiles for a complete cost and performance view.

Security and Compliance

Enable AWS CloudTrail for all Bedrock API calls. Use Guardrails for content filtering. For self-hosted, implement access logging at the inference server level.

Troubleshooting

• Region issues: aws bedrock list-inference-profiles --region your-region
• "On-demand throughput isn't supported" error: Use an inference profile ID rather than a base model ID.
• Credential expiry: Configure awsAuthRefresh for automatic re-authentication.
• Self-hosted endpoint: Must implement /v1/messages. Use LiteLLM Proxy (patched version) for OpenAI-only endpoints.
• Desktop 3P does not launch in Bedrock mode: confirm inferenceProvider=bedrock, valid credentials, inferenceBedrockRegion, and inferenceModels as a JSON string.
• Cowork works but Code does not follow the same policy: validate the Code tab separately and distribute Claude Code managed-settings.json when you need to pin policies for coding sessions.

Note: Claude Code uses the Bedrock Invoke API and does not support the Converse API.

FAQ

What infrastructure do I need to deploy Claude Code on AWS?
At minimum, you need an AWS account with Bedrock access or a private Anthropic-compatible inference endpoint, IAM permissions for model access and Marketplace subscription, explicit region and network configuration, and operational controls such as model pinning, logging, and guardrails.

Does Bedrock include Claude web?
Not as the standard SaaS experience. Bedrock provides the model API and AWS development services; Claude web/iOS/Android apps, plan administration, hosted history, Projects, Artifacts, and managed connectors remain part of Claude Team and Enterprise plans. What changed is Desktop: Claude Desktop can use Bedrock in Cowork on 3P mode, with inference on Bedrock, local storage, and MDM/OS-managed configuration.

Can Claude Desktop now use Bedrock without sending conversations to Anthropic infrastructure?
Yes, for Cowork on 3P with inferenceProvider=bedrock, Anthropic documents that prompts, responses, files, and tool outputs are sent to the configured inference endpoint and stored on the local device, not Anthropic first-party infrastructure. Still, crash reports, analytics, updates, OTel, egress, and local policies need to be configured according to the organization’s security profile.

Do I need model access approval?
There is no manual approval queue. With the right AWS Marketplace permissions, complete Anthropic's First Time Use form and access is granted immediately. Initial setup may take a few minutes.

Are Bedrock API keys safe for production?
AWS recommends long-term Bedrock API keys for exploration. For production, use temporary credentials (SSO, instance roles). API-key access is governed by the bedrock:CallWithBearerToken permission.

What breaks with self-hosted models?
Feature parity depends on the server/proxy and model capabilities. The best-documented caveat is MCP tool search: it is disabled by default on non-first-party hosts unless the proxy forwards tool_reference blocks. Specific LiteLLM versions (1.82.7–1.82.8) have known security advisories.

How Elevata Can Help

Setting up Claude Code is just the beginning. As an AWS Advanced Tier Services Partner with the AWS Generative AI Competency, Elevata helps organizations build the complete AI-powered development platform on AWS.

• Claude Code and Claude Desktop 3P deployment — end-to-end setup for Bedrock, Cowork on 3P, and self-hosted scenarios, including IAM, MDM, managed settings, AWS profiles, Code-tab controls, and onboarding automation.
• AI infrastructure — GPU sizing, inference optimization, application inference profiles, prompt caching, and OTel monitoring.
• Hybrid plan design — deciding where Bedrock and Claude Team/Enterprise each fit and building the integrations.
• Elevata Orbit — on-demand senior AWS engineers for setup, optimization, and ongoing operations.

Contact us at elevata.io to discuss your Claude Code deployment, AI strategy, or AWS infrastructure needs.