AWS re:Invent 2025 - Leverage observability to build responsible AI applications (COP360)

Leveraging Observability to Build Responsible AI Applications

Responsible AI Challenges

• Executives identified data privacy and security as top AI risks, with 77% believing trust is key to building true AI systems
• Common challenges with AI applications include:
  • Irrelevant or harmful content
  • Revealing sensitive information
  • Hallucinations (fabricated or inaccurate information)

Practical Framework for Responsible AI

1. Prevention: Amazon Bedrock Guardrails
   • Enforce safety and policies at runtime
   • Block harmful content, filter sensitive information, prevent hallucinations
   • Ensure model responses align with organization's voice and tone
2. Detection: Amazon CloudWatch
   • Transform guardrail telemetry into meaningful insights
   • Understand model usage, guardrail interventions, sensitive information leaks, and more
   • Provide out-of-the-box and customizable dashboards
3. Action: Alarms and Remediation
   • Set thresholds to trigger alarms based on guardrail telemetry
   • Take real-time remediation actions, such as adjusting guardrail sensitivity or providing employee training

Example 1: Hallucination Prevention

• Without guardrails, the AI system provided inaccurate information about a savings account fee that was not available in the enterprise data
• With guardrails, the system identified the missing information and provided a standard response, preventing the hallucination

Example 2: Sensitive Information Protection

• Without guardrails, the AI system revealed sensitive customer information (name, username, phone number, etc.) during a password reset conversation
• With guardrails, the system anonymized the sensitive information, preserving the context of the conversation while protecting the data

Guardrail Telemetry and Insights

• Amazon CloudWatch provides end-to-end observability for AI applications, including generative AI workflows
• Automatically collects guardrail telemetry without additional instrumentation
• Offers out-of-the-box dashboards and the ability to build custom, purpose-built dashboards with insights such as:
  • Model usage and invocation metrics
  • Breakdown of guardrail interventions (content, sensitive information, hallucinations)
  • Performance metrics, including latency
  • Identification of sensitive information leaks, denied topics, and blocked words
  • Detection of prompt attacks and bad actors

Data Protection at the Log Level

• Even with guardrails at the prompt level, sensitive information can still be logged by developers
• Amazon CloudWatch's Data Protection feature can automatically detect and redact sensitive information in logs

Alarms and Remediation

• Amazon CloudWatch Alarms can continuously monitor guardrail telemetry and trigger alerts when thresholds are breached
• Allows for real-time remediation actions, such as adjusting guardrail sensitivity or providing employee training
• Enables ongoing risk assessment, control implementation, and optimization to maintain responsible AI practices

Key Takeaways

• Responsible AI requires a comprehensive framework of prevention, detection, and action
• Amazon Bedrock Guardrails and Amazon CloudWatch provide a powerful solution to build safe, secure, and transparent AI applications
• Detailed insights and dashboards enable organizations to understand AI system usage, identify risks, and take appropriate actions
• Multilayered protection, including log-level data redaction, ensures end-to-end safeguarding of sensitive information
• Continuous monitoring and remediation are crucial to maintain responsible AI practices as threats and user behaviors evolve