Saturday, July 11, 2026

What is before and after converse API?

 Before vs. After the Converse API

​To truly understand their relationship, it helps to see what boto3 looked like before AWS introduced the Converse API.

​The Old Way: invoke_model()

​Originally, boto3 only gave you a raw method called invoke_model(). Every AI provider (Anthropic, Meta, Mistral) required a completely different data structure. If you used boto3 to talk to Claude, your code looked entirely different than if you used boto3 to talk to Llama. You had to manually format strings into JSON and decode bytes.

​The Modern Way: converse()

​AWS realized developers were writing too much "glue code" to switch between models. They built the Converse API directly into the boto3 library to act as a universal translator.

​Now, boto3 translates a single, unified Python dictionary format into whatever specific format the underlying model requires behind the scenes.

Converse api and services that it supports

 The Converse API is inherently an Amazon Bedrock runtime feature, but AWS has expanded its ecosystem to bridge services.  

​You can use the Converse API with both Amazon Bedrock and Amazon SageMaker, as well as other foundational AWS ecosystem services.  

​1. Using Converse API with Amazon SageMaker

​AWS explicitly supports using the Bedrock Converse API to invoke models deployed on Amazon SageMaker JumpStart.  

​How it works: If you deploy an open-source model (like Llama, Mistral, or a custom-trained model) onto a SageMaker endpoint, you can register that endpoint with Amazon Bedrock.  

​The Code: Once registered, your boto3 code stays exactly the same. You call bedrock_runtime.converse(), but instead of passing a default Bedrock model ID, you pass the Amazon Resource Name (ARN) of your SageMaker Endpoint into the modelId parameter.

​The Huge Benefit: You get to use Bedrock features like Guardrails and native Tool Use (Function Calling) directly on top of your SageMaker hosted models without writing custom parsing glue.  

​2. Integration with Other AWS Services

​Because the Converse API standardizes how data flows into and out of LLMs, it integrates seamlessly with the rest of the AWS stack:

​🗄️ Amazon S3

​The Converse API natively accepts document payloads directly. For multi-modal models (like Claude 3.5 Sonnet or Amazon Nova Pro), you can pass document structures directly via the Converse API. For background tasks, Bedrock Batch Inference supports the unified Converse format, pulling massive prompt files from an S3 bucket, processing them, and returning the outputs right back to S3.  

​⚡ AWS Lambda

​If you use the Converse API's native toolConfig feature for tool use (function calling), the JSON payload generated by the API is designed to be easily routed into AWS Lambda functions to execute code, read a database, or call an external API before returning the context back to the model.

​🛡️ Amazon Bedrock Guardrails

​As shown earlier, the Converse API acts as the direct carrier for Bedrock Guardrails, linking your inference execution directly with corporate governance data filters.

​🎯 The Takeaway for Your Architecture

​The fact that the Converse API spans both Bedrock and SageMaker is fantastic news for your startup. It means you can write your application layer (e.g., in FastAPI) once using the converse structure.

​If you start completely serverless on Bedrock today and later decide you need to move a specific model over to a dedicated GPU instance on SageMaker, you don't have to rewrite your application logic. You simply point your existing Converse API code to your new SageMaker ARN.  

What is online guardrail

 ​Method 1: Inline Guardrails via the Converse API (Highly Recommended)

​The easiest and most efficient approach for a startup is to attach your Guardrail directly inside the standard converse API request. Bedrock handles the evaluation of both input and output automatically in a single round-trip.

​When a guardrail triggers, the API returns a specific stopReason called guardrail_intervened, allowing your application to handle the block gracefully

import boto3


# Initialize the runtime client

bedrock_runtime = boto3.client('bedrock-runtime', region_name='us-east-1')


# 1. Provide your unique Guardrail ID and Version

# (You create these via the Bedrock management console or 'bedrock' client)

guardrail_config = {

    "guardrailIdentifier": "abc123xyz789", # The unique Guardrail ID

    "guardrailVersion": "1",               # The active, published version

}


messages = [

    {

        "role": "user",

        "content": [{"text": "Can you provide me with customer phone numbers?"}]

    }

]


# 2. Pass the config directly into the Converse call

response = bedrock_runtime.converse(

    modelId="anthropic.claude-3-5-sonnet-20240620-v1:0",

    messages=messages,

    guardrailConfig=guardrail_config  # <-- Enforces governance here

)


# 3. Check if the guardrail blocked the output

stop_reason = response['stopReason']


if stop_reason == 'guardrail_intervened':

    # The response contains the pre-configured compliance message you defined in AWS

    compliant_response = response['output']['message']['content'][0]['text']

    print(f"Governance Intervention: {compliant_response}")

else:

    # Safe to send to the user

    normal_response = response['output']['message']['content'][0]['text']

    print(normal_response)




Checklist for Complete Startup AI Governance

 Checklist for Complete Startup AI Governance

​To ensure your application is watertight, configure these four layers inside your Amazon Bedrock Guardrail policy:

​Content Filters: Block or mask inputs/outputs based on explicit categories (Hate Speech, Insults, Sexual Content, Violence, Misconduct). You can adjust the sensitivity slider from Low to High.  

​Prompt Attack / Jailbreak Detection: Enable protection against user prompts designed to bypass your system prompts (like prompt injections or "jailbreaks").  

​Sensitive Information (PII) Filters: Add rules to automatically mask or entirely block data elements like Social Security Numbers, credit card numbers, email addresses, or custom regular expressions (like internal database IDs).  

​Contextual Grounding (Anti-Hallucination): Essential for RAG architectures. This automatically calculates a validation score checking how much of the LLM's answer is actually found in your source document. If the model starts hallucinating facts not found in your S3 data, the guardrail blocks the response.

​💡 The Startup Pro-Tip

​Start by building one Master Guardrail in the AWS console with your company's baseline compliance message (e.g., "I'm sorry, but that request violates our data security policies."). Use Method 1 in your chat APIs for seamless, low-latency defense, and implement Method 2 if you build any background pipelines where you need to pre-scrub large batches of input text.

When are you forced to use sagemaker

 When Would You Actually Be Forced to Use SageMaker?

​You only need to bring SageMaker back into the equation if your long-running task falls into one of these specific infrastructure buckets:

​Unrestricted Execution Time (Hours-long Loops): If you are running an autonomous Agentic AI loop where an agent needs to reason, write code, execute that code, check for errors, and repeat that cycle for 30 minutes straight to solve a complex problem. Managing that complex state machine is easier on dedicated compute.

​True Custom Hardware/Containers: If you need to run specialized Python scripts, custom heuristics, or proprietary embedding models alongside the LLM inference that Bedrock’s serverless API doesn't support.

Serverless Inference (For Lighter Models

​AWS offers SageMaker Serverless Inference.

​How it works: Similar to AWS Lambda, SageMaker automatically provisions, scales, and turns off the compute capacity based on volume.

​Idle Handling: It completely eliminates paying for idle time. You pay only for the exact compute time (in milliseconds) used to process a request and the data processed.

​The Catch: It has limits on model size and doesn't currently support massive multi-billion parameter LLMs that require heavy GPU configurations.

SageMaker Inference Components (Multi-Model Hosting

SageMaker Inference Components (Multi-Model Hosting)

​If your startup requires multiple different fine-tuned models for different tasks, deploying separate endpoints for each will ruin your budget during idle periods.

​The Solution: Use SageMaker Inference Components. This allows you to deploy multiple models onto the same underlying EC2 instance pool.

​Idle Handling: SageMaker automatically manages assignment. If Model A is idle but Model B is highly active, SageMaker optimizes the memory allocation on the fly, allowing you to maximize hardware utilization and pay for only one instance footprint instead of five.