Migration: from AWS Guardrails for Bedrock
Topic policies → Trinitite Policies. ApplyGuardrail → POST /v1/chat. Topic actions → JSON Patch corrections.
Why move
AWS Guardrails is a probabilistic content filter. It scores; it doesn't decide. Trinitite returns a deterministic verdict (passed / corrected / blocked) backed by a Merkle-chained ledger. Under production load, AWS Guardrails inherits the safety drift of the underlying Bedrock model — Trinitite's batch-invariant kernel does not.
Concept mapping
| AWS Guardrails concept | Trinitite equivalent |
|---|---|
| Guardrail (resource) | Guardian (LoRA adapter trained on a Policy) |
| Topic policy / denied topics | Policy clause(s) — see Policy Intelligence |
| Content filter | Built into Guardian rubric |
| Word filter | Pattern Guardian (also built-in) |
| Sensitive information filter | pii-redactor Guardian |
| Contextual grounding check | Closed-loop training via correction clustering |
ApplyGuardrail | POST /v1/chat |
BLOCKED action | outcome: blocked |
ANONYMIZED action | outcome: corrected + JSON Patch span replacement |
| Trace logs | Glass Box Ledger receipts |
API translation
POST /v1/chat
{
"guardian": "pii-redactor",
"input": [{
"role": "assistant",
"content": "Customer SSN: 123-45-6789"
}]
}
← 200 OK
{
"outcome": "corrected",
"corrections": [{
"op": "replace",
"path": "/0/content",
"value": "Customer SSN: [SSN-REDACTED]"
}],
"ledger_id": "lg_01HZ2N6T...",
"policy_hash": "0xa83f...",
"guardian_version": "pii-redactor@1.4.0"
}The Guardian patches just the offending span — the surrounding context survives. The decision is hashed and Merkle-chained for forensic replay; the policy hash and Guardian version are pinned.
Cutover script
A thin shim layer that calls both systems in parallel and reconciles:
def reconcile(text):
aws = bedrock.apply_guardrail(...)
trini = trinitite.chat(guardian="pii-redactor", input=[...])
if aws_action(aws) != trini_outcome(trini):
log_disagreement(text, aws, trini) # feed to test suite
# in shadow mode, trust the legacy verdict; in active mode, trust trini
What you keep, what you gain
Keep: your Bedrock provider relationship, your Bedrock IAM, your CloudTrail.
Gain: deterministic verdicts, RFC 6902 corrections, Merkle-chained audit, replay verdict taxonomy, federated immunity, MCP tool governance, CLI Firewall.
What's next
→ Quickstart — first call.
→ Cookbook: OpenAI redirect — the equivalent drop-in pattern for Bedrock via the proxy.