6.7 Bedrock, RAG, and Agents Case Lab

Case lab method

Integrated Bedrock questions rarely ask for a single definition. They describe a business workflow with messy requirements: private data, current policies, customer impact, sensitive information, cost pressure, missing approvals, or a need to take action in another system. The practitioner task is to decompose the scenario. Decide whether the team needs a foundation model only, a RAG application, an agent, guardrails, evaluation, monitoring, or a different AWS service entirely.

Use a simple triage sequence. First ask what the user is trying to accomplish. Second ask whether the answer must be grounded in private or current information. Third ask whether the system must take an action, or only provide information. Fourth ask what could go wrong if the output is wrong, unsafe, biased, private, or slow. Fifth ask how the team will evaluate and monitor success. This sequence prevents overbuilding and catches governance gaps early.

Case 1: employee policy assistant. Human resources wants a chat assistant for PTO rules, parental leave, and benefits enrollment. The best first pattern is Bedrock Knowledge Bases over approved HR documents, with citations and country or employee-type metadata filters. Guardrails should block or redirect individualized legal, medical, or financial advice where out of scope. Sensitive information filters may be needed if employees paste personal details. Human escalation is required for ambiguous or high-impact cases. An agent is not necessary unless the assistant will submit benefit changes or create HR cases.

Case 2: claims intake assistant. An insurer wants customers to describe a claim in natural language, upload documents, and receive next steps. The assistant can use a Bedrock model for extraction and summarization, a Knowledge Base for policy and checklist grounding, and Guardrails for sensitive information and unsafe content. If the system creates a claim record, an agent action group or deterministic backend workflow can submit the validated fields. Because claims affect money and customer rights, human review and audit logs are essential before final decisions.

Case 3: sales account coach. A sales leader wants account summaries, objection handling, and next-best action suggestions. RAG can pull approved product collateral, support history summaries, and CRM notes if permissions are enforced. The system should not expose one customer's confidential data to another account team. If the assistant creates follow-up tasks, the action group should require account ID, task owner, due date, and confirmation. Evaluation should include whether recommendations are grounded, current, and aligned with sales policy.

Case 4: IT operations runbook helper. Engineers want to ask what to do when an alarm fires. A Knowledge Base can retrieve runbooks and architecture notes. An agent might be allowed to create an incident, page an on-call team, or collect diagnostics. It should not restart production services automatically unless the organization has a tested approval and rollback workflow. Guardrails are helpful, but least privilege and deterministic safeguards are more important for operational actions.

Case 5: marketing content generator. A team wants campaign drafts in brand voice. A Bedrock model with prompt templates may be enough for first drafts. A Knowledge Base can ground product claims in approved messaging. Guardrails can reduce unsafe content and block competitor or restricted terms if policy requires it. Human review is still needed because brand, legal, and factual issues can remain. Cost controls should include output length limits and smaller model tests for high-volume drafts.

Integrated design checklist:

1. State the business decision or workflow, not just the AI feature name.
2. Identify whether the system answers, retrieves, acts, or does all three.
3. Name the authoritative data sources and who owns their freshness.
4. Define access boundaries for users, documents, actions, and logs.
5. Choose Bedrock model, Knowledge Base, Agent, Guardrail, and evaluation features only where they solve a requirement.
6. Add human review for high-impact, regulated, irreversible, or customer-visible outcomes.
7. Estimate cost and latency from tokens, retrieval, model calls, and action calls.
8. Monitor quality, safety events, user feedback, errors, and business results after launch.

A common wrong answer is to fine-tune immediately. Fine-tuning can help a supported model learn style, format, or specialized task behavior, but it is not the first fix for missing current facts. If the assistant needs the latest return policy, RAG is usually the better first pattern. Another wrong answer is to use an agent for every chat. If no action is needed, an agent adds complexity without clear benefit. A third wrong answer is to rely only on guardrails for data security. Access control and data minimization must happen in the app and AWS permissions.

When AI is not appropriate, say so. If a refund eligibility decision is a deterministic rules problem, a rules engine or normal application logic may be safer. If source data is missing or untrusted, build the data governance process before launching an assistant. If the outcome is high risk and no human review or audit path exists, the use case is not ready. The AWS AI Practitioner mindset is not AI everywhere. It is fit-for-purpose AI with business value, controls, and evidence.

For final practice, write a one-page design note for any case above. Include the user, task, data source, Bedrock features, guardrails, evaluation method, monitoring signals, human handoff, and cost drivers. Then remove one Bedrock feature and ask whether the solution still works. This forces service-selection clarity and prepares you for scenario questions that reward judgment over memorization.