How to Share Amazon Bedrock AI Models Across Your Organisation with Managed Entitlements
💼 Business How-To

How to Share Amazon Bedrock AI Models Across Your Organisation with Managed Entitlements

A step‑by‑step guide to centralise model subscriptions and give every team easy, secure access without juggling Marketplace permissions.

5 min de lecture · 30 June 2026

How to Share Amazon Bedrock AI Models Across Your Organisation with Managed Entitlements

Hook: Imagine you’re setting up a new AI‑powered feature for your customer‑support chatbot. You want the same language model to be available to the development team, the data‑science crew, and the marketing analysts—all without each of them having to buy the model separately. Managed entitlements let you do exactly that, turning a single subscription into a shared resource across all your AWS accounts.

1. Why Managed Entitlements Matter

Amazon Bedrock is Amazon’s hosted service for large language models (LLM — think of them as the engines behind ChatGPT or Claude). Normally, each AWS account that wants to use a Bedrock model must be granted permission through the AWS Marketplace, which can quickly become a tangled web of licences and invoices. Managed entitlements let a central (or “master”) account buy the model once and then allocate usage rights to any number of member accounts in the same Organisation.

2. Set Up Your Central Account

  1. Choose a “hub” account – this should be the account that already handles your organisation’s billing and compliance.
  2. Enable Amazon Bedrock in the hub:
    • Sign in to the AWS Management Console.
    • Search for “Bedrock” and click Enable.
  3. Subscribe to the desired model through the Bedrock console or the AWS Marketplace. This creates the first licence (or “entitlement”) for the model.

Entitlement = a permission that says “this account may use this model”. Think of it like a library card that lets you borrow a specific book.

3. Create and Configure Managed Entitlements

  1. In the hub account, open the Bedrock → Entitlements page.
  2. Click Create Managed Entitlement.
  3. Choose the model you subscribed to and give the entitlement a clear name (e.g., “Customer‑Support‑LLM”).
  4. Define the Scope – you can limit the entitlement to specific AWS Organisations, Organizational Units (OU), or even individual account IDs.
  5. Set Usage Limits (optional): you can cap the number of request tokens per month if you want to control costs.

Organisational Unit (OU) = a folder‑like grouping of accounts inside AWS Organisations, useful for separating finance, development, or marketing.

4. Distribute the Entitlement to Member Accounts

  1. In the Entitlement screen, select the newly created entitlement and click Share.
  2. Pick the target accounts or OUs. You can add them one‑by‑one or paste a CSV list of account IDs.
  3. Confirm the share. The selected accounts will now see the model under their Bedrock console, but they won’t need to go through the Marketplace approval step.

Quick tip

If you later decide a team no longer needs the model, just revoke the sharing permission from the hub. The model disappears from their console automatically – no manual clean‑up required.

5. Using the Model in Your Applications

With the entitlement in place, developers can call the model just like any other Bedrock API:

import boto3

client = boto3.client('bedrock-runtime')
response = client.invoke_model(
    modelId='arn:aws:bedrock:us-east-1::foundation-model/customer-support-llm',
    body='{"prompt":"How can I reset my password?"}'
)
print(response['body'])
  • boto3 is the AWS SDK for Python (think of it as a toolbox that lets your code talk to AWS services).
  • modelId points to the shared model; the ARN (Amazon Resource Name) includes the entitlement name you gave it.
  • The SDK automatically respects the entitlement, so no extra authentication steps are needed beyond the usual IAM role or user credentials.

6. Monitoring and Cost Management

Because all usage is billed to the central account, you can:

  • View a single cost report in the AWS Billing console.
  • Set up budgets that alert you if the model’s request volume exceeds a threshold.
  • Use CloudWatch metrics (e.g., request count, latency) to monitor performance across teams.

Wrap‑up

Managed entitlements turn a potentially messy multi‑account AI deployment into a tidy, centrally‑governed system. By subscribing once in a hub account, you give every team the freedom to use the same Amazon Bedrock model while keeping costs, licences and security under a single roof.

Next step: Open your AWS console, enable Bedrock in a central account, and create a test entitlement for a model you’re interested in. Share it with a colleague’s account and run the sample code above – you’ll experience the benefit of unified AI access instantly.

#aws#amazon-bedrock#managed-entitlements#cloud‑ai#enterprise‑productivity

✦ Original guide written by AI World Co.'s own AI editorial team. Reviewed for accuracy and clarity.

← Retour aux actus