AWS recently launched the Claude Apps Gateway for AWS – a self – hosted portal providing enterprises a single control plane for managing access, costs, and policies across Claude Code and Claude Desktop.
This new gateway routes requests to Amazon Bedrock or the Claude Platform on AWS, replacing individual developer credentials, manual configurations, and fragmented cost – tracking tools. The launch follows Anthropic’s release of the gateway for Bedrock and Google Cloud last week. Since Google Cloud also published deployment guides for Cloud Run, all three cloud providers now offer native instructions for this unified control plane.
The gateway is bundled inside the Claude Code CLI executable that developers already use, deploying as a single stateless container. Organizations can run it on Amazon ECS, Amazon EKS, or Amazon EC2 behind an internal Application Load Balancer, using Amazon RDS for PostgreSQL to store transient session states and rate limits. Anthropic packages the client and gateway together: after a single login, the client retrieves managed configurations, and the gateway validates policy on every request.
The gateway performs five key functions:
- Identity: Working as an OIDC relying party, it integrates with compliant identity providers. Developers log in via browser SSO to get short – lived tokens, and sessions expire once the user is deactivated.
- Policy: Administrators centrally define settings – like allowed models, tool permissions, and defaults – at the group level, preventing local overrides by developers.
- Telemetry: The client attaches usage metrics to each query, which the gateway forwards via OpenTelemetry to tools like Amazon CloudWatch or Prometheus.
- Routing: By storing upstream credentials, the gateway forwards API calls on behalf of developers, allowing failovers between AWS regions or accounts.
- Budget Limits: Enterprises can set spending thresholds on a daily, weekly, or monthly basis per organization, team, or user, blocking requests when limits are exceeded.

Under the hood, configuration is handled via a single YAML file loaded at startup. Relying on the container’s IAM task role avoids static credentials, while model identifiers map directly to the Anthropic API without Bedrock ARNs. According to Anthropic, the gateway translates the Anthropic Messages API for each backend, listing Amazon Bedrock, Claude Platform on AWS, Google Cloud Agent Platform, Microsoft Foundry, and Anthropic API as options, with failover capability.
The choice of deployment path determines the data route. Using Amazon Bedrock keeps inference requests inside the secure AWS boundary, inheriting its data – handling compliance. AWS highlights Bedrock for strict data residency requirements, while the Claude Platform on AWS targets teams seeking Anthropic’s native platform features under AWS billing and authentication.
Within a day of the launch, experts began analyzing identity details that the gateway does not yet handle. On LinkedIn, Christoph Klingspor asked how to manage workload identity for organizations outside the gateway’s standard setup:
Do you have any ideas on how we could assign Claude Code an identity using a role? The best idea I have come up with so far is AWS Private CA. The use case is for companies not using Anthropic on AWS yet but running on the normal subscription.
Shveta S., a security lead at AWS, mapped out a precise workflow to bridge this exact gap:
Good intuition on Private CA, but the component that gives it identity and a role is IAM Roles Anywhere. Private CA (or your own existing CA) issues an X – 509 certificate, and Roles Anywhere exchanges it for temporary AWS credentials mapped to an IAM role so no long – term keys are needed. Just plug in its credential helper, and Claude Code AWS tools pick up scoped credentials automatically.
In another LinkedIn post, Christopher Dorsey, an enterprise sales executive, highlighted why these built – in cost controls carry massive business weight:
Every enterprise AI adoption use case I have run into stalls because the project champion is excited, but then IT and finance cannot see who is spending what, and the whole project gets paused at pilot. Server – side spending limits and visibility make this a no – brainer. When selling AI to the enterprise, the rejection is almost never about the product. It was coming from security and procurement’s inability to control it.
This release highlights a notable shift in where the control plane for AI programming assistants is situated. Enterprise identity, policies, and spending thresholds are now offered as native infrastructure from the model vendor, rather than third – party gateways. Platform teams must now decide whether to adopt individual vendor gateways or use a neutral control plane for multi – model setups. Notably, Anthropic is publishing the gateway protocol so other developers can implement these same features.
The Claude Apps Gateway for AWS is officially available now. Developers can download the CLI for Claude Code and view the gateway documentation on the Anthropic developer portal, which covers configuration, identity setups, and container deployment walkthroughs. AWS has also released a repository with deployment examples for container platforms.
