Bedrock adds per-principal billing

Amazon Bedrock now lets Amazon Web Services customers break out model-inference costs by the Identity and Access Management user or role that made each call, instead of leaving those charges on a shared bill. (aws.amazon.com) Amazon Web Services posted the change on April 9, 2026. The new data shows up in Cost Explorer and in Cost and Usage Report 2.0, the company’s detailed billing export. (aws.amazon.com) The setup is tied to Identity and Access Management principals, which are the named users and roles that call Amazon Bedrock. Amazon Web Services says customers can tag those users and roles with fields such as team, project, or cost center, then use those tags to analyze Bedrock spending. (docs.aws.amazon.com) In plain terms, the change gives finance and platform teams a way to see which application, team, or employee identity generated a model bill. Amazon Web Services records the caller identity in a Cost and Usage Report 2.0 column named `line_item_iam_principal` when the feature is enabled. (docs.aws.amazon.com) That closes a gap Amazon Web Services had already been trying to address in Bedrock cost tracking. In a November 1, 2024 blog post, the company said on-demand foundation model usage had been harder to tag directly than many other Bedrock resources, which complicated chargebacks and budgeting. (aws.amazon.com) Amazon Web Services had introduced application inference profiles to tag and track on-demand model usage at the workload level. The new Identity and Access Management principal support adds a second layer: who made the call, not just which project or application the call belonged to. (aws.amazon.com; docs.aws.amazon.com) Amazon Web Services says the feature works in all commercial Regions where Amazon Bedrock is available. To turn it on, customers tag the relevant Identity and Access Management users or roles, activate those tags in Billing and Cost Management, and create a Cost and Usage Report 2.0 export with caller-identity allocation data included. (aws.amazon.com; docs.aws.amazon.com) There is one catch in the documentation: for Amazon Bedrock, a principal’s tags do not appear for activation until that user, role, or assumed-role session has made at least one application programming interface call. That means teams may need a test invocation before the new billing fields become visible in the console. (docs.aws.amazon.com) The result is a more itemized Bedrock bill at the identity level, using the same Billing and Cost Management tools many Amazon Web Services customers already use for cloud chargebacks. (aws.amazon.com; docs.aws.amazon.com)