AWS has launched the Claude Apps Gateway, a self-hosted control plane designed to centralize access, cost, and policy management for Claude Code and Claude Desktop within enterprise environments. This gateway routes AI inference requests, replaces disparate credential management, and offers robust features for identity, policy enforcement, telemetry, routing, and spend caps. It represents a significant architectural shift towards vendor-provided, enterprise-grade control layers for AI tooling.
Read original on InfoQ ArchitectureThe release of the Claude Apps Gateway by AWS, following Anthropic's own introduction, signals a notable shift in the architectural landscape for managing enterprise AI tools. Traditionally, control layers for AI access, policy, and cost attribution were handled by third-party gateways or in-house solutions. This move by major AI model providers like Anthropic (with AWS and Google Cloud offering deployment guidance) demonstrates a push towards first-party infrastructure for these critical governance functions, shipping as part of the client binary.
The Claude Apps Gateway functions as a single, stateless container, typically deployed on platforms like Amazon ECS, EKS, or EC2 behind an internal Application Load Balancer. It utilizes Amazon RDS for PostgreSQL to manage short-lived sign-in state and rate-limit counters. Its core responsibilities are critical for enterprise adoption of AI tools:
Stateless vs. Stateful Components
The gateway itself is stateless, relying on Amazon RDS for PostgreSQL to manage its short-lived state (sign-in state, rate-limit counters). This separation of concerns allows for easier scaling and resilience of the gateway instances, while leveraging a managed database for persistent state management.