article

Authorizing access to data with RAG implementations

Riggs Goodman III / AWS · Sep 18, 2025

The cloud-vendor recipe, with working code. The operating assumption is the right one: any chunk passed to the model can be returned to the user, so chunks are filtered against the caller's access grants before the model ever sees them. Published the same day as the participant-aware access control paper, and effectively that argument implemented: authorisation as a deterministic precondition enforced at retrieval, not a filter applied after generation.

← Back to sources