Anthropic Launches Claude Apps Gateway For Bedrock And Google Cloud
Anthropic released the Claude apps gateway on June 29, 2026, a self-hosted control plane that lets enterprises run Claude Code through Amazon Bedrock, Google Cloud, or Microsoft Foundry with corporate single sign-on, centralized policy, and per-user cost tracking. For platform and security teams, the gateway closes a governance gap that has slowed coding-agent rollouts past pilot teams: it replaces per-developer cloud credentials with short-lived SSO sessions, enforces spend caps by organization, group, or user, and routes inference across providers with automatic failover. The gateway runs as a single stateless container backed by PostgreSQL and ships inside the same claude binary developers already install. Anthropic says it sends no inference traffic or usage data back to the company unless a customer configures the Claude API directly, and it is publishing the underlying gateway protocol so other vendors can build compatible tools.
For platform and security teams evaluating Claude Code at scale, the gateway removes the single biggest operational objection to broad developer access: the inability to answer who is using the model, at what cost, and under what policy, without hand-provisioning a cloud credential for every developer and pushing settings machine by machine.
What happened
Anthropic released the Claude apps gateway on June 29, 2026, a self-hosted control plane for Claude Code that runs as a single stateless container on Linux, backed by PostgreSQL, and ships inside the same claude binary developers already install. It acts as an OpenID Connect relying party against Google Workspace, Microsoft Entra ID, Okta, or any standards-compliant identity provider, so developers sign in with corporate SSO instead of holding API keys or cloud credentials, and the gateway routes inference to Amazon Bedrock, Google Cloud's Agent Platform, Microsoft Foundry, or the Claude API directly, with optional failover between providers.
Technical context
The gateway enforces model access and managed settings by IdP group rather than by developer, so different teams can be scoped to different models, tools, and permissions that a developer cannot override locally. Administrators set daily, weekly, and monthly spend limits by organization, group, or user, and usage telemetry, including token counts, model, user identity, and latency, flows over OTLP to a collector the customer operates. Anthropic's official documentation confirms the gateway does not send inference traffic, prompt content, or usage data to Anthropic unless the Claude API is a configured upstream. Deployment requires Claude Code v2.1.195 or later, a Postgres 14+ database, and a private-network address, since Claude Code refuses to connect to a gateway resolvable on a public IP.
For practitioners
Teams already standardized on Bedrock, Google Cloud, or Foundry no longer need to build custom tooling to see per-developer spend or provision credentials one laptop at a time; offboarding a developer becomes an IdP action, with access expiring within the session lifetime (one hour by default) instead of requiring a separate credential-revocation step. The tradeoff is feature scope: gateway sessions lose server-side web search, the 1-hour prompt-cache TTL, and other first-party-only optimizations, and there is no built-in path for unattended CI pipelines, which must still authenticate against the cloud provider directly.
What to watch
Anthropic is publishing the protocol the gateway uses so third-party gateway developers can implement the same SSO, policy, and spend-cap features, an interoperability move that could determine whether Claude apps gateway becomes a de facto standard for multi-cloud AI coding-agent governance or stays one of several competing implementations.
Key Points
- 1Anthropic released a self-hosted Claude apps gateway giving enterprises SSO, centralized policy, and per-user cost tracking for Claude Code on Bedrock, Google Cloud, and Foundry.
- 2The gateway removes the need to provision per-developer cloud credentials manually, addressing a common friction point in scaling coding-agent rollouts past pilot teams.
- 3Anthropic is publishing the gateway protocol openly, letting other vendors build compatible control planes and pushing multi-cloud AI governance toward an interoperable standard.
Scoring Rationale
A significant enterprise-governance release that removes a real operational barrier to scaling Claude Code past pilot teams, backed by detailed official documentation confirming architecture, telemetry, and deployment requirements. It is developer-tooling infrastructure rather than a model or funding milestone, so it sits at the notable-but-not-major tier; the open-protocol angle gives it some durability as other gateway vendors may adopt the spec.
Sources
Public references used for this report.
Practice interview problems based on real data
1,625 SQL & Python problems across 15 industry datasets — the exact type of data you work with.
Try 250 free problems

