OpenAI Codex and GPT-5.5 on Amazon Bedrock: The Developer Playbook

For most of OpenAI's commercial history, using its models on AWS meant reaching outside the platform—routing traffic through OpenAI endpoints while your production data lived inside a VPC. On June 1, 2026, that changed. GPT-5.5, GPT-5.4, and the Codex coding agent went generally available on Amazon Bedrock, meaning OpenAI's frontier intelligence can now run entirely within your existing AWS security perimeter: IAM authentication, VPC isolation, encryption at rest, and data that never leaves the Bedrock region you select.

This is not a wrapper. Codex on Bedrock uses Bedrock's next-generation inference engine, routes through the same Responses API that OpenAI ships natively, and applies toward your existing AWS cloud commitments. If your organization has been hesitant about Codex because of data residency requirements or procurement complexity, most of those blockers are now gone.

What went GA on June 1

Three things landed simultaneously on Bedrock:

• GPT-5.5— available in US East (N. Virginia and Ohio). OpenAI's strongest public model for long-running agentic work: large codebases, multi-file refactors, ambiguous debugging, tool use, and validation loops.
• GPT-5.4— available in US East (Ohio) and US West (Oregon). Lower latency profile, better for high-throughput interactive workflows where you're willing to trade ceiling for speed.
• Codex — the specialized coding agent, not just the model. Available via the Codex CLI, desktop app, and IDE integrations for VS Code, JetBrains, and Xcode, with all inference routed through Bedrock.

One constraint worth noting upfront: all three are available through the Responses API only. Console support is “coming soon.” This means your first interaction is through code or CLI, not the AWS console UI. For developers that's fine; for procurement teams evaluating through the console, budget an extra week.

Codex: agent, not just model

The distinction matters more than it sounds. When OpenAI says “Codex is now on Bedrock,” they mean the full coding agent, not just the underlying GPT-5.5 weights surfaced via API. Codex is a long-horizon developer workflow engine: it can read entire codebases, plan multi-step changes, run tests, iterate on failures, and ship a result that passes CI—without human intervention at each step.

That distinction drives the 4 million weekly users figure. These are not people making one-shot API calls; they're engineers who have replaced pull-request-level work with agent-supervised pipelines. The Bedrock GA makes those pipelines AWS-native.

Getting connected in under 10 minutes

Authentication has two paths. Pick the one that matches your environment:

Option A: Bedrock API key

# Create a Bedrock API key in the AWS Console → Bedrock → API Keys
# Then set the environment variable:
export AWS_BEARER_TOKEN_BEDROCK=<your-bedrock-api-key>

# Verify with a quick curl
curl https://bedrock.us-east-1.amazonaws.com/model/gpt-5.5/responses \
  -H "Authorization: Bearer $AWS_BEARER_TOKEN_BEDROCK" \
  -H "Content-Type: application/json" \
  -d '{"model":"gpt-5.5","input":"Hello from Bedrock"}'

Option B: AWS SDK credential chain

# Standard AWS credential chain — works with IAM roles, instance profiles,
# ECS task roles, and SSO. No additional setup if your AWS env is already
# configured. Codex CLI picks up the chain automatically.

# Verify your identity first:
aws sts get-caller-identity

# Then launch Codex:
codex --provider bedrock --region us-east-1

IDE integrations

For VS Code and JetBrains, the Codex extension surfaces a codex.provider setting. Set it to bedrock and the extension handles the credential chain automatically:

{
  "codex.provider": "bedrock",
  "codex.region": "us-east-1",
  "codex.model": "gpt-5.5"
}

Per-token pricing vs seat licenses

The pricing model is the most practically significant change for engineering leaders. Codex on Bedrock is pure per-token billing—no seat licenses, no per-developer commitments. You pay for what you use, and usage applies toward your existing AWS cloud commitments.

What this means in practice depends on your team's usage pattern. For teams with uneven Codex usage—some engineers hitting it daily, others once a week—per-token is almost always cheaper than a flat seat price. For power users who run long agentic sessions several hours per day, model the numbers before assuming savings.

High-demand queuing, not rejection

One operational detail worth knowing: during peak demand, Bedrock queues requests rather than rejecting them. For long-running Codex sessions this is the right trade-off—better to wait 30 seconds than to fail mid-task. But if you're building latency-sensitive interactive tools on top of GPT-5.5, test your timeout and retry logic against real traffic patterns before go-live.

IAM, VPC, and data residency

The enterprise security story is where Bedrock beats OpenAI's native API for regulated industries. Three specific guarantees:

1. Data residency: All processing stays within the Bedrock region you select. If your data governance policy requires compute within a specific AWS region, this is now enforceable at the infrastructure level, not just contractually.
2. IAM authorization: Standard AWS IAM policies apply. You can scope Codex access to specific roles, require MFA for agentic invocations, and enforce least-privilege at the resource level using the same tooling you already use for S3 and RDS.
3. VPC isolation: Route Bedrock traffic through a VPC endpoint (com.amazonaws.us-east-1.bedrock) to prevent traffic from traversing the public internet. This closes the last significant gap between “OpenAI in production” and your existing compliance controls.

# Create a Bedrock VPC endpoint to keep traffic off the public internet
aws ec2 create-vpc-endpoint \
  --vpc-id vpc-xxxxxxxx \
  --service-name com.amazonaws.us-east-1.bedrock \
  --vpc-endpoint-type Interface \
  --subnet-ids subnet-xxxxxxxx \
  --security-group-ids sg-xxxxxxxx \
  --private-dns-enabled

# Verify endpoint DNS resolves inside the VPC
nslookup bedrock.us-east-1.amazonaws.com

Codex skills on skills-hub.ai

The Bedrock integration doesn't change how Codex consumes SKILL.md files—skills are loaded at the agent layer, above the inference provider. Skills you've installed from skills-hub.ai continue to work whether you're routing through OpenAI natively or through Bedrock.

That said, a Bedrock deployment often changes the shape of the skills you want. Teams running Codex inside a VPC typically want skills that respect access controls (no external HTTP calls, no sending code snippets to third-party services) and skills optimized for long-horizon agentic sessions rather than quick interactive completions. Browse the Codex skills catalog and filter by the integration category for Bedrock-aware patterns.

# Install the codex-bedrock setup skill
npx @skills-hub-ai/cli install codex-bedrock

# Or browse all Codex-compatible skills
npx @skills-hub-ai/cli search --platform codex "bedrock aws"

What this means for the ecosystem

The Bedrock GA is the clearest signal yet that the frontier model market is decoupling from the inference provider market. OpenAI can ship models to AWS, Azure, and its own API simultaneously. AWS gets frontier model coverage without building it. Developers get choice without sacrificing security.

The practical implication: if your organization already uses AWS as its primary cloud, the question of “which AI coding tool should we standardize on” is now partly a question of which tools run natively on Bedrock. Codex, Claude Code (via Amazon Bedrock's Anthropic model cards), and Kiro are all now first-class Bedrock citizens. The IDE and agent layer is the differentiator; the inference layer is converging.

For teams evaluating Codex specifically: the Claude Code vs Codex CLI comparison has been updated with Bedrock-specific notes on authentication, regional availability, and VPC isolation. If you're running both in the same AWS environment, the credential chain is identical for both, which simplifies the IAM policy surface considerably.