AWS bedrock-agentcore documentation change
Summary
Clarified Lambda resource policy requirements and removed example tool parameters
Security assessment
Documentation clarification about cross-account policies and example cleanup. No evidence of security vulnerability fixes.
Diff
diff --git a/bedrock-agentcore/latest/devguide/gateway-add-target-lambda.md b/bedrock-agentcore/latest/devguide/gateway-add-target-lambda.md index caf511dd2..4bea607a4 100644 --- a//bedrock-agentcore/latest/devguide/gateway-add-target-lambda.md +++ b//bedrock-agentcore/latest/devguide/gateway-add-target-lambda.md @@ -64 +64 @@ For Lambda function targets, your Gateway's execution role needs the `lambda:Inv -Additionally, your Lambda function needs a resource-based policy that allows the Gateway's execution role to invoke it: +(Optional) Additionally, if your Lambda function was created in an account that's different from where the Gateway is being set up, it needs a resource-based policy that allows the Gateway's execution role to invoke it: @@ -531,2 +530,0 @@ Here's an example of the event object structure: - "toolName": "searchProducts", - "parameters": { @@ -536,2 +533,0 @@ Here's an example of the event object structure: - } - @@ -539 +534,0 @@ Here's an example of the event object structure: -Your Lambda function should parse the toolName to determine which operation to perform, and then use the parameters to execute that operation.