AWS Security ChangesHomeSearch

AWS bedrock-agentcore documentation change

Service: bedrock-agentcore · 2025-08-28 · Documentation low

File: bedrock-agentcore/latest/devguide/gateway-schema-openapi.md

Summary

Removed JSON policy example for GetResourceApiKey permissions related to API Key/OAuth authentication

Security assessment

Deletion of an authentication-related policy example removes documentation but doesn't demonstrate a security fix. No evidence of vulnerability remediation provided.

Diff

diff --git a/bedrock-agentcore/latest/devguide/gateway-schema-openapi.md b/bedrock-agentcore/latest/devguide/gateway-schema-openapi.md
index dcb3ce06e..aa08647b5 100644
--- a//bedrock-agentcore/latest/devguide/gateway-schema-openapi.md
+++ b//bedrock-agentcore/latest/devguide/gateway-schema-openapi.md
@@ -32,25 +31,0 @@ For OpenAPI targets that use API Key or OAuth authentication, your Gateway's exe
-JSON
-    
-
-****
-    
-    
-    
-    {
-      "Version": "2012-10-17",
-      "Statement": [
-        {
-          "Sid": "GetResourceApiKey",
-          "Effect": "Allow",
-          "Action": [
-            "bedrock-agentcore:GetResourceApiKey"
-          ],
-          "Resource": [
-            "arn:aws:agent-credential-provider:us-east-1:123456789012:token-vault/default/apikeycredentialprovider/abcdefghijk"
-          ]
-        }
-      ]
-    }
-            
-    
-