AWS bedrock-agentcore documentation change
Summary
Expanded data encryption documentation with specifics about encryption implementations, added details about unencrypted data elements, customer-managed KMS key usage for gateways/memories, TLS requirements, and integration with AWS Certificate Manager
Security assessment
The changes provide detailed security documentation about encryption mechanisms (at rest/in transit), key management options, and TLS requirements. While security-related, there's no evidence this addresses a specific vulnerability - rather it clarifies existing security controls and configurations.
Diff
diff --git a/bedrock-agentcore/latest/devguide/data-encryption.md b/bedrock-agentcore/latest/devguide/data-encryption.md index d69b8a839..30208a093 100644 --- a//bedrock-agentcore/latest/devguide/data-encryption.md +++ b//bedrock-agentcore/latest/devguide/data-encryption.md @@ -5,3 +5 @@ -Encryption at rest - -Amazon Bedrock AgentCore is in preview release and is subject to change. +Encryption at restEncryption in transitKey management @@ -11,2 +8,0 @@ Amazon Bedrock AgentCore is in preview release and is subject to change. -Data encryption typically falls into two categories: encryption at rest and encryption in transit. - @@ -15 +11,30 @@ Data encryption typically falls into two categories: encryption at rest and encr -Data within Amazon Bedrock AgentCore Identity is encrypted at rest in accordance with industry standards. +Amazon Bedrock AgentCore stores data at rest using Amazon DynamoDB and Amazon Simple Storage Service (Amazon S3). The data at rest is encrypted using AWS encryption solutions by default. AgentCore encrypts your data using AWS owned encryption keys from AWS Key Management Service. You don’t have to take any action to protect the AWS managed keys that encrypt your data. For more information, see [AWS owned keys](kms/latest/developerguide/concepts.html#aws-owned-cmk) in the _AWS Key Management Service Developer Guide_. + +###### Key considerations + + * The following data is not encrypted by default: + + * Gateway names + + * Gateway target names + + * Gateway tool names + + * Gateway CloudWatch logs + + * Customers can encrypt the following resources with a customer-managed KMS key: + + * Gateways – For more information, see [Encrypt your AgentCore gateway with a customer-managed KMS key](./gateway-encryption.html). + + + + +## Encryption in transit + +All communication between customers and Amazon Bedrock AgentCore and between AgentCore and its downstream dependencies is protected using TLS 1.2 or higher connections. + +Encryption in transit is configured by default for the following services: + +###### Key considerations + + * All outbound traffic for AgentCore Gateway is protected using TLS. @@ -17 +42 @@ Data within Amazon Bedrock AgentCore Identity is encrypted at rest in accordance -By default, Amazon Bedrock AgentCore Identity encrypts customer data in token vaults with AWS owned keys. You can also configure your token vaults to instead encrypt your information with customer managed keys. + * When invoking a gateway, note the following about the data that is transferred: @@ -19 +44 @@ By default, Amazon Bedrock AgentCore Identity encrypts customer data in token va -**AWS owned key** + * During a _call tool_ request, the service transforms the data in the request and makes a call to the customer-configured web service. The response from the web service is transformed and returned as a _call tool_ response to the invoker. @@ -20,0 +46 @@ By default, Amazon Bedrock AgentCore Identity encrypts customer data in token va + * During a _list tools_ request, the request is a standard MCP list/tools operation request and the response contains a list of tools configured on the gateway by the customer during control plane operations. @@ -22 +47,0 @@ By default, Amazon Bedrock AgentCore Identity encrypts customer data in token va -Amazon Bedrock AgentCore Identity encrypts the data in your token vault with an AWS owned KMS key. Keys of this type aren't visible in AWS KMS. @@ -24 +48,0 @@ Amazon Bedrock AgentCore Identity encrypts the data in your token vault with an -**Customer managed key** @@ -27 +51 @@ Amazon Bedrock AgentCore Identity encrypts the data in your token vault with an -Amazon Bedrock AgentCore Identity encrypts the data in your token vault with a customer managed key. You own the administration of customer managed key policies, rotation, and scheduled deletion. +## Key management @@ -29 +53 @@ Amazon Bedrock AgentCore Identity encrypts the data in your token vault with a c -### Things to know about token vault encryption with customer managed keys +You can use AWS KMS customer managed keys for the following Amazon Bedrock AgentCore resources: @@ -31 +55 @@ Amazon Bedrock AgentCore Identity encrypts the data in your token vault with a c - * Data in your token vault (access tokens) are encrypted at rest with the customer managed key you configure. The token vault ARN is captured in the EncryptionContext. +###### Resources that support AWS KMS customer managed keys @@ -33 +57 @@ Amazon Bedrock AgentCore Identity encrypts the data in your token vault with a c - * All customer data in your token vault is encrypted at rest, even if you take no action to configure encryption settings. + * Memories. For more information, see [Create an AgentCore Memory](./memory-create-a-memory-store.html). @@ -35 +59 @@ Amazon Bedrock AgentCore Identity encrypts the data in your token vault with a c - * You can't configure token vault encryption at rest with [multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) or [asymmetric keys](https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html). Amazon Bedrock AgentCore Identity supports only single-region symmetric KMS keys for token vault encryption at rest. + * Gateways. For more information, see [Encrypt your AgentCore gateway with a customer-managed KMS key](./gateway-encryption.html). Note the following: @@ -37 +61 @@ Amazon Bedrock AgentCore Identity encrypts the data in your token vault with a c - * You can configure token vault encryption only with a KMS key ARN, not an alias. + * For AgentCore Gateway resources, AWS managed keys are single-tenant use and different for each region. @@ -39 +63 @@ Amazon Bedrock AgentCore Identity encrypts the data in your token vault with a c - * You can configure CMK for credential provider secrets using AWS Secrets Manager. [Learn more](https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_update-encryption-key.html). + * If a key encrypting your gateway is compromised, you should rotate the key or delete the gateway and create a new one with a new key. @@ -40,0 +65 @@ Amazon Bedrock AgentCore Identity encrypts the data in your token vault with a c + * AgentCore Gateway integrates with AWS Certificate Manager. For more information, see [AWS Certificate Manager User Guide](https://docs.aws.amazon.com/acm/latest/userguide/) @@ -44 +68,0 @@ Amazon Bedrock AgentCore Identity encrypts the data in your token vault with a c -The following procedures configure encryption at rest in your token vault. For more information about KMS key policies that delegate access to AWS services like Amazon Cognito, see [Permissions for AWS services in key policies](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-services.html). @@ -54 +78 @@ Data protection -Set customer managed key policy +VPC and AWS PrivateLink