AWS Security ChangesHomeSearch

AWS cli medium security documentation change

Service: cli · 2025-10-16 · Security-related medium

File: cli/latest/reference/bedrock/delete-automated-reasoning-policy.md

Summary

Added --force flag to bypass validation when deleting automated reasoning policies

Security assessment

The --force flag introduces a potential security risk by allowing policy deletion without validation of artifact cleanup. This could enable accidental or malicious deletion of active resources if misconfigured, though no explicit vulnerability is mentioned.

Diff

diff --git a/cli/latest/reference/bedrock/delete-automated-reasoning-policy.md b/cli/latest/reference/bedrock/delete-automated-reasoning-policy.md
index ed75c6c3b..411ad6821 100644
--- a//cli/latest/reference/bedrock/delete-automated-reasoning-policy.md
+++ b//cli/latest/reference/bedrock/delete-automated-reasoning-policy.md
@@ -15 +15 @@
-  * [AWS CLI 2.31.13 Command Reference](../../index.html) »
+  * [AWS CLI 2.31.16 Command Reference](../../index.html) »
@@ -67,0 +68 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/bedroc
+    [--force | --no-force]
@@ -103,0 +105,4 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/bedroc
+`--force` | `--no-force` (boolean)
+
+> Specifies whether to force delete the automated reasoning policy even if it has active resources. When `false` , Amazon Bedrock validates if all artifacts have been deleted (e.g. policy version, test case, test result) for a policy before deletion. When `true` , Amazon Bedrock will delete the policy and all its artifacts without validation. Default is `false` .
+
@@ -215 +220 @@ None
-  * [AWS CLI 2.31.13 Command Reference](../../index.html) »
+  * [AWS CLI 2.31.16 Command Reference](../../index.html) »