AWS bedrock-agentcore medium security documentation change
Summary
Updated VPC endpoint configuration details, clarified supported primitives, added separate gateway endpoint, and restructured regional availability notes
Security assessment
The changes specify authentication requirements for AgentCore Gateway endpoints, emphasizing proper Principal field configuration when using non-SigV4 authentication. This directly relates to access control security by preventing overly permissive policies. The clarification about SigV4 allowing specific AWS identities vs wildcard usage for OAuth impacts authorization security.
Diff
diff --git a/bedrock-agentcore/latest/devguide/vpc-interface-endpoints.md b/bedrock-agentcore/latest/devguide/vpc-interface-endpoints.md index 026ca482d..be8919245 100644 --- a//bedrock-agentcore/latest/devguide/vpc-interface-endpoints.md +++ b//bedrock-agentcore/latest/devguide/vpc-interface-endpoints.md @@ -7 +7 @@ ConsiderationsCreate an interface endpointCreate an endpoint policy -# Use interface VPC endpoints (AWS PrivateLink) to create a private connection between your VPC and your AgentCore resources +# Use interface VPC endpoints (AWS PrivateLink) to create a private connection between your VPC and your Amazon Bedrock AgentCore resources @@ -19 +19 @@ Before you set up an interface endpoint for AgentCore, review [Considerations](h -AgentCore supports the following through interface endpoints: +AgentCore supports the following primitives through the singular interface endpoint `com.amazonaws.`region`.bedrock-agentcore`: @@ -21 +21 @@ AgentCore supports the following through interface endpoints: - * Data plane operations (AgentCore Runtime and AgentCore Memory operations) + * **Runtime** \- Agent runtime operations @@ -23 +23 @@ AgentCore supports the following through interface endpoints: - * Invoking gateways + * **Built-in Tools** \- Code Interpreter and Browser Tool operations @@ -24,0 +25 @@ AgentCore supports the following through interface endpoints: + * **Memory** \- Memory store operations @@ -25,0 +27 @@ AgentCore supports the following through interface endpoints: + * **Identity** \- Identity management operations @@ -28 +29,0 @@ AgentCore supports the following through interface endpoints: -###### Note @@ -30 +30,0 @@ AgentCore supports the following through interface endpoints: -AWS PrivateLink is currently not supported for Amazon Bedrock AgentCore control plane endpoints. @@ -32 +32 @@ AWS PrivateLink is currently not supported for Amazon Bedrock AgentCore control -AgentCore interface endpoints are available in the following AWS Regions: +The following primitive uses a separate endpoint: @@ -34 +34 @@ AgentCore interface endpoints are available in the following AWS Regions: - * US East (N. Virginia) + * **AgentCore Gateway** \- Uses endpoint `com.amazonaws.`region`.bedrock-agentcore.gateway` @@ -36 +35,0 @@ AgentCore interface endpoints are available in the following AWS Regions: - * US West (Oregon) @@ -38 +36,0 @@ AgentCore interface endpoints are available in the following AWS Regions: - * Europe (Frankfurt) @@ -40 +37,0 @@ AgentCore interface endpoints are available in the following AWS Regions: - * Asia Pacific (Sydney) @@ -41,0 +39 @@ AgentCore interface endpoints are available in the following AWS Regions: +###### Note @@ -42,0 +41 @@ AgentCore interface endpoints are available in the following AWS Regions: +AWS PrivateLink is currently not supported for AgentCore control plane endpoints. @@ -43,0 +43 @@ AgentCore interface endpoints are available in the following AWS Regions: +For a list of AWS Regions in which AgentCore interface endpoints are available, see [AWS Regions](./agentcore-regions.html). @@ -57 +57 @@ Create an interface endpoint for AgentCore using the following service name form - * Data plane operations: `com.amazonaws.`region`.bedrock-agentcore` + * All primitives (Runtime, Built-in Tools, Memory, Identity): `com.amazonaws.`region`.bedrock-agentcore` @@ -74 +74 @@ An endpoint policy specifies the following information: - * For AgentCore Gateway, if your gateway ingress isn't [AWS Signature Version 4 (SigV4)](https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html)-based (for example, if you use OAuth instead), you must specify the `Principal` field as the wildcard `*`. SigV4 -based authentication allows you to define the `Principal` as a specific AWS identity. + * For AgentCore Gateway, if your gateway ingress isn't [AWS Signature Version 4 (SigV4)](https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html)-based (for example, if you use OAuth instead), you must specify the `Principal` field as the wildcard `*`. SigV4 -based authentication allows you to define the `Principal` as a specific AWS identity. This also applies to AgentCore Runtime. @@ -140 +140 @@ The above policy allows only the IAM principal to make `InvokeAgentRuntime` call -Code Interpreter +Code Interpreter Tool