AWS Security ChangesHomeSearch

AWS bedrock-agentcore documentation change

Service: bedrock-agentcore · 2025-12-07 · Documentation low

File: bedrock-agentcore/latest/devguide/code-interpreter-resource-management.md

Summary

Updated Sandbox mode description to allow S3 access and DNS resolution

Security assessment

Clarifies existing capabilities rather than addressing security issues. The change describes expanded functionality without evidence of security vulnerability remediation.

Diff

diff --git a/bedrock-agentcore/latest/devguide/code-interpreter-resource-management.md b/bedrock-agentcore/latest/devguide/code-interpreter-resource-management.md
index a4c1291ec..0855489ad 100644
--- a//bedrock-agentcore/latest/devguide/code-interpreter-resource-management.md
+++ b//bedrock-agentcore/latest/devguide/code-interpreter-resource-management.md
@@ -36 +36 @@ Sandbox mode
-Provides complete isolation with no external network access. This is the most secure option but limits the tool's ability to access external resources. S3 access is available in Sandbox mode.
+Provides limited external network access. In Sandbox mode, the code interpreter can access Amazon S3 for data operations and perform DNS resolution.