AWS bedrock-agentcore documentation change
Summary
Added JWT authorizer configuration details for allowed scopes and required claims
Security assessment
Enhances security documentation by specifying JWT validation requirements but doesn't indicate a security vulnerability being fixed.
Diff
diff --git a/bedrock-agentcore/latest/devguide/gateway-create-console.md b/bedrock-agentcore/latest/devguide/gateway-create-console.md index 8f05449a4..40a58b2e1 100644 --- a//bedrock-agentcore/latest/devguide/gateway-create-console.md +++ b//bedrock-agentcore/latest/devguide/gateway-create-console.md @@ -40,0 +41,4 @@ + * **Allowed scopes** – Enter a list of permitted scopes that will be validated against the scope claim in the JWT token. The `allowedScopes` authorization field will be configured as a list of strings. + + * **Required custom claims** – Enter a list of required claims that will be validated against the claim name and value contained in the incoming JWT token. For details on configuring the authorizer, see [Configure inbound JWT authorizer](./inbound-jwt-authorizer.html) +