AWS Security ChangesHomeSearch

AWS bedrock-agentcore documentation change

Service: bedrock-agentcore · 2025-12-07 · Documentation medium

File: bedrock-agentcore/latest/devguide/gateway-create-console.md

Summary

Added JWT authorizer configuration details for allowed scopes and required claims

Security assessment

Enhances security documentation by specifying JWT validation requirements but doesn't indicate a security vulnerability being fixed.

Diff

diff --git a/bedrock-agentcore/latest/devguide/gateway-create-console.md b/bedrock-agentcore/latest/devguide/gateway-create-console.md
index 8f05449a4..40a58b2e1 100644
--- a//bedrock-agentcore/latest/devguide/gateway-create-console.md
+++ b//bedrock-agentcore/latest/devguide/gateway-create-console.md
@@ -40,0 +41,4 @@
+       * **Allowed scopes** – Enter a list of permitted scopes that will be validated against the scope claim in the JWT token. The `allowedScopes` authorization field will be configured as a list of strings.
+
+       * **Required custom claims** – Enter a list of required claims that will be validated against the claim name and value contained in the incoming JWT token. For details on configuring the authorizer, see [Configure inbound JWT authorizer](./inbound-jwt-authorizer.html)
+