AWS Security ChangesHomeSearch

AWS prescriptive-guidance medium security documentation change

Service: prescriptive-guidance · 2025-12-25 · Security-related medium

File: prescriptive-guidance/latest/security-reference-architecture-generative-ai/gen-ai-agents.md

Summary

Updated documentation links, added versioning details for Amazon Bedrock agents, enhanced security considerations for prompt templates, and revised service role references.

Security assessment

The change explicitly discusses security risks related to prompt template poisoning ('An attacker could maliciously modify the templates to take over the agent's goals or induce it to leak sensitive information') and provides updated links to security controls like encryption with customer-managed KMS keys, input validation with guardrails, and IAM policies. These changes directly address security vulnerabilities by emphasizing configuration safeguards.

Diff