AWS bedrock-agentcore documentation change
Summary
Added section explaining how to handle multiple actions using Gateway Targets
Security assessment
Added documentation about proper policy scoping techniques which improves security posture but doesn't address specific vulnerabilities
Diff
diff --git a/bedrock-agentcore/latest/devguide/policy-scope.md b/bedrock-agentcore/latest/devguide/policy-scope.md index 920862335..158a7cd08 100644 --- a//bedrock-agentcore/latest/devguide/policy-scope.md +++ b//bedrock-agentcore/latest/devguide/policy-scope.md @@ -79,0 +80,16 @@ Actions represent tool calls in the MCP AgentCore Gateway. Each tool has a corre +### Multiple actions + +Cedar does **not** support wildcard actions. Each action must be referenced explicitly using the exact action identifier (`AgentCore::Action::"ToolName__operation"`). To group multiple tools under a single rule, use a **Gateway Target** (an Action Group) and write policies against that target. + +For example, to allow access only to tools whose names start with Read, you can create a Gateway Target called ReadToolsTarget that includes each such tool, and then write a policy like: + + + permit( + principal, + action in AgentCore::Action::"ReadToolsTarget", + resource == AgentCore::Gateway::"<gateway-arn>" + ); + + +This will permit all tools included in that target depending on the policy's effect. +