AWS bedrock-agentcore documentation change
Summary
Added new 'Policy evaluation algorithm' section explaining authorization evaluation logic
Security assessment
Documents authorization evaluation logic (default deny, forbid/permit interactions) but doesn't address a specific vulnerability. Enhances understanding of security controls.
Diff
diff --git a/bedrock-agentcore/latest/devguide/policy-understanding-cedar.md b/bedrock-agentcore/latest/devguide/policy-understanding-cedar.md index 2b7b76483..758d678f5 100644 --- a//bedrock-agentcore/latest/devguide/policy-understanding-cedar.md +++ b//bedrock-agentcore/latest/devguide/policy-understanding-cedar.md @@ -5 +5 @@ -Example policyPolicy structurePolicy effectsDefault denyAuthorization evaluationPolicy independence +Example policyPolicy structurePolicy effectsDefault denyAuthorization evaluationPolicy independencePolicy evaluation algorithm @@ -24,0 +25,2 @@ AgentCore Policy uses Cedar policies to control access to AgentCore Gateway tool + * Policy evaluation algorithm + @@ -111,0 +114,17 @@ Policies do not reference or depend on other policies. +## Policy evaluation algorithm + +When a request is evaluated, the policy engine determines the authorization decision using the following algorithm: + + 1. If any `forbid` policy matches the request, the decision is DENY. + + 2. If no `forbid` policy matches the request and at least one `permit` policy matches, the decision is ALLOW. + + 3. If neither `forbid` nor `permit` policies match the request, the decision is DENY. + + + + +This evaluation model enforces a **default deny** posture. + +A `forbid` policy can never result in an ALLOW decision. The `unless` clause on a `forbid` policy specifies conditions under which that `forbid` policy does not apply; it does **not** grant permission and does not override a matching `permit` policy. +