AWS bedrock-agentcore documentation change
Summary
Added link to Cedar language documentation
Security assessment
Minor reference update without security implications. No vulnerability or security feature documentation added.
Diff
diff --git a/bedrock-agentcore/latest/devguide/policy.md b/bedrock-agentcore/latest/devguide/policy.md index 884a697be..833419fba 100644 --- a//bedrock-agentcore/latest/devguide/policy.md +++ b//bedrock-agentcore/latest/devguide/policy.md @@ -13 +13 @@ With Amazon Bedrock AgentCore Policy, developers can create policy engines, crea -Policies are constructed using Cedar language, an open source language for writing and enforcing authorization policies. This allows developers to precisely specify what agents can access and what actions they can perform. Amazon Bedrock AgentCore Policy provides the capability to author policies using natural language by allowing developers to describe rules in plain English instead of writing formal policy code in Cedar. Natural language-based policy authoring interprets what the user intends, generates candidate policies, validates them against the tool schema, and uses automated reasoning to check safety conditions such as identifying policies that are overly permissive, overly restrictive, or contain conditions that can never be satisfied - ensuring customers catch these issues before enforcing policies. +Policies are constructed using [Cedar language](https://www.cedarpolicy.com/en), an open source language for writing and enforcing authorization policies. This allows developers to precisely specify what agents can access and what actions they can perform. Amazon Bedrock AgentCore Policy provides the capability to author policies using natural language by allowing developers to describe rules in plain English instead of writing formal policy code in Cedar. Natural language-based policy authoring interprets what the user intends, generates candidate policies, validates them against the tool schema, and uses automated reasoning to check safety conditions such as identifying policies that are overly permissive, overly restrictive, or contain conditions that can never be satisfied - ensuring customers catch these issues before enforcing policies.