AWS Security ChangesHomeSearch

AWS bedrock-agentcore documentation change

Service: bedrock-agentcore · 2026-04-01 · Documentation medium

File: bedrock-agentcore/latest/devguide/policy-permissions.md

Summary

Updated documentation to reflect that AgentCore CLI creates gateways with scoped permissions instead of wildcard permissions, requiring manual addition of Policy in AgentCore permissions and recommending specific resource ARNs for production environments.

Security assessment

The change emphasizes security best practices by moving from wildcard permissions to scoped permissions and following least-privilege principles. It explicitly states that the CLI no longer creates roles with `bedrock-agentcore:*` wildcard permissions and requires manual addition of specific permissions. This is a proactive security improvement, not a response to a specific security incident.

Diff

diff --git a/bedrock-agentcore/latest/devguide/policy-permissions.md b/bedrock-agentcore/latest/devguide/policy-permissions.md
index f775a1f87..e7d747c05 100644
--- a//bedrock-agentcore/latest/devguide/policy-permissions.md
+++ b//bedrock-agentcore/latest/devguide/policy-permissions.md
@@ -309 +309 @@ Determine whether Policy in AgentCore permissions need to be added to the Amazon
-**Scenario 1: Gateway Created with Starter Toolkit**
+**Scenario 1: Gateway Created with AgentCore CLI**
@@ -312 +312 @@ Determine whether Policy in AgentCore permissions need to be added to the Amazon
-**Status:** No action needed
+**Status:** Action required
@@ -314 +314 @@ Determine whether Policy in AgentCore permissions need to be added to the Amazon
-The starter toolkit automatically creates an execution role with `bedrock-agentcore:*` wildcard permissions that include all Policy in AgentCore actions. The role is fully configured and ready to use.
+The AgentCore CLI creates a gateway execution role with scoped permissions for target invocation and outbound authentication, but does not include Policy in AgentCore permissions. You must manually add the `AuthorizeAction`, `PartiallyAuthorizeActions`, and `GetPolicyEngine` permissions documented in this guide to the gateway execution role.
@@ -328 +328 @@ Custom IAM roles require the Policy in AgentCore permissions documented in this
-Even when using the starter toolkit, production environments may require replacing wildcard permissions with specific actions that follow least-privilege principles.
+For production environments, scope the Policy in AgentCore permissions to specific resource ARNs rather than using wildcards. Replace `policy-engine/*` and `gateway/*` with the specific policy engine and gateway IDs in your permission policies.