AWS Security ChangesHomeSearch

AWS bedrock-agentcore documentation change

Service: bedrock-agentcore · 2026-04-10 · Documentation low

File: bedrock-agentcore/latest/devguide/gateway-building.md

Summary

Restructured document by moving 'Gateway workflow' section after 'Topics' section and reorganizing content without changing technical details

Security assessment

The changes are purely structural/organizational - moving sections, adding a topics list, and reformatting content. No new security information was added, and there's no evidence of addressing a specific security vulnerability or incident. The security-related content (inbound/outbound authorization, IAM credentials, OAuth authentication) was already present and remains unchanged.

Diff

diff --git a/bedrock-agentcore/latest/devguide/gateway-building.md b/bedrock-agentcore/latest/devguide/gateway-building.md
index 1a9893f5a..166d857a3 100644
--- a//bedrock-agentcore/latest/devguide/gateway-building.md
+++ b//bedrock-agentcore/latest/devguide/gateway-building.md
@@ -9 +9 @@ Gateway workflow
-Amazon Bedrock AgentCore Gateway provides a unified connectivity layer between agents and the tools and resources they need to interact with. Before setting up your Gateway, it's important to understand how to specify permissions so that you can secure your gateway properly.
+Amazon Bedrock AgentCore Gateway provides a unified connectivity layer between agents and the tools and resources they need to interact with. Before setting up your Gateway, it’s important to understand how to specify permissions so that you can secure your gateway properly.
@@ -11 +11 @@ Amazon Bedrock AgentCore Gateway provides a unified connectivity layer between a
-## Gateway workflow
+###### Topics
@@ -13 +13 @@ Amazon Bedrock AgentCore Gateway provides a unified connectivity layer between a
-The Gateway workflow involves the following steps to connect your agents to external tools:
+  * Gateway workflow
@@ -15 +15 @@ The Gateway workflow involves the following steps to connect your agents to exte
-  1. **Create the tools for your Gateway** \- Define your tools using schemas such as OpenAPI specifications for REST APIs or JSON schemas for Lambda functions. The OpenAPI specifications or tool schemas for your tools are then parsed by Amazon Bedrock AgentCore for creating the Gateway.
+  * [Create an Amazon Bedrock AgentCore gateway](./gateway-create.html)
@@ -17 +17 @@ The Gateway workflow involves the following steps to connect your agents to exte
-  2. **Create a Gateway endpoint** \- Use the AWS console or AWS SDK to create the gateway that will serve as the MCP entry point. Each API endpoint or function will become an MCP-compatible tool, and will be made available through your MCP server URL. To secure the gateway, you can use inbound authorization to control the ingress to the gateway.
+  * [Add targets to an existing AgentCore gateway](./gateway-building-adding-targets.html)
@@ -19 +18,0 @@ The Gateway workflow involves the following steps to connect your agents to exte
-  3. **Add targets to your Gateway** \- Configure targets that define how the gateway routes requests to specific tools. To securely connect to backend resources on behalf of authenticated users, use Outbound Authorization. Together, Inbound and Outbound Authorization create a secure bridge between users and their target resources, supporting both IAM credentials and OAuth-based authentication flows. 
@@ -21 +19,0 @@ The Gateway workflow involves the following steps to connect your agents to exte
-  4. **Update your agent code** \- Connect your agent to the Gateway endpoint to access all configured tools through the unified MCP interface.
@@ -23,0 +22 @@ The Gateway workflow involves the following steps to connect your agents to exte
+## Gateway workflow
@@ -24,0 +24 @@ The Gateway workflow involves the following steps to connect your agents to exte
+The Gateway workflow involves the following steps to connect your agents to external tools:
@@ -26 +26 @@ The Gateway workflow involves the following steps to connect your agents to exte
-###### Topics
+  1. **Create the tools for your Gateway** \- Define your tools using schemas such as OpenAPI specifications for REST APIs or JSON schemas for Lambda functions. The OpenAPI specifications or tool schemas for your tools are then parsed by Amazon Bedrock AgentCore for creating the Gateway.
@@ -28 +28 @@ The Gateway workflow involves the following steps to connect your agents to exte
-  * [Create an Amazon Bedrock AgentCore gateway](./gateway-create.html)
+  2. **Create a Gateway endpoint** \- Use the AWS console or AWS SDK to create the gateway that will serve as the MCP entry point. Each API endpoint or function will become an MCP-compatible tool, and will be made available through your MCP server URL. To secure the gateway, you can use inbound authorization to control the ingress to the gateway.
@@ -30 +30,3 @@ The Gateway workflow involves the following steps to connect your agents to exte
-  * [Add targets to an existing AgentCore gateway](./gateway-building-adding-targets.html)
+  3. **Add targets to your Gateway** \- Configure targets that define how the gateway routes requests to specific tools. To securely connect to backend resources on behalf of authenticated users, use Outbound Authorization. Together, Inbound and Outbound Authorization create a secure bridge between users and their target resources, supporting both IAM credentials and OAuth-based authentication flows.
+
+  4. **Update your agent code** \- Connect your agent to the Gateway endpoint to access all configured tools through the unified MCP interface.