AWS Security ChangesHomeSearch

AWS bedrock-agentcore documentation change

Service: bedrock-agentcore · 2026-04-10 · Documentation low

File: bedrock-agentcore/latest/devguide/gateway-custom-domains.md

Summary

Minor typographical changes (straight apostrophes to curly apostrophes) and formatting adjustments in custom domain documentation

Security assessment

Changes are purely typographical and formatting (apostrophe style, removing blank lines). No security vulnerabilities, weaknesses, or incidents are mentioned or addressed. The content about disabling caching, SSL certificate validation, and Lambda@Edge functions remains unchanged in substance.

Diff

diff --git a/bedrock-agentcore/latest/devguide/gateway-custom-domains.md b/bedrock-agentcore/latest/devguide/gateway-custom-domains.md
index ae1d9f7c8..907ed4b56 100644
--- a//bedrock-agentcore/latest/devguide/gateway-custom-domains.md
+++ b//bedrock-agentcore/latest/devguide/gateway-custom-domains.md
@@ -116 +113 @@ Create a CloudFront distribution to act as a reverse proxy for your Gateway endp
-Set `cachePolicy: CachePolicy.CACHING_DISABLED` to ensure that CloudFront doesn't cache responses from your Gateway endpoint, which is important for dynamic API interactions.
+Set `cachePolicy: CachePolicy.CACHING_DISABLED` to ensure that CloudFront doesn’t cache responses from your Gateway endpoint, which is important for dynamic API interactions.
@@ -158,2 +153 @@ Use the `dig` command to verify that your custom domain resolves to the CloudFro
-
-The output should show that your domain resolves to CloudFront's IP addresses.
+The output should show that your domain resolves to CloudFront’s IP addresses.
@@ -191 +183 @@ For Cursor, update your configuration file:
-For MCP clients that don't natively support streamable HTTP:
+For MCP clients that don’t natively support streamable HTTP:
@@ -238 +229 @@ Enable CloudFront access logs and configure CloudWatch alarms to monitor the hea
-ACM certificates issued through DNS validation are automatically renewed as long as the DNS records remain in place. Ensure that you don't delete the validation records.
+ACM certificates issued through DNS validation are automatically renewed as long as the DNS records remain in place. Ensure that you don’t delete the validation records.
@@ -245 +236 @@ By default, the `/.well-known/oauth-protected-resource` endpoint returns a resou
-To resolve this issue, you can implement a Lambda@Edge function that intercepts the OAuth discovery response and generates a new response with the correct custom domain URL. Here's the approach:
+To resolve this issue, you can implement a Lambda@Edge function that intercepts the OAuth discovery response and generates a new response with the correct custom domain URL. Here’s the approach:
@@ -275 +264 @@ While Lambda@Edge provides a solution for this issue, implementing custom domain
-If your custom domain doesn't resolve correctly:
+If your custom domain doesn’t resolve correctly:
@@ -279 +268 @@ If your custom domain doesn't resolve correctly:
-  * Check that your domain's name servers are correctly set at your domain registrar
+  * Check that your domain’s name servers are correctly set at your domain registrar
@@ -295 +284 @@ If you encounter SSL certificate errors:
-  * Ensure that the certificate covers the exact domain name you're using
+  * Ensure that the certificate covers the exact domain name you’re using
@@ -303 +292 @@ If you encounter SSL certificate errors:
-If your custom domain doesn't connect to your gateway:
+If your custom domain doesn’t connect to your gateway: