AWS Security ChangesHomeSearch

AWS bedrock-agentcore documentation change

Service: bedrock-agentcore · 2026-04-10 · Documentation low

File: bedrock-agentcore/latest/devguide/gateway-vpc-egress.md

Summary

Formatting updates including typographical fixes, image alt text addition, heading style changes, and minor text improvements in the VPC egress traffic management documentation.

Security assessment

Changes are primarily cosmetic (apostrophe fixes, heading style updates, adding alt text to image). The security content about VPC endpoints, principle of least privilege, and execution role policies remains unchanged in substance. No new security vulnerabilities or features are documented.

Diff

diff --git a/bedrock-agentcore/latest/devguide/gateway-vpc-egress.md b/bedrock-agentcore/latest/devguide/gateway-vpc-egress.md
index e28fa5e82..8c6d09d1c 100644
--- a//bedrock-agentcore/latest/devguide/gateway-vpc-egress.md
+++ b//bedrock-agentcore/latest/devguide/gateway-vpc-egress.md
@@ -9 +9 @@ MCPOpen API targetSmithy targetAPI GatewayLambdaWorkaround for private identity
-The AgentCore Gateway service provides secure and controlled egress traffic management for your applications, enabling seamless communication with resources within your Virtual Private Cloud (VPC). This document outlines how egress traffic flows through the AgentCore Gateway to reach VPC resources. You'll learn about the supported gateway target types (Lambda, API Gateway, and MCP servers via AgentCore Runtime), their configuration requirements, and the authentication methods supported for each target type. This guide covers the security considerations, routing mechanisms, and best practices needed to enable proper egress traffic flow while maintaining network isolation and following the principle of least privilege throughout your architecture.
+The AgentCore Gateway service provides secure and controlled egress traffic management for your applications, enabling seamless communication with resources within your Virtual Private Cloud (VPC). This document outlines how egress traffic flows through the AgentCore Gateway to reach VPC resources. You’ll learn about the supported gateway target types (Lambda, API Gateway, and MCP servers via AgentCore Runtime), their configuration requirements, and the authentication methods supported for each target type. This guide covers the security considerations, routing mechanisms, and best practices needed to enable proper egress traffic flow while maintaining network isolation and following the principle of least privilege throughout your architecture.
@@ -68 +68 @@ For outbound authorization from AgentCore Gateway to AgentCore Runtime, two auth
-![](/images/bedrock-agentcore/latest/devguide/images/gateway-runtime-vpc-access.png)
+![gateway runtime vpc access](/images/bedrock-agentcore/latest/devguide/images/gateway-runtime-vpc-access.png)
@@ -70 +70 @@ For outbound authorization from AgentCore Gateway to AgentCore Runtime, two auth
-###### Example CreateGatewayTarget with AgentCore Runtime as a the target
+**Example CreateGatewayTarget with AgentCore Runtime as a the target**
@@ -116 +116 @@ Avoid using a VPC endpoint (VPCE) URL with `privateEndpoint` to prevent an unnec
-If your API Gateway can't be directly added as a target, you can always export the resource as an OpenAPI spec and import the spec into AgentCore Gateway as a OpenAPI target.
+If your API Gateway can’t be directly added as a target, you can always export the resource as an OpenAPI spec and import the spec into AgentCore Gateway as a OpenAPI target.
@@ -177 +177 @@ To implement security best practices, configure your API Gateway to restrict inb
-###### API Gateway Resource Policy Locked Down to AgentCore Gateway
+**API Gateway Resource Policy Locked Down to AgentCore Gateway**
@@ -203 +203 @@ The following resource policy restricts API Gateway access to AgentCore Gateway:
-###### AgentCore Gateway Execution Role policy
+**AgentCore Gateway Execution Role policy**
@@ -223 +223 @@ The following policy grants the gateway permission to invoke the API Gateway:
-###### AgentCore Gateway Execution Role trust policy
+**AgentCore Gateway Execution Role trust policy**
@@ -284 +284 @@ For more details on private endpoint configuration, see [Connect to private reso
-AgentCore Gateway supports Lambda targets as one of it target types, allowing seamless invocation of Lambda functions that can communicate with resources within your VPC. This functionality is available out-of-the-box and requires no additional configuration from customers - the gateway can immediately invoke Lambda functions that have been configured with VPC access to reach your internal resources such as databases, APIs, or other services. To maintain security best practices, it's strongly recommended to configure the AgentCore Gateway execution role with minimal permissions, specifically limiting it to invoke only the intended Lambda function rather than granting broad Lambda execution permissions. This principle of least privilege ensures that the gateway, or any other caller using the same role, cannot inadvertently invoke unintended Lambda functions, thereby reducing your security attack surface and maintaining strict access controls within your AWS environment.
+AgentCore Gateway supports Lambda targets as one of it target types, allowing seamless invocation of Lambda functions that can communicate with resources within your VPC. This functionality is available out-of-the-box and requires no additional configuration from customers - the gateway can immediately invoke Lambda functions that have been configured with VPC access to reach your internal resources such as databases, APIs, or other services. To maintain security best practices, it’s strongly recommended to configure the AgentCore Gateway execution role with minimal permissions, specifically limiting it to invoke only the intended Lambda function rather than granting broad Lambda execution permissions. This principle of least privilege ensures that the gateway, or any other caller using the same role, cannot inadvertently invoke unintended Lambda functions, thereby reducing your security attack surface and maintaining strict access controls within your AWS environment.