AWS Security ChangesHomeSearch

AWS bedrock-agentcore documentation change

Service: bedrock-agentcore · 2026-04-10 · Documentation low

File: bedrock-agentcore/latest/devguide/identity-data-encryption.md

Summary

Updated apostrophes to curly quotes and fixed spacing in a sentence about KMS key limitations.

Security assessment

Changes are purely typographical and formatting (e.g., 'aren't' to 'aren’t', added space before period); no alteration to encryption policies, key types, or security features. No evidence of addressing security vulnerabilities.

Diff

diff --git a/bedrock-agentcore/latest/devguide/identity-data-encryption.md b/bedrock-agentcore/latest/devguide/identity-data-encryption.md
index 9e5e11dbd..9d2fabdd6 100644
--- a//bedrock-agentcore/latest/devguide/identity-data-encryption.md
+++ b//bedrock-agentcore/latest/devguide/identity-data-encryption.md
@@ -20 +20 @@ By default, Amazon Bedrock AgentCore Identity encrypts customer data in token va
-Amazon Bedrock AgentCore Identity encrypts the data in your token vault with an AWS owned KMS key. Keys of this type aren't visible in AWS KMS.
+Amazon Bedrock AgentCore Identity encrypts the data in your token vault with an AWS owned KMS key. Keys of this type aren’t visible in AWS KMS.
@@ -33 +33 @@ Amazon Bedrock AgentCore Identity encrypts the data in your token vault with a c
-  * You can't configure token vault encryption at rest with [multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) or [asymmetric keys](https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html). Amazon Bedrock AgentCore Identity supports only single-region symmetric KMS keys for token vault encryption at rest.
+  * You can’t configure token vault encryption at rest with [multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) or [asymmetric keys](https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) . Amazon Bedrock AgentCore Identity supports only single-region symmetric KMS keys for token vault encryption at rest.