AWS bedrock-agentcore documentation change
Summary
Fixed multiple typographical apostrophe formatting issues in policy concepts documentation
Security assessment
These changes are purely typographical (apostrophe formatting) and don't modify security-related content or address security vulnerabilities.
Diff
diff --git a/bedrock-agentcore/latest/devguide/policy-core-concepts.md b/bedrock-agentcore/latest/devguide/policy-core-concepts.md index ca74b1dff..6d5a8f195 100644 --- a//bedrock-agentcore/latest/devguide/policy-core-concepts.md +++ b//bedrock-agentcore/latest/devguide/policy-core-concepts.md @@ -9 +9 @@ GatewayGateway TargetPrincipal typesCedarCedar PolicyPolicy engineCedar SchemaCe -Before using Policy in Amazon Bedrock AgentCore, it's important to understand the key concepts and components that work together to provide policy-based governance for your AI agents. +Before using Policy in Amazon Bedrock AgentCore, it’s important to understand the key concepts and components that work together to provide policy-based governance for your AI agents. @@ -48 +48 @@ Cedar policies use principals to represent the entity making an authorization re - * **AgentCore::OAuthUser** \- Represents OAuth-authenticated users. When a AgentCore Gateway uses OAuth authorization, the principal is created from the JWT token's `sub` claim. OAuth principals support tags that contain JWT claims such as username, scope, role, etc. + * **AgentCore::OAuthUser** \- Represents OAuth-authenticated users. When a AgentCore Gateway uses OAuth authorization, the principal is created from the JWT token’s `sub` claim. OAuth principals support tags that contain JWT claims such as username, scope, role, etc. @@ -50 +50 @@ Cedar policies use principals to represent the entity making an authorization re - * **AgentCore::IamEntity** \- Represents IAM-authenticated callers. When a AgentCore Gateway uses AWS_IAM authorization, the principal is created from the caller's IAM ARN. IAM principals have an `id` attribute containing the full IAM ARN, which can be used for account-based or role-based access control. + * **AgentCore::IamEntity** \- Represents IAM-authenticated callers. When a AgentCore Gateway uses AWS_IAM authorization, the principal is created from the caller’s IAM ARN. IAM principals have an `id` attribute containing the full IAM ARN, which can be used for account-based or role-based access control. @@ -69 +69 @@ The policy engine is the core component of Policy in AgentCore that stores and e -A Cedar schema defines the structure of entities, actions, and context for policy validation. The policy engine automatically generates a schema from the gateway's tool definitions, mapping each tool to an action and defining the expected input parameters. The schema ensures policies are validated at creation time, catching errors before deployment. +A Cedar schema defines the structure of entities, actions, and context for policy validation. The policy engine automatically generates a schema from the gateway’s tool definitions, mapping each tool to an action and defining the expected input parameters. The schema ensures policies are validated at creation time, catching errors before deployment.