AWS Security ChangesHomeSearch

AWS bedrock-agentcore documentation change

Service: bedrock-agentcore · 2026-04-10 · Documentation low

File: bedrock-agentcore/latest/devguide/security-iam.md

Summary

Updated typographical quotes (straight to curly apostrophes) and removed hyperlinks from IAM user and IAM role terms, while adjusting formatting for IAM group link.

Security assessment

The changes are purely typographical and formatting updates (e.g., 'don't' to 'don’t', 'can't' to 'can’t', and removal of hyperlinks). No security content was added, removed, or substantively altered. The updates do not address any security vulnerability, incident, or weakness.

Diff

diff --git a/bedrock-agentcore/latest/devguide/security-iam.md b/bedrock-agentcore/latest/devguide/security-iam.md
index 3ea03fcb4..ba5810aea 100644
--- a//bedrock-agentcore/latest/devguide/security-iam.md
+++ b//bedrock-agentcore/latest/devguide/security-iam.md
@@ -57 +57 @@ For programmatic access, AWS provides an SDK and CLI to cryptographically sign r
-When you create an AWS account, you begin with one sign-in identity called the AWS account _root user_ that has complete access to all AWS services and resources. We strongly recommend that you don't use the root user for everyday tasks. For tasks that require root user credentials, see [Tasks that require root user credentials](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-user.html#root-user-tasks) in the _IAM User Guide_. 
+When you create an AWS account, you begin with one sign-in identity called the AWS account _root user_ that has complete access to all AWS services and resources. We strongly recommend that you don’t use the root user for everyday tasks. For tasks that require root user credentials, see [Tasks that require root user credentials](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-user.html#root-user-tasks) in the _IAM User Guide_.
@@ -69 +69 @@ For centralized access management, we recommend AWS IAM Identity Center. For mor
-An _[IAM user](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users.html)_ is an identity with specific permissions for a single person or application. We recommend using temporary credentials instead of IAM users with long-term credentials. For more information, see [Require human users to use federation with an identity provider to access AWS using temporary credentials](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#bp-users-federation-idp) in the _IAM User Guide_.
+An _IAM user_ is an identity with specific permissions for a single person or application. We recommend using temporary credentials instead of IAM users with long-term credentials. For more information, see [Require human users to use federation with an identity provider to access AWS using temporary credentials](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#bp-users-federation-idp) in the _IAM User Guide_.
@@ -71 +71 @@ An _[IAM user](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users.html)_
-An [_IAM group_](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_groups.html) specifies a collection of IAM users and makes permissions easier to manage for large sets of users. For more information, see [Use cases for IAM users](https://docs.aws.amazon.com/IAM/latest/UserGuide/gs-identities-iam-users.html) in the _IAM User Guide_.
+An [IAM group](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_groups.html) specifies a collection of IAM users and makes permissions easier to manage for large sets of users. For more information, see [Use cases for IAM users](https://docs.aws.amazon.com/IAM/latest/UserGuide/gs-identities-iam-users.html) in the _IAM User Guide_.
@@ -75 +75 @@ An [_IAM group_](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_groups.html
-An _[IAM role](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html)_ is an identity with specific permissions that provides temporary credentials. You can assume a role by [switching from a user to an IAM role (console)](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-console.html) or by calling an AWS CLI or AWS API operation. For more information, see [Methods to assume a role](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_manage-assume.html) in the _IAM User Guide_.
+An _IAM role_ is an identity with specific permissions that provides temporary credentials. You can assume a role by [switching from a user to an IAM role (console)](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-console.html) or by calling an AWS CLI or AWS API operation. For more information, see [Methods to assume a role](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_manage-assume.html) in the _IAM User Guide_.
@@ -97 +97 @@ Resource-based policies are JSON policy documents that you attach to a resource.
-Resource-based policies are inline policies that are located in that service. You can't use AWS managed policies from IAM in a resource-based policy.
+Resource-based policies are inline policies that are located in that service. You can’t use AWS managed policies from IAM in a resource-based policy.