AWS Security ChangesHomeSearch

AWS bedrock-agentcore documentation change

Service: bedrock-agentcore · 2026-05-07 · Documentation low

File: bedrock-agentcore/latest/devguide/runtime-permissions.md

Summary

Added link to security best practices documentation in IAM guidance section

Security assessment

The change references security best practices for IAM policies but doesn't fix a specific vulnerability. It improves security documentation around least privilege principles without addressing an active security issue.

Diff

diff --git a/bedrock-agentcore/latest/devguide/runtime-permissions.md b/bedrock-agentcore/latest/devguide/runtime-permissions.md
index 3efe98e4b..17998bece 100644
--- a//bedrock-agentcore/latest/devguide/runtime-permissions.md
+++ b//bedrock-agentcore/latest/devguide/runtime-permissions.md
@@ -38 +38 @@ To use the AgentCore CLI, attach the following IAM policy to your IAM user or ro
-The IAM policies created by the AgentCore CLI are designed for development and testing purposes. These permissions grant broad access to facilitate rapid prototyping and are not suitable for production environments. For production deployments, create custom IAM policies that follow the principle of least privilege and restrict permissions to only the specific resources and actions required by your Amazon Bedrock AgentCore application.
+The IAM policies created by the AgentCore CLI are designed for development and testing purposes. These permissions grant broad access to facilitate rapid prototyping and are not suitable for production environments. For production deployments, create custom IAM policies that follow the principle of least privilege and restrict permissions to only the specific resources and actions required by your Amazon Bedrock AgentCore application. For complete IAM security guidance, see [Security best practices for AgentCore Runtime](./runtime-security-best-practices.html).