AWS Security ChangesHomeSearch

AWS bedrock-agentcore documentation change

Service: bedrock-agentcore · 2026-05-07 · Documentation low

File: bedrock-agentcore/latest/devguide/runtime-sessions.md

Summary

Added link to security best practices documentation in session management section

Security assessment

The change adds a reference to security best practices for session isolation but doesn't patch any vulnerability. It enhances documentation about secure session management without evidence of a specific security incident.

Diff

diff --git a/bedrock-agentcore/latest/devguide/runtime-sessions.md b/bedrock-agentcore/latest/devguide/runtime-sessions.md
index 01a834e48..07f0210c5 100644
--- a//bedrock-agentcore/latest/devguide/runtime-sessions.md
+++ b//bedrock-agentcore/latest/devguide/runtime-sessions.md
@@ -26 +26 @@ Amazon Bedrock AgentCore Runtime lets you isolate each user session and safely r
-AgentCore does not enforce session-to-user mappings - your client backend should maintain the relationship between users and their session IDs. Additionally, your client backend should implement logic for user to session lifecycle management like maximum number of sessions per user.
+AgentCore does not enforce session-to-user mappings - your client backend should maintain the relationship between users and their session IDs. Additionally, your client backend should implement logic for user to session lifecycle management like maximum number of sessions per user. For complete session isolation guidance, see [Security best practices for AgentCore Runtime](./runtime-security-best-practices.html).