AWS bedrock-agentcore medium security documentation change
Summary
Updated action names from double underscore (__) to triple underscore (___) in policy examples
Security assessment
Corrects policy syntax in examples to ensure proper enforcement. Prevents possible security misconfigurations in access control policies.
Diff
diff --git a/bedrock-agentcore/latest/devguide/policy-natural-language.md b/bedrock-agentcore/latest/devguide/policy-natural-language.md index a7dcb65b5..360faa24c 100644 --- a//bedrock-agentcore/latest/devguide/policy-natural-language.md +++ b//bedrock-agentcore/latest/devguide/policy-natural-language.md @@ -81 +81 @@ Allow principal with username "refund-agent" to process refunds when the refund - action == AgentCore::Action::"RefundTool__process_refund", + action == AgentCore::Action::"RefundTool___process_refund", @@ -152 +152 @@ Forbid policies ensure that specific actions cannot be mistakenly permitted. Eve - action == AgentCore::Action::"ModelAPI__view_results", + action == AgentCore::Action::"ModelAPI___view_results", @@ -159 +159 @@ Forbid policies ensure that specific actions cannot be mistakenly permitted. Eve - action == AgentCore::Action::"ModelAPI__view_results", + action == AgentCore::Action::"ModelAPI___view_results",