AWS bedrock documentation change
Summary
Updated IAM policy requirements for fine-tuning APIs, replacing specific role reference with generalized Lambda permissions
Security assessment
The change updates security documentation about required IAM permissions for fine-tuning APIs but shows no evidence of addressing a specific security vulnerability. It improves clarity around security configurations without referencing any security incident.
Diff
diff --git a/bedrock/latest/userguide/rft-open-weight-access-security.md b/bedrock/latest/userguide/rft-open-weight-access-security.md index 7a5ea83f4..cf6d6db69 100644 --- a//bedrock/latest/userguide/rft-open-weight-access-security.md +++ b//bedrock/latest/userguide/rft-open-weight-access-security.md @@ -27 +27 @@ Before using Amazon Bedrock's OpenAI-compatible fine-tuning APIs, ensure you hav -If you are using Amazon Bedrock short-term/long-term API keys, then make sure that your role has access to the following IAM policy permissions: `AmazonBedrockMantleFullAccess` and [AWSLambdaRole](https://docs.aws.amazon.com/bedrock/latest/ug/rft-open-weight-access-security#openai-fine-tuning-lambda-permissions). +If you are using Amazon Bedrock short-term/long-term API keys, then make sure that your role has access to the following IAM policy permissions: `AmazonBedrockMantleFullAccess` and Lambda permissions for reward functions.