AWS Security ChangesHomeSearch

AWS bedrock documentation change

Service: bedrock · 2026-05-13 · Documentation medium

File: bedrock/latest/userguide/rft-open-weight-access-security.md

Summary

Updated IAM policy requirements for fine-tuning APIs, replacing specific role reference with generalized Lambda permissions

Security assessment

The change updates security documentation about required IAM permissions for fine-tuning APIs but shows no evidence of addressing a specific security vulnerability. It improves clarity around security configurations without referencing any security incident.

Diff

diff --git a/bedrock/latest/userguide/rft-open-weight-access-security.md b/bedrock/latest/userguide/rft-open-weight-access-security.md
index 7a5ea83f4..cf6d6db69 100644
--- a//bedrock/latest/userguide/rft-open-weight-access-security.md
+++ b//bedrock/latest/userguide/rft-open-weight-access-security.md
@@ -27 +27 @@ Before using Amazon Bedrock's OpenAI-compatible fine-tuning APIs, ensure you hav
-If you are using Amazon Bedrock short-term/long-term API keys, then make sure that your role has access to the following IAM policy permissions: `AmazonBedrockMantleFullAccess` and [AWSLambdaRole](https://docs.aws.amazon.com/bedrock/latest/ug/rft-open-weight-access-security#openai-fine-tuning-lambda-permissions).
+If you are using Amazon Bedrock short-term/long-term API keys, then make sure that your role has access to the following IAM policy permissions: `AmazonBedrockMantleFullAccess` and Lambda permissions for reward functions.