AWS securityhub documentation change
Summary
Added four new security controls: BedrockAgentCore.3 (memory encryption), BedrockAgentCore.4 (gateway encryption), BedrockAgentCore.5 (VPC network mode), and BedrockAgentCore.6 (session recording).
Security assessment
The changes add new preventative security controls for encryption and network configuration, but there's no evidence of addressing a specific existing vulnerability. These are proactive security enhancements documenting best practices.
Diff
diff --git a/securityhub/latest/userguide/bedrockagentcore-controls.md b/securityhub/latest/userguide/bedrockagentcore-controls.md index b2b92a1c1..4144aa428 100644 --- a//securityhub/latest/userguide/bedrockagentcore-controls.md +++ b//securityhub/latest/userguide/bedrockagentcore-controls.md @@ -7 +7 @@ -[BedrockAgentCore.1] Bedrock AgentCore runtimes should be configured with VPC network mode[BedrockAgentCore.2] Bedrock AgentCore Gateways should require authorization for inbound requests +[BedrockAgentCore.1] Bedrock AgentCore runtimes should be configured with VPC network mode[BedrockAgentCore.2] Bedrock AgentCore Gateways should require authorization for inbound requests[BedrockAgentCore.3] Bedrock AgentCore Memory should be encrypted with customer managed AWS KMS keys[BedrockAgentCore.4] Bedrock AgentCore Gateway should be encrypted with customer managed AWS KMS keys[BedrockAgentCore.5] Bedrock AgentCore custom browsers should not use public network mode[BedrockAgentCore.6] Bedrock AgentCore custom browsers should have session recording enabled @@ -56,0 +57,92 @@ To set up inbound authorization for an Amazon Bedrock AgentCore Gateway, see [Se +## [BedrockAgentCore.3] Bedrock AgentCore Memory should be encrypted with customer managed AWS KMS keys + +**Related requirements:** NIST.800-53.r5 AU-9, NIST.800-53.r5 CA-9(1), NIST.800-53.r5 CM-3(6), NIST.800-53.r5 SC-7(10), NIST.800-53.r5 SC-12(2), NIST.800-53.r5 SC-13, NIST.800-53.r5 SC-28, NIST.800-53.r5 SC-28(1), NIST.800-53.r5 SI-7(6) + +**Category:** Protect > Data protection > Encryption of data at rest + +**Severity:** Medium + +**Resource type:** `AWS::BedrockAgentCore::Memory` + +**AWS Config rule:** [bedrock-agentcore-memory-encryption-enabled](https://docs.aws.amazon.com/config/latest/developerguide/bedrock-agentcore-memory-encryption-enabled.html) + +**Schedule type:** Change triggered + +**Parameters:** None + +This control checks whether an Amazon Bedrock AgentCore Memory is encrypted at rest with a customer managed AWS KMS key. The control fails if the Bedrock AgentCore Memory isn't encrypted with a customer managed KMS key. + +Using a customer managed KMS key for encryption of Amazon Bedrock AgentCore memory provides enhanced security over the default service managed key. Customer managed KMS keys give you full control over the encryption key lifecycle and access policies. Additionally, all encryption key usage can be logged and monitored through AWS CloudTrail for auditability. + +### Remediation + +To encrypt your Amazon Bedrock AgentCore Memory with a customer managed KMS key, see [Encrypt your Amazon Bedrock AgentCore Memory](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/storage-encryption.html) in the _Amazon Bedrock AgentCore Developer Guide_. + +## [BedrockAgentCore.4] Bedrock AgentCore Gateway should be encrypted with customer managed AWS KMS keys + +**Related requirements:** NIST.800-53.r5 AU-9, NIST.800-53.r5 CA-9(1), NIST.800-53.r5 CM-3(6), NIST.800-53.r5 SC-7(10), NIST.800-53.r5 SC-12(2), NIST.800-53.r5 SC-13, NIST.800-53.r5 SC-28, NIST.800-53.r5 SC-28(1), NIST.800-53.r5 SI-7(6) + +**Category:** Protect > Data protection > Encryption of data at rest + +**Severity:** Medium + +**Resource type:** `AWS::BedrockAgentCore::Gateway` + +**AWS Config rule:** [bedrockagentcore-gateway-encryption-enabled](https://docs.aws.amazon.com/config/latest/developerguide/bedrockagentcore-gateway-encryption-enabled.html) + +**Schedule type:** Change triggered + +**Parameters:** None + +This control checks whether an Amazon Bedrock AgentCore Gateway is encrypted at rest with a customer managed AWS KMS key. The control fails if the Bedrock AgentCore Gateway isn't encrypted with a customer managed KMS key. + +By default, Amazon Bedrock AgentCore encrypts gateway data with AWS managed keys. Using a customer managed KMS key gives you full control over the encryption key lifecycle, including rotation, access policies, and auditing through AWS CloudTrail. This helps meet compliance requirements that mandate customer-controlled encryption for sensitive AI workloads. + +### Remediation + +To encrypt your Bedrock AgentCore Gateway with a customer managed KMS key, see [Encrypt your AgentCore gateway with a customer-managed KMS key](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/gateway-encryption.html) in the _Amazon Bedrock AgentCore Developer Guide_. + +## [BedrockAgentCore.5] Bedrock AgentCore custom browsers should not use public network mode + +**Category:** Protect > Secure network configuration > Resources within VPC + +**Severity:** High + +**Resource type:** `AWS::BedrockAgentCore::BrowserCustom` + +**AWS Config rule:** [bedrockagentcore-browsercustom-network-mode-not-public](https://docs.aws.amazon.com/config/latest/developerguide/bedrockagentcore-browsercustom-network-mode-not-public.html) + +**Schedule type:** Change triggered + +**Parameters:** None + +This control checks whether an Amazon Bedrock AgentCore custom browser is configured with public network mode. The control fails if the network mode is set to public. + +Using PUBLIC network mode for Amazon Bedrock AgentCore custom browsers exposes browser sessions directly to the internet, increasing the attack surface and risk of unauthorized access. Configuring browsers with VPC network mode ensures that browser traffic is confined within your private network, enabling you to apply network-level security controls such as security groups, network ACLs, and VPC flow logs. + +### Remediation + +To remediate this finding, delete the non-compliant Bedrock AgentCore custom browser and recreate it with VPC network mode. For instructions, see [Configure Amazon Bedrock AgentCore Runtime and tools for VPC](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/agentcore-vpc.html#agentcore-configuration) in the _Amazon Bedrock AgentCore Developer Guide_. + +## [BedrockAgentCore.6] Bedrock AgentCore custom browsers should have session recording enabled + +**Category:** Identify > Logging + +**Severity:** Medium + +**Resource type:** `AWS::BedrockAgentCore::BrowserCustom` + +**AWS Config rule:** [bedrockagentcore-browsercustom-recording-enabled](https://docs.aws.amazon.com/config/latest/developerguide/bedrockagentcore-browsercustom-recording-enabled.html) + +**Schedule type:** Change triggered + +**Parameters:** None + +This control checks whether an Amazon Bedrock AgentCore custom browser has session recording enabled with an S3 destination configured. The control fails if a custom browser does not have recording enabled or does not have an S3 location configured for storing recordings. + +Session recording for Bedrock AgentCore custom browsers ensures full auditability of browser interactions, enabling detection of unauthorized access, data exfiltration, or malicious activity during automated browsing sessions. + +### Remediation + +For instructions on how to enable browser session recording, see [Session Recording and Replay](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/browser-session-recording.html) in the _Amazon Bedrock AgentCore Developer Guide_. +