AWS bedrock-agentcore documentation change
Summary
Updated authorization capabilities table and expanded SigV4 configuration to OpenAPI targets
Security assessment
Changes reflect expanded security capabilities (OAuth for MCP, IAM/API Key for OpenAPI) but don't indicate any vulnerability fix. Enhances documentation of security features.
Diff
diff --git a/bedrock-agentcore/latest/devguide/gateway-outbound-auth.md b/bedrock-agentcore/latest/devguide/gateway-outbound-auth.md index 0665f61ff..57d9e0ca4 100644 --- a//bedrock-agentcore/latest/devguide/gateway-outbound-auth.md +++ b//bedrock-agentcore/latest/devguide/gateway-outbound-auth.md @@ -42,2 +42,2 @@ Lambda function | No | Yes | No | No | No | No | No | No -MCP server | Yes | Yes | No | Yes | Yes | Yes | No | No -OpenAPI schema | No | No | No | Yes | Yes | Yes | No | Yes +MCP server | Yes | Yes | No | Yes | Yes | Yes | No | Yes +OpenAPI schema | Yes | Yes | No | Yes | Yes | Yes | No | Yes @@ -76 +76 @@ If you use this option, verify that the gateway service role has `bedrock-agentc -**Additional configuration for MCP server targets** +**Additional configuration for MCP server and OpenAPI targets** @@ -78 +78 @@ If you use this option, verify that the gateway service role has `bedrock-agentc -When you use IAM-based outbound authorization with an MCP server target, you must provide additional configuration for SigV4 signing. In the `credentialProviderConfigurations` , include an `iamCredentialProvider` with the following fields: +When you use IAM-based outbound authorization with an MCP server or OpenAPI target, you must provide additional configuration for SigV4 signing. In the `credentialProviderConfigurations` , include an `iamCredentialProvider` with the following fields: