AWS bedrock-agentcore medium security documentation change
Summary
Added API key authorization option for MCP servers, expanded IAM SigV4 compatibility details, and added required bedrock-agentcore:GetResourceApiKey permission
Security assessment
The change adds new API key authentication documentation and specifies required IAM permissions for secure access. The expanded compatibility list and explicit warnings about incompatible services (like ALB/EC2) provide security configuration guidance.
Diff
diff --git a/bedrock-agentcore/latest/devguide/gateway-target-MCPservers.md b/bedrock-agentcore/latest/devguide/gateway-target-MCPservers.md index 863c45e6b..96f011db0 100644 --- a//bedrock-agentcore/latest/devguide/gateway-target-MCPservers.md +++ b//bedrock-agentcore/latest/devguide/gateway-target-MCPservers.md @@ -66,0 +67,2 @@ The following types of the authorization strategy are supported. + * API key – The gateway uses an API key credential provider to authenticate with the MCP server. You configure the API key provider in Amazon Bedrock AgentCore Identity in the same account and Region as the gateway. + @@ -72 +74,16 @@ The following types of the authorization strategy are supported. -IAM (SigV4) outbound authorization requires that the MCP server is hosted behind an AWS service that natively supports IAM authentication. The gateway signs outbound requests with SigV4 but does not modify the authentication configuration on the target. The target service must be able to verify SigV4 signatures. The following AWS services natively support IAM authentication and are compatible with IAM outbound authorization for MCP server targets: * Amazon Bedrock AgentCore Gateway * Amazon Bedrock AgentCore Runtime (see [Deploy MCP servers in AgentCore Runtime](./runtime-mcp.html) ) * Amazon API Gateway * Lambda Function URLs Services that do not natively verify SigV4 signatures, such as Application Load Balancer or direct Amazon EC2 endpoints, are not compatible with IAM outbound authorization. If your MCP server is hosted behind one of these services, use OAuth or API key authorization instead. +IAM (SigV4) outbound authorization requires that the MCP server is hosted behind an AWS service that natively supports IAM authentication. The gateway signs outbound requests with SigV4 but does not modify the authentication configuration on the target. The target service must be able to verify SigV4 signatures. + +The following AWS services natively support IAM authentication and are compatible with IAM outbound authorization for MCP server targets: + + * Amazon Bedrock AgentCore Gateway + + * Amazon Bedrock AgentCore Runtime (see [Deploy MCP servers in AgentCore Runtime](./runtime-mcp.html)) + + * Amazon API Gateway + + * Lambda Function URLs + + + + +Services that do not natively verify SigV4 signatures, such as Application Load Balancer or direct Amazon EC2 endpoints, are not compatible with IAM outbound authorization. If your MCP server is hosted behind one of these services, use OAuth or API key authorization instead. @@ -147,0 +165 @@ The IAM role which you use to create, update or synchronize MCP servers targets + "bedrock-agentcore:GetResourceApiKey",