AWS bedrock-agentcore documentation change
Summary
Added bedrock-agentcore:InvokeAgentRuntimeCommandShell permission for interactive shell sessions
Security assessment
Documents new IAM permission required for secure access to interactive shells, but doesn't address vulnerabilities. This extends security documentation for access control.
Diff
diff --git a/bedrock-agentcore/latest/devguide/resource-based-policies.md b/bedrock-agentcore/latest/devguide/resource-based-policies.md index bb6d94da4..d283fff64 100644 --- a//bedrock-agentcore/latest/devguide/resource-based-policies.md +++ b//bedrock-agentcore/latest/devguide/resource-based-policies.md @@ -199,0 +200,2 @@ The `Resource` field in the policy document must contain the exact ARN of the re + * `bedrock-agentcore:InvokeAgentRuntimeCommandShell` \- Open an interactive WebSocket shell session in an active runtime session +