AWS Security ChangesHomeSearch

AWS devopsagent documentation change

Service: devopsagent · 2026-06-13 · Documentation low

File: devopsagent/latest/userguide/aws-devops-agent-security.md

Summary

Added global routing exceptions for 3 regions and updated terminology ('leverage'→'use', 'utilize'→'use')

Security assessment

Routing documentation clarifies service behavior but doesn't address vulnerabilities. Terminology changes don't alter security meaning.

Diff

diff --git a/devopsagent/latest/userguide/aws-devops-agent-security.md b/devopsagent/latest/userguide/aws-devops-agent-security.md
index b2b3e66e4..6b72129d6 100644
--- a//devopsagent/latest/userguide/aws-devops-agent-security.md
+++ b//devopsagent/latest/userguide/aws-devops-agent-security.md
@@ -60,0 +61,13 @@ AWS DevOps Agent will securely route your inference requests to available comput
+### Global cross-Region inference for specific Regions
+
+For the following Regions, the geography-based routing described above does not apply. Instead, AWS DevOps Agent will automatically select the optimal region globally to process your inference requests.
+
+  * Asia Pacific (Singapore) – `ap-southeast-1`
+
+  * Asia Pacific (Mumbai) – `ap-south-1`
+
+  * South America (São Paulo) – `sa-east-1`
+
+
+
+
@@ -161 +174 @@ While AWS DevOps Agent provides multiple layers of protection against prompt inj
-  * **Custom MCP server tools** – The bring-your-own MCP feature allows you to introduce custom tools to the agent, which can present additional opportunities for prompt injection. Custom tools may not have the same security controls as native AWS DevOps Agent tools, and malicious instructions could potentially leverage these tools in unintended ways. See [Shared responsibility model](./aws-devops-agent-security.html) section for more.
+  * **Custom MCP server tools** – The bring-your-own MCP feature allows you to introduce custom tools to the agent, which can present additional opportunities for prompt injection. Custom tools may not have the same security controls as native AWS DevOps Agent tools, and malicious instructions could potentially use these tools in unintended ways. See [Shared responsibility model](./aws-devops-agent-security.html) section for more.
@@ -191 +204 @@ AWS DevOps Agent supports several integration types, each with its own security
-  * **MCP servers** – Remote Model Context Protocol servers that utilize OAuth 2.0 authentication flows and API keys to securely communicate with external systems.
+  * **MCP servers** – Remote Model Context Protocol servers that use OAuth 2.0 authentication flows and API keys to securely communicate with external systems.