AWS Security ChangesHomeSearch

AWS bedrock-agentcore documentation change

Service: bedrock-agentcore · 2026-06-19 · Documentation high

File: bedrock-agentcore/latest/devguide/gateway-inbound-auth.md

Summary

Updated 'Authenticate only' description to clarify SigV4 authentication without authorization, added security warning about downstream authorization requirements, and moved 'No Authorization' option into warning note.

Security assessment

The changes clarify authentication behavior and explicitly warn about security risks when using AUTHENTICATE_ONLY without downstream authorization. This improves security documentation but doesn't indicate a specific vulnerability being fixed.

Diff

diff --git a/bedrock-agentcore/latest/devguide/gateway-inbound-auth.md b/bedrock-agentcore/latest/devguide/gateway-inbound-auth.md
index 446f9ce40..c0a43b2d3 100644
--- a//bedrock-agentcore/latest/devguide/gateway-inbound-auth.md
+++ b//bedrock-agentcore/latest/devguide/gateway-inbound-auth.md
@@ -17 +17 @@ Before you create your gateway, you must set up inbound authorization. Inbound a
-  * **Authenticate only** – The gateway validates the inbound JWT token to verify the caller’s identity but does not perform full authorization. The authenticated identity or token is passed through to the target for downstream authorization. This is useful when you want the gateway to verify authentication while delegating authorization decisions to the target service, such as when using passthrough outbound authorization with HTTP targets.
+  * **Authenticate only** – The gateway authenticates inbound requests by verifying Signature Version 4 (SigV4) signatures, but does not perform any authorization. Any authenticated IAM principal can invoke the gateway regardless of their permissions. This is useful when you want the gateway to authenticate the caller’s identity while delegating authorization decisions to the downstream target service.
@@ -19 +18,0 @@ Before you create your gateway, you must set up inbound authorization. Inbound a
-  * **No Authorization** – The gateway will not perform any inbound authorization. This makes your gateway accessible to all users to be invoked.
@@ -22,0 +22,3 @@ Before you create your gateway, you must set up inbound authorization. Inbound a
+###### Important
+
+With `AUTHENTICATE_ONLY`, the gateway does not enforce any authorization policies. Any valid SigV4-signed request will be forwarded to the target. Ensure that your downstream targets implement their own authorization logic, or attach a policy engine to the gateway to control access. Without proper authorization at the target or gateway policy level, any authenticated caller can reach your backend services. * **No Authorization** – The gateway will not perform any inbound authorization. This makes your gateway accessible to all users to be invoked.