AWS bedrock-agentcore documentation change
Summary
Added new 'Security best practices for IAM-based outbound authorization' section covering execution role scoping, gateway separation, and policy engine usage.
Security assessment
This adds proactive security guidance about permission management and blast radius reduction. It documents security best practices but doesn't address a specific security incident.
Diff
diff --git a/bedrock-agentcore/latest/devguide/gateway-outbound-auth.md b/bedrock-agentcore/latest/devguide/gateway-outbound-auth.md index 57d9e0ca4..e380d4bab 100644 --- a//bedrock-agentcore/latest/devguide/gateway-outbound-auth.md +++ b//bedrock-agentcore/latest/devguide/gateway-outbound-auth.md @@ -88,0 +89,13 @@ For Lambda, API Gateway, and Smithy targets, do not include the `iamCredentialPr +### Security best practices for IAM-based outbound authorization + +The gateway execution role is shared across all targets configured with `GATEWAY_IAM_ROLE`. Its permissions are the upper bound for what any authorized caller can exercise through the gateway. Follow these best practices to limit exposure: + + * **Scope the execution role to minimum permissions** – Grant only the permissions needed across all configured targets. Avoid broad `Action` or `Resource` wildcards. + + * **Use separate gateways for different trust boundaries** – If targets have different sensitivity levels or serve different workloads, deploy them behind separate gateways with distinct execution roles. + + * **Use the policy engine to restrict caller access** – On shared gateways, use the [policy engine](./policy-getting-started.html) to control which callers can invoke which targets, limiting the blast radius of any single caller’s permissions. + + + +