AWS bedrock-agentcore high security documentation change
Summary
Added InvokeGateway requirement and troubleshooting for policy creation
Security assessment
Explicitly addresses permission misconfiguration that caused policy creation failures, preventing potential authorization gaps. Concrete evidence: Added troubleshooting for 'Insufficient permissions' error and required action bedrock-agentcore:InvokeGateway
Diff
diff --git a/bedrock-agentcore/latest/devguide/policy-permissions.md b/bedrock-agentcore/latest/devguide/policy-permissions.md index 7a71bace0..58959e67b 100644 --- a//bedrock-agentcore/latest/devguide/policy-permissions.md +++ b//bedrock-agentcore/latest/devguide/policy-permissions.md @@ -124,0 +125,2 @@ The Resource Management Role is used by administrators to create and manage Amaz + * Call the Gateway during policy creation (`InvokeGateway`) so Policy in AgentCore can validate the actions in a Cedar statement against the target Gateway’s capabilities + @@ -250,0 +253,4 @@ Replace these placeholders: * `us-east-1` with the AWS Region * `123456789012` w +`bedrock-agentcore:InvokeGateway` is required to create or update Cedar policies, not just to invoke the Gateway at runtime. `CreatePolicy` and `UpdatePolicy` validate the actions in your Cedar statement against the Gateway, an operation authorized as `InvokeGateway` on the Gateway ARN. Without it, the policy transitions to `CREATE_FAILED` with `Insufficient permissions to call gateway with ID <gateway-id>`. + +###### Important + @@ -311,0 +318,19 @@ If you attach a Policy Engine to an existing Gateway using the Policy Engine con +### "Insufficient permissions to call gateway" on CreatePolicy + +**Symptom:** `CreatePolicy` returns a `policyId`, but the policy then transitions to `CREATE_FAILED` with `Insufficient permissions to call gateway with ID <gateway-id>` — even when the Gateway Execution Role has `AuthorizeAction`, `PartiallyAuthorizeActions`, and `GetPolicyEngine`. + +**Root Cause:** The gap is on the Resource Management Role that calls `CreatePolicy`, not the Gateway Execution Role. Policy validation calls the Gateway (authorized as `bedrock-agentcore:InvokeGateway`); the error names the Gateway but the fix is on the policy-creation role. + +**Solution:** Add `bedrock-agentcore:InvokeGateway` (scoped to the Gateway ARN) to the Resource Management Role: + + + { + "Effect": "Allow", + "Action": [ + "bedrock-agentcore:InvokeGateway" + ], + "Resource": [ + "arn:aws:bedrock-agentcore:us-east-1:123456789012:gateway/<gateway-id>" + ] + } +