AWS Security ChangesHomeSearch

AWS bedrock-agentcore high security documentation change

Service: bedrock-agentcore · 2026-06-19 · Security-related high

File: bedrock-agentcore/latest/devguide/release-notes.md

Summary

Added release notes for new features: Web Search Tool GA, AgentCore Policy with Bedrock Guardrails, AgentCore Harness GA, Recommendations GA, Batch Evaluations GA, A/B Testing GA, Managed Knowledge Base GA, and Failure Insights preview.

Security assessment

The change explicitly documents the integration of Bedrock Guardrails for security controls against prompt injection, harmful content, and sensitive data exposure. This addresses security vulnerabilities by implementing gateway-level protection for all agent capabilities.

Diff

diff --git a/bedrock-agentcore/latest/devguide/release-notes.md b/bedrock-agentcore/latest/devguide/release-notes.md
index a1f23f82b..221b5f5d3 100644
--- a//bedrock-agentcore/latest/devguide/release-notes.md
+++ b//bedrock-agentcore/latest/devguide/release-notes.md
@@ -14,0 +15,32 @@ We recommend subscribing to the RSS feed so updates to these notes are delivered
+### Web Search Tool is now Generally Available
+
+Web Search is a fully managed tool that enables agents to ground responses in current, accurate web knowledge while keeping data residency within your secured AWS environment with zero data egress. Built on Amazon’s search infrastructure, it combines a proprietary web index with structured knowledge graph data. The tool is exposed as a built-in connector target on AgentCore gateway using the Model Context Protocol (MCP), returning ranked results with relevant snippets, source URLs, titles, and publication dates optimized for agentic retrieval. See [Web Search documentation](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/web-search.html).
+
+### AgentCore Policy Now Supports Bedrock Guardrails
+
+AgentCore now supports Bedrock Guardrails in policy, giving enterprises deeper safety and security controls as they scale AI agents in production. Guardrails evaluates outputs from authorized agent actions and inputs to gateway targets for prompt injection attempts, harmful content, and sensitive data exposure. These checks run at the gateway layer, outside the agent’s code, where the agent cannot reason around them. Because every tool and context source routes through the gateway, every new agent capability is automatically governed by the same security layer. Policies can be authored using natural language or policy-as-code formats. See [Guardrails integration documentation](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/gateway-guardrails.html).
+
+### AgentCore Harness is now Generally Available
+
+The managed AgentCore harness is now generally available in all AWS Regions where AgentCore is supported. You can define an agent with CreateHarness and run it with InvokeHarness, with no orchestration code and no container to build. GA adds built-in memory by default, or bring your own, more model providers through LiteLLM and Bedrock Mantle (which unlocks OpenAI GPT-5.5 and GPT-5.4 and others on Bedrock), the AWS-curated skills catalog with a one-toggle setup, evaluations and optimization, unified observability across capabilities, versioning and endpoints, and export to Strands code. See [documentation](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/harness.html).
+
+### Recommendations is now Generally Available
+
+The agent performance loop capabilities enable teams to continuously improve agent quality using real production data. The recommendations capabilities in AgentCore analyze production traces and evaluation outputs to suggest specific improvements to system prompts and tool descriptions, grounded in how the agent actually behaves. This capability works regardless of where agents run: on AgentCore runtime, AWS Lambda, Amazon EKS, or non-AWS environments. See [Optimization documentation](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/optimization.html).
+
+### Batch Evaluations is now Generally Available
+
+As part of the agent performance loop, batch evaluation tests recommended changes against a defined test dataset and reports aggregate scores, catching regressions before changes reach production. Teams can validate prompt and tool description improvements with confidence before rolling them out to live traffic. See [Batch Evaluations documentation](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/batch-evaluations-getting-started.html).
+
+### A/B Testing is now Generally Available
+
+A/B testing is the validation step in the agent performance loop. The A/B testing capabilities in AgentCore run a controlled comparison between agent versions by splitting live production traffic, providing real evidence that a change works under production conditions before customers commit to it. This capability works regardless of where agents run: on AgentCore runtime, AWS Lambda, Amazon EKS, or non-AWS environments. See [A/B Testing documentation](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/optimization-ab-testing.html).
+
+### Amazon Bedrock Managed Knowledge Base is now Generally Available
+
+Developers can now build production-ready AI agents grounded in enterprise data with Managed Knowledge Bases in AgentCore. Managed Knowledge Base provides a fully managed retrieval-augmented generation (RAG) pipeline that agents can query through the gateway, eliminating the need to build and maintain custom retrieval infrastructure. Six native connectors (Amazon S3, SharePoint, Confluence, Google Drive, OneDrive, and Web Crawler) handle data ingestion with automatic syncing and managed vector storage. The service supports hybrid search, document ranking, and advanced retrieval orchestration for complex queries, and handles text, video, audio, and image content. See [Managed Knowledge Base documentation](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/knowledge-base.html).
+
+### Failure Insights is now in Public Preview
+
+New capabilities can now turn production traces into continuous improvement for agents. The failure insights capabilities in AgentCore discover recurring failure patterns across hundreds of agent sessions, including silent behavioral failures that produce no error signal, explain the root cause of each, and rank them by how widespread they are. Customers can enable continuous monitoring with daily or weekly reports, or run a targeted investigation after a deployment or a spike in complaints, with results in minutes. See [Failure Insights documentation](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/optimization-insights.html).
+