AWS Security ChangesHomeSearch

AWS bedrock-agentcore documentation change

Service: bedrock-agentcore · 2026-07-07 · Documentation high

File: bedrock-agentcore/latest/devguide/runtime-security-best-practices.md

Summary

Added requirement to enable MMDSv2 by June 2026 with update instructions

Security assessment

Change documents new security feature (MMDSv2) enforcement deadline and configuration steps. Addresses metadata service security without referencing specific vulnerabilities.

Diff

diff --git a/bedrock-agentcore/latest/devguide/runtime-security-best-practices.md b/bedrock-agentcore/latest/devguide/runtime-security-best-practices.md
index 0bf915c3c..4eecb1d9f 100644
--- a//bedrock-agentcore/latest/devguide/runtime-security-best-practices.md
+++ b//bedrock-agentcore/latest/devguide/runtime-security-best-practices.md
@@ -193,0 +194,2 @@ Protect credentials used by your agents and runtime environments:
+  * **Enable MMDSv2** — Starting June 30, 2026, your agent runtimes must have MMDSv2 enabled. Runtimes without MMDSv2 enabled cannot be invoked and return a `ValidationException`. To enable, call `UpdateAgentRuntime` with `requireMMDSV2` set to `true` in `metadataConfiguration`. For more information about resolving this error, see [MMDSv2 ValidationException troubleshooting](./runtime-troubleshooting.html#troubleshoot-runtime-mmdsv2-validation).
+