AWS bedrock-agentcore documentation change
Summary
Added requirement to enable MMDSv2 by June 2026 with update instructions
Security assessment
Change documents new security feature (MMDSv2) enforcement deadline and configuration steps. Addresses metadata service security without referencing specific vulnerabilities.
Diff
diff --git a/bedrock-agentcore/latest/devguide/runtime-security-best-practices.md b/bedrock-agentcore/latest/devguide/runtime-security-best-practices.md index 0bf915c3c..4eecb1d9f 100644 --- a//bedrock-agentcore/latest/devguide/runtime-security-best-practices.md +++ b//bedrock-agentcore/latest/devguide/runtime-security-best-practices.md @@ -193,0 +194,2 @@ Protect credentials used by your agents and runtime environments: + * **Enable MMDSv2** — Starting June 30, 2026, your agent runtimes must have MMDSv2 enabled. Runtimes without MMDSv2 enabled cannot be invoked and return a `ValidationException`. To enable, call `UpdateAgentRuntime` with `requireMMDSV2` set to `true` in `metadataConfiguration`. For more information about resolving this error, see [MMDSv2 ValidationException troubleshooting](./runtime-troubleshooting.html#troubleshoot-runtime-mmdsv2-validation). +