Amazon Bedrock Agentcore (bedrock-agentcore)

2025-10-11

7 new actions, 1 new condition | 4 updated actions, 1 updated resource

Additions

    Actions
  • BatchCreateMemoryRecords
    • Description:  Grants permission to create one or more memory records
    • Access:  Write
    • Resources: 

      Name: memory

      Required: Yes

    • Conditions: 

      bedrock-agentcore:namespace
  • BatchDeleteMemoryRecords
    • Description:  Grants permission to delete one or more memory records
    • Access:  Write
    • Resources: 

      Name: memory

      Required: Yes

  • BatchUpdateMemoryRecords
    • Description:  Grants permission to update one or more memory records
    • Access:  Write
    • Resources: 

      Name: memory

      Required: Yes

    • Conditions: 

      bedrock-agentcore:namespace
  • GetAgentCard
    • Description:  Grants permission to retrieve an agent card for A2A
    • Access:  Read
    • Resources: 

      Name: runtime

      Required: Yes

      Name: runtime-endpoint

      Required: Yes

  • InvokeAgentRuntimeForUser
    • Description:  Grants permission to invoke an agent runtime endpoint with X-Amzn-Bedrock-AgentCore-Runtime-User-Id header
    • Access:  Write
    • Resources: 

      Name: runtime

      Required: Yes

      Name: runtime-endpoint

      Required: Yes

  • InvokeGateway
    • Description:  Grants permission to invoke a gateway
    • Access:  Permissions management
    • Resources: 

      Name: gateway

      Required: Yes

  • StopRuntimeSession
    • Description:  Grants permission to stop a runtime session
    • Access:  Write
    • Resources: 

      Name: runtime

      Required: Yes

      Name: runtime-endpoint

      Required: Yes

Updates

    Resources
  • memory
      Conditions
    • + aws:ResourceTag/${TagKey}