Actions, resources, and condition keys for Amazon Bedrock Agentcore
Amazon Bedrock Agentcore (service prefix: bedrock-agentcore) provides the following
service-specific operations, resources, actions, and condition keys for use in IAM permission
policies.
References:
-
Learn how to configure this service.
-
View a list of the API operations available for this service.
-
Learn how to secure this service and its resources by using IAM permission policies.
-
View the programmatic service authorization reference
for this service.
Topics
API operations defined by Amazon Bedrock Agentcore
The following table maps API operations to the IAM actions they authorize. Only condition keys that have static values for the given API and action are listed; for the full set of condition keys supported by each action, see the Actions table.
| Operation | SDK client | IAM action | Condition key | Possible value(s) | Access level |
|---|---|---|---|---|---|
|
BatchCreateMemoryRecords |
bedrock-agentcore |
Write |
|||
|
BatchDeleteMemoryRecords |
bedrock-agentcore |
Write |
|||
|
BatchUpdateMemoryRecords |
bedrock-agentcore |
Write |
|||
|
CompleteResourceTokenAuth |
bedrock-agentcore |
Read |
|||
|
CreateABTest |
bedrock-agentcore |
Write |
|||
iam:PassedToService |
bedrock-agentcore.amazonaws.com |
Write |
|||
|
CreateEvent |
bedrock-agentcore |
Write |
|||
|
CreatePaymentInstrument |
bedrock-agentcore |
Write |
|||
|
CreatePaymentSession |
bedrock-agentcore |
Write |
|||
|
DeleteABTest |
bedrock-agentcore |
Write |
|||
|
DeleteBatchEvaluation |
bedrock-agentcore |
Write |
|||
|
DeleteEvent |
bedrock-agentcore |
Write |
|||
|
DeleteMemoryRecord |
bedrock-agentcore |
Write |
|||
|
DeletePaymentInstrument |
bedrock-agentcore |
Write |
|||
|
DeletePaymentSession |
bedrock-agentcore |
Write |
|||
|
DeleteRecommendation |
bedrock-agentcore |
Write |
|||
|
Evaluate |
bedrock-agentcore |
Write |
|||
|
GetABTest |
bedrock-agentcore |
Read |
|||
|
GetAgentCard |
bedrock-agentcore |
Read |
|||
|
GetBatchEvaluation |
bedrock-agentcore |
Read |
|||
|
GetBrowserSession |
bedrock-agentcore |
Read |
|||
|
GetCodeInterpreterSession |
bedrock-agentcore |
Read |
|||
|
GetEvent |
bedrock-agentcore |
Read |
|||
|
GetMemoryRecord |
bedrock-agentcore |
Read |
|||
|
GetPaymentInstrument |
bedrock-agentcore |
Read |
|||
|
GetPaymentInstrumentBalance |
bedrock-agentcore |
Read |
|||
|
GetPaymentSession |
bedrock-agentcore |
Read |
|||
|
GetRecommendation |
bedrock-agentcore |
Read |
|||
|
GetResourceApiKey |
bedrock-agentcore |
Read |
|||
|
GetResourceOauth2Token |
bedrock-agentcore |
Read |
|||
|
GetResourcePaymentToken |
bedrock-agentcore |
Read |
|||
|
GetWorkloadAccessToken |
bedrock-agentcore |
Write |
|||
|
GetWorkloadAccessTokenForJWT |
bedrock-agentcore |
Write |
|||
|
GetWorkloadAccessTokenForUserId |
bedrock-agentcore |
Write |
|||
|
InvokeAgentRuntime |
bedrock-agentcore |
Write |
|||
Write |
|||||
|
InvokeAgentRuntimeCommand |
bedrock-agentcore |
Write |
|||
|
InvokeCodeInterpreter |
bedrock-agentcore |
Write |
|||
Write |
|||||
|
InvokeHarness |
bedrock-agentcore |
Write |
|||
Write |
|||||
|
ListABTests |
bedrock-agentcore |
List |
|||
|
ListActors |
bedrock-agentcore |
List |
|||
|
ListBatchEvaluations |
bedrock-agentcore |
List |
|||
|
ListBrowserSessions |
bedrock-agentcore |
List |
|||
|
ListCodeInterpreterSessions |
bedrock-agentcore |
List |
|||
|
ListEvents |
bedrock-agentcore |
List |
|||
|
ListMemoryExtractionJobs |
bedrock-agentcore |
List |
|||
|
ListMemoryRecords |
bedrock-agentcore |
List |
|||
|
ListPaymentInstruments |
bedrock-agentcore |
List |
|||
|
ListPaymentSessions |
bedrock-agentcore |
List |
|||
|
ListRecommendations |
bedrock-agentcore |
List |
|||
|
ListSessions |
bedrock-agentcore |
List |
|||
|
ProcessPayment |
bedrock-agentcore |
Write |
|||
|
RetrieveMemoryRecords |
bedrock-agentcore |
List |
|||
|
SaveBrowserSessionProfile |
bedrock-agentcore |
Write |
|||
|
SearchRegistryRecords |
bedrock-agentcore |
Read |
|||
|
StartBatchEvaluation |
bedrock-agentcore |
Write |
|||
|
StartBrowserSession |
bedrock-agentcore |
Write |
|||
|
StartCodeInterpreterSession |
bedrock-agentcore |
Write |
|||
|
StartMemoryExtractionJob |
bedrock-agentcore |
Write |
|||
|
StartRecommendation |
bedrock-agentcore |
Write |
|||
|
StopBatchEvaluation |
bedrock-agentcore |
Write |
|||
|
StopBrowserSession |
bedrock-agentcore |
Write |
|||
|
StopCodeInterpreterSession |
bedrock-agentcore |
Write |
|||
|
StopRuntimeSession |
bedrock-agentcore |
Write |
|||
|
UpdateABTest |
bedrock-agentcore |
Write |
|||
iam:PassedToService |
bedrock-agentcore.amazonaws.com |
Write |
|||
|
UpdateBrowserStream |
bedrock-agentcore |
Write |
|||
|
CreateAgentRuntime |
bedrock-agentcore-control |
Write |
|||
Write |
|||||
Tagging, Write |
|||||
iam:PassedToService |
bedrock-agentcore.amazonaws.com |
Write |
|||
|
CreateAgentRuntimeEndpoint |
bedrock-agentcore-control |
Write |
|||
Tagging, Write |
|||||
|
CreateApiKeyCredentialProvider |
bedrock-agentcore-control |
Write |
|||
Tagging, Write |
|||||
|
CreateBrowser |
bedrock-agentcore-control |
Write |
|||
Tagging, Write |
|||||
iam:PassedToService |
bedrock-agentcore.amazonaws.com |
Write |
|||
|
CreateBrowserProfile |
bedrock-agentcore-control |
Write |
|||
Tagging, Write |
|||||
|
CreateCodeInterpreter |
bedrock-agentcore-control |
Write |
|||
Tagging, Write |
|||||
iam:PassedToService |
bedrock-agentcore.amazonaws.com |
Write |
|||
|
CreateConfigurationBundle |
bedrock-agentcore-control |
Write |
|||
Tagging, Write |
|||||
|
CreateDataset |
bedrock-agentcore-control |
Tagging, Write |
|||
|
CreateEvaluator |
bedrock-agentcore-control |
Write |
|||
Tagging, Write |
|||||
|
CreateGateway |
bedrock-agentcore-control |
Write |
|||
Permissions management, Write |
|||||
Tagging, Write |
|||||
iam:PassedToService |
bedrock-agentcore.amazonaws.com |
Write |
|||
|
CreateGatewayRule |
bedrock-agentcore-control |
Write |
|||
|
CreateGatewayTarget |
bedrock-agentcore-control |
Write |
|||
Permissions management, Write |
|||||
|
CreateHarness |
bedrock-agentcore-control |
Write |
|||
Write |
|||||
Read |
|||||
Tagging, Write |
|||||
iam:PassedToService |
bedrock-agentcore.amazonaws.com |
Write |
|||
|
CreateHarnessEndpoint |
bedrock-agentcore-control |
Write |
|||
Tagging, Write |
|||||
|
CreateMemory |
bedrock-agentcore-control |
Write |
|||
Tagging, Write |
|||||
iam:PassedToService |
bedrock-agentcore.amazonaws.com |
Write |
|||
|
CreateOauth2CredentialProvider |
bedrock-agentcore-control |
Write |
|||
Tagging, Write |
|||||
|
CreateOnlineEvaluationConfig |
bedrock-agentcore-control |
Write |
|||
Tagging, Write |
|||||
iam:PassedToService |
bedrock-agentcore.amazonaws.com |
Write |
|||
|
CreatePaymentConnector |
bedrock-agentcore-control |
Write |
|||
|
CreatePaymentCredentialProvider |
bedrock-agentcore-control |
Write |
|||
Tagging, Write |
|||||
|
CreatePaymentManager |
bedrock-agentcore-control |
Write |
|||
Tagging, Write |
|||||
iam:PassedToService |
bedrock-agentcore.amazonaws.com |
Write |
|||
|
CreatePolicy |
bedrock-agentcore-control |
Write |
|||
|
CreatePolicyEngine |
bedrock-agentcore-control |
Write |
|||
|
CreateRegistry |
bedrock-agentcore-control |
Write |
|||
Tagging, Write |
|||||
|
CreateRegistryRecord |
bedrock-agentcore-control |
Write |
|||
Tagging, Write |
|||||
iam:PassedToService |
bedrock-agentcore.amazonaws.com |
Write |
|||
|
CreateWorkloadIdentity |
bedrock-agentcore-control |
Write |
|||
Tagging, Write |
|||||
|
DeleteAgentRuntime |
bedrock-agentcore-control |
Write |
|||
Write |
|||||
Write |
|||||
|
DeleteAgentRuntimeEndpoint |
bedrock-agentcore-control |
Write |
|||
|
DeleteApiKeyCredentialProvider |
bedrock-agentcore-control |
Write |
|||
|
DeleteBrowser |
bedrock-agentcore-control |
Write |
|||
|
DeleteBrowserProfile |
bedrock-agentcore-control |
Write |
|||
|
DeleteCodeInterpreter |
bedrock-agentcore-control |
Write |
|||
|
DeleteConfigurationBundle |
bedrock-agentcore-control |
Write |
|||
|
DeleteEvaluator |
bedrock-agentcore-control |
Write |
|||
|
DeleteGateway |
bedrock-agentcore-control |
Write |
|||
|
DeleteGatewayRule |
bedrock-agentcore-control |
Write |
|||
|
DeleteGatewayTarget |
bedrock-agentcore-control |
Write |
|||
|
DeleteHarness |
bedrock-agentcore-control |
Write |
|||
Write |
|||||
|
DeleteHarnessEndpoint |
bedrock-agentcore-control |
Write |
|||
|
DeleteMemory |
bedrock-agentcore-control |
Write |
|||
|
DeleteOauth2CredentialProvider |
bedrock-agentcore-control |
Write |
|||
|
DeleteOnlineEvaluationConfig |
bedrock-agentcore-control |
Write |
|||
|
DeletePaymentConnector |
bedrock-agentcore-control |
Write |
|||
|
DeletePaymentCredentialProvider |
bedrock-agentcore-control |
Write |
|||
|
DeletePaymentManager |
bedrock-agentcore-control |
Write |
|||
|
DeletePolicy |
bedrock-agentcore-control |
Write |
|||
|
DeletePolicyEngine |
bedrock-agentcore-control |
Write |
|||
|
DeleteRegistry |
bedrock-agentcore-control |
Write |
|||
|
DeleteRegistryRecord |
bedrock-agentcore-control |
Write |
|||
|
DeleteResourcePolicy |
bedrock-agentcore-control |
Write |
|||
|
DeleteWorkloadIdentity |
bedrock-agentcore-control |
Write |
|||
|
GetAgentRuntime |
bedrock-agentcore-control |
Read |
|||
|
GetAgentRuntimeEndpoint |
bedrock-agentcore-control |
Read |
|||
|
GetApiKeyCredentialProvider |
bedrock-agentcore-control |
Read |
|||
|
GetBrowser |
bedrock-agentcore-control |
Read |
|||
|
GetBrowserProfile |
bedrock-agentcore-control |
Read |
|||
|
GetCodeInterpreter |
bedrock-agentcore-control |
Read |
|||
|
GetConfigurationBundle |
bedrock-agentcore-control |
Read |
|||
|
GetConfigurationBundleVersion |
bedrock-agentcore-control |
Read |
|||
|
GetEvaluator |
bedrock-agentcore-control |
Read |
|||
|
GetGateway |
bedrock-agentcore-control |
Read |
|||
|
GetGatewayRule |
bedrock-agentcore-control |
Read |
|||
|
GetGatewayTarget |
bedrock-agentcore-control |
Read |
|||
|
GetHarness |
bedrock-agentcore-control |
Read |
|||
|
GetHarnessEndpoint |
bedrock-agentcore-control |
Read |
|||
|
GetMemory |
bedrock-agentcore-control |
Read |
|||
|
GetOauth2CredentialProvider |
bedrock-agentcore-control |
Read |
|||
|
GetOnlineEvaluationConfig |
bedrock-agentcore-control |
Read |
|||
|
GetPaymentConnector |
bedrock-agentcore-control |
Read |
|||
|
GetPaymentCredentialProvider |
bedrock-agentcore-control |
Read |
|||
|
GetPaymentManager |
bedrock-agentcore-control |
Read |
|||
|
GetPolicy |
bedrock-agentcore-control |
Read |
|||
|
GetPolicyEngine |
bedrock-agentcore-control |
Read |
|||
|
GetPolicyEngineSummary |
bedrock-agentcore-control |
Read |
|||
|
GetPolicyGeneration |
bedrock-agentcore-control |
Read |
|||
|
GetPolicyGenerationSummary |
bedrock-agentcore-control |
Read |
|||
|
GetPolicySummary |
bedrock-agentcore-control |
Read |
|||
|
GetRegistry |
bedrock-agentcore-control |
Read |
|||
|
GetRegistryRecord |
bedrock-agentcore-control |
Read |
|||
|
GetResourcePolicy |
bedrock-agentcore-control |
Read |
|||
|
GetTokenVault |
bedrock-agentcore-control |
Read |
|||
|
GetWorkloadIdentity |
bedrock-agentcore-control |
Read |
|||
|
ListAgentRuntimeEndpoints |
bedrock-agentcore-control |
List |
|||
|
ListAgentRuntimeVersions |
bedrock-agentcore-control |
List |
|||
|
ListAgentRuntimes |
bedrock-agentcore-control |
List |
|||
|
ListApiKeyCredentialProviders |
bedrock-agentcore-control |
Read |
|||
|
ListBrowserProfiles |
bedrock-agentcore-control |
List |
|||
|
ListBrowsers |
bedrock-agentcore-control |
List |
|||
|
ListCodeInterpreters |
bedrock-agentcore-control |
List |
|||
|
ListConfigurationBundleVersions |
bedrock-agentcore-control |
List |
|||
|
ListConfigurationBundles |
bedrock-agentcore-control |
List |
|||
|
ListEvaluators |
bedrock-agentcore-control |
List |
|||
|
ListGatewayRules |
bedrock-agentcore-control |
List |
|||
|
ListGatewayTargets |
bedrock-agentcore-control |
List |
|||
|
ListGateways |
bedrock-agentcore-control |
List |
|||
|
ListHarnessEndpoints |
bedrock-agentcore-control |
List |
|||
|
ListHarnesses |
bedrock-agentcore-control |
List |
|||
|
ListMemories |
bedrock-agentcore-control |
List |
|||
|
ListOauth2CredentialProviders |
bedrock-agentcore-control |
Read |
|||
|
ListOnlineEvaluationConfigs |
bedrock-agentcore-control |
List |
|||
|
ListPaymentConnectors |
bedrock-agentcore-control |
List |
|||
|
ListPaymentCredentialProviders |
bedrock-agentcore-control |
List |
|||
|
ListPaymentManagers |
bedrock-agentcore-control |
List |
|||
|
ListPolicies |
bedrock-agentcore-control |
List |
|||
|
ListPolicyEngineSummaries |
bedrock-agentcore-control |
List |
|||
|
ListPolicyEngines |
bedrock-agentcore-control |
List |
|||
|
ListPolicyGenerationAssets |
bedrock-agentcore-control |
List |
|||
|
ListPolicyGenerationSummaries |
bedrock-agentcore-control |
List |
|||
|
ListPolicyGenerations |
bedrock-agentcore-control |
List |
|||
|
ListPolicySummaries |
bedrock-agentcore-control |
List |
|||
|
ListRegistries |
bedrock-agentcore-control |
List |
|||
|
ListRegistryRecords |
bedrock-agentcore-control |
List |
|||
|
ListTagsForResource |
bedrock-agentcore-control |
List |
|||
|
ListWorkloadIdentities |
bedrock-agentcore-control |
Read |
|||
|
PutResourcePolicy |
bedrock-agentcore-control |
Write |
|||
|
SetTokenVaultCMK |
bedrock-agentcore-control |
Write |
|||
|
StartPolicyGeneration |
bedrock-agentcore-control |
Write |
|||
|
SubmitRegistryRecordForApproval |
bedrock-agentcore-control |
Write |
|||
|
SynchronizeGatewayTargets |
bedrock-agentcore-control |
Permissions management, Write |
|||
|
TagResource |
bedrock-agentcore-control |
Tagging, Write |
|||
|
UntagResource |
bedrock-agentcore-control |
Tagging, Write |
|||
|
UpdateAgentRuntime |
bedrock-agentcore-control |
Write |
|||
iam:PassedToService |
bedrock-agentcore.amazonaws.com |
Write |
|||
|
UpdateAgentRuntimeEndpoint |
bedrock-agentcore-control |
Write |
|||
|
UpdateApiKeyCredentialProvider |
bedrock-agentcore-control |
Write |
|||
|
UpdateConfigurationBundle |
bedrock-agentcore-control |
Write |
|||
|
UpdateEvaluator |
bedrock-agentcore-control |
Write |
|||
|
UpdateGateway |
bedrock-agentcore-control |
Write |
|||
iam:PassedToService |
bedrock-agentcore.amazonaws.com |
Write |
|||
|
UpdateGatewayRule |
bedrock-agentcore-control |
Write |
|||
|
UpdateGatewayTarget |
bedrock-agentcore-control |
Permissions management, Write |
|||
Write |
|||||
|
UpdateHarness |
bedrock-agentcore-control |
Read |
|||
Write |
|||||
Write |
|||||
iam:PassedToService |
bedrock-agentcore.amazonaws.com |
Write |
|||
|
UpdateHarnessEndpoint |
bedrock-agentcore-control |
Write |
|||
|
UpdateMemory |
bedrock-agentcore-control |
Write |
|||
iam:PassedToService |
bedrock-agentcore.amazonaws.com |
Write |
|||
|
UpdateOauth2CredentialProvider |
bedrock-agentcore-control |
Write |
|||
|
UpdateOnlineEvaluationConfig |
bedrock-agentcore-control |
Write |
|||
iam:PassedToService |
bedrock-agentcore.amazonaws.com |
Write |
|||
|
UpdatePaymentConnector |
bedrock-agentcore-control |
Write |
|||
|
UpdatePaymentCredentialProvider |
bedrock-agentcore-control |
Write |
|||
|
UpdatePaymentManager |
bedrock-agentcore-control |
Write |
|||
iam:PassedToService |
bedrock-agentcore.amazonaws.com |
Write |
|||
|
UpdatePolicy |
bedrock-agentcore-control |
Write |
|||
|
UpdatePolicyEngine |
bedrock-agentcore-control |
Write |
|||
|
UpdateRegistry |
bedrock-agentcore-control |
Write |
|||
|
UpdateRegistryRecord |
bedrock-agentcore-control |
Write |
|||
iam:PassedToService |
bedrock-agentcore.amazonaws.com |
Write |
|||
|
UpdateRegistryRecordStatus |
bedrock-agentcore-control |
Write |
|||
|
UpdateWorkloadIdentity |
bedrock-agentcore-control |
Write |
Actions defined by Amazon Bedrock Agentcore
You can specify the following actions in the Action element of an IAM
policy statement. Use policies to grant permissions to perform an operation in AWS. When
you use an action in a policy, you usually allow or deny access to the API operation or CLI
command with the same name. However, in some cases, a single action controls access to more
than one operation. Alternatively, some operations require several different actions.
| Actions | Description | Resource types (*required) | Condition keys | Access level |
|---|---|---|---|---|
Grants permission to create one or more memory records |
Write |
|||
Grants permission to delete one or more memory records |
Write |
|||
Grants permission to update one or more memory records |
Write |
|||
Grants permission to retrieve access token with OAuth2 for 3LO flow to access external resource |
bedrock-agentcore:InboundJwtClaim/aud bedrock-agentcore:InboundJwtClaim/client_id bedrock-agentcore:InboundJwtClaim/iss bedrock-agentcore:InboundJwtClaim/scope |
Read |
||
|
bedrock-agentcore:InboundJwtClaim/aud bedrock-agentcore:InboundJwtClaim/client_id bedrock-agentcore:InboundJwtClaim/iss bedrock-agentcore:InboundJwtClaim/scope |
||||
|
bedrock-agentcore:InboundJwtClaim/aud bedrock-agentcore:InboundJwtClaim/client_id bedrock-agentcore:InboundJwtClaim/iss bedrock-agentcore:InboundJwtClaim/scope |
||||
|
bedrock-agentcore:InboundJwtClaim/aud bedrock-agentcore:InboundJwtClaim/client_id bedrock-agentcore:InboundJwtClaim/iss bedrock-agentcore:InboundJwtClaim/scope |
||||
Grants permission to connect to a browser automation stream |
Read |
|||
Grants permission to connect to a browser live view stream |
Read |
|||
Grants permission to create an A/B test |
Write |
|||
Grants permission to create a new agent runtime |
bedrock-agentcore:RuntimeAuthorizerType |
Write |
||
Grants permission to create a new agent runtime endpoint |
Write |
|||
Grants permission to create a new API Key Credential Provider |
Write |
|||
Grants permission to create a new custom browser |
Write |
|||
Grants permission to create a new browser profile |
Write |
|||
Grants permission to create a new custom code interpreter |
Write |
|||
Grants permission to create a new configuration bundle |
Write |
|||
Grants permission to create a new evaluator |
Write |
|||
Grants permission to create an Event |
Write |
|||
Grants permission to create a new gateway |
Write |
|||
Grants permission to create a new rule in an existing gateway |
Write |
|||
Grants permission to create a new target in an existing gateway |
Write |
|||
Grants permission to create a new harness |
Write |
|||
Grants permission to create a new harness endpoint |
Write |
|||
Grants permission to create a Memory resource |
Write |
|||
Grants permission to create a new Credential Provider to access external resources with OAuth2 protocol |
Write |
|||
Grants permission to create a new online evaluation configuration |
Write |
|||
Grants permission to create a new payment connector under a payment manager |
Write |
|||
Grants permission to create a new Payment Credential Provider |
Write |
|||
Grants permission to create a new payment instrument |
Write |
|||
Grants permission to create a new payment manager |
Write |
|||
Grants permission to create a new payment session |
Write |
|||
Grants permission to create a new policy within a policy engine |
Write |
|||
Grants permission to create a new policy engine |
Write |
|||
Grants permission to create a new registry |
Write |
|||
Grants permission to create a new registry record |
Write |
|||
Grants permission to create a new Workload Identity |
Write |
|||
Grants permission to delete an A/B test |
Write |
|||
Grants permission to delete an agent runtime |
Write |
|||
Grants permission to delete an agent runtime endpoint |
Write |
|||
Grants permission to delete a registered API Key Credential Provider |
Write |
|||
Grants permission to delete a batch evaluation |
Write |
|||
Grants permission to delete a custom browser |
Write |
|||
Grants permission to delete a browser profile |
Write |
|||
Grants permission to delete a custom code interpreter |
Write |
|||
Grants permission to delete a configuration bundle |
Write |
|||
Grants permission to delete an evaluator |
Write |
|||
Grants permission to delete an Event |
Write |
|||
Grants permission to delete an existing gateway |
Write |
|||
Grants permission to delete an existing gateway rule |
Write |
|||
Grants permission to delete an existing gateway target |
Write |
|||
Grants permission to delete a harness |
Write |
|||
Grants permission to delete a harness endpoint |
Write |
|||
Grants permission to delete a Memory resource |
Write |
|||
Grants permission to delete a Memory Record |
Write |
|||
Grants permission to delete a registered OAuth2 Credential Provider |
Write |
|||
Grants permission to delete an online evaluation configuration |
Write |
|||
Grants permission to delete a payment connector |
Write |
|||
Grants permission to delete a registered Payment Credential Provider |
Write |
|||
Grants permission to delete a payment instrument |
Write |
|||
Grants permission to delete a payment manager |
Write |
|||
Grants permission to delete a payment session |
Write |
|||
Grants permission to delete a policy |
Write |
|||
Grants permission to delete a policy engine |
Write |
|||
Grants permission to delete a recommendation |
Write |
|||
Grants permission to delete an existing registry |
Write |
|||
Grants permission to delete an existing registry record |
Write |
|||
Grants permission to delete the resource-based policy for a Bedrock resource |
Write |
|||
Grants permission to delete a registered Workload Identity |
Write |
|||
Grants permission to run an evaluation using an evaluator |
Write |
|||
Grants permission to get details of an A/B test |
Read |
|||
Grants permission to retrieve an agent card for A2A |
Read |
|||
Grants permission to get details of an agent runtime |
Read |
|||
Grants permission to get details of an agent runtime endpoint |
Read |
|||
Grants permission to fetch a registered API Key Credential Provider by its name |
Read |
|||
Grants permission to get details of a batch evaluation |
Read |
|||
Grants permission to get details of a browser |
Read |
|||
Grants permission to get details of a browser profile |
Read |
|||
Grants permission to get details of a browser session |
Read |
|||
Grants permission to get details of a code interpreter |
Read |
|||
Grants permission to get details of a code interpreter session |
Read |
|||
Grants permission to get details of a configuration bundle |
Read |
|||
Grants permission to get a specific version of a configuration bundle |
Read |
|||
Grants permission to get details of an evaluator |
Read |
|||
Grants permission to fetch an Event |
Read |
|||
Grants permission to retrieve an existing gateway |
Read |
|||
Grants permission to retrieve an existing gateway rule |
Read |
|||
Grants permission to retrieve an existing gateway target |
Read |
|||
Grants permission to get details of a harness |
Read |
|||
Grants permission to get details of a harness endpoint |
Read |
|||
Grants permission to fetch details for a Memory resource |
Read |
|||
Grants permission to fetch a Memory Record |
Read |
|||
Grants permission to fetch a registered OAuth2 Credential Provider by its name |
Read |
|||
Grants permission to get details of an online evaluation configuration |
Read |
|||
Grants permission to retrieve details of a payment connector |
Read |
|||
Grants permission to fetch a registered Payment Credential Provider by its name |
Read |
|||
Grants permission to retrieve details of a payment instrument |
Read |
|||
Grants permission to retrieve the balance of a payment instrument |
Read |
|||
Grants permission to retrieve details of a payment manager |
Read |
|||
Grants permission to retrieve details of a payment session |
Read |
|||
Grants permission to retrieve a policy |
Read |
|||
Grants permission to retrieve a policy engine |
Read |
|||
Grants permission to retrieve a summary of a policy engine |
Read |
|||
Grants permission to retrieve status and results of a policy generation request |
Read |
|||
Grants permission to retrieve a summary of a policy generation request |
Read |
|||
Grants permission to retrieve a summary of a policy |
Read |
|||
Grants permission to get details of a recommendation |
Read |
|||
Grants permission to retrieve an existing registry |
Read |
|||
Grants permission to retrieve an existing registry record |
Read |
|||
Grants permission to retrieve an API Key associated with an Api Key Credential Provider |
Read |
|||
Grants permission to retrieve access token with OAuth2 2LO or 3LO flow to access external resource |
Read |
|||
Grants permission to retrieve a payment authentication token associated with a Payment Credential Provider |
Read |
|||
Grants permission to retrieve the resource-based policy for a Bedrock resource |
Read |
|||
Grants permission to fetch the current configuration of the TokenVault, including encryption settings |
Read |
|||
Grants permission to retrieve an Workload access token for agentic workloads not acting on behalf of a user |
Write |
|||
Grants permission to retrieve an Workload access token for agentic workloads acting on behalf of user with JWT token |
bedrock-agentcore:InboundJwtClaim/aud bedrock-agentcore:InboundJwtClaim/client_id bedrock-agentcore:InboundJwtClaim/iss |
Write |
||
|
bedrock-agentcore:InboundJwtClaim/aud bedrock-agentcore:InboundJwtClaim/client_id bedrock-agentcore:InboundJwtClaim/iss |
||||
Grants permission to retrieve an Workload access token for agentic workloads acting on behalf of user with User Id |
Write |
|||
Grants permission to fetch details for a specific Workload identity, including its name and allowed OAuth2 return URLs |
Read |
|||
Grants permission to invoke an agent runtime endpoint |
Write |
|||
Grants permission to invoke commands on an agent runtime endpoint |
Write |
|||
Grants permission to invoke a command shell on an agent runtime endpoint over a web socket stream |
Write |
|||
Grants permission to invoke an agent runtime endpoint with X-Amzn-Bedrock-AgentCore-Runtime-User-Id header |
Write |
|||
Grants permission to invoke an agent runtime endpoint with WebSocket stream |
Write |
|||
Grants permission to invoke an agent runtime endpoint with WebSocket stream and with X-Amzn-Bedrock-AgentCore-Runtime-User-Id header |
Write |
|||
Grants permission to invoke a code interpreter session |
Write |
|||
Grants permission to invoke a harness |
Write |
|||
Grants permission to invoke an MCP operation against an existing registry |
Read |
|||
Grants permission to list A/B tests |
List |
|||
Grants permission to list Actors |
List |
|||
Grants permission to list agent runtime endpoints |
List |
|||
Grants permission to list agent runtime versions |
List |
|||
Grants permission to list agent runtimes |
List |
|||
Grants permission to list all API Key Credential Providers in the Token Vault |
Read |
|||
Grants permission to list batch evaluations |
List |
|||
Grants permission to list browser profiles |
List |
|||
Grants permission to list browser sessions |
List |
|||
Grants permission to list browsers |
List |
|||
Grants permission to list code interpreter sessions |
List |
|||
Grants permission to list code interpreters |
List |
|||
Grants permission to list versions of a configuration bundle |
List |
|||
Grants permission to list configuration bundles |
List |
|||
Grants permission to list evaluators |
List |
|||
Grants permission to list events |
List |
|||
Grants permission to list existing gateway rules |
List |
|||
Grants permission to list existing gateway targets |
List |
|||
Grants permission to list existing gateways |
List |
|||
Grants permission to list harness endpoints |
List |
|||
Grants permission to list harnesses |
List |
|||
Grants permission to list memory resources |
List |
|||
Grants permission to list extraction jobs for this memory |
List |
|||
Grants permission to list memory records |
List |
|||
Grants permission to list all OAuth2 Credential Providers in the Token Vault |
Read |
|||
Grants permission to list online evaluation configurations |
List |
|||
Grants permission to list payment connectors under a payment manager |
List |
|||
Grants permission to list all Payment Credential Providers in the Token Vault |
List |
|||
Grants permission to list payment instruments |
List |
|||
Grants permission to list payment managers |
List |
|||
Grants permission to list payment sessions |
List |
|||
Grants permission to list policies within a policy engine |
List |
|||
Grants permission to list policy engine summaries |
List |
|||
Grants permission to list policy engines |
List |
|||
Grants permission to list generated policy assets from a generation request |
List |
|||
Grants permission to list policy generation summaries |
List |
|||
Grants permission to list policy generation requests |
List |
|||
Grants permission to list policy summaries within a policy engine |
List |
|||
Grants permission to list recommendations |
List |
|||
Grants permission to list existing registries |
List |
|||
Grants permission to list existing registry records in a registry |
List |
|||
Grants permission to list sessions |
List |
|||
Grants permission to list tags for a Bedrock-AgentCore resource |
List |
|||
Grants permission to list all Workload Identities in the caller's AWS account |
Read |
|||
Grants permission to process a payment transaction |
Write |
|||
Grants permission to create or update the resource-based policy for a Bedrock resource |
Write |
|||
Grants permission to retrieve memory records through sematic query |
List |
|||
Grants permission to save a browser session profile |
Write |
|||
Grants permission to search for registry records |
Read |
|||
Grants permission to associate a Customer Managed Key (CMK) or a Service Managed Key with a specific TokenVault |
Write |
|||
Grants permission to start a batch evaluation |
Write |
|||
Grants permission to start a new browser session |
Write |
|||
Grants permission to start a new code interpreter session |
Write |
|||
Grants permission to start memory extraction job |
Write |
|||
Grants permission to start an AI-powered policy generation request |
Write |
|||
Grants permission to start a recommendation |
Write |
|||
Grants permission to stop a batch evaluation |
Write |
|||
Grants permission to stop a browser session |
Write |
|||
Grants permission to stop a code interpreter session |
Write |
|||
Grants permission to stop a runtime session |
Write |
|||
Grants permission to submit a registry record for approval |
Write |
|||
Grants permission to Tag a Bedrock-AgentCore resource |
Tagging, Write |
|||
Grants permission to Untag a Bedrock-AgentCore resource |
Tagging, Write |
|||
Grants permission to update an A/B test |
Write |
|||
Grants permission to update an agent runtime |
bedrock-agentcore:RuntimeAuthorizerType |
Write |
||
Grants permission to update an agent runtime endpoint |
Write |
|||
Grants permission to update an existing API Key Credential Provider |
Write |
|||
Grants permission to update the status of browser session stream |
Write |
|||
Grants permission to update a configuration bundle |
Write |
|||
Grants permission to update an evaluator |
Write |
|||
Grants permission to update an existing gateway |
Write |
|||
Grants permission to update an existing gateway rule |
Write |
|||
Grants permission to update an existing gateway target |
Write |
|||
Grants permission to update a harness |
Write |
|||
Grants permission to update harness endpoint |
Write |
|||
Grants permission to update a Memory resource |
Write |
|||
Grants permission to update an existing OAuth2 Credential Provider |
Write |
|||
Grants permission to update an online evaluation configuration |
Write |
|||
Grants permission to update an existing payment connector |
Write |
|||
Grants permission to update an existing Payment Credential Provider |
Write |
|||
Grants permission to update an existing payment manager |
Write |
|||
Grants permission to update an existing policy |
Write |
|||
Grants permission to update a policy engine |
Write |
|||
Grants permission to update an existing registry |
Write |
|||
Grants permission to update an existing registry record |
Write |
|||
Grants permission to update the status of a registry record |
Write |
|||
Grants permission to update the metadata of an existing Workload Identity |
Write |
|||
Permission-only actions for Amazon Bedrock Agentcore
The following actions are defined by Amazon Bedrock Agentcore but are not directly invocable through any API operation. They can only be used in IAM policy statements to grant or deny permissions.
| Actions | Description | Resource types (*required) | Condition keys | Access level |
|---|---|---|---|---|
Grants permission to configure vended telemetry for a resource |
Permissions management, Write |
|||
Grants permission to evaluate Cedar policies for authorization requests |
Permissions management, Write |
|||
Grants permission to associate an AWS WAF Web ACL with an AgentCore Gateway |
Write |
|||
Grants permission to remove the AWS WAF Web ACL association from an AgentCore Gateway |
Write |
|||
Grants permission to retrieve the AWS WAF Web ACL ARN currently associated with an AgentCore Gateway |
Read |
|||
Grants permission to list AgentCore Gateways associated with an AWS WAF Web ACL |
List |
|||
Grants permission to invoke a gateway |
Permissions management, Write |
|||
Grants permission to invoke a web search target |
Permissions management, Write |
|||
Grants permission to create or modify wildcard policies that apply to gateway resources |
Permissions management, Write |
|||
Grants permission to create or modify policies that apply to specific gateway resources |
Permissions management, Write |
|||
Grants permission to perform partial evaluation of Cedar policies to authorize a caller to list tools they are allowed to call |
Permissions management, Write |
|||
Grants permission to enable search on gateways |
Permissions management, Write |
Resource types defined by Amazon Bedrock Agentcore
The following resource types are defined by this service and can be used in the
Resource element of IAM permission policy statements.
| Resource types | ARN | Condition keys |
|---|---|---|
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:ab-test/${ABTestId} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:token-vault/${TokenVaultId}/apikeycredentialprovider/${Name} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:batch-evaluate/${BatchEvaluationId} |
||
arn:${Partition}:bedrock-agentcore:${Region}:aws:browser/${BrowserId} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:browser-custom/${BrowserId} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:browser-profile/${BrowserProfileId} |
||
arn:${Partition}:bedrock-agentcore:${Region}:aws:code-interpreter/${CodeInterpreterId} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:code-interpreter-custom/${CodeInterpreterId} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:configuration-bundle/${ConfigurationBundleId} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:evaluator/${EvaluatorId} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:gateway/${GatewayId} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:harness/${HarnessId} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:harness/${HarnessId}/harness-endpoint/${Name} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:memory/${MemoryId} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:token-vault/${TokenVaultId}/oauth2credentialprovider/${Name} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:online-evaluation-config/${OnlineEvaluationConfigId} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:payment-manager/${PaymentManagerId} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:token-vault/${TokenVaultId}/paymentcredentialprovider/${Name} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:policy-engine/${PolicyEngineId}/policy/${PolicyId} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:policy-engine/${PolicyEngineId} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:policy-engine/${PolicyEngineId}/policy-generation/${PolicyGenerationId} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:recommendation/${RecommendationId} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:registry/${RegistryId} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:registry/${RegistryId}/record/${RecordId} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:runtime/${RuntimeId} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:runtime/${RuntimeId}/runtime-endpoint/${Name} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:token-vault/${TokenVaultId} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:tool/web-search.v1 |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:workload-identity-directory/${DirectoryId}/workload-identity/${WorkloadIdentityName} |
||
arn:${Partition}:bedrock-agentcore:${Region}:${Account}:workload-identity-directory/${DirectoryId} |
Condition keys for Amazon Bedrock Agentcore
Amazon Bedrock Agentcore defines the following condition keys that can be used in the
Condition element of an IAM policy.
| Condition keys | Description | Type |
|---|---|---|
Filters access by creating requests based on the allowed set of values for each of the mandatory tags |
String |
|
Filters access by having actions based on the tag value associated with the resource |
String |
|
Filters access by creating requests based on the presence of mandatory tags in the request |
ArrayOfString |
|
Filters access by the metadataConfiguration.allowedQueryParameters attribute of a gateway target |
ArrayOfString |
|
Filters access by the metadataConfiguration.allowedRequestHeaders attribute of a gateway target |
ArrayOfString |
|
Filters access by the metadataConfiguration.allowedResponseHeaders attribute of a gateway target |
ArrayOfString |
|
Filters access by the scopes attribute of an OAuth credential provider on a gateway target |
ArrayOfString |
|
Filters access by the credentialProviderConfigurations.credentialProviderType attribute of a gateway target |
String |
|
Filters access by the authorizerConfiguration.customJWTAuthorizer.discoveryUrl attribute of a Gateway |
String |
|
Filters access by the authorizerType attribute on a Gateway |
String |
|
Filters access by the HTTP target configuration type of a gateway target |
String |
|
Filters access by the audience claim (aud) in the JWT passed in the request |
ArrayOfString |
|
Filters access by the client_id claim in the JWT passed in the request |
String |
|
Filters access by the issuer (iss) claim present in the JWT passed in the request |
String |
|
Filters access by the scope claim in the JWT passed in the request |
ArrayOfString |
|
Filters access by the subject claim (sub) in the JWT passed in the request |
String |
|
Filters access by the inference target configuration type of a gateway target |
String |
|
Filters access by KMS Key arn provided |
String |
|
Filters access by the MCP target configuration type of a gateway target |
String |
|
Filters access by the policyEngineConfiguration.arn attribute of a Gateway |
String |
|
Filters access by the policyEngineConfiguration.mode attribute of a Gateway |
String |
|
Filters access by the private endpoint type of a gateway target |
String |
|
Filters access by the protocolType attribute of a Gateway |
String |
|
Filters access by the resource configuration identifier of a gateway target private endpoint |
String |
|
Filters access by the authorizer type configured for the AgentCore runtime |
String |
|
Filters access by Actor Id |
String |
|
Filters access by namespace |
String |
|
Filters access by the ID of security groups configured for an AgentCore resource |
ArrayOfString |
|
Filters access by Session Id |
String |
|
Filters access by Memory Strategy Id |
String |
|
Filters access by the ID of subnets configured for an AgentCore resource |
ArrayOfString |
|
Filters access by the static user ID value passed in the request |
String |