HIGHAdvisoryApr 25, 2026
Action required
Audit all Amazon Bedrock agent IAM roles immediately. Apply least privilege principle: replace wildcard permissions with specific, limited actions. Implement principal of least privilege for bedrock:* and iam:* permissions. Document findings within 24 hours.
Affected products
AmazonAmazon BedrockAgentCore
Linked articles