Problem
When deploying resources with agentcore deploy, there is no way to configure resource-based policies. This means cross-account access to deployed resources fails with AccessDeniedException.
For example, invoking an agent runtime cross-account:
botocore.errorfactory.AccessDeniedException: An error occurred (AccessDeniedException)
when calling the InvokeAgentRuntime operation: User: arn:aws:sts::ACCOUNT_A:assumed-role/Admin/user
is not authorized to perform: bedrock-agentcore:InvokeAgentRuntime on resource:
arn:aws:bedrock-agentcore:us-west-2:ACCOUNT_B:runtime/MyAgent because no resource-based
policy allows the bedrock-agentcore:InvokeAgentRuntime action
This applies to any AgentCore resource that supports resource-based policies, not just agent runtimes.
Expected Behavior
The agentcore.json project spec should support an optional resource policy configuration, e.g.:
{
"agents": [
{
"name": "MyAgent",
"type": "AgentCoreRuntime",
"allowedPrincipals": [
"arn:aws:iam::123456789012:root"
]
}
]
}
agentcore deploy should apply the corresponding resource-based policy after creating/updating the resource. This should be supported across all AgentCore resource types that support resource-based policies (agent runtimes, memory stores, etc.).
Problem
When deploying resources with
agentcore deploy, there is no way to configure resource-based policies. This means cross-account access to deployed resources fails withAccessDeniedException.For example, invoking an agent runtime cross-account:
This applies to any AgentCore resource that supports resource-based policies, not just agent runtimes.
Expected Behavior
The
agentcore.jsonproject spec should support an optional resource policy configuration, e.g.:{ "agents": [ { "name": "MyAgent", "type": "AgentCoreRuntime", "allowedPrincipals": [ "arn:aws:iam::123456789012:root" ] } ] }agentcore deployshould apply the corresponding resource-based policy after creating/updating the resource. This should be supported across all AgentCore resource types that support resource-based policies (agent runtimes, memory stores, etc.).