{"data":{"id":"2f6d32c5-214a-4c2e-bee7-1944a45a7694","title":"Why Policy in Amazon Bedrock AgentCore chose Cedar for securing agentic workflows","summary":"AI agents (autonomous systems using LLMs to solve problems) create security risks because LLMs are unpredictable and vulnerable to prompt injection (tricking an AI by hiding instructions in its input), so they can make harmful decisions with confidence. The solution is to place authorization controls (decisions about which actions are allowed) at the boundary where the agent calls external tools, rather than relying on hard-coded workflows or human approval alone. Amazon Bedrock AgentCore uses Cedar, an open-source authorization policy language, to centralize and enforce these controls outside the LLM where they cannot be bypassed.","solution":"Amazon Bedrock AgentCore Gateway sits between the agent and the tools it calls. When you associate a Policy (written in Cedar) with a Gateway, it blocks everything by default and selectively allows only specified tool invocations under defined conditions. Cedar is an open source authorization policy language developed by AWS that is purpose-built for authorization, readable by humans, and analyzable by machines using automated reasoning.","labels":["security","policy"],"sourceUrl":"https://aws.amazon.com/blogs/security/why-policy-in-amazon-bedrock-agentcore-chose-cedar-for-securing-agentic-workflows/","publishedAt":"2026-05-20T20:56:03.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":["prompt_injection"],"issueType":"news","affectedPackages":null,"affectedVendors":["Amazon"],"affectedVendorsRaw":["Amazon Bedrock","Amazon Bedrock AgentCore"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-05-20T20:56:03.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","safety"],"aiComponentTargeted":"agent","llmSpecific":true,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}