-
Run get-caller-identity command (OSX/Linux/UNIX) to return the ID of the AWS account that owns your Amazon Bedrock agents:
aws sts get-caller-identity
--query 'Account'
-
The command output should return the requested AWS account ID:
-
Run list-agents command (OSX/Linux/UNIX) to list the identifier (ID) of each Amazon Bedrock agent available in the selected AWS cloud region:
aws bedrock-agent list-agents
--region us-east-1
--query 'agentSummaries[*].agentId'
-
The command output should return the requested agent identifiers (IDs):
[
"ABCDACBDAB",
"ABCABCABCA"
]
-
Run list-agent-action-groups command (OSX/Linux/UNIX) with the agent ID and the DRAFT agent version to list the action group identifiers for the selected agent. Use DRAFT to inspect the current mutable configuration. To list published (immutable) agent versions, use the list-agent-versions command:
aws bedrock-agent list-agent-action-groups
--region us-east-1
--agent-id ABCDACBDAB
--agent-version DRAFT
--query 'actionGroupSummaries[*].actionGroupId'
-
The command output should return the requested action group identifiers (IDs):
-
Run get-agent-action-group command (OSX/Linux/UNIX) with the agent ID, agent version, and action group ID to describe the action group executor configuration and extract the Lambda function ARN:
aws bedrock-agent get-agent-action-group
--region us-east-1
--agent-id ABCDACBDAB
--agent-version DRAFT
--action-group-id XYXYXYXYXY
--query 'agentActionGroup.actionGroupExecutor.lambda'
-
The command output should return the ARN of the Lambda function used as the action group executor:
"arn:aws:lambda:us-east-1:210987654321:function:cc-bedrock-agent-executor"
If the command output returns null or the action group uses customControl instead of a Lambda function, there is no executor Lambda function to validate for this action group. Otherwise, compare the account ID segment of the returned ARN (i.e. 210987654321) with the account ID returned at step no. 2. If the two account IDs do not match, the executor Lambda function belongs to a different AWS account, therefore the action group configuration is not compliant.
-
Run get-function-configuration command (OSX/Linux/UNIX) using the executor Lambda function ARN as the identifier parameter and custom query filters to return the ARN of the IAM execution role attached to the function:
aws lambda get-function-configuration
--region us-east-1
--function-name arn:aws:lambda:us-east-1:210987654321:function:cc-bedrock-agent-executor
--query 'Role'
-
The command output should return the ARN of the Lambda execution role:
"arn:aws:iam::210987654321:role/cc-bedrock-agent-executor-role"
-
Run list-attached-role-policies command (OSX/Linux/UNIX) using the name of the execution role (i.e. the part of the role ARN that follows role/) as the identifier parameter to list the managed policies attached to the role:
aws iam list-attached-role-policies
--role-name cc-bedrock-agent-executor-role
--query 'AttachedPolicies[*].PolicyArn'
-
The command output should return the ARNs of the attached managed policies:
[
"arn:aws:iam::aws:policy/AdministratorAccess"
]
If the execution role has the AdministratorAccess managed policy attached (as shown in the example above), the executor Lambda function does not use a least-privilege IAM role, therefore the action group configuration is not compliant.
Note: list-attached-role-policies only returns managed policies. A role with no managed policies attached (an empty array result) can still be non-compliant if it has an inline policy that grants wildcard permissions — always continue to steps 13-14 below to check inline policies as well.
-
Run list-role-policies command (OSX/Linux/UNIX) using the name of the execution role as the identifier parameter to list the names of any inline policies defined directly on the role:
aws iam list-role-policies
--role-name cc-bedrock-agent-executor-role
--query 'PolicyNames'
The command output should return an array of inline policy names (an empty array means no inline policies are defined for the role):
[
"cc-bedrock-agent-executor-wildcard-policy"
]
-
Run get-role-policy command (OSX/Linux/UNIX) using the execution role name and each inline policy name returned at the previous step to retrieve the policy document:
aws iam get-role-policy
--role-name cc-bedrock-agent-executor-role
--policy-name cc-bedrock-agent-executor-wildcard-policy
--query 'PolicyDocument'
The command output should return the inline policy document:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "*",
"Resource": "*"
}
]
}
If any inline policy statement grants wildcard permissions (i.e. "Action": "*" and/or "Resource": "*"), the executor Lambda function does not use a least-privilege IAM role, therefore the action group configuration is not compliant, even if list-attached-role-policies returned an empty array.
-
Repeat steps no. 7 – 14 for each action group configured for the selected Amazon Bedrock agent.
-
Repeat steps no. 5 – 15 for each Amazon Bedrock agent available in the selected AWS region.
-
Change the AWS cloud region by updating the --region command parameter value and repeat steps no. 3 – 16 to perform the Audit process for other regions.