bedrock-agentcore: execution role policy for runtime lacks permissions to invoke bedrock models

[go-to-k]

Describe the bug

The permissions for the execution role lacks permissions in Runtime construct.

The official document says that runtime execution role requires permissions to invoke bedrock models:

{
         "Sid": "BedrockModelInvocation", 
         "Effect": "Allow", 
         "Action": [ 
                "bedrock:InvokeModel", 
                "bedrock:InvokeModelWithResponseStream"
              ], 
        "Resource": [
            "arn:aws:bedrock:*::foundation-model/*",
            "arn:aws:bedrock:us-east-1:123456789012:*"
        ]
}

However, current code in the construct couldn't add the permissions:

https://github.com/aws/aws-cdk/blob/v2.221.0/packages/%40aws-cdk/aws-bedrock-agentcore-alpha/agentcore/runtime/runtime.ts#L336-L391

Regression Issue

• Select this option if this issue appears to be a regression.

Last Known Working CDK Library Version

No response

Expected Behavior

The "BedrockModelInvocation" permission is attached.

Current Behavior

The "BedrockModelInvocation" permission is not attached.

Reproduction Steps

Deploy the following CDK code:

const app = new cdk.App();
const stack = new cdk.Stack(app, 'stack');

const runtimeArtifact = agentcore.AgentRuntimeArtifact.fromAsset(
  path.join(__dirname, 'testArtifact'),
);

const runtime = new agentcore.Runtime(stack, 'Runtime', {
  runtimeName: 'integ_test_runtime',
  agentRuntimeArtifact: runtimeArtifact,
});

And then you can see the permissions in the console or cdk.out.

Possible Solution

Add the permissions including bedrock:InvokeModel and bedrock:InvokeModelWithResponseStream actions.

Additional Information/Context

No response

AWS CDK Library version (aws-cdk-lib)

v2.221.0

AWS CDK CLI version

2.1030.0

Node.js Version

v22.14.0

OS

Mac

Language

TypeScript

Language Version

No response

Other information

No response

[pahud]

Hi @go-to-k,

Thank you for reporting this issue and providing the detailed documentation reference. The analysis indicates that the Runtime construct is indeed missing the required Bedrock model invocation permissions in its auto-generated execution role.

The createExecutionRole() method currently adds permissions for CloudWatch Logs, X-Ray, CloudWatch Metrics, and Workload Identity, but does not include the bedrock:InvokeModel and bedrock:InvokeModelWithResponseStream actions that are documented as required in the AWS Bedrock AgentCore Runtime Permissions guide.

This appears to be a straightforward addition that would align the CDK construct with the AWS service requirements. We'll review your PR when it's ready.

[go-to-k]

Closed.

See: #35850 (comment)

[github-actions]

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.