chore: remove workload access permissions from runtime execution policy (#274)

vma1996 · web-flow · commit 0f5ca368afd0 · 2025-10-12T18:31:32.000-07:00
diff --git a/documentation/docs/user-guide/runtime/permissions.md b/documentation/docs/user-guide/runtime/permissions.md
@@ -61,121 +61,131 @@ Attach the following policy to your IAM user or role:
 
 ```json
 {
-	"Version": "2012-10-17",
-	"Statement": [
-		{
-			"Sid": "IAMRoleManagement",
-			"Effect": "Allow",
-			"Action": [
-				"iam:CreateRole",
-				"iam:DeleteRole",
-				"iam:GetRole",
-				"iam:PutRolePolicy",
-				"iam:DeleteRolePolicy",
-				"iam:AttachRolePolicy",
-				"iam:DetachRolePolicy",
-				"iam:TagRole",
-				"iam:ListRolePolicies",
-				"iam:ListAttachedRolePolicies"
-			],
-			"Resource": [
-				"arn:aws:iam::*:role/*BedrockAgentCore*",
-				"arn:aws:iam::*:role/service-role/*BedrockAgentCore*"
-			]
-		},
-		{
-			"Sid": "CodeBuildProjectAccess",
-			"Effect": "Allow",
-			"Action": [
-				"codebuild:StartBuild",
-				"codebuild:BatchGetBuilds",
-				"codebuild:ListBuildsForProject",
-				"codebuild:CreateProject",
-				"codebuild:UpdateProject",
-				"codebuild:BatchGetProjects"
-			],
-			"Resource": [
-				"arn:aws:codebuild:*:*:project/bedrock-agentcore-*",
-				"arn:aws:codebuild:*:*:build/bedrock-agentcore-*"
-			]
-		},
-		{
-			"Sid": "CodeBuildListAccess",
-			"Effect": "Allow",
-			"Action": [
-				"codebuild:ListProjects"
-			],
-			"Resource": "*"
-		},
-		{
-			"Sid": "IAMPassRoleAccess",
-			"Effect": "Allow",
-			"Action": [
-				"iam:PassRole"
-			],
-			"Resource": [
-				"arn:aws:iam::*:role/AmazonBedrockAgentCore*",
-				"arn:aws:iam::*:role/service-role/AmazonBedrockAgentCore*"
-			]
-		},
-		{
-			"Sid": "CloudWatchLogsAccess",
-			"Effect": "Allow",
-			"Action": [
-				"logs:GetLogEvents",
-				"logs:DescribeLogGroups",
-				"logs:DescribeLogStreams"
-			],
-			"Resource": [
-				"arn:aws:logs:*:*:log-group:/aws/bedrock-agentcore/*",
-				"arn:aws:logs:*:*:log-group:/aws/codebuild/*"
-			]
-		},
-		{
-			"Sid": "S3Access",
-			"Effect": "Allow",
-			"Action": [
-				"s3:GetObject",
-				"s3:PutObject",
-				"s3:ListBucket",
-				"s3:CreateBucket",
-				"s3:PutLifecycleConfiguration"
-			],
-			"Resource": [
-				"arn:aws:s3:::bedrock-agentcore-*",
-				"arn:aws:s3:::bedrock-agentcore-*/*"
-			]
-		},
-		{
-			"Sid": "ECRRepositoryAccess",
-			"Effect": "Allow",
-			"Action": [
-				"ecr:CreateRepository",
-				"ecr:DescribeRepositories",
-				"ecr:GetRepositoryPolicy",
-				"ecr:InitiateLayerUpload",
-				"ecr:CompleteLayerUpload",
-				"ecr:PutImage",
-				"ecr:UploadLayerPart",
-				"ecr:BatchCheckLayerAvailability",
-				"ecr:GetDownloadUrlForLayer",
-				"ecr:BatchGetImage",
-				"ecr:ListImages",
-				"ecr:TagResource"
-			],
-			"Resource": [
-				"arn:aws:ecr:*:*:repository/bedrock-agentcore-*"
-			]
-		},
-		{
-			"Sid": "ECRAuthorizationAccess",
-			"Effect": "Allow",
-			"Action": [
-				"ecr:GetAuthorizationToken"
-			],
-			"Resource": "*"
-		}
-	]
+  "Version": "2012-10-17",
+  "Statement": [{
+      "Sid": "IAMRoleManagement",
+      "Effect": "Allow",
+      "Action": [
+        "iam:CreateRole",
+        "iam:DeleteRole",
+        "iam:GetRole",
+        "iam:PutRolePolicy",
+        "iam:DeleteRolePolicy",
+        "iam:AttachRolePolicy",
+        "iam:DetachRolePolicy",
+        "iam:TagRole",
+        "iam:ListRolePolicies",
+        "iam:ListAttachedRolePolicies"
+      ],
+      "Resource": [
+        "arn:aws:iam::*:role/*BedrockAgentCore*",
+        "arn:aws:iam::*:role/service-role/*BedrockAgentCore*"
+      ]
+    },
+    {
+      "Sid": "CodeBuildProjectAccess",
+      "Effect": "Allow",
+      "Action": [
+        "codebuild:StartBuild",
+        "codebuild:BatchGetBuilds",
+        "codebuild:ListBuildsForProject",
+        "codebuild:CreateProject",
+        "codebuild:UpdateProject",
+        "codebuild:BatchGetProjects"
+      ],
+      "Resource": [
+        "arn:aws:codebuild:*:*:project/bedrock-agentcore-*",
+        "arn:aws:codebuild:*:*:build/bedrock-agentcore-*"
+      ]
+    },
+    {
+      "Sid": "CodeBuildListAccess",
+      "Effect": "Allow",
+      "Action": [
+        "codebuild:ListProjects"
+      ],
+      "Resource": "*"
+    },
+    {
+      "Sid": "IAMPassRoleAccess",
+      "Effect": "Allow",
+      "Action": [
+        "iam:PassRole"
+      ],
+      "Resource": [
+        "arn:aws:iam::*:role/AmazonBedrockAgentCore*",
+        "arn:aws:iam::*:role/service-role/AmazonBedrockAgentCore*"
+      ]
+    },
+    {
+      "Sid": "CloudWatchLogsAccess",
+      "Effect": "Allow",
+      "Action": [
+        "logs:GetLogEvents",
+        "logs:DescribeLogGroups",
+        "logs:DescribeLogStreams"
+      ],
+      "Resource": [
+        "arn:aws:logs:*:*:log-group:/aws/bedrock-agentcore/*",
+        "arn:aws:logs:*:*:log-group:/aws/codebuild/*"
+      ]
+    },
+    {
+      "Sid": "S3Access",
+      "Effect": "Allow",
+      "Action": [
+        "s3:GetObject",
+        "s3:PutObject",
+        "s3:ListBucket",
+        "s3:CreateBucket",
+        "s3:PutLifecycleConfiguration"
+      ],
+      "Resource": [
+        "arn:aws:s3:::bedrock-agentcore-*",
+        "arn:aws:s3:::bedrock-agentcore-*/*"
+      ]
+    },
+    {
+      "Sid": "ECRRepositoryAccess",
+      "Effect": "Allow",
+      "Action": [
+        "ecr:CreateRepository",
+        "ecr:DescribeRepositories",
+        "ecr:GetRepositoryPolicy",
+        "ecr:InitiateLayerUpload",
+        "ecr:CompleteLayerUpload",
+        "ecr:PutImage",
+        "ecr:UploadLayerPart",
+        "ecr:BatchCheckLayerAvailability",
+        "ecr:GetDownloadUrlForLayer",
+        "ecr:BatchGetImage",
+        "ecr:ListImages",
+        "ecr:TagResource"
+      ],
+      "Resource": [
+        "arn:aws:ecr:*:*:repository/bedrock-agentcore-*"
+      ]
+    },
+    {
+      "Sid": "ECRAuthorizationAccess",
+      "Effect": "Allow",
+      "Action": [
+        "ecr:GetAuthorizationToken"
+      ],
+      "Resource": "*"
+    },
+    {
+      "Sid": "BedrockAgentCoreRuntimeIdentityServiceLinkedRolePermissions",
+      "Effect": "Allow",
+      "Action": "iam:CreateServiceLinkedRole",
+      "Resource": "arn:aws:iam::*:role/aws-service-role/runtime-identity.bedrock-agentcore.amazonaws.com/AWSServiceRoleForBedrockAgentCoreRuntimeIdentity",
+      "Condition": {
+        "StringEquals": {
+          "iam:AWSServiceName": "runtime-identity.bedrock-agentcore.amazonaws.com"
+        }
+      }
+    }
+  ]
 }
 ```
 
@@ -316,19 +326,6 @@ The Runtime Execution Role is an IAM role that AgentCore Runtime assumes to run
                 }
             }
         },
-        {
-            "Sid": "GetAgentAccessToken",
-            "Effect": "Allow",
-            "Action": [
-                "bedrock-agentcore:GetWorkloadAccessToken",
-                "bedrock-agentcore:GetWorkloadAccessTokenForJWT",
-                "bedrock-agentcore:GetWorkloadAccessTokenForUserId"
-            ],
-            "Resource": [
-                "arn:aws:bedrock-agentcore:region:accountId:workload-identity-directory/default",
-                "arn:aws:bedrock-agentcore:region:accountId:workload-identity-directory/default/workload-identity/agentName-*"
-            ]
-        },
         {
             "Sid": "BedrockModelInvocation",
             "Effect": "Allow",
diff --git a/src/bedrock_agentcore_starter_toolkit/utils/runtime/templates/execution_role_policy.json.j2 b/src/bedrock_agentcore_starter_toolkit/utils/runtime/templates/execution_role_policy.json.j2
@@ -143,19 +143,6 @@
         "arn:aws:bedrock-agentcore:{{ region }}:{{ account_id }}:workload-identity-directory/default/workload-identity/{{ agent_name }}-*"
       ]
     },
-    {
-      "Sid": "BedrockAgentCoreIdentityGetWorkloadAccessToken",
-      "Effect": "Allow",
-      "Action": [
-        "bedrock-agentcore:GetWorkloadAccessToken",
-        "bedrock-agentcore:GetWorkloadAccessTokenForJWT",
-        "bedrock-agentcore:GetWorkloadAccessTokenForUserId"
-      ],
-      "Resource": [
-        "arn:aws:bedrock-agentcore:{{ region }}:{{ account_id }}:workload-identity-directory/default",
-        "arn:aws:bedrock-agentcore:{{ region }}:{{ account_id }}:workload-identity-directory/default/workload-identity/{{ agent_name }}-*"
-      ]
-    },
     {
       "Sid": "BedrockModelInvocation",
       "Effect": "Allow",
diff --git a/tests/utils/runtime/test_policy_template.py b/tests/utils/runtime/test_policy_template.py
@@ -129,9 +129,6 @@ def test_policy_has_required_permissions(self):
             "xray:GetSamplingRules",
             "xray:GetSamplingTargets",
             "cloudwatch:PutMetricData",
-            "bedrock-agentcore:GetWorkloadAccessToken",
-            "bedrock-agentcore:GetWorkloadAccessTokenForJWT",
-            "bedrock-agentcore:GetWorkloadAccessTokenForUserId",
             "bedrock:InvokeModel",
             "bedrock:InvokeModelWithResponseStream",
         ]
