bedrock-agentcore:*AWS Amazon Bedrock Agentcore IAM Actions
133 IAM actions for bedrock-agentcore:*
Actions
133 actions available. Filter by access level or search by name.
Filter:
| Action | Access Level |
|---|---|
bedrock-agentcore:AllowVendedLogDeliveryForResource | Read |
bedrock-agentcore:AuthorizeAction | Read |
bedrock-agentcore:BatchCreateMemoryRecords | Write |
bedrock-agentcore:BatchDeleteMemoryRecords | Write |
bedrock-agentcore:BatchUpdateMemoryRecords | Write |
bedrock-agentcore:CompleteResourceTokenAuth | Write |
bedrock-agentcore:ConnectBrowserAutomationStream | Read |
bedrock-agentcore:ConnectBrowserLiveViewStream | Read |
bedrock-agentcore:CreateAgentRuntime | Write |
bedrock-agentcore:CreateAgentRuntimeEndpoint | Write |
bedrock-agentcore:CreateApiKeyCredentialProvider | Write |
bedrock-agentcore:CreateBrowser | Write |
bedrock-agentcore:CreateBrowserProfile | Write |
bedrock-agentcore:CreateCodeInterpreter | Write |
bedrock-agentcore:CreateEvaluator | Write |
bedrock-agentcore:CreateEvent | Write |
bedrock-agentcore:CreateGateway | Write |
bedrock-agentcore:CreateGatewayTarget | Write |
bedrock-agentcore:CreateMemory | Write |
bedrock-agentcore:CreateOauth2CredentialProvider | Write |
bedrock-agentcore:CreateOnlineEvaluationConfig | Write |
bedrock-agentcore:CreatePolicy | Permissions |
bedrock-agentcore:CreatePolicyEngine | Permissions |
bedrock-agentcore:CreateWorkloadIdentity | Write |
bedrock-agentcore:DeleteAgentRuntime | Write |
bedrock-agentcore:DeleteAgentRuntimeEndpoint | Write |
bedrock-agentcore:DeleteApiKeyCredentialProvider | Write |
bedrock-agentcore:DeleteBrowser | Write |
bedrock-agentcore:DeleteBrowserProfile | Write |
bedrock-agentcore:DeleteCodeInterpreter | Write |
bedrock-agentcore:DeleteEvaluator | Write |
bedrock-agentcore:DeleteEvent | Write |
bedrock-agentcore:DeleteGateway | Write |
bedrock-agentcore:DeleteGatewayTarget | Write |
bedrock-agentcore:DeleteMemory | Write |
bedrock-agentcore:DeleteMemoryRecord | Write |
bedrock-agentcore:DeleteOauth2CredentialProvider | Write |
bedrock-agentcore:DeleteOnlineEvaluationConfig | Write |
bedrock-agentcore:DeletePolicy | Permissions |
bedrock-agentcore:DeletePolicyEngine | Permissions |
bedrock-agentcore:DeleteResourcePolicy | Permissions |
bedrock-agentcore:DeleteWorkloadIdentity | Write |
bedrock-agentcore:Evaluate | Read |
bedrock-agentcore:GetAgentCard | Tagging |
bedrock-agentcore:GetAgentRuntime | Tagging |
bedrock-agentcore:GetAgentRuntimeEndpoint | Tagging |
bedrock-agentcore:GetApiKeyCredentialProvider | Read |
bedrock-agentcore:GetBrowser | Read |
bedrock-agentcore:GetBrowserProfile | Read |
bedrock-agentcore:GetBrowserSession | Read |
bedrock-agentcore:GetCodeInterpreter | Read |
bedrock-agentcore:GetCodeInterpreterSession | Read |
bedrock-agentcore:GetEvaluator | Read |
bedrock-agentcore:GetEvent | Read |
bedrock-agentcore:GetGateway | Read |
bedrock-agentcore:GetGatewayTarget | Read |
bedrock-agentcore:GetMemory | Read |
bedrock-agentcore:GetMemoryRecord | Read |
bedrock-agentcore:GetOauth2CredentialProvider | Read |
bedrock-agentcore:GetOnlineEvaluationConfig | Read |
bedrock-agentcore:GetPolicy | Permissions |
bedrock-agentcore:GetPolicyEngine | Permissions |
bedrock-agentcore:GetPolicyGeneration | Permissions |
bedrock-agentcore:GetResourceApiKey | Read |
bedrock-agentcore:GetResourceOauth2Token | Read |
bedrock-agentcore:GetResourcePolicy | Permissions |
bedrock-agentcore:GetTokenVault | Read |
bedrock-agentcore:GetWorkloadAccessToken | Read |
bedrock-agentcore:GetWorkloadAccessTokenForJWT | Read |
bedrock-agentcore:GetWorkloadAccessTokenForUserId | Read |
bedrock-agentcore:GetWorkloadIdentity | Read |
bedrock-agentcore:InvokeAgentRuntime | Write |
bedrock-agentcore:InvokeAgentRuntimeForUser | Write |
bedrock-agentcore:InvokeAgentRuntimeWithWebSocketStream | Write |
bedrock-agentcore:InvokeAgentRuntimeWithWebSocketStreamForUser | Write |
bedrock-agentcore:InvokeCodeInterpreter | Write |
bedrock-agentcore:InvokeGateway | Write |
bedrock-agentcore:ListActors | List |
bedrock-agentcore:ListAgentRuntimeEndpoints | Tagging |
bedrock-agentcore:ListAgentRuntimes | Tagging |
bedrock-agentcore:ListAgentRuntimeVersions | Tagging |
bedrock-agentcore:ListApiKeyCredentialProviders | List |
bedrock-agentcore:ListBrowserProfiles | List |
bedrock-agentcore:ListBrowsers | List |
bedrock-agentcore:ListBrowserSessions | List |
bedrock-agentcore:ListCodeInterpreters | List |
bedrock-agentcore:ListCodeInterpreterSessions | List |
bedrock-agentcore:ListEvaluators | List |
bedrock-agentcore:ListEvents | List |
bedrock-agentcore:ListGateways | List |
bedrock-agentcore:ListGatewayTargets | List |
bedrock-agentcore:ListMemories | List |
bedrock-agentcore:ListMemoryExtractionJobs | List |
bedrock-agentcore:ListMemoryRecords | List |
bedrock-agentcore:ListOauth2CredentialProviders | List |
bedrock-agentcore:ListOnlineEvaluationConfigs | List |
bedrock-agentcore:ListPolicies | List |
bedrock-agentcore:ListPolicyEngines | Permissions |
bedrock-agentcore:ListPolicyGenerationAssets | Permissions |
bedrock-agentcore:ListPolicyGenerations | Permissions |
bedrock-agentcore:ListSessions | List |
bedrock-agentcore:ListTagsForResource | Tagging |
bedrock-agentcore:ListWorkloadIdentities | List |
bedrock-agentcore:ManageAdminPolicy | Permissions |
bedrock-agentcore:ManageResourceScopedPolicy | Permissions |
bedrock-agentcore:PartiallyAuthorizeActions | Read |
bedrock-agentcore:PutResourcePolicy | Permissions |
bedrock-agentcore:RetrieveMemoryRecords | Read |
bedrock-agentcore:SaveBrowserSessionProfile | Read |
bedrock-agentcore:SetTokenVaultCMK | Write |
bedrock-agentcore:StartBrowserSession | Write |
bedrock-agentcore:StartCodeInterpreterSession | Write |
bedrock-agentcore:StartMemoryExtractionJob | Write |
bedrock-agentcore:StartPolicyGeneration | Permissions |
bedrock-agentcore:StopBrowserSession | Write |
bedrock-agentcore:StopCodeInterpreterSession | Write |
bedrock-agentcore:StopRuntimeSession | Write |
bedrock-agentcore:SynchronizeGatewayTargets | Read |
bedrock-agentcore:TagResource | Tagging |
bedrock-agentcore:UntagResource | Tagging |
bedrock-agentcore:UpdateAgentRuntime | Write |
bedrock-agentcore:UpdateAgentRuntimeEndpoint | Write |
bedrock-agentcore:UpdateApiKeyCredentialProvider | Write |
bedrock-agentcore:UpdateBrowserStream | Write |
bedrock-agentcore:UpdateEvaluator | Write |
bedrock-agentcore:UpdateGateway | Write |
bedrock-agentcore:UpdateGatewayTarget | Write |
bedrock-agentcore:UpdateMemory | Write |
bedrock-agentcore:UpdateOauth2CredentialProvider | Write |
bedrock-agentcore:UpdateOnlineEvaluationConfig | Write |
bedrock-agentcore:UpdatePolicy | Permissions |
bedrock-agentcore:UpdatePolicyEngine | Permissions |
bedrock-agentcore:UpdateWorkloadIdentity | Write |
Resource Types
ARN patterns for resources in this service.
| Resource | ARN Pattern |
|---|---|
${ResourceType} | arn:aws:bedrock-agentcore:${Region}:${Account}:${ResourceType}/${ResourceId} |
Condition Keys
Condition keys you can use in IAM policy conditions for this service.
aws:RequestTag/${TagKey}aws:ResourceTag/${TagKey}aws:TagKeysbedrock-agentcore:GatewayAuthorizerTypebedrock-agentcore:InboundJwtClaim/audbedrock-agentcore:InboundJwtClaim/client_idbedrock-agentcore:InboundJwtClaim/issbedrock-agentcore:InboundJwtClaim/scopebedrock-agentcore:InboundJwtClaim/subbedrock-agentcore:KmsKeyArnbedrock-agentcore:actorIdbedrock-agentcore:namespacebedrock-agentcore:securityGroupsbedrock-agentcore:sessionIdbedrock-agentcore:strategyIdbedrock-agentcore:subnetsbedrock-agentcore:useridLearn AWS the Practical Way
Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.
Subscribe to NewsletterLearn AWS the Practical Way
Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.
Subscribe to NewsletterQuick Facts
Total Actions133
Prefix
bedrock-agentcoreResource Types1
Condition Keys17
Access Level Breakdown
Read30
Write57
List19
Permissions18
Tagging9