Amazon Bedrock AgentCore Identity now allows you to bring your own secrets with AWS Secrets Manager
AWS Secrets Manager ยท 2026-06-01
Actions
Technical Details
| Regions | us-east-1, us-east-2, us-west-2, ca-central-1, ap-south-1, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, eu-central-1, eu-west-1, eu-west-2, eu-north-1 |
|---|---|
| Cost Impact | Neutral |
| IaC Impact | High |
What This Means
For DevOps Teams
Update your secret management strategy to utilize existing AWS Secrets Manager secrets in Amazon Bedrock AgentCore Identity, allowing for custom CMKs, tagging, and rotation policies, and reference the secret ARNs when configuring Credential Providers.
For Platform Teams
Adopt the new bring your own secret capability in Amazon Bedrock AgentCore Identity to integrate with existing AWS Secrets Manager governance policies, enabling full control over secret management and compliance.
For Executives
Evaluate the new capability to bring your own secrets with AWS Secrets Manager in Amazon Bedrock AgentCore Identity to enhance governance and compliance, ensuring full ownership of secret management and applying organization-specific policies.
Source
Related AWS Secrets Manager Updates
- AWS Secrets Manager adds managed external secrets support for Datadog vended keys and Snowflake Programmatic Access Tokens (2026-05-22)
- AWS Secrets Manager extends managed external secrets to MongoDB Atlas and Confluent Cloud (2026-04-22)
- AWS Secrets Manager now supports hybrid post-quantum TLS to protect secrets from quantum threats (2026-04-14)