Amazon Bedrock AgentCore now lets you bring your own Secrets Manager secrets

AI agents often need to call external APIs—CRM systems, Slack, GitHub—which requires securely passing credentials at runtime. Amazon Bedrock AgentCore Identity already tackled this with credential providers and a token vault that auto-creates and manages a Secrets Manager secret for each outbound credential provider. However, customers couldn't set custom tags, rotation policies, or use customer-managed KMS keys at creation time. Today, AWS announced that you can now reference your own preconfigured AWS Secrets Manager secret for AgentCore Identity. Simply provide the secret ARN, and AgentCore uses it instead of creating a new one. This gives you full control over encryption (including customer-managed KMS keys), rotation schedules, replication across regions, tags for cost allocation or compliance, and resource policies to scope access. Rotations are automatically picked up on the next read—no need to recreate credential providers.

This feature unlocks several key use cases. If your team already has a secret for an external API, you can reuse it directly rather than creating a duplicate. For security best practices, you can rotate the secret without interrupting the agent—AgentCore automatically retrieves the updated value. In regulated environments, you can enforce that all credentials are encrypted with your customer-managed KMS key, supporting SCPs and RCPs. Cross-account secrets within the same region are supported, and secrets brought in through Secrets Manager external connectors enable integration with third-party secret managers like HashiCorp Vault. This extends your existing secrets governance processes to AI agent credentials, giving administrators the same controls they have always had for other secrets.