AI agents are only as powerful as the tools they can access. Whether retrieving customer data from a CRM, posting updates to Slack, or querying a GitHub repository, agents need to call external APIs, and that means securely passing credentials at runtime. Getting that right, without hardcoding secrets in code or exposing them in agent prompts, is one of the defining challenges of building production-ready agentic systems.
Amazon Bedrock AgentCore Identity meets this challenge through credential providers and a token vault that automatically create and manage a secret in AWS Secrets Manager in your account for each Outbound credential provider resource. While AgentCore Identity fully creates and manages these secrets, customers couldn’t configure custom tags, rotation policies, or customer managed AWS Key Management Service (AWS KMS) key encryption at creation time.
AWS has announced the ability to reference an existing secret in AWS Secrets Manager for AgentCore Identity, so you can reference your own preconfigured secret and retain full control over how it is managed. With this ability, you can extend your organization’s existing secrets governance processes to AgentCore. You can provide an existing, preconfigured AWS Secrets Manager secret to use with your credential provider resources. You retain full control over its encryption configuration, rotation, replication, tags, and resource policies, just as you would manage other secrets in Secrets Manager. You can also choose a secret from another AWS account within the same AWS Region, and integrate with third-party secret managers via external connectors.
Example use cases include:
- Accessing external APIs with existing secrets: Provide the ARN of that existing secret to your credential provider resources instead of having AgentCore Identity create a new one, supporting cross-account and third-party secrets.
- Seamless secret rotation: When you rotate the secret value for security best practices, AgentCore Identity retrieves the updated value on its next read. You don’t need to update or recreate the credential provider resources.
[AgentUpdate Depth Analysis] As AI Agents transition from simple text-generators to active "action agents" performing real-world API invocations, credential security becomes paramount. Compared to open-source agent frameworks (like LangChain or LlamaIndex) which often rely on local environment variables or basic configuration files, AWS's integration offers an enterprise-grade, cloud-native credential management solution. By allowing Bedrock AgentCore Identity to reference preconfigured secrets, AWS bridges the gap between AI developer workflows and strict enterprise SecOps requirements (such as KMS encryption and automatic rotation policies). This update paves the way for secure Agent adoption in highly regulated sectors like finance and healthcare. In the long run, the scalability of AI Agents in enterprise environments will depend heavily on robust Identity and Access Management (IAM). AWS is setting a crucial industry standard where agents are governed under the same strict security boundaries as traditional microservices.
