Session Security: X-Amzn-Bedrock-AgentCore-Runtime-Session-Id #161
Unanswered
sakae-nakajima-cw
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
I'm trying to figure out how to best protect sessions.
As far as I can tell, users can access unauthorised sessions by manipulating X-Amzn-Bedrock-AgentCore-Runtime-Session-Id if the endpoints does not check ownership of sessions.
For example, 02-use-cases/customer-support-assistant-vpc does not check the ownership of sessions. If I manage to obtain someone else's session id, all I need is to change the request header value for accessing conversation turns.
Are apps expected to check if a caller owns a given session or not, say using ValKey/DynamoDB, for each request in the AgentCore endpoint?
If so, are we expected to front the AgentCore endpoint by something like API Gateway so that we can check session ownership before request hit the AgentCore endpoint.
One attack I can think of is DDOS with random session ids - this will start new micro VMs and will damage us financially if AgentCore endpoints are not protected.
Beta Was this translation helpful? Give feedback.
All reactions