https://kane.mx/tags/cedar/Recent content in Cedar on The roadHugo -- gohugo.ioenSat, 06 Jun 2026 00:00:00 +0000https://kane.mx/posts/2026/multi-tenant-agent-security-blueprint/Sat, 06 Jun 2026 00:00:00 +0000https://kane.mx/posts/2026/multi-tenant-agent-security-blueprint/ <h2 id="tldr-30-second-read">TL;DR (30-Second Read)</h2> <p>With Amazon Bedrock AgentCore now generally available — including <strong>AgentCore Identity</strong> for agent authentication and <strong>AgentCore Policy</strong>, which enforces Cedar rules by intercepting every tool call before execution — the security design for multi-tenant SaaS on Bedrock Agents has reached an inflection point. This blueprint addresses the hardest problem in agentic SaaS: a Large Language Model (LLM) that, through prompt injection or hallucination, crosses tenant boundaries or escalates privileges. The answer is a <strong>zero-trust, low-latency, two-layer authorization architecture with real-time quota enforcement</strong>, built on Amazon Verified Permissions (AVP) and the Cedar policy engine.</p> <p><a href="https://kane.mx/posts/2026/multi-tenant-agent-security-blueprint/">Read More</a></p>