Info icon
End of Life Notice: For Trend Cloud One™ - Conformity Customers, Conformity will reach its End of Sale on “July 31st, 2025” and End of Life “July 31st, 2026”. The same capabilities and much more is available in TrendAI Vision One™ Cloud Risk Management. For details, please refer to Upgrade to TrendAI Vision One™
Logo of TrendAI
Use the Knowledge Base AI to help improve your Cloud Posture

Use Customer-Managed Keys to Encrypt AgentCore Memory

TrendAI Vision One™ provides continuous assurance that gives peace of mind for your cloud infrastructure, delivering over 1400 automated best practice checks.

Risk Level: High (not acceptable risk)

Ensure that your Amazon Bedrock AgentCore memory stores are configured to use AWS Key Management Service (KMS) Customer-Managed Keys (CMKs) for encryption at rest. Amazon Bedrock AgentCore Memory provides persistent storage for AI agent conversation history, extracted facts, user preferences, and session context — data that frequently contains sensitive and personally identifiable information (PII). By default, AgentCore Memory encrypts stored data using AWS owned or AWS managed encryption keys, which are controlled and rotated by AWS on your behalf. While this provides a baseline level of protection, it does not give your organization direct control over the key lifecycle, access policies, or audit trails for encryption operations.

When you configure a CMK for your AgentCore memory store, you retain full control over the encryption key. You can define granular key policies that specify exactly which AWS principals and services can use the key, enable automatic key rotation on a schedule you define, monitor all cryptographic operations performed with the key through AWS CloudTrail logs, and immediately revoke access to encrypted data by disabling or deleting the key. The CMK ARN is specified at memory creation time using the encryptionKeyArn parameter in the CreateMemory API call, or can be configured through the console under Additional configurationsCustomize encryption settings (advanced).

Security
Operational
excellence

Amazon Bedrock AgentCore memory stores accumulate conversation history, user preferences, session summaries, and extracted long-term facts over time. This data can contain sensitive personal information, confidential business context, or compliance-regulated content that requires strong data governance controls. Using Customer-Managed Keys ensures that your organization — not AWS — retains ultimate authority over access to this encrypted data. If the CMK is disabled or deleted, the encrypted memory data becomes inaccessible, providing a powerful mechanism to meet data residency and right-to-erasure requirements under regulations such as GDPR and CCPA. CMK usage also generates detailed audit logs in AWS CloudTrail for every cryptographic operation, enabling security teams to detect unauthorized access attempts, demonstrate compliance during audits, and investigate potential data breaches with full visibility into who accessed the key and when.

Audit

To determine if your Amazon Bedrock AgentCore memory stores are encrypted with Customer-Managed Keys (CMKs), perform the following operations:

Using AWS Console

01 Sign in to the AWS Management Console.

02 Navigate to Amazon Bedrock AgentCore console available at https://console.aws.amazon.com/bedrock-agentcore/.

03 In the left navigation pane, choose Memory.

04 Select the memory store you want to examine by clicking on its name.

05 In the memory store details page, locate the KMS Key section.

06 Check the KMS key field. If the field displays AWS managed key or does not reference a customer-managed KMS key ARN (which begins with arn:aws:kms:), the memory store is not encrypted with a CMK.

07 Repeat steps no. 4 – 6 for each memory store available in the selected AWS region.

08 Change the AWS cloud region from the console navigation bar and repeat the Audit process for other regions.

Using AWS CLI

01 Run list-memories command (OSX/Linux/UNIX) to list all Amazon Bedrock AgentCore memory stores available in the selected AWS region: 

aws bedrock-agentcore-control list-memories
	--region us-east-1
	--query 'memories[*].id'

02 The command output should return the requested memory store identifiers: 

[
	"cc_agentcore_memory-aBcDeFgHiJ",
	"cc_agentcore_memory-kLmNoPqRsT"
]

03 Run get-memory command (OSX/Linux/UNIX) with the ID of the Amazon Bedrock AgentCore memory store that you want to examine as the identifier parameter and output query filters to describe the encryption configuration: 

aws bedrock-agentcore-control get-memory
	--region us-east-1
	--memory-id cc_agentcore_memory-aBcDeFgHiJ
	--query 'memory.encryptionKeyArn'

04 The command output should return the encryption key ARN configured for the memory store: 

null

If the get-memory command output returns null for the encryptionKeyArn attribute, as shown in the example above, the selected Amazon Bedrock AgentCore memory store is not encrypted with a Customer-Managed Key (CMK) and relies on AWS managed encryption keys instead.

05 Repeat steps no. 3 and 4 for each memory store available in the selected AWS region.

06 Change the AWS cloud region by updating the --region command parameter value and repeat steps no. 1 – 5 to perform the Audit process for other regions.

Remediation / Resolution

To encrypt your Amazon Bedrock AgentCore memory stores with Customer-Managed Keys (CMKs), perform the following operations:

Important considerations before configuring CMK encryption:

Encryption at rest using a CMK must be configured at memory creation time. Existing memory stores cannot be updated in-place to change the encryption key. To encrypt an existing unencrypted memory store with a CMK, you must create a new memory store with the CMK specified and migrate your data. Ensure that the KMS key policy grants the bedrock-agentcore.amazonaws.com service the required permissions (kms:CreateGrant, kms:Decrypt, kms:DescribeKey, kms:GenerateDataKey, kms:GenerateDataKeyWithoutPlaintext, kms:ReEncrypt*) before creating the memory store.

Using AWS CloudFormation

01 Use the following CloudFormation template to create a new Amazon Bedrock AgentCore memory store encrypted with a Customer-Managed Key: 

{
	"AWSTemplateFormatVersion": "2010-09-09",
	"Description": "Amazon Bedrock AgentCore memory store encrypted with a Customer-Managed KMS Key",
	"Resources": {
		"AgentCoreMemoryCMK": {
			"Type": "AWS::KMS::Key",
			"Properties": {
				"Description": "CMK for encrypting AgentCore memory store",
				"EnableKeyRotation": true,
				"KeyPolicy": {
					"Version": "2012-10-17",
					"Statement": [
						{
							"Sid": "Enable IAM User Permissions",
							"Effect": "Allow",
							"Principal": {
								"AWS": "arn:aws:iam::123456789012:root"
							},
							"Action": "kms:*",
							"Resource": "*"
						},
						{
							"Sid": "AllowAgentCoreMemoryKMS",
							"Effect": "Allow",
							"Principal": {
								"Service": "bedrock-agentcore.amazonaws.com"
							},
							"Action": [
								"kms:CreateGrant",
								"kms:Decrypt",
								"kms:DescribeKey",
								"kms:GenerateDataKey",
								"kms:GenerateDataKeyWithoutPlaintext",
								"kms:ReEncrypt*"
							],
							"Resource": "*",
							"Condition": {
								"StringEquals": {
									"kms:ViaService": "bedrock-agentcore.us-east-1.amazonaws.com"
								}
							}
						}
					]
				}
			}
		},
		"AgentCoreMemoryCMKAlias": {
			"Type": "AWS::KMS::Alias",
			"Properties": {
				"AliasName": "alias/cc-agentcore-memory-cmk",
				"TargetKeyId": {
					"Ref": "AgentCoreMemoryCMK"
				}
			}
		},
		"CCAgentCoreMemory": {
			"Type": "AWS::BedrockAgentCore::Memory",
			"Properties": {
				"Name": "cc_agentcore_memory",
				"Description": "AgentCore memory store encrypted with CMK",
				"EncryptionKeyArn": {
					"Fn::GetAtt": [
						"AgentCoreMemoryCMK",
						"Arn"
					]
				},
				"EventExpiryDuration": 7
			}
		}
	}
}

02 CloudFormation template (YAML): 

AWSTemplateFormatVersion: "2010-09-09"
Description: Amazon Bedrock AgentCore memory store encrypted with a Customer-Managed KMS Key

Resources:
	AgentCoreMemoryCMK:
		Type: AWS::KMS::Key
		Properties:
		Description: CMK for encrypting AgentCore memory store
		EnableKeyRotation: true
		KeyPolicy:
			Version: "2012-10-17"
			Statement:
			- Sid: Enable IAM User Permissions
				Effect: Allow
				Principal:
				AWS: arn:aws:iam::123456789012:root
				Action: kms:*
				Resource: "*"
			- Sid: AllowAgentCoreMemoryKMS
				Effect: Allow
				Principal:
				Service: bedrock-agentcore.amazonaws.com
				Action:
				- kms:CreateGrant
				- kms:Decrypt
				- kms:DescribeKey
				- kms:GenerateDataKey
				- kms:GenerateDataKeyWithoutPlaintext
				- "kms:ReEncrypt*"
				Resource: "*"
				Condition:
				StringEquals:
					kms:ViaService: bedrock-agentcore.us-east-1.amazonaws.com

	AgentCoreMemoryCMKAlias:
		Type: AWS::KMS::Alias
		Properties:
		AliasName: alias/cc-agentcore-memory-cmk
		TargetKeyId: !Ref AgentCoreMemoryCMK

	CCAgentCoreMemory:
		Type: AWS::BedrockAgentCore::Memory
		Properties:
		Name: cc_agentcore_memory
		Description: AgentCore memory store encrypted with CMK
		EncryptionKeyArn: !GetAtt AgentCoreMemoryCMK.Arn
		EventExpiryDuration: 7

Using Terraform (AWS Provider)

01 Use the following Terraform configuration to create a new Amazon Bedrock AgentCore memory store encrypted with a Customer-Managed Key: 

terraform {
	required_providers {
		aws = {
		source  = "hashicorp/aws"
		version = "~> 5.0"
		}
	}
	required_version = ">= 1.3.0"
}

	provider "aws" {
		profile = "default"
		region  = "us-east-1"
	}

	data "aws_caller_identity" "current" {}
	data "aws_region" "current" {}

	resource "aws_kms_key" "agentcore_memory_cmk" {
		description             = "CMK for encrypting AgentCore memory store"
		deletion_window_in_days = 30
		enable_key_rotation     = true

		policy = jsonencode({
			Version = "2012-10-17"
			Statement = [
				{
					Sid    = "Enable IAM User Permissions"
					Effect = "Allow"
					Principal = {
					AWS = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:root"
					}
					Action   = "kms:*"
					Resource = "*"
				},
				{
					Sid    = "AllowAgentCoreMemoryKMS"
					Effect = "Allow"
					Principal = {
					Service = "bedrock-agentcore.amazonaws.com"
					}
					Action = [
						"kms:CreateGrant",
						"kms:Decrypt",
						"kms:DescribeKey",
						"kms:GenerateDataKey",
						"kms:GenerateDataKeyWithoutPlaintext",
						"kms:ReEncrypt*"
					]
					Resource = "*"
					Condition = {
						StringEquals = {
							"kms:ViaService" = "bedrock-agentcore.${data.aws_region.current.name}.amazonaws.com"
						}
					}
				}
			]
		})
	}

	resource "aws_kms_alias" "agentcore_memory_cmk_alias" {
		name          = "alias/cc-agentcore-memory-cmk"
		target_key_id = aws_kms_key.agentcore_memory_cmk.key_id
	}

	resource "aws_bedrock_agentcore_memory" "cc_agentcore_memory" {
		name                = "cc_agentcore_memory"
		description         = "AgentCore memory store encrypted with CMK"
		encryption_key_arn  = aws_kms_key.agentcore_memory_cmk.arn
		event_expiry_duration = 7
	}

Using AWS Console

01 Sign in to the AWS Management Console.

02 Navigate to AWS Key Management Service console available at https://console.aws.amazon.com/kms/ and ensure you have a Customer-Managed Key available (or create one). Note the key's ARN for use in the following steps.

03 Navigate to Amazon Bedrock AgentCore console available at https://console.aws.amazon.com/bedrock-agentcore/.

04 In the left navigation pane, choose Memory.

05 Choose Create memory to create a new memory store with CMK encryption.

06 Enter a Memory name for the new memory store (e.g., cc_agentcore_memory).

07 (Optional) Set the Short-term memory (raw event) expiration duration in days.

08 Expand Additional configurations.

09 In the KMS key section, choose Customize encryption settings (advanced).

10 In the Choose an AWS KMS key field, enter the ARN of your Customer-Managed Key, or choose Create an AWS KMS key to create a new CMK.

11 (Optional) Configure Long-term memory extraction strategies as required.

12 Choose Create memory to create the new CMK-encrypted memory store.

13 If replacing an existing unencrypted memory store, update your application to reference the new memory store ID, then delete the old unencrypted memory store.

14 Repeat steps no. 5 – 12 for each memory store that requires CMK encryption.

15 Change the AWS cloud region from the console navigation bar and repeat the Remediation process for other regions.

Using AWS CLI

01 Run create-memory command (OSX/Linux/UNIX) to create a new Amazon Bedrock AgentCore memory store with CMK encryption. Replace the --encryption-key-arn value with the ARN of your Customer-Managed Key: 

aws bedrock-agentcore-control create-memory
	--region us-east-1
	--name cc_agentcore_memory
	--description "AgentCore memory store encrypted with CMK"
	--encryption-key-arn arn:aws:kms:us-east-1:123456789012:key/aBcDeFgH-1234-5678-AbCd-AbCdEfGh1234
	--event-expiry-duration 7

02 The command output should return the new memory store details: 

{
	"memory": {
		"id": "cc_agentcore_memory-uVwXyZ1234",
		"arn": "arn:aws:bedrock-agentcore:us-east-1:123456789012:memory/cc_agentcore_memory-uVwXyZ1234",
		"name": "cc_agentcore_memory",
		"description": "AgentCore memory store encrypted with CMK",
		"encryptionKeyArn": "arn:aws:kms:us-east-1:123456789012:key/aBcDeFgH-1234-5678-AbCd-AbCdEfGh1234",
		"status": "CREATING",
		"createdAt": 1773625315.32
	}
}

03 If replacing an existing unencrypted memory store, update your agents and applications to reference the new memory store ID returned in step 2, then delete the old unencrypted memory store.

04 Repeat steps no. 1 and 2 for each memory store that requires CMK encryption, available in the selected AWS region.

05 Change the AWS cloud region by updating the --region command parameter value and repeat the Remediation process for other regions.

References

Publication date Mar 17, 2026

Related BedrockAgentCore rules