Home icon

Control where your AI agents can browse with Chrome enterprise policies on Amazon Bedrock AgentCore

Machine Learning Blog



This article explains how to control AI agent browser behavior using Chrome enterprise policies and custom root CA certificates in Amazon Bedrock AgentCore.

  • Chrome enterprise policies restrict agent browsing to approved domains and disable risky features
  • Over 450 configurable Chrome settings available including URL filtering and download restrictions
  • Custom root CA certificates enable agents to connect to internal services and corporate proxies
  • Managed policies applied at browser level; recommended policies at session level
  • Policies stored in S3; certificates stored in AWS Secrets Manager
  • Session recording allows replay of policy enforcement in action
  • Works with both AgentCore Browser and Code Interpreter tools
  • Complete walkthrough provided with sample Jupyter notebook and code examples

Organizations can now deploy AI agents with granular security controls, restricting access to approved resources while maintaining connectivity to internal infrastructure through certificate trust configuration.



Go to article

The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.

Related articles

Mar 25
2026
Amazon Bedrock AgentCore adds support for Chrome policies and custom root CA
Jun 1
2026
Secure AI agents with Policy and Lambda interceptors in Amazon Bedrock AgentCore gateway
Mar 12
2026
Secure AI agents with Policy in Amazon Bedrock AgentCore
Feb 13
2026
Customize AI agent browsing with proxies, profiles, and extensions in Amazon Bedrock AgentCore Browser

The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.