AWS Bedrock AgentCore just got a new trick: agents (and anyone IAM-blessed) can now run Code Interpreters. Think arbitrary code execution—with custom or predefined IAM roles.

But here’s the kicker: these interpreters skip resource policies, lean on control plane APIs, and don’t log squat—unless you flip on CloudTrail Data Events yourself.

Big picture: Code Interpreters don’t just run code; they reroute IAM risk from users to agents. That means it’s audit time. Think tighter access patterns. Think new logging strategies. Think again before deploying.