deleteMemory

Deletes a specific episodic memory entry by its ID. Use only when a memory is stale or incorrect.

Server Bedrock Agent Core Operations Hub sujithpvarghese/bedrock-agent-core-operations-hub-mcp
Category Destructive
Risk class Critical
Parameters 00 required

What deleteMemory does on Bedrock Agent Core Operations Hub

AI agents call deleteMemory to permanently remove resources in Bedrock Agent Core Operations Hub — typically in cleanup and lifecycle workflows. It does its job in a single call, and there is no undo.

Why deleteMemory needs a policy

This tool irreversibly removes data (memory entries) from the system. While the blast radius is somewhat limited to the memory subsystem rather than core infrastructure or financial systems, a malicious AI agent could delete critical operational memories needed for autonomous decision-making, potentially disrupting the enterprise e-commerce operations and the self-healing infrastructure mechanisms that depend on…

From the tool's definition The tool 'deleteMemory' explicitly performs deletion ('Deletes a specific episodic memory entry by its ID').

Questions about deleteMemory

What does the deleteMemory tool do? +

Deletes a specific episodic memory entry by its ID. Use only when a memory is stale or incorrect. It is categorised as a Destructive tool in the Bedrock Agent Core Operations Hub MCP Server, which means it can permanently delete or destroy data. Block by default and require explicit approval.

How do I enforce a policy on deleteMemory? +

Register the Bedrock Agent Core Operations Hub MCP server in PolicyLayer and add a rule for deleteMemory: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Bedrock Agent Core Operations Hub. Nothing to install.

What risk level is deleteMemory? +

deleteMemory is a Destructive tool with critical risk. Critical-risk tools should be blocked by default and only enabled with explicit human approval.

Can I rate-limit deleteMemory? +

Yes. Add a rate_limit block to the deleteMemory rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block deleteMemory completely? +

Set action: deny in the PolicyLayer policy for deleteMemory. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides deleteMemory? +

deleteMemory is provided by the Bedrock Agent Core Operations Hub MCP server (sujithpvarghese/bedrock-agent-core-operations-hub-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

// LOOK UP ANOTHER SERVER

Every MCP server has a record like this.

Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.

Teams ship this data inside their own products. See what a licence covers →

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.