GatewayCredentialProvider
- class aws_cdk.aws_bedrock_agentcore_alpha.GatewayCredentialProvider
Bases:
object(experimental) Factory class for creating different Gateway Credential Providers.
- Stability:
experimental
- Stability:
experimental
Static Methods
- classmethod from_api_key_identity(provider, *, credential_location=None)
(experimental) Create an API key outbound auth configuration from a Token Vault {@link IApiKeyCredentialProvider} construct.
Prefer this over {@link GatewayCredentialProvider.fromApiKeyIdentityArn} when the provider is defined in CDK.
- Parameters:
provider (
IApiKeyCredentialProvider)credential_location (
Optional[ApiKeyCredentialLocation]) – (experimental) Where to place the API key on outbound requests. Default: headerAuthorizationwith ``Bearer `` prefix
- Stability:
experimental
- Return type:
- classmethod from_api_key_identity_arn(*, provider_arn, secret_arn, credential_location=None)
(experimental) Create an API key credential provider from Identity ARN Use this method when you have the Identity ARN as a string.
- Parameters:
provider_arn (
str) – (experimental) The API key credential provider ARN. This is returned when creating the API key credential provider via Console or API. Format: arn:aws:bedrock-agentcore:region:account:token-vault/id/apikeycredentialprovider/namesecret_arn (
str) – (experimental) The ARN of the Secrets Manager secret containing the API key. This is returned when creating the API key credential provider via Console or API. Format: arn:aws:secretsmanager:region:account:secret:namecredential_location (
Optional[ApiKeyCredentialLocation]) – (experimental) The location of the API key credential. This field specifies where in the request the API key should be placed. Default: - HEADER
- Return type:
- Returns:
ICredentialProviderConfig configured for API key authentication
- Stability:
experimental
- classmethod from_iam_role()
(experimental) Create an IAM role credential provider.
- Return type:
- Returns:
IIamRoleCredentialProvider configured for IAM role authentication
- Stability:
experimental
- classmethod from_oauth_identity(provider, *, scopes, custom_parameters=None)
(experimental) Create an OAuth outbound auth configuration from a Token Vault {@link IOAuth2CredentialProvider} construct.
Prefer this over {@link GatewayCredentialProvider.fromOauthIdentityArn} when the provider is defined in CDK.
- Parameters:
provider (
IOAuth2CredentialProvider)scopes (
Sequence[str]) – (experimental) OAuth scopes the gateway should request for this target.custom_parameters (
Optional[Mapping[str,str]]) – (experimental) Additional OAuth parameters for the provider. Default: - none
- Stability:
experimental
- Return type:
- classmethod from_oauth_identity_arn(*, provider_arn, scopes, secret_arn, custom_parameters=None)
(experimental) Create an OAuth credential provider from Identity ARN Use this method when you have the Identity ARN as a string.
- Parameters:
provider_arn (
str) – (experimental) The OAuth credential provider ARN. This is returned when creating the OAuth credential provider via Console or API. Format: arn:aws:bedrock-agentcore:region:account:token-vault/id/oauth2credentialprovider/name Required: Yesscopes (
Sequence[str]) – (experimental) The OAuth scopes for the credential provider. These scopes define the level of access requested from the OAuth provider. Array Members: Minimum number of 0 items. Maximum number of 100 items. Length Constraints: Minimum length of 1. Maximum length of 64. Required: Yessecret_arn (
str) – (experimental) The ARN of the Secrets Manager secret containing OAuth credentials (client ID and secret). This is returned when creating the OAuth credential provider via Console or API. Format: arn:aws:secretsmanager:region:account:secret:name Required: Yescustom_parameters (
Optional[Mapping[str,str]]) – (experimental) Custom parameters for the OAuth flow. Default: - No custom parameters
- Return type:
- Returns:
ICredentialProviderConfig configured for OAuth authentication
- Stability:
experimental