Package-level declarations
Types
The Agent-to-Agent (A2A) protocol descriptor for a registry record. Contains the agent card definition as defined by the A2A protocol specification.
This exception is thrown when a request is denied per access permissions
The agent card definition for an A2A descriptor. Contains the schema version and inline content for the agent card.
Contains information about an agent runtime. An agent runtime is the execution environment for a Amazon Bedrock AgentCore Agent.
The artifact of the agent.
Contains information about an agent runtime endpoint. An endpoint provides a way to connect to and interact with an agent runtime.
The agent skills descriptor for a registry record. Contains an optional skill markdown definition in human-readable format and an optional structured skill definition.
The configuration for an Amazon API Gateway target.
The configuration for defining REST API tool filters and overrides for the gateway target.
Specifies which operations from an API Gateway REST API are exposed as tools. Tool names and descriptions are derived from the operationId and description fields in the API's exported OpenAPI specification.
Settings to override configurations for a tool.
Contains information about an API key credential provider.
Configuration for API schema.
Configuration for the registry record approval workflow. Controls whether records added to the registry require explicit approval before becoming active.
Configuration settings for connecting to Atlassian services using OAuth2 authentication. This includes the client credentials required to authenticate with Atlassian's OAuth2 authorization server.
The configuration details returned for an Atlassian OAuth2 provider, including the client ID and OAuth2 discovery information.
Contains the authorization data that is returned when a gateway target is configured with a credential provider with authorization code grant type and requires user federation.
Represents inbound authorization configuration options used to authenticate incoming requests.
Defines the value or values to match for and the relationship of the match.
Base class for all service related exceptions thrown by the BedrockAgentCoreControl client
The configuration for using Amazon Bedrock models in evaluator assessments, including model selection and inference parameters.
Browser enterprise policy configuration.
The network configuration for a browser. This structure defines how the browser connects to the network.
The status of a browser profile.
Contains summary information about a browser profile. A browser profile stores persistent browser data that can be reused across browser sessions.
Configuration for enabling browser signing capabilities that allow agents to cryptographically identify themselves to websites using HTTP message signatures.
The current browser signing configuration that shows whether cryptographic agent identification is enabled for web bot authentication.
Contains summary information about a browser. A browser enables Amazon Bedrock AgentCore Agent to interact with web content.
The definition of a categorical rating scale option that provides a named category with its description for evaluation scoring.
Represents a Cedar policy statement within the AgentCore Policy system. Cedar is a policy language designed for authorization that provides human-readable, analyzable, and high-performance policy evaluation for controlling agent behavior and access decisions.
A certificate to install in the browser or code interpreter.
The location from which to retrieve a certificate.
The value or values to match for.
The configuration for reading agent traces from CloudWatch logs as input for online evaluation.
The configuration for writing evaluation results to CloudWatch logs with embedded metric format (EMF) for monitoring.
Configuration for a code-based evaluator. Specify the Lambda function to use for evaluation.
The configuration for the source code that defines how the agent runtime code should be executed, including the code location, runtime environment, and entry point.
The network configuration for a code interpreter. This structure defines how the code interpreter connects to the network.
Contains summary information about a code interpreter. A code interpreter enables Amazon Bedrock AgentCore Agent to execute code.
Exception thrown when a resource is modified concurrently by multiple requests.
This exception is thrown when there is a conflict performing an operation
Contains consolidation configuration information for a memory strategy.
Representation of a container configuration.
Defines what content to stream and at what level of detail.
A credential provider for gateway authentication. This structure contains the configuration for authenticating with the target endpoint.
The configuration for a credential provider. This structure defines how the gateway authenticates with the target endpoint.
Defines the name of a custom claim field and rules for finding matches to authenticate its value.
Input for custom configuration of a memory strategy.
Contains custom consolidation configuration information.
Input for a custom consolidation configuration.
A custom descriptor for a registry record. Use this for resources such as APIs, Lambda functions, or servers that do not conform to a standard protocol like MCP or A2A.
Contains custom extraction configuration information.
Input for a custom extraction configuration.
Configuration for inbound JWT-based authorization, specifying how incoming requests should be authenticated.
Input for creating a custom memory strategy.
Input configuration for a custom OAuth2 provider.
Output configuration for a custom OAuth2 provider.
Contains configurations for a custom reflection strategy.
Input for a custom reflection configuration.
The configuration that specifies where to read agent traces for online evaluation.
Exception thrown when decryption of a secret fails.
Input for deleting a memory strategy.
Contains descriptor-type-specific configurations for a registry record. Only the descriptor matching the record's descriptorType should be populated.
Exception thrown when encryption of a secret fails.
Contains configurations to override the default consolidation step for the episodic memory strategy.
Contains configurations to override the default extraction step for the episodic memory strategy.
Input for creating an episodic memory strategy.
Input for the configuration to override the episodic memory strategy.
Configurations for overriding the consolidation step of the episodic memory strategy.
Configurations for overriding the extraction step of the episodic memory strategy.
Configurations for overriding the reflection step of the episodic memory strategy.
The configuration for the reflections created with the episodic memory strategy.
An episodic reflection configuration input.
Contains configurations to override the default reflection step for the episodic memory strategy.
The configuration that defines how an evaluator assesses agent performance, including the evaluation method and parameters.
The model configuration that specifies which foundation model to use for evaluation and how to configure it.
The reference to an evaluator used in online evaluation configurations, containing the evaluator identifier.
The summary information about an evaluator, including basic metadata and status information.
Contains extraction configuration information for a memory strategy.
Configuration for a filesystem that can be mounted into the AgentCore Runtime.
The value used in filter comparisons, supporting different data types for flexible filtering criteria.
Represents a finding or issue discovered during policy generation or validation. Findings provide insights about potential problems, recommendations, or validation results from policy analysis operations. Finding types include: VALID (policy is ready to use), INVALID (policy has validation errors that must be fixed), NOT_TRANSLATABLE (input couldn't be converted to policy), ALLOW_ALL (policy would allow all actions, potential security risk), ALLOW_NONE (policy would allow no actions, unusable), DENY_ALL (policy would deny all actions, may be too restrictive), and DENY_NONE (policy would deny no actions, ineffective). Review all findings before creating policies from generated assets to ensure they match your security requirements.
Configuration for synchronizing from a URL-based MCP server.
An API key credential provider for gateway authentication. This structure contains the configuration for authenticating with the target endpoint using an API key.
The configuration for an interceptor on a gateway. This structure defines settings for an interceptor that will be invoked during the invocation of the gateway.
The configuration for a policy engine associated with a gateway. A policy engine is a collection of policies that evaluates and authorizes agent tool calls. When associated with a gateway, the policy engine intercepts all agent requests and determines whether to allow or deny each action based on the defined policies.
The configuration for a gateway protocol. This structure defines how the gateway communicates with external services.
Contains summary information about a gateway.
The gateway target.
Input configuration for a GitHub OAuth2 provider.
Output configuration for a GitHub OAuth2 provider.
Input configuration for a Google OAuth2 provider.
Output configuration for a Google OAuth2 provider.
Configuration for AgentCore Browser.
Configuration for AgentCore Code Interpreter.
Configuration for AgentCore Gateway.
Configuration for AgentCore Memory integration.
Configuration for memory retrieval within a namespace.
The AgentCore Runtime environment for a harness.
The AgentCore Runtime environment request configuration.
Configuration for an Amazon Bedrock model provider.
The environment artifact for a harness, such as a container image containing custom dependencies.
The environment provider for a harness.
The environment provider request configuration.
Authentication method for calling a Gateway.
Configuration for a Google Gemini model provider. Requires an API key stored in AgentCore Identity.
Configuration for an inline function tool. When the agent calls this tool, the tool call is returned to the caller for external execution.
The memory configuration for a harness.
Specification of which model to use.
Configuration for an OpenAI model provider. Requires an API key stored in AgentCore Identity.
Configuration for connecting to a remote MCP server.
A skill available to the agent.
Configuration for sliding window truncation strategy.
Configuration for summarization-based truncation strategy.
Summary information about a harness.
A content block in the system prompt.
A tool available to the agent loop.
Configuration union for different tool types.
Configuration for truncating conversation context when it exceeds model limits.
Strategy-specific truncation configuration.
An IAM credential provider for gateway authentication. This structure contains the configuration for authenticating with the target endpoint using IAM credentials and SigV4 signing.
Configuration settings for connecting to a supported OAuth2 provider. This includes client credentials and OAuth2 discovery information for providers that have built-in support.
The configuration details returned for a supported OAuth2 provider, including client credentials and OAuth2 discovery information.
The configuration parameters that control how the foundation model behaves during evaluation, including response generation settings.
The interceptor configuration.
The input configuration of the interceptor.
This exception is thrown if there was an unexpected error during processing of request
The configuration to invoke a self-managed memory processing pipeline with.
The configuration to invoke a self-managed memory processing pipeline with.
Configuration for Kinesis Data Stream delivery.
Contains the KMS configuration for a resource.
Configuration for a Lambda function used as a code-based evaluator.
The lambda configuration for the interceptor
LifecycleConfiguration lets you manage the lifecycle of runtime sessions and resources in AgentCore Runtime. This configuration helps optimize resource utilization by automatically cleaning up idle sessions and preventing long-running instances from consuming resources indefinitely.
Configuration settings for connecting to LinkedIn services using OAuth2 authentication. This includes the client credentials required to authenticate with LinkedIn's OAuth2 authorization server.
The configuration details returned for a LinkedIn OAuth2 provider, including the client ID and OAuth2 discovery information.
The configuration for LLM-as-a-Judge evaluation that uses a language model to assess agent performance based on custom instructions and rating scales.
Configuration for a managed VPC Lattice resource. The gateway creates and manages the VPC Lattice resource gateway and resource configuration on your behalf using a service-linked role.
Details of a resource created and managed by the gateway for private endpoint connectivity.
The Model Context Protocol (MCP) descriptor for a registry record. Contains the server definition and tools definition for an MCP-compatible server. The schema is validated against the MCP protocol specification.
The configuration for a Model Context Protocol (MCP) gateway. This structure defines how the gateway implements the MCP protocol.
The Lambda configuration for a Model Context Protocol target. This structure defines how the gateway uses a Lambda function to communicate with the target.
The target configuration for the MCP server.
The Model Context Protocol (MCP) configuration for a target. This structure defines how the gateway uses MCP to communicate with the target.
The MCP tool schema configuration for an MCP server target. The tool schema must be aligned with the MCP specification.
Contains information about a memory strategy.
Contains input information for creating a memory strategy.
Contains summary information about a memory resource.
The trigger configuration based on a message.
The trigger configuration based on a message.
Configuration for HTTP header and query parameter propagation between the gateway and target servers.
Input configuration for a Microsoft OAuth2 provider.
Output configuration for a Microsoft OAuth2 provider.
Contains information for modifying a consolidation configuration.
Contains information for modifying an extraction configuration.
The configuration for updating invocation settings.
Contains information for modifying memory strategies.
Input for modifying a memory strategy.
Contains information for modifying a reflection configuration.
The configuration for updating the self-managed memory strategy.
Contains information for modifying a strategy configuration.
SecurityConfig for the Agent.
The definition of a numerical rating scale option that provides a numeric value with its description for evaluation scoring.
OAuth2-specific authorization data, including the authorization URL and user identifier for the authorization session.
Contains the authorization server metadata for an OAuth2 provider.
Contains information about an OAuth2 credential provider.
Contains the discovery information for an OAuth2 provider.
Contains the input configuration for an OAuth2 provider.
Contains the output configuration for an OAuth2 provider.
An OAuth credential provider for gateway authentication. This structure contains the configuration for authenticating with the target endpoint using OAuth.
The summary information about an online evaluation configuration, including basic metadata and execution status.
The configuration that specifies where evaluation results should be written for monitoring and analysis.
Represents a complete policy resource within the AgentCore Policy system. Policies are ARN-able resources that contain Cedar policy statements and associated metadata for controlling agent behavior and access decisions. Each policy belongs to a policy engine and defines fine-grained authorization rules that are evaluated in real-time as agents interact with tools through Gateway. Policies use the Cedar policy language to specify who (principals based on OAuth claims like username, role, or scope) can perform what actions (tool calls) on which resources (Gateways), with optional conditions for attribute-based access control. Multiple policies can apply to a single request, with Cedar's forbid-wins semantics ensuring that security restrictions are never accidentally overridden.
Represents the definition structure for policies within the AgentCore Policy system. This structure encapsulates different policy formats and languages that can be used to define access control rules.
Represents a policy engine resource within the AgentCore Policy system. Policy engines serve as containers for grouping related policies and provide the execution context for policy evaluation and management. Each policy engine can be associated with one Gateway (one engine per Gateway), where it intercepts all agent tool calls and evaluates them against the contained policies before allowing tools to execute. The policy engine maintains the Cedar schema generated from the Gateway's tool manifest, ensuring that policies are validated against the actual tools and parameters available. Policy engines support two enforcement modes that can be configured when associating with a Gateway: log-only mode for testing (evaluates decisions without blocking) and enforce mode for production (actively allows or denies based on policy evaluation).
Represents a policy generation request within the AgentCore Policy system. Tracks the AI-powered conversion of natural language descriptions into Cedar policy statements, enabling users to author policies by describing authorization requirements in plain English. The generation process analyzes the natural language input along with the Gateway's tool context and Cedar schema to produce one or more validated policy options. Each generation request tracks the status of the conversion process and maintains findings about the generated policies, including validation results and potential issues. Generated policy assets remain available for one week after successful generation, allowing time to review and create policies from the generated options.
Represents a generated policy asset from the AI-powered policy generation process within the AgentCore Policy system. Each asset contains a Cedar policy statement generated from natural language input, along with associated metadata and analysis findings to help users evaluate and select the most appropriate policy option.
Represents the information identifying a generated policy asset from the AI-powered policy generation process within the AgentCore Policy system. Each asset contains a Cedar policy statement generated from natural language input, along with associated metadata and analysis findings to help users evaluate and select the most appropriate policy option.
The private endpoint configuration for a gateway target. Defines how the gateway connects to private resources in your VPC.
The protocol configuration for an agent runtime. This structure defines how the agent runtime communicates with clients.
The rating scale that defines how evaluators should score agent performance, supporting both numerical and categorical scales.
The recording configuration for a browser. This structure defines how browser sessions are recorded.
Contains reflection configuration information for a memory strategy.
A pairing of a credential provider type with its corresponding provider details for authenticating with external sources.
Union of supported credential provider types for registry record synchronization.
IAM credential provider configuration for authenticating with an external source using SigV4 signing during synchronization.
OAuth credential provider configuration for authenticating with an external source during synchronization.
Contains summary information about a registry record.
Contains summary information about a registry.
Configuration for HTTP request headers that will be passed through to the runtime.
Exception thrown when a resource limit is exceeded.
The location of a resource.
This exception is thrown when a resource referenced by the operation does not exist
Configuration for microVM metadata service settings.
The Amazon S3 configuration for a gateway. This structure defines how the gateway accesses files in Amazon S3.
The Amazon S3 location for storing data. This structure defines where in Amazon S3 data is stored.
Input configuration for a Salesforce OAuth2 provider.
Output configuration for a Salesforce OAuth2 provider.
The configuration that controls what percentage of agent traces are sampled for evaluation to manage evaluation volume and costs.
A schema definition for a gateway target. This structure defines the structure of the API that the target exposes.
The Amazon Web Services Secrets Manager location configuration.
A configuration for a self-managed memory strategy.
Input configuration for a self-managed memory strategy.
Configuration for a self-managed VPC Lattice resource. You create and manage the VPC Lattice resource gateway and resource configuration, then provide the resource configuration identifier.
Contains semantic consolidation override configuration.
Contains semantic extraction override configuration.
Input for creating a semantic memory strategy.
Input for semantic override configuration in a memory strategy.
Input for semantic override consolidation configuration in a memory strategy.
Input for semantic override extraction configuration in a memory strategy.
The server definition for an MCP descriptor. Contains the schema version and inline content for the MCP server configuration.
An internal error occurred.
This exception is thrown when a request is made beyond the service quota
The configuration that defines how agent sessions are detected and when they are considered complete for evaluation.
Configuration for a session storage filesystem mounted into the AgentCore Runtime. Session storage provides persistent storage that is preserved across AgentCore Runtime session invocations.
The structured skill definition with schema version and content.
The skill markdown definition for an agent skills descriptor.
Input configuration for a Slack OAuth2 provider.
Output configuration for a Slack OAuth2 provider.
Contains configuration information for a memory strategy.
Supported stream delivery resource types.
Configuration for streaming memory record data to external resources.
Contains summary consolidation override configuration.
Input for creating a summary memory strategy.
Input for summary override configuration in a memory strategy.
Input for summary override consolidation configuration in a memory strategy.
Configuration for synchronizing registry record metadata from an external source.
The configuration for a gateway target. This structure defines how the gateway connects to and interacts with the target endpoint.
Contains summary information about a gateway target. A target represents an endpoint that the gateway can connect to.
API rate limit has been exceeded.
This exception is thrown when the number of requests exceeds the limit
Trigger configuration based on time.
Trigger configuration based on time.
Trigger configuration based on tokens.
Trigger configuration based on tokens.
A tool definition for a gateway target. This structure defines a tool that the target exposes through the Model Context Protocol.
A tool schema for a gateway target. This structure defines the schema for a tool that the target exposes through the Model Context Protocol.
The tools definition for an MCP descriptor. Contains the protocol version and inline content describing the available tools.
Condition that triggers memory processing.
Condition that triggers memory processing.
This exception is thrown when the JWT bearer token is invalid or not found for OAuth bearer token based access
Wrapper for updating an A2A descriptor with PATCH semantics. When present, the A2A descriptor is replaced with the provided value. When absent, the A2A descriptor is left unchanged. To unset, include the wrapper with the value set to null.
Wrapper for updating an agent skills descriptor with PATCH semantics. When present with a value, individual fields can be updated independently. When present with a null value, the entire agent skills descriptor is unset. When absent, the agent skills descriptor is left unchanged.
Individual agent skills descriptor fields that can be updated independently.
Wrapper for updating an optional approval configuration field with PATCH semantics. When present in an update request, the approval configuration is replaced with the provided value. When absent, the approval configuration is left unchanged.
Wrapper for updating an optional AuthorizerConfiguration field with PATCH semantics. When present in an update request, the authorizer configuration is replaced with optionalValue. When absent, the authorizer configuration is left unchanged. To unset, include the wrapper with optionalValue not specified.
Wrapper for updating a custom descriptor with PATCH semantics. When present, the custom descriptor is replaced with the provided value. When absent, the custom descriptor is left unchanged. To unset, include the wrapper with the value set to null.
Wrapper for updating an optional Description field with PATCH semantics. When present in an update request, the description is replaced with optionalValue. When absent, the description is left unchanged. To unset the description, include the wrapper with optionalValue not specified.
Wrapper for updating an optional descriptors field with PATCH semantics. When present with a value, individual descriptors can be updated. When present with a null value, all descriptors are unset. When absent, descriptors are left unchanged.
Contains per-descriptor-type wrappers for updating descriptors. Each descriptor type can be updated independently.
Wrapper for updating the environment artifact configuration.
Wrapper for updating the memory configuration.
Wrapper for updating an MCP descriptor with PATCH semantics. When present with a value, individual MCP fields can be updated independently. When present with a null value, the entire MCP descriptor is unset. When absent, the MCP descriptor is left unchanged.
Individual MCP descriptor fields that can be updated independently.
Wrapper for updating a server definition with PATCH semantics. When present, the server definition is replaced with the provided value. When absent, the server definition is left unchanged. To unset, include the wrapper with the value set to null.
Wrapper for updating a skill definition with PATCH semantics.
Wrapper for updating a skill markdown definition with PATCH semantics.
Wrapper for updating the synchronization configuration with PATCH semantics. Must be matched with UpdatedSynchronizationType.
Wrapper for updating the synchronization type with PATCH semantics. Must be matched with UpdatedSynchronizationConfiguration.
Wrapper for updating a tools definition with PATCH semantics. When present, the tools definition is replaced with the provided value. When absent, the tools definition is left unchanged. To unset, include the wrapper with the value set to null.
Contains user preference consolidation override configuration.
Contains user preference extraction override configuration.
Input for creating a user preference memory strategy.
Input for user preference override configuration in a memory strategy.
Input for user preference override consolidation configuration in a memory strategy.
Input for user preference override extraction configuration in a memory strategy.
The input fails to satisfy the constraints specified by the service.
Stores information about a field passed inside a request that resulted in an exception.
The information about the workload identity.
Contains information about a workload identity.