Class: AWSCDK::BedrockAgentCore::GatewayCredentialProvider

Inherits:
Jsii::Object
  • Object
show all
Defined in:
bedrock_agent_core/gateway_credential_provider.rb

Overview

Factory class for creating different Gateway Credential Providers.

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initializeGatewayCredentialProvider

Returns a new instance of GatewayCredentialProvider.



8
9
10
# File 'bedrock_agent_core/gateway_credential_provider.rb', line 8

def initialize
  Jsii::Object.instance_method(:initialize).bind(self).call
end

Class Method Details

.from_api_key_identity(provider, options = nil) ⇒ AWSCDK::BedrockAgentCore::ICredentialProviderConfig

Create an API key outbound auth configuration from a Token Vault IApiKeyCredentialProvider construct.

Prefer this over GatewayCredentialProvider.fromApiKeyIdentityArn when the provider is defined in CDK.



24
25
26
27
28
29
# File 'bedrock_agent_core/gateway_credential_provider.rb', line 24

def self.from_api_key_identity(provider, options = nil)
  Jsii::Type.check_type(provider, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfYmVkcm9ja2FnZW50Y29yZS5JQXBpS2V5Q3JlZGVudGlhbFByb3ZpZGVyIn0=")), "provider")
  options = options.is_a?(Hash) ? ::AWSCDK::BedrockAgentCore::FromAPIKeyIdentityOptions.new(**options.transform_keys(&:to_sym)) : options
  Jsii::Type.check_type(options, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfYmVkcm9ja2FnZW50Y29yZS5Gcm9tQXBpS2V5SWRlbnRpdHlPcHRpb25zIn0=")), "options") unless options.nil?
  Jsii::Kernel.instance.call_static("aws-cdk-lib.aws_bedrockagentcore.GatewayCredentialProvider", "fromApiKeyIdentity", [provider, options])
end

.from_api_key_identity_arn(props) ⇒ AWSCDK::BedrockAgentCore::ICredentialProviderConfig

Create an API key credential provider from Identity ARN Use this method when you have the Identity ARN as a string.

Parameters:

Returns:



35
36
37
38
39
# File 'bedrock_agent_core/gateway_credential_provider.rb', line 35

def self.from_api_key_identity_arn(props)
  props = props.is_a?(Hash) ? ::AWSCDK::BedrockAgentCore::APIKeyCredentialProviderOptions.new(**props.transform_keys(&:to_sym)) : props
  Jsii::Type.check_type(props, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfYmVkcm9ja2FnZW50Y29yZS5BcGlLZXlDcmVkZW50aWFsUHJvdmlkZXJPcHRpb25zIn0=")), "props")
  Jsii::Kernel.instance.call_static("aws-cdk-lib.aws_bedrockagentcore.GatewayCredentialProvider", "fromApiKeyIdentityArn", [props])
end

.from_iam_role(props = nil) ⇒ AWSCDK::BedrockAgentCore::ICredentialProviderConfig

Create an IAM role credential provider.

The gateway authenticates outbound requests using its own execution role (SigV4). Provide service and optionally region to explicitly choose the SigV4 signing service / region instead of relying on the gateway's inference from the target endpoint. Useful for cross-region calls and for targets where the service can't be inferred from the URL. Explicit service / region is only supported for MCP Server and OpenAPI targets; other target types must use the bare from_iam_role().



52
53
54
55
56
# File 'bedrock_agent_core/gateway_credential_provider.rb', line 52

def self.from_iam_role(props = nil)
  props = props.is_a?(Hash) ? ::AWSCDK::BedrockAgentCore::GatewayIAMRoleCredentialProviderProps.new(**props.transform_keys(&:to_sym)) : props
  Jsii::Type.check_type(props, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfYmVkcm9ja2FnZW50Y29yZS5HYXRld2F5SWFtUm9sZUNyZWRlbnRpYWxQcm92aWRlclByb3BzIn0=")), "props") unless props.nil?
  Jsii::Kernel.instance.call_static("aws-cdk-lib.aws_bedrockagentcore.GatewayCredentialProvider", "fromIamRole", [props])
end

.from_oauth_identity(provider, options) ⇒ AWSCDK::BedrockAgentCore::ICredentialProviderConfig

Create an OAuth outbound auth configuration from a Token Vault IOAuth2CredentialProvider construct.

Prefer this over GatewayCredentialProvider.fromOauthIdentityArn when the provider is defined in CDK.



65
66
67
68
69
70
# File 'bedrock_agent_core/gateway_credential_provider.rb', line 65

def self.from_oauth_identity(provider, options)
  Jsii::Type.check_type(provider, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfYmVkcm9ja2FnZW50Y29yZS5JT0F1dGgyQ3JlZGVudGlhbFByb3ZpZGVyIn0=")), "provider")
  options = options.is_a?(Hash) ? ::AWSCDK::BedrockAgentCore::FromOauthIdentityOptions.new(**options.transform_keys(&:to_sym)) : options
  Jsii::Type.check_type(options, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfYmVkcm9ja2FnZW50Y29yZS5Gcm9tT2F1dGhJZGVudGl0eU9wdGlvbnMifQ==")), "options")
  Jsii::Kernel.instance.call_static("aws-cdk-lib.aws_bedrockagentcore.GatewayCredentialProvider", "fromOauthIdentity", [provider, options])
end

.from_oauth_identity_arn(props) ⇒ AWSCDK::BedrockAgentCore::ICredentialProviderConfig

Create an OAuth credential provider from Identity ARN Use this method when you have the Identity ARN as a string.

Parameters:

Returns:



76
77
78
79
80
# File 'bedrock_agent_core/gateway_credential_provider.rb', line 76

def self.from_oauth_identity_arn(props)
  props = props.is_a?(Hash) ? ::AWSCDK::BedrockAgentCore::OAuthConfiguration.new(**props.transform_keys(&:to_sym)) : props
  Jsii::Type.check_type(props, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfYmVkcm9ja2FnZW50Y29yZS5PQXV0aENvbmZpZ3VyYXRpb24ifQ==")), "props")
  Jsii::Kernel.instance.call_static("aws-cdk-lib.aws_bedrockagentcore.GatewayCredentialProvider", "fromOauthIdentityArn", [props])
end

.jsii_overridable_methodsObject



12
13
14
15
# File 'bedrock_agent_core/gateway_credential_provider.rb', line 12

def self.jsii_overridable_methods
  {
  }
end