Module: AWSCDK::BedrockAgentCore::IAPIKeyCredentialProvider
- Includes:
- IAM::IGrantable, IResource, Interfaces::AWSBedrockagentcore::IAPIKeyCredentialProviderRef
- Included in:
- APIKeyCredentialProvider
- Defined in:
- bedrock_agent_core/iapi_key_credential_provider.rb
Overview
An API key credential provider registered in AgentCore Token Vault.
Class Method Summary collapse
Instance Method Summary collapse
-
#api_key_credential_provider_ref ⇒ AWSCDK::Interfaces::AWSBedrockagentcore::APIKeyCredentialProviderReference
A reference to a ApiKeyCredentialProvider resource.
-
#api_key_secret_arn ⇒ String?
The ARN of the Secrets Manager secret that stores the API key after the resource is created.
-
#apply_removal_policy(policy) ⇒ void
Apply the given removal policy to this resource.
-
#bind_for_gateway_api_key_target ⇒ AWSCDK::BedrockAgentCore::GatewayAPIKeyIdentityBinding
ARNs for use with gateway targets (
GatewayCredentialProvider.fromApiKeyIdentityorfromApiKeyIdentityArn). -
#created_time ⇒ String?
Timestamp when the credential provider was created.
-
#credential_provider_arn ⇒ String
The ARN of this credential provider.
-
#env ⇒ AWSCDK::Interfaces::ResourceEnvironment
The environment this resource belongs to.
-
#grant(grantee, *actions) ⇒ AWSCDK::IAM::Grant
Grants IAM actions to the IAM principal.
-
#grant_admin(grantee) ⇒ AWSCDK::IAM::Grant
Grant control plane permissions to manage this provider.
-
#grant_full_access(grantee) ⇒ AWSCDK::IAM::Grant
Grant read, admin, and credential retrieval permissions.
-
#grant_principal ⇒ AWSCDK::IAM::IPrincipal
The principal to grant permissions to.
-
#grant_read(grantee) ⇒ AWSCDK::IAM::Grant
Grant
GetApiKeyCredentialProviderandListApiKeyCredentialProviders, scoped to this provider and parent resources required by the Bedrock AgentCore authorization model. -
#grant_use(grantee) ⇒ AWSCDK::IAM::Grant
Grant permission to retrieve API key material for outbound calls (
GetResourceApiKey). -
#last_updated_time ⇒ String?
Timestamp when the credential provider was last updated.
-
#node ⇒ Constructs::Node
The tree node.
-
#stack ⇒ AWSCDK::Stack
The stack in which this resource is defined.
-
#with(*mixins) ⇒ Constructs::IConstruct
Applies one or more mixins to this construct.
Class Method Details
.jsii_overridable_methods ⇒ Object
170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 |
# File 'bedrock_agent_core/iapi_key_credential_provider.rb', line 170 def self.jsii_overridable_methods { :node => { kind: :property, name: "node", is_optional: false }, :env => { kind: :property, name: "env", is_optional: false }, :stack => { kind: :property, name: "stack", is_optional: false }, :grant_principal => { kind: :property, name: "grantPrincipal", is_optional: false }, :api_key_credential_provider_ref => { kind: :property, name: "apiKeyCredentialProviderRef", is_optional: false }, :credential_provider_arn => { kind: :property, name: "credentialProviderArn", is_optional: false }, :api_key_secret_arn => { kind: :property, name: "apiKeySecretArn", is_optional: true }, :created_time => { kind: :property, name: "createdTime", is_optional: true }, :last_updated_time => { kind: :property, name: "lastUpdatedTime", is_optional: true }, :with => { kind: :method, name: "with", is_optional: false }, :apply_removal_policy => { kind: :method, name: "applyRemovalPolicy", is_optional: false }, :bind_for_gateway_api_key_target => { kind: :method, name: "bindForGatewayApiKeyTarget", is_optional: false }, :grant => { kind: :method, name: "grant", is_optional: false }, :grant_admin => { kind: :method, name: "grantAdmin", is_optional: false }, :grant_full_access => { kind: :method, name: "grantFullAccess", is_optional: false }, :grant_read => { kind: :method, name: "grantRead", is_optional: false }, :grant_use => { kind: :method, name: "grantUse", is_optional: false }, } end |
Instance Method Details
#api_key_credential_provider_ref ⇒ AWSCDK::Interfaces::AWSBedrockagentcore::APIKeyCredentialProviderReference
A reference to a ApiKeyCredentialProvider resource.
49 50 51 |
# File 'bedrock_agent_core/iapi_key_credential_provider.rb', line 49 def api_key_credential_provider_ref() jsii_get_property("apiKeyCredentialProviderRef") end |
#api_key_secret_arn ⇒ String?
The ARN of the Secrets Manager secret that stores the API key after the resource is created.
May be undefined for resources imported without this attribute.
65 66 67 |
# File 'bedrock_agent_core/iapi_key_credential_provider.rb', line 65 def api_key_secret_arn() jsii_get_property("apiKeySecretArn") end |
#apply_removal_policy(policy) ⇒ void
This method returns an undefined value.
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
109 110 111 112 |
# File 'bedrock_agent_core/iapi_key_credential_provider.rb', line 109 def apply_removal_policy(policy) Jsii::Type.check_type(policy, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5SZW1vdmFsUG9saWN5In0=")), "policy") jsii_call_method("applyRemovalPolicy", [policy]) end |
#bind_for_gateway_api_key_target ⇒ AWSCDK::BedrockAgentCore::GatewayAPIKeyIdentityBinding
ARNs for use with gateway targets (GatewayCredentialProvider.fromApiKeyIdentity or fromApiKeyIdentityArn).
117 118 119 |
# File 'bedrock_agent_core/iapi_key_credential_provider.rb', line 117 def bind_for_gateway_api_key_target() jsii_call_method("bindForGatewayApiKeyTarget", []) end |
#created_time ⇒ String?
Timestamp when the credential provider was created.
72 73 74 |
# File 'bedrock_agent_core/iapi_key_credential_provider.rb', line 72 def created_time() jsii_get_property("createdTime") end |
#credential_provider_arn ⇒ String
The ARN of this credential provider.
56 57 58 |
# File 'bedrock_agent_core/iapi_key_credential_provider.rb', line 56 def credential_provider_arn() jsii_get_property("credentialProviderArn") end |
#env ⇒ AWSCDK::Interfaces::ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
28 29 30 |
# File 'bedrock_agent_core/iapi_key_credential_provider.rb', line 28 def env() jsii_get_property("env") end |
#grant(grantee, *actions) ⇒ AWSCDK::IAM::Grant
Grants IAM actions to the IAM principal.
126 127 128 129 130 131 132 |
# File 'bedrock_agent_core/iapi_key_credential_provider.rb', line 126 def grant(grantee, *actions) Jsii::Type.check_type(grantee, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLklHcmFudGFibGUifQ==")), "grantee") actions.each_with_index do |item, index| Jsii::Type.check_type(item, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "actions[#{index}]") end jsii_call_method("grant", [grantee, *actions]) end |
#grant_admin(grantee) ⇒ AWSCDK::IAM::Grant
Grant control plane permissions to manage this provider.
138 139 140 141 |
# File 'bedrock_agent_core/iapi_key_credential_provider.rb', line 138 def grant_admin(grantee) Jsii::Type.check_type(grantee, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLklHcmFudGFibGUifQ==")), "grantee") jsii_call_method("grantAdmin", [grantee]) end |
#grant_full_access(grantee) ⇒ AWSCDK::IAM::Grant
Grant read, admin, and credential retrieval permissions.
147 148 149 150 |
# File 'bedrock_agent_core/iapi_key_credential_provider.rb', line 147 def grant_full_access(grantee) Jsii::Type.check_type(grantee, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLklHcmFudGFibGUifQ==")), "grantee") jsii_call_method("grantFullAccess", [grantee]) end |
#grant_principal ⇒ AWSCDK::IAM::IPrincipal
The principal to grant permissions to.
42 43 44 |
# File 'bedrock_agent_core/iapi_key_credential_provider.rb', line 42 def grant_principal() jsii_get_property("grantPrincipal") end |
#grant_read(grantee) ⇒ AWSCDK::IAM::Grant
Grant GetApiKeyCredentialProvider and ListApiKeyCredentialProviders, scoped to this provider and parent resources required by the Bedrock AgentCore authorization model.
156 157 158 159 |
# File 'bedrock_agent_core/iapi_key_credential_provider.rb', line 156 def grant_read(grantee) Jsii::Type.check_type(grantee, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLklHcmFudGFibGUifQ==")), "grantee") jsii_call_method("grantRead", [grantee]) end |
#grant_use(grantee) ⇒ AWSCDK::IAM::Grant
Grant permission to retrieve API key material for outbound calls (GetResourceApiKey).
165 166 167 168 |
# File 'bedrock_agent_core/iapi_key_credential_provider.rb', line 165 def grant_use(grantee) Jsii::Type.check_type(grantee, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLklHcmFudGFibGUifQ==")), "grantee") jsii_call_method("grantUse", [grantee]) end |
#last_updated_time ⇒ String?
Timestamp when the credential provider was last updated.
79 80 81 |
# File 'bedrock_agent_core/iapi_key_credential_provider.rb', line 79 def last_updated_time() jsii_get_property("lastUpdatedTime") end |
#node ⇒ Constructs::Node
The tree node.
13 14 15 |
# File 'bedrock_agent_core/iapi_key_credential_provider.rb', line 13 def node() jsii_get_property("node") end |
#stack ⇒ AWSCDK::Stack
The stack in which this resource is defined.
35 36 37 |
# File 'bedrock_agent_core/iapi_key_credential_provider.rb', line 35 def stack() jsii_get_property("stack") end |
#with(*mixins) ⇒ Constructs::IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the start of the call, so constructs added by a mixin will not be visited.
90 91 92 93 94 95 |
# File 'bedrock_agent_core/iapi_key_credential_provider.rb', line 90 def with(*mixins) mixins.each_with_index do |item, index| Jsii::Type.check_type(item, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJjb25zdHJ1Y3RzLklNaXhpbiJ9")), "mixins[#{index}]") end jsii_call_method("with", [*mixins]) end |