Module: AWSCDK::BedrockAgentCore::IOAuth2CredentialProvider

Includes:
IAM::IGrantable, IResource, Interfaces::AWSBedrockagentcore::IOAuth2CredentialProviderRef
Included in:
OAuth2CredentialProvider
Defined in:
bedrock_agent_core/io_auth2_credential_provider.rb

Overview

An OAuth2 credential provider registered in AgentCore Token Vault.

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.jsii_overridable_methodsObject



188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 188

def self.jsii_overridable_methods
  {
    :node => { kind: :property, name: "node", is_optional: false },
    :env => { kind: :property, name: "env", is_optional: false },
    :stack => { kind: :property, name: "stack", is_optional: false },
    :grant_principal => { kind: :property, name: "grantPrincipal", is_optional: false },
    :o_auth2_credential_provider_ref => { kind: :property, name: "oAuth2CredentialProviderRef", is_optional: false },
    :credential_provider_arn => { kind: :property, name: "credentialProviderArn", is_optional: false },
    :credential_provider_vendor => { kind: :property, name: "credentialProviderVendor", is_optional: false },
    :callback_url => { kind: :property, name: "callbackUrl", is_optional: true },
    :client_secret_arn => { kind: :property, name: "clientSecretArn", is_optional: true },
    :created_time => { kind: :property, name: "createdTime", is_optional: true },
    :last_updated_time => { kind: :property, name: "lastUpdatedTime", is_optional: true },
    :with => { kind: :method, name: "with", is_optional: false },
    :apply_removal_policy => { kind: :method, name: "applyRemovalPolicy", is_optional: false },
    :bind_for_gateway_o_auth_target => { kind: :method, name: "bindForGatewayOAuthTarget", is_optional: false },
    :grant => { kind: :method, name: "grant", is_optional: false },
    :grant_admin => { kind: :method, name: "grantAdmin", is_optional: false },
    :grant_full_access => { kind: :method, name: "grantFullAccess", is_optional: false },
    :grant_read => { kind: :method, name: "grantRead", is_optional: false },
    :grant_use => { kind: :method, name: "grantUse", is_optional: false },
  }
end

Instance Method Details

#apply_removal_policy(policy) ⇒ void

This method returns an undefined value.

Apply the given removal policy to this resource.

The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.

The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN).

Parameters:



123
124
125
126
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 123

def apply_removal_policy(policy)
  Jsii::Type.check_type(policy, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5SZW1vdmFsUG9saWN5In0=")), "policy")
  jsii_call_method("applyRemovalPolicy", [policy])
end

#bind_for_gateway_o_auth_target(scopes, custom_parameters = nil) ⇒ AWSCDK::BedrockAgentCore::GatewayOAuth2IdentityBinding

ARNs and OAuth scopes for gateway targets (GatewayCredentialProvider.fromOauthIdentity or fromOauthIdentityArn).

Parameters:

  • scopes (Array<String>)
  • custom_parameters (Hash{String => String}, nil) (defaults to: nil)

Returns:



133
134
135
136
137
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 133

def bind_for_gateway_o_auth_target(scopes, custom_parameters = nil)
  Jsii::Type.check_type(scopes, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "scopes")
  Jsii::Type.check_type(custom_parameters, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoibWFwIn19")), "customParameters") unless custom_parameters.nil?
  jsii_call_method("bindForGatewayOAuthTarget", [scopes, custom_parameters])
end

#callback_urlString?

Callback URL for the OAuth2 authorization flow.

Returns:

  • (String, nil)


70
71
72
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 70

def callback_url()
  jsii_get_property("callbackUrl")
end

#client_secret_arnString?

The ARN of the Secrets Manager secret for the OAuth2 client credentials.

May be undefined for resources imported without this attribute.

Returns:

  • (String, nil)


79
80
81
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 79

def client_secret_arn()
  jsii_get_property("clientSecretArn")
end

#created_timeString?

Timestamp when the credential provider was created.

Returns:

  • (String, nil)


86
87
88
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 86

def created_time()
  jsii_get_property("createdTime")
end

#credential_provider_arnString

The ARN of this credential provider.

Returns:

  • (String)


56
57
58
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 56

def credential_provider_arn()
  jsii_get_property("credentialProviderArn")
end

#credential_provider_vendorString

OAuth2 vendor string passed to CloudFormation.

Returns:

  • (String)


63
64
65
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 63

def credential_provider_vendor()
  jsii_get_property("credentialProviderVendor")
end

#envAWSCDK::Interfaces::ResourceEnvironment

The environment this resource belongs to.

For resources that are created and managed in a Stack (those created by creating new class instances like new Role(), new Bucket(), etc.), this is always the same as the environment of the stack they belong to.

For referenced resources (those obtained from referencing methods like Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be different than the stack they were imported into.



28
29
30
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 28

def env()
  jsii_get_property("env")
end

#grant(grantee, *actions) ⇒ AWSCDK::IAM::Grant

Grants IAM actions to the IAM principal.

Parameters:

Returns:



144
145
146
147
148
149
150
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 144

def grant(grantee, *actions)
  Jsii::Type.check_type(grantee, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLklHcmFudGFibGUifQ==")), "grantee")
  actions.each_with_index do |item, index|
    Jsii::Type.check_type(item, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "actions[#{index}]")
  end
  jsii_call_method("grant", [grantee, *actions])
end

#grant_admin(grantee) ⇒ AWSCDK::IAM::Grant

Grant control plane permissions to manage this provider.

Parameters:

Returns:



156
157
158
159
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 156

def grant_admin(grantee)
  Jsii::Type.check_type(grantee, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLklHcmFudGFibGUifQ==")), "grantee")
  jsii_call_method("grantAdmin", [grantee])
end

#grant_full_access(grantee) ⇒ AWSCDK::IAM::Grant

Grant read, admin, and token retrieval permissions.

Parameters:

Returns:



165
166
167
168
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 165

def grant_full_access(grantee)
  Jsii::Type.check_type(grantee, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLklHcmFudGFibGUifQ==")), "grantee")
  jsii_call_method("grantFullAccess", [grantee])
end

#grant_principalAWSCDK::IAM::IPrincipal

The principal to grant permissions to.



42
43
44
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 42

def grant_principal()
  jsii_get_property("grantPrincipal")
end

#grant_read(grantee) ⇒ AWSCDK::IAM::Grant

Grant GetOauth2CredentialProvider and ListOauth2CredentialProviders, scoped to this provider and parent resources required by the Bedrock AgentCore authorization model.

Parameters:

Returns:



174
175
176
177
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 174

def grant_read(grantee)
  Jsii::Type.check_type(grantee, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLklHcmFudGFibGUifQ==")), "grantee")
  jsii_call_method("grantRead", [grantee])
end

#grant_use(grantee) ⇒ AWSCDK::IAM::Grant

Grant permission to retrieve OAuth tokens (GetResourceOauth2Token, CompleteResourceTokenAuth).

Parameters:

Returns:



183
184
185
186
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 183

def grant_use(grantee)
  Jsii::Type.check_type(grantee, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLklHcmFudGFibGUifQ==")), "grantee")
  jsii_call_method("grantUse", [grantee])
end

#last_updated_timeString?

Timestamp when the credential provider was last updated.

Returns:

  • (String, nil)


93
94
95
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 93

def last_updated_time()
  jsii_get_property("lastUpdatedTime")
end

#nodeConstructs::Node

The tree node.

Returns:

  • (Constructs::Node)


13
14
15
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 13

def node()
  jsii_get_property("node")
end

#o_auth2_credential_provider_refAWSCDK::Interfaces::AWSBedrockagentcore::OAuth2CredentialProviderReference

A reference to a OAuth2CredentialProvider resource.



49
50
51
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 49

def o_auth2_credential_provider_ref()
  jsii_get_property("oAuth2CredentialProviderRef")
end

#stackAWSCDK::Stack

The stack in which this resource is defined.

Returns:



35
36
37
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 35

def stack()
  jsii_get_property("stack")
end

#with(*mixins) ⇒ Constructs::IConstruct

Applies one or more mixins to this construct.

Mixins are applied in order. The list of constructs is captured at the start of the call, so constructs added by a mixin will not be visited.

Parameters:

  • mixins (Array<Constructs::IMixin>)

    The mixins to apply.

Returns:

  • (Constructs::IConstruct)

    This construct for chaining



104
105
106
107
108
109
# File 'bedrock_agent_core/io_auth2_credential_provider.rb', line 104

def with(*mixins)
  mixins.each_with_index do |item, index|
    Jsii::Type.check_type(item, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJjb25zdHJ1Y3RzLklNaXhpbiJ9")), "mixins[#{index}]")
  end
  jsii_call_method("with", [*mixins])
end