Class: AWSCDK::BedrockAgentCore::RuntimeAuthorizerConfiguration
- Inherits:
-
Jsii::Object
- Object
- Jsii::Object
- AWSCDK::BedrockAgentCore::RuntimeAuthorizerConfiguration
- Defined in:
- bedrock_agent_core/runtime_authorizer_configuration.rb
Overview
Abstract base class for runtime authorizer configurations.
Provides static factory methods to create different authentication types.
Class Method Summary collapse
- .jsii_overridable_methods ⇒ Object
-
.using_cognito(user_pool, user_pool_clients, allowed_audience = nil, allowed_scopes = nil, custom_claims = nil) ⇒ AWSCDK::BedrockAgentCore::RuntimeAuthorizerConfiguration
Use AWS Cognito User Pool authentication.
-
.using_iam ⇒ AWSCDK::BedrockAgentCore::RuntimeAuthorizerConfiguration
Use IAM authentication (default).
-
.using_jwt(discovery_url, allowed_clients = nil, allowed_audience = nil, allowed_scopes = nil, custom_claims = nil) ⇒ AWSCDK::BedrockAgentCore::RuntimeAuthorizerConfiguration
Use custom JWT authentication.
-
.using_o_auth(discovery_url, client_id, allowed_audience = nil, allowed_scopes = nil, custom_claims = nil) ⇒ AWSCDK::BedrockAgentCore::RuntimeAuthorizerConfiguration
Use OAuth 2.0 authentication.
Instance Method Summary collapse
-
#initialize ⇒ RuntimeAuthorizerConfiguration
constructor
A new instance of RuntimeAuthorizerConfiguration.
Constructor Details
#initialize ⇒ RuntimeAuthorizerConfiguration
Returns a new instance of RuntimeAuthorizerConfiguration.
10 11 12 |
# File 'bedrock_agent_core/runtime_authorizer_configuration.rb', line 10 def initialize Jsii::Object.instance_method(:initialize).bind(self).call end |
Class Method Details
.jsii_overridable_methods ⇒ Object
14 15 16 17 |
# File 'bedrock_agent_core/runtime_authorizer_configuration.rb', line 14 def self.jsii_overridable_methods { } end |
.using_cognito(user_pool, user_pool_clients, allowed_audience = nil, allowed_scopes = nil, custom_claims = nil) ⇒ AWSCDK::BedrockAgentCore::RuntimeAuthorizerConfiguration
Use AWS Cognito User Pool authentication.
Validates Cognito-issued JWT tokens.
29 30 31 32 33 34 35 36 |
# File 'bedrock_agent_core/runtime_authorizer_configuration.rb', line 29 def self.using_cognito(user_pool, user_pool_clients, allowed_audience = nil, allowed_scopes = nil, custom_claims = nil) Jsii::Type.check_type(user_pool, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfY29nbml0by5JVXNlclBvb2wifQ==")), "userPool") Jsii::Type.check_type(user_pool_clients, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLmF3c19jb2duaXRvLklVc2VyUG9vbENsaWVudCJ9LCJraW5kIjoiYXJyYXkifX0=")), "userPoolClients") Jsii::Type.check_type(allowed_audience, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "allowedAudience") unless allowed_audience.nil? Jsii::Type.check_type(allowed_scopes, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "allowedScopes") unless allowed_scopes.nil? Jsii::Type.check_type(custom_claims, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLmF3c19iZWRyb2NrYWdlbnRjb3JlLlJ1bnRpbWVDdXN0b21DbGFpbSJ9LCJraW5kIjoiYXJyYXkifX0=")), "customClaims") unless custom_claims.nil? Jsii::Kernel.instance.call_static("aws-cdk-lib.aws_bedrockagentcore.RuntimeAuthorizerConfiguration", "usingCognito", [user_pool, user_pool_clients, allowed_audience, allowed_scopes, custom_claims]) end |
.using_iam ⇒ AWSCDK::BedrockAgentCore::RuntimeAuthorizerConfiguration
Use IAM authentication (default).
Requires AWS credentials to sign requests using SigV4.
43 44 45 |
# File 'bedrock_agent_core/runtime_authorizer_configuration.rb', line 43 def self.using_iam() Jsii::Kernel.instance.call_static("aws-cdk-lib.aws_bedrockagentcore.RuntimeAuthorizerConfiguration", "usingIAM", []) end |
.using_jwt(discovery_url, allowed_clients = nil, allowed_audience = nil, allowed_scopes = nil, custom_claims = nil) ⇒ AWSCDK::BedrockAgentCore::RuntimeAuthorizerConfiguration
Use custom JWT authentication.
Validates JWT tokens against the specified OIDC provider.
57 58 59 60 61 62 63 64 |
# File 'bedrock_agent_core/runtime_authorizer_configuration.rb', line 57 def self.using_jwt(discovery_url, allowed_clients = nil, allowed_audience = nil, allowed_scopes = nil, custom_claims = nil) Jsii::Type.check_type(discovery_url, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "discoveryUrl") Jsii::Type.check_type(allowed_clients, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "allowedClients") unless allowed_clients.nil? Jsii::Type.check_type(allowed_audience, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "allowedAudience") unless allowed_audience.nil? Jsii::Type.check_type(allowed_scopes, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "allowedScopes") unless allowed_scopes.nil? Jsii::Type.check_type(custom_claims, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLmF3c19iZWRyb2NrYWdlbnRjb3JlLlJ1bnRpbWVDdXN0b21DbGFpbSJ9LCJraW5kIjoiYXJyYXkifX0=")), "customClaims") unless custom_claims.nil? Jsii::Kernel.instance.call_static("aws-cdk-lib.aws_bedrockagentcore.RuntimeAuthorizerConfiguration", "usingJWT", [discovery_url, allowed_clients, allowed_audience, allowed_scopes, custom_claims]) end |
.using_o_auth(discovery_url, client_id, allowed_audience = nil, allowed_scopes = nil, custom_claims = nil) ⇒ AWSCDK::BedrockAgentCore::RuntimeAuthorizerConfiguration
Use OAuth 2.0 authentication. Supports various OAuth providers.
74 75 76 77 78 79 80 81 |
# File 'bedrock_agent_core/runtime_authorizer_configuration.rb', line 74 def self.using_o_auth(discovery_url, client_id, allowed_audience = nil, allowed_scopes = nil, custom_claims = nil) Jsii::Type.check_type(discovery_url, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "discoveryUrl") Jsii::Type.check_type(client_id, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "clientId") Jsii::Type.check_type(allowed_audience, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "allowedAudience") unless allowed_audience.nil? Jsii::Type.check_type(allowed_scopes, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "allowedScopes") unless allowed_scopes.nil? Jsii::Type.check_type(custom_claims, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLmF3c19iZWRyb2NrYWdlbnRjb3JlLlJ1bnRpbWVDdXN0b21DbGFpbSJ9LCJraW5kIjoiYXJyYXkifX0=")), "customClaims") unless custom_claims.nil? Jsii::Kernel.instance.call_static("aws-cdk-lib.aws_bedrockagentcore.RuntimeAuthorizerConfiguration", "usingOAuth", [discovery_url, client_id, allowed_audience, allowed_scopes, custom_claims]) end |