AWS bedrock-agentcore documentation change
Summary
Replaced Python SDK example with AWS CLI command for creating OAuth2 credential provider
Security assessment
The change updates the method for configuring OAuth2 credentials but does not address a specific security vulnerability. While OAuth2 is security-related, this is a procedural update rather than new security documentation.
Diff
diff --git a/bedrock-agentcore/latest/devguide/identity-getting-started-step2.md b/bedrock-agentcore/latest/devguide/identity-getting-started-step2.md index d0c490a9a..a1bba706d 100644 --- a//bedrock-agentcore/latest/devguide/identity-getting-started-step2.md +++ b//bedrock-agentcore/latest/devguide/identity-getting-started-step2.md @@ -9 +9 @@ Amazon Bedrock AgentCore is in preview release and is subject to change. -Create a new OAuth 2.0 Credential Provider with the Google client ID and client secret obtained earlier: +Create a new OAuth 2.0 Credential Provider with the Google client ID and client secret obtained earlier using the following AWS CLI command: @@ -12,9 +12,5 @@ Create a new OAuth 2.0 Credential Provider with the Google client ID and client - from bedrock_agentcore.services.identity import IdentityClient - - identity_client = IdentityClient("us-east-1") - - # Configure Google OAuth2 provider - On-Behalf-Of User - google_provider = identity_client.create_oauth2_credential_provider({ - "name": "google-provider", - "credentialProviderVendor": "GoogleOauth2", - "oauth2ProviderConfigInput": { + aws bedrock-agentcore-control create-oauth2-credential-provider \ + --region us-east-1 \ + --name "google-provider" \ + --credential-provider-vendor "GoogleOauth2" \ + --oauth2-provider-config-input '{ @@ -25,3 +21 @@ Create a new OAuth 2.0 Credential Provider with the Google client ID and client - } - }) - print(google_provider) + }'