AWS bedrock-agentcore documentation change
Summary
Updated documentation to replace references to 'AgentCore starter toolkit' with 'AgentCore CLI' and added detailed CLI commands for setting up OAuth and API key credentials.
Security assessment
The changes are tooling updates and documentation improvements for existing authentication methods. There is no mention of any security vulnerability or incident being addressed.
Diff
diff --git a/bedrock-agentcore/latest/devguide/gateway-outbound-auth.md b/bedrock-agentcore/latest/devguide/gateway-outbound-auth.md index c5855983a..5df35cdf1 100644 --- a//bedrock-agentcore/latest/devguide/gateway-outbound-auth.md +++ b//bedrock-agentcore/latest/devguide/gateway-outbound-auth.md @@ -46 +46 @@ Before adding a target to your gateway, you must set up authorization for it thr -You can skip this prerequisite if you plan to use the AWS Management Console or AgentCore starter toolkit to create your gateway. If you use either of these tools, you can let AgentCore automatically create a service role for you with the necessary permissions to access the target. Each time you add a target, the necessary permissions will be automatically attached to your service role. +You can skip this prerequisite if you plan to use the AWS Management Console or AgentCore CLI to create your gateway. If you use either of these tools, you can let AgentCore automatically create a service role for you with the necessary permissions to access the target. Each time you add a target, the necessary permissions will be automatically attached to your service role. @@ -145 +145,15 @@ The following examples show you how to set authorization through an OAuth client -CLI +AgentCore CLI + + +The AgentCore CLI credential commands must be run inside an existing agentcore project. If you don't have one yet, create a project first with `agentcore create`. + + + agentcore add credential \ + --name oauth-credential-provider \ + --type oauth \ + --discovery-url <DiscoveryUrl> \ + --client-id <ClientId> \ + --client-secret <ClientSecret> + agentcore deploy + +AWS CLI @@ -264 +278,13 @@ The following examples show you how to set an API key for your gateway target: -CLI +AgentCore CLI + + +The AgentCore CLI credential commands must be run inside an existing agentcore project. If you don't have one yet, create a project first with `agentcore create`. + + + agentcore add credential \ + --name api-key-credential-provider \ + --type api-key \ + --api-key <API_KEY_VALUE> + agentcore deploy + +AWS CLI