AWS bedrock-agentcore documentation change
Summary
Updated typography (straight to curly apostrophes) and restructured the AgentCore CLI and AWS CLI sections for better readability, including adding an example header and step numbers.
Security assessment
The changes are purely typographical and structural, with no mention of security issues, vulnerabilities, or new security features. The content remains the same in terms of security implications.
Diff
diff --git a/bedrock-agentcore/latest/devguide/identity-getting-started-cognito.md b/bedrock-agentcore/latest/devguide/identity-getting-started-cognito.md index 818657ed3..d16720cc9 100644 --- a//bedrock-agentcore/latest/devguide/identity-getting-started-cognito.md +++ b//bedrock-agentcore/latest/devguide/identity-getting-started-cognito.md @@ -9 +9 @@ PrerequisitesStep 1: Create a Cognito user pool (Optional)Step 2: Create a crede -This getting started tutorial walks you through building a complete authenticated agent from the ground up using Amazon Bedrock AgentCore Identity and will help you get started with implementing identity features in your agent applications. You'll learn how to set up your development environment, create authentication infrastructure with Cognito, deploy your agent to AgentCore Runtime, and test the full authentication workflow. +This getting started tutorial walks you through building a complete authenticated agent from the ground up using Amazon Bedrock AgentCore Identity and will help you get started with implementing identity features in your agent applications. You’ll learn how to set up your development environment, create authentication infrastructure with Cognito, deploy your agent to AgentCore Runtime, and test the full authentication workflow. @@ -11 +11 @@ This getting started tutorial walks you through building a complete authenticate -By the end of this tutorial, you'll have a fully deployed agent that can authenticate users through OAuth2 flows, obtain access tokens securely, and demonstrate the complete identity management lifecycle. Your agent will be running on AgentCore Runtime with proper IAM permissions, creating a test lab environment where you can demonstrate and test the integration capabilities. +By the end of this tutorial, you’ll have a fully deployed agent that can authenticate users through OAuth2 flows, obtain access tokens securely, and demonstrate the complete identity management lifecycle. Your agent will be running on AgentCore Runtime with proper IAM permissions, creating a test lab environment where you can demonstrate and test the integration capabilities. @@ -172 +172 @@ If you are using your own authorization server, set the environment variables `I -This credential provider will be used by your agent's code to get access tokens to act on behalf of your user. +This credential provider will be used by your agent’s code to get access tokens to act on behalf of your user. @@ -174 +174 @@ This credential provider will be used by your agent's code to get access tokens -AgentCore CLI +###### Example @@ -175,0 +176 @@ AgentCore CLI +AgentCore CLI @@ -177 +177,0 @@ AgentCore CLI -If you have an AgentCore CLI project, you can add the credential provider using the CLI. The CLI will create the provider during deployment. @@ -178,0 +179 @@ If you have an AgentCore CLI project, you can add the credential provider using + 1. If you have an AgentCore CLI project, you can add the credential provider using the CLI. The CLI will create the provider during deployment. @@ -189 +189,0 @@ The credential provider will be created when you run `agentcore deploy` in Step -AWS CLI @@ -193 +193,4 @@ AWS CLI - #!/bin/bash +AWS CLI + + + 1. #!/bin/bash @@ -342 +347 @@ From your terminal, install the AgentCore CLI and create a new project: -Copy your agent script into the project's agent directory, replacing the default agent: +Copy your agent script into the project’s agent directory, replacing the default agent: @@ -362 +367 @@ The CLI synthesizes a AWS CDK stack and deploys your agent to AgentCore Runtime. -The AgentCore CLI creates the agent's execution role during deployment, but the role does not automatically include permissions for token vault access. You need to attach an additional policy to allow the agent to retrieve OAuth 2.0 tokens at runtime. +The AgentCore CLI creates the agent’s execution role during deployment, but the role does not automatically include permissions for token vault access. You need to attach an additional policy to allow the agent to retrieve OAuth 2.0 tokens at runtime. @@ -364 +369 @@ The AgentCore CLI creates the agent's execution role during deployment, but the -This script retrieves your account and region from the AWS CLI, finds the agent's execution role from the CloudFormation stack, and attaches the appropriate policy. You can copy and paste this script, or save it to a file and execute it. +This script retrieves your account and region from the AWS CLI, finds the agent’s execution role from the CloudFormation stack, and attaches the appropriate policy. You can copy and paste this script, or save it to a file and execute it. @@ -432 +437 @@ Now that this is all set up, you can invoke the agent. For this demo, we will us -The agent will then return a URL to your `agentcore invoke` command. Copy and paste that URL into your preferred browser, and you will then be redirected to your authorization server's login page. The `--user-id` parameter is the user ID you are presenting to AgentCore Identity. The `--session-id` parameter is the session ID, which must be at least 33 characters long. +The agent will then return a URL to your `agentcore invoke` command. Copy and paste that URL into your preferred browser, and you will then be redirected to your authorization server’s login page. The `--user-id` parameter is the user ID you are presenting to AgentCore Identity. The `--session-id` parameter is the session ID, which must be at least 33 characters long. @@ -448 +453 @@ Should you encounter any errors or unexpected behaviors, the output of the agent -After you're done, run `agentcore remove all` and then `agentcore deploy` from your project directory to tear down the deployed AgentCore Runtime resources. Then delete the Amazon Cognito user pool, detach and delete the IAM policy you created, and delete the credential provider. +After you’re done, run `agentcore remove all` and then `agentcore deploy` from your project directory to tear down the deployed AgentCore Runtime resources. Then delete the Amazon Cognito user pool, detach and delete the IAM policy you created, and delete the credential provider.