interface ApiKeyCredentialProviderProps
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.Bedrock.Agentcore.Alpha.ApiKeyCredentialProviderProps |
 Go | github.com/aws/aws-cdk-go/awsbedrockagentcorealpha/v2#ApiKeyCredentialProviderProps |
 Java | software.amazon.awscdk.services.bedrock.agentcore.alpha.ApiKeyCredentialProviderProps |
 Python | aws_cdk.aws_bedrock_agentcore_alpha.ApiKeyCredentialProviderProps |
 TypeScript (source) | @aws-cdk/aws-bedrock-agentcore-alpha ยป ApiKeyCredentialProviderProps |
API Key configuration.
Example
const gateway = new agentcore.Gateway(this, "MyGateway", {
gatewayName: "my-gateway",
});
// These ARNs are returned when creating the API key credential provider via Console or API
const apiKeyProviderArn = "arn:aws:bedrock-agentcore:us-east-1:123456789012:token-vault/abc123/apikeycredentialprovider/my-apikey"
const apiKeySecretArn = "arn:aws:secretsmanager:us-east-1:123456789012:secret:my-apikey-secret-abc123"
const bucket = s3.Bucket.fromBucketName(this, "ExistingBucket", "my-schema-bucket");
const s3mySchema = agentcore.ApiSchema.fromS3File(bucket, "schemas/myschema.yaml");
// Add an OpenAPI target directly to the gateway
const target = gateway.addOpenApiTarget("MyTarget", {
gatewayTargetName: "my-api-target",
description: "Target for external API integration",
apiSchema: s3mySchema,
credentialProviderConfigurations: [
agentcore.GatewayCredentialProvider.fromApiKeyIdentityArn({
providerArn: apiKeyProviderArn,
secretArn: apiKeySecretArn,
credentialLocation: agentcore.ApiKeyCredentialLocation.header({
credentialParameterName: "X-API-Key",
}),
}),
],
});
// This make sure your s3 bucket is available before target
target.node.addDependency(bucket);
Properties
| Name | Type | Description |
|---|---|---|
| provider | string | The API key credential provider ARN. |
| secret | string | The ARN of the Secrets Manager secret containing the API key. |
| credential | Api | The location of the API key credential. |
providerArn
Type:
string
The API key credential provider ARN.
This is returned when creating the API key credential provider via Console or API. Format: arn:aws:bedrock-agentcore:region:account:token-vault/id/apikeycredentialprovider/name
secretArn
Type:
string
The ARN of the Secrets Manager secret containing the API key.
This is returned when creating the API key credential provider via Console or API. Format: arn:aws:secretsmanager:region:account:secret:name
credentialLocation?
Type:
Api
(optional, default: HEADER)
The location of the API key credential.
This field specifies where in the request the API key should be placed.