class Gateway (construct)
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.Bedrock.Agentcore.Alpha.Gateway |
 Go | github.com/aws/aws-cdk-go/awsbedrockagentcorealpha/v2#Gateway |
 Java | software.amazon.awscdk.services.bedrock.agentcore.alpha.Gateway |
 Python | aws_cdk.aws_bedrock_agentcore_alpha.Gateway |
 TypeScript (source) | @aws-cdk/aws-bedrock-agentcore-alpha ยป Gateway |
Implements
IConstruct, IDependable, IResource, IEnvironment, IGateway
Gateway resource for AWS Bedrock Agent Core.
Serves as an integration point between your agent and external services.
Example
const gateway = new agentcore.Gateway(this, "MyGateway", {
gatewayName: "my-gateway",
});
const lambdaFunction = new lambda.Function(this, "MyFunction", {
runtime: lambda.Runtime.NODEJS_22_X,
handler: "index.handler",
code: lambda.Code.fromInline(`
exports.handler = async (event) => {
return {
statusCode: 200,
body: JSON.stringify({ message: 'Hello from Lambda!' })
};
};
`),
});
// Create a gateway target with Lambda and tool schema
const target = agentcore.GatewayTarget.forLambda(this, "MyLambdaTarget", {
gatewayTargetName: "my-lambda-target",
description: "Target for Lambda function integration",
gateway: gateway,
lambdaFunction: lambdaFunction,
toolSchema: agentcore.ToolSchema.fromLocalAsset(
path.join(__dirname, "schemas", "my-tool-schema.json")
),
});
Initializer
new Gateway(scope: Construct, id: string, props: GatewayProps)
Parameters
- scope
Construct - id
string - props
GatewayProps
Construct Props
| Name | Type | Description |
|---|---|---|
| gateway | string | The name of the gateway Valid characters are a-z, A-Z, 0-9, _ (underscore) and - (hyphen) The name must be unique within your account. |
| authorizer | IGateway | The authorizer configuration for the gateway. |
| description? | string | Optional description for the gateway Valid characters are a-z, A-Z, 0-9, _ (underscore), - (hyphen) and spaces The description can have up to 200 characters. |
| exception | Gateway | The verbosity of exception messages Use DEBUG mode to see granular exception messages from a Gateway. |
| kms | IKey | The AWS KMS key used to encrypt data associated with the gateway. |
| protocol | IGateway | The protocol configuration for the gateway. |
| role? | IRole | The IAM role that provides permissions for the gateway to access AWS services. |
| tags? | { [string]: string } | Tags for the gateway A list of key:value pairs of tags to apply to this Gateway resource. |
gatewayName
Type:
string
The name of the gateway Valid characters are a-z, A-Z, 0-9, _ (underscore) and - (hyphen) The name must be unique within your account.
authorizerConfiguration?
Type:
IGateway
(optional, default: A default authorizer will be created using Cognito)
The authorizer configuration for the gateway.
description?
Type:
string
(optional, default: No description)
Optional description for the gateway Valid characters are a-z, A-Z, 0-9, _ (underscore), - (hyphen) and spaces The description can have up to 200 characters.
exceptionLevel?
Type:
Gateway
(optional, default: Exception messages are sanitized for presentation to end users)
The verbosity of exception messages Use DEBUG mode to see granular exception messages from a Gateway.
kmsKey?
Type:
IKey
(optional, default: No encryption)
The AWS KMS key used to encrypt data associated with the gateway.
protocolConfiguration?
Type:
IGateway
(optional, default: A default protocol configuration will be created using MCP with following params
supportedVersions: [MCPProtocolVersion.MCP_2025_03_26],
searchType: McpGatewaySearchType.SEMANTIC,
instructions: "Default gateway to connect to external MCP tools",)
The protocol configuration for the gateway.
role?
Type:
IRole
(optional, default: A new role will be created)
The IAM role that provides permissions for the gateway to access AWS services.
tags?
Type:
{ [string]: string }
(optional, default: No tags)
Tags for the gateway A list of key:value pairs of tags to apply to this Gateway resource.
Properties
| Name | Type | Description |
|---|---|---|
| authorizer | IGateway | The authorizer configuration for the gateway. |
| env | Resource | The environment this resource belongs to. |
| gateway | string | The ARN of the gateway. |
| gateway | string | The unique identifier of the gateway. |
| name | string | The name of the gateway. |
| node | Node | The tree node. |
| protocol | IGateway | The protocol configuration for the gateway. |
| role | IRole | The IAM role for the gateway. |
| stack | Stack | The stack in which this resource is defined. |
| created | string | Timestamp when the gateway was created. |
| description? | string | The description of the gateway. |
| exception | Gateway | The exception level for the gateway. |
| gateway | string | The URL endpoint for the gateway. |
| kms | IKey | The KMS key used for encryption. |
| status? | string | The status of the gateway. |
| status | string[] | The status reasons for the gateway. |
| tags? | { [string]: string } | Tags applied to the gateway. |
| updated | string | Timestamp when the gateway was last updated. |
| user | IUser | The Cognito User Pool created for the gateway (if using default Cognito authorizer). |
| user | IUser | The Cognito User Pool Client created for the gateway (if using default Cognito authorizer). |
| static PROPERTY_INJECTION_ID | string | Uniquely identifies this class. |
authorizerConfiguration
Type:
IGateway
The authorizer configuration for the gateway.
env
Type:
Resource
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
gatewayArn
Type:
string
The ARN of the gateway.
gatewayId
Type:
string
The unique identifier of the gateway.
name
Type:
string
The name of the gateway.
node
Type:
Node
The tree node.
protocolConfiguration
Type:
IGateway
The protocol configuration for the gateway.
role
Type:
IRole
The IAM role for the gateway.
stack
Type:
Stack
The stack in which this resource is defined.
createdAt?
Type:
string
(optional)
Timestamp when the gateway was created.
description?
Type:
string
(optional)
The description of the gateway.
exceptionLevel?
Type:
Gateway
(optional)
The exception level for the gateway.
gatewayUrl?
Type:
string
(optional)
The URL endpoint for the gateway.
kmsKey?
Type:
IKey
(optional)
The KMS key used for encryption.
status?
Type:
string
(optional)
The status of the gateway.
statusReason?
Type:
string[]
(optional)
The status reasons for the gateway.
tags?
Type:
{ [string]: string }
(optional)
Tags applied to the gateway.
updatedAt?
Type:
string
(optional)
Timestamp when the gateway was last updated.
userPool?
Type:
IUser
(optional)
The Cognito User Pool created for the gateway (if using default Cognito authorizer).
userPoolClient?
Type:
IUser
(optional)
The Cognito User Pool Client created for the gateway (if using default Cognito authorizer).
static PROPERTY_INJECTION_ID
Type:
string
Uniquely identifies this class.
Methods
| Name | Description |
|---|---|
| add | Add a Lambda target to this gateway This is a convenience method that creates a GatewayTarget associated with this gateway. |
| add | Add an MCP server target to this gateway This is a convenience method that creates a GatewayTarget associated with this gateway. |
| add | Add an OpenAPI target to this gateway This is a convenience method that creates a GatewayTarget associated with this gateway. |
| add | Add a Smithy target to this gateway This is a convenience method that creates a GatewayTarget associated with this gateway. |
| apply | Apply the given removal policy to this resource. |
| grant(grantee, ...actions) | Grants IAM actions to the IAM Principal. |
| grant | Grants permission to invoke this Gateway. |
| grant | Grants Create, Update, and Delete actions on the Gateway. |
| grant | Grants Get and List actions on the Gateway. |
| metric(metricName, dimensions, props?) | Return the given named metric for this gateway. |
| metric | Return a metric measuring the duration of requests for this gateway. |
| metric | Return a metric containing the total number of invocations for this gateway. |
| metric | Return a metric measuring the latency of requests for this gateway. |
| metric | Return a metric containing the number of system errors (5xx status code) for this gateway. |
| metric | Return a metric measuring the target execution time for this gateway. |
| metric | Return a metric containing the number of requests served by each target type for this gateway. |
| metric | Return a metric containing the number of throttled requests (429 status code) for this gateway. |
| metric | Return a metric containing the number of user errors (4xx status code, excluding 429) for this gateway. |
| to | Returns a string representation of this construct. |
| static from | Import an existing Gateway using its attributes. |
addLambdaTarget(id, props)
public addLambdaTarget(id: string, props: AddLambdaTargetOptions): GatewayTarget
Parameters
- id
stringโ The construct id for the target. - props
Addโ Properties for the Lambda target.Lambda Target Options
Returns
Add a Lambda target to this gateway This is a convenience method that creates a GatewayTarget associated with this gateway.
addMcpServerTarget(id, props)
public addMcpServerTarget(id: string, props: AddMcpServerTargetOptions): GatewayTarget
Parameters
- id
stringโ The construct id for the target. - props
Addโ Properties for the MCP server target.Mcp Server Target Options
Returns
Add an MCP server target to this gateway This is a convenience method that creates a GatewayTarget associated with this gateway.
addOpenApiTarget(id, props)
public addOpenApiTarget(id: string, props: AddOpenApiTargetOptions): GatewayTarget
Parameters
- id
stringโ The construct id for the target. - props
Addโ Properties for the OpenAPI target.Open Api Target Options
Returns
Add an OpenAPI target to this gateway This is a convenience method that creates a GatewayTarget associated with this gateway.
addSmithyTarget(id, props)
public addSmithyTarget(id: string, props: AddSmithyTargetOptions): GatewayTarget
Parameters
- id
stringโ The construct id for the target. - props
Addโ Properties for the Smithy target.Smithy Target Options
Returns
Add a Smithy target to this gateway This is a convenience method that creates a GatewayTarget associated with this gateway.
applyRemovalPolicy(policy)
public applyRemovalPolicy(policy: RemovalPolicy): void
Parameters
- policy
RemovalPolicy
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
grant(grantee, ...actions)
public grant(grantee: IGrantable, ...actions: string[]): Grant
Parameters
- grantee
IGrantableโ The principal to grant permissions to. - actions
stringโ The actions to grant.
Returns
Grants IAM actions to the IAM Principal.
grantInvoke(grantee)
public grantInvoke(grantee: IGrantable): Grant
Parameters
- grantee
IGrantableโ The principal to grant invoke permissions to.
Returns
Grants permission to invoke this Gateway.
grantManage(grantee)
public grantManage(grantee: IGrantable): Grant
Parameters
- grantee
IGrantableโ The principal to grant manage permissions to.
Returns
Grants Create, Update, and Delete actions on the Gateway.
grantRead(grantee)
public grantRead(grantee: IGrantable): Grant
Parameters
- grantee
IGrantableโ The principal to grant read permissions to.
Returns
Grants Get and List actions on the Gateway.
metric(metricName, dimensions, props?)
public metric(metricName: string, dimensions: { [string]: string }, props?: MetricOptions): Metric
Parameters
- metricName
stringโ The name of the metric. - dimensions
{ [string]: string }โ Additional dimensions for the metric. - props
Metricโ Optional metric configuration.Options
Returns
Return the given named metric for this gateway.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
metricDuration(props?)
public metricDuration(props?: MetricOptions): Metric
Parameters
- props
MetricOptions
Returns
Return a metric measuring the duration of requests for this gateway.
The duration metric represents the total time elapsed between receiving the request and sending the final response token, representing complete end-to-end processing time.
metricInvocations(props?)
public metricInvocations(props?: MetricOptions): Metric
Parameters
- props
MetricOptions
Returns
Return a metric containing the total number of invocations for this gateway.
metricLatency(props?)
public metricLatency(props?: MetricOptions): Metric
Parameters
- props
MetricOptions
Returns
Return a metric measuring the latency of requests for this gateway.
The latency metric represents the time elapsed between when the service receives the request and when it begins sending the first response token.
metricSystemErrors(props?)
public metricSystemErrors(props?: MetricOptions): Metric
Parameters
- props
MetricOptions
Returns
Return a metric containing the number of system errors (5xx status code) for this gateway.
metricTargetExecutionTime(props?)
public metricTargetExecutionTime(props?: MetricOptions): Metric
Parameters
- props
MetricOptions
Returns
Return a metric measuring the target execution time for this gateway.
This metric helps determine the contribution of the target (Lambda, OpenAPI, etc.) to the total latency.
metricTargetType(targetType, props?)
public metricTargetType(targetType: string, props?: MetricOptions): Metric
Parameters
- targetType
string - props
MetricOptions
Returns
Return a metric containing the number of requests served by each target type for this gateway.
metricThrottles(props?)
public metricThrottles(props?: MetricOptions): Metric
Parameters
- props
MetricOptions
Returns
Return a metric containing the number of throttled requests (429 status code) for this gateway.
metricUserErrors(props?)
public metricUserErrors(props?: MetricOptions): Metric
Parameters
- props
MetricOptions
Returns
Return a metric containing the number of user errors (4xx status code, excluding 429) for this gateway.
toString()
public toString(): string
Returns
string
Returns a string representation of this construct.
static fromGatewayAttributes(scope, id, attrs)
public static fromGatewayAttributes(scope: Construct, id: string, attrs: GatewayAttributes): IGateway
Parameters
- scope
Constructโ The construct scope. - id
stringโ The construct id. - attrs
Gatewayโ The attributes of the existing Gateway.Attributes
Returns
Import an existing Gateway using its attributes.