Package software.amazon.awscdk.services.bedrockagentcore

Interface ApiKeyCredentialProviderProps

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:

ApiKeyCredentialProviderProps.Jsii$Proxy

@Generated(value="jsii-pacmak/1.129.0 (build eaca441)",
           date="2026-05-19T08:18:44.219Z")
@Stability(Stable)
public interface ApiKeyCredentialProviderProps
extends software.amazon.jsii.JsiiSerializable

Properties for a new ApiKeyCredentialProvider (Token Vault resource).

Example:

 Gateway gateway = Gateway.Builder.create(this, "MyGateway")
         .gatewayName("my-gateway")
         .build();
 // Create an API key credential provider in Token Vault
 ApiKeyCredentialProvider apiKeyProvider = ApiKeyCredentialProvider.Builder.create(this, "MyApiKeyProvider")
         .apiKeyCredentialProviderName("my-apikey")
         .build();
 IBucket bucket = Bucket.fromBucketName(this, "ExistingBucket", "my-schema-bucket");
 S3ApiSchema s3mySchema = ApiSchema.fromS3File(bucket, "schemas/myschema.yaml");
 // Add an OpenAPI target using the L2 construct directly
 GatewayTarget target = gateway.addOpenApiTarget("MyTarget", AddOpenApiTargetOptions.builder()
         .gatewayTargetName("my-api-target")
         .description("Target for external API integration")
         .apiSchema(s3mySchema)
         .credentialProviderConfigurations(List.of(GatewayCredentialProvider.fromApiKeyIdentity(apiKeyProvider, FromApiKeyIdentityOptions.builder()
                 .credentialLocation(ApiKeyCredentialLocation.header(ApiKeyAdditionalConfiguration.builder()
                         .credentialParameterName("X-API-Key")
                         .build()))
                 .build())))
         .build());
 // This makes sure your s3 bucket is available before target
 target.node.addDependency(bucket);
 

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static final class	ApiKeyCredentialProviderProps.Builder	A builder for ApiKeyCredentialProviderProps
static final class	ApiKeyCredentialProviderProps.Jsii$Proxy	An implementation for ApiKeyCredentialProviderProps

Method Summary

Modifier and Type	Method	Description
static ApiKeyCredentialProviderProps.Builder	builder()
default SecretValue	getApiKey()	The API key value.
default String	getApiKeyCredentialProviderName()	Name of the credential provider.
default Map<String,String>	getTags()	Tags for this credential provider.

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Details

getApiKey

@Stability(Stable)
@Nullable
default SecretValue getApiKey()

The API key value.

NOTE: The API key will be included in the CloudFormation template as part of synthesis. The service stores the key in Secrets Manager after creation, but the value is visible in the template and deployment history. Use SecretValue.unsafePlainText() to explicitly acknowledge plaintext, or pass a reference from another construct to avoid embedding the literal value.

If omitted, you can supply the key through another mechanism supported by the service.

Default: - no key in template (provider may still be created depending on service behavior)

getApiKeyCredentialProviderName

@Stability(Stable)
@Nullable
default String getApiKeyCredentialProviderName()

Name of the credential provider.

Default: a name generated by CDK

getTags

@Stability(Stable)
@Nullable
default Map<String,String> getTags()

Tags for this credential provider.

Default: - no tags

builder

@Stability(Stable)
static ApiKeyCredentialProviderProps.Builder builder()

Returns:

a ApiKeyCredentialProviderProps.Builder of ApiKeyCredentialProviderProps