CustomClaimOperator

class aws_cdk.aws_bedrock_agentcore_alpha.CustomClaimOperator(*values)

Bases: Enum

(experimental) Custom claim match operator.

Shared by Runtime and Gateway custom claim implementations.

Stability:

experimental

ExampleMetadata:

fixture=default infused

Example:

# user_pool: cognito.UserPool
# user_pool_client: cognito.UserPoolClient


# Optional: Create custom claims (CustomClaimOperator and GatewayCustomClaim from agentcore)
custom_claims = [
    agentcore.GatewayCustomClaim.with_string_value("department", "engineering"),
    agentcore.GatewayCustomClaim.with_string_array_value("roles", ["admin"], agentcore.CustomClaimOperator.CONTAINS),
    agentcore.GatewayCustomClaim.with_string_array_value("permissions", ["read", "write"], agentcore.CustomClaimOperator.CONTAINS_ANY)
]

gateway = agentcore.Gateway(self, "MyGateway",
    gateway_name="my-gateway",
    authorizer_configuration=agentcore.GatewayAuthorizer.using_cognito(
        user_pool=user_pool,
        allowed_clients=[user_pool_client],
        allowed_audiences=["audience1"],
        allowed_scopes=["read", "write"],
        custom_claims=custom_claims
    )
)

Attributes

CONTAINS

(experimental) Contains operator - used for STRING_ARRAY type claims.

Checks if the claim array contains a specific string value.

Stability:

experimental

CONTAINS_ANY

(experimental) ContainsAny operator - used for STRING_ARRAY type claims.

Checks if the claim array contains any of the provided string values.

Stability:

experimental

EQUALS

(experimental) Equals operator - used for STRING type claims.

Stability:

experimental