LambdaInterceptor
- class aws_cdk.aws_bedrock_agentcore_alpha.LambdaInterceptor(*args: Any, **kwargs)
Bases:
object(experimental) A Lambda-based interceptor for Gateway.
Interceptors allow you to run custom code during each invocation of your gateway:
REQUEST interceptors execute before calling the target
RESPONSE interceptors execute after the target responds
- See:
- Stability:
experimental
- ExampleMetadata:
fixture=default infused
Example:
# Create Lambda functions for interceptors request_interceptor_fn = lambda_.Function(self, "RequestInterceptor", runtime=lambda_.Runtime.PYTHON_3_12, handler="index.handler", code=lambda_.Code.from_inline(""" def handler(event, context): # Validate and transform request return { "interceptorOutputVersion": "1.0", "mcp": { "transformedGatewayRequest": event["mcp"]["gatewayRequest"] } } """) ) response_interceptor_fn = lambda_.Function(self, "ResponseInterceptor", runtime=lambda_.Runtime.PYTHON_3_12, handler="index.handler", code=lambda_.Code.from_inline(""" def handler(event, context): # Filter or transform response return { "interceptorOutputVersion": "1.0", "mcp": { "transformedGatewayResponse": event["mcp"]["gatewayResponse"] } } """) ) # Create gateway with interceptors gateway = agentcore.Gateway(self, "MyGateway", gateway_name="my-gateway", interceptor_configurations=[ agentcore.LambdaInterceptor.for_request(request_interceptor_fn, pass_request_headers=True ), agentcore.LambdaInterceptor.for_response(response_interceptor_fn) ] )
Methods
- bind(_scope, gateway)
(experimental) Binds this Lambda interceptor to a Gateway.
This method:
Grants the Gateway’s IAM role permission to invoke the Lambda function
Returns the CloudFormation configuration for this interceptor
- Parameters:
- Return type:
- Returns:
Configuration for CloudFormation rendering
- Stability:
experimental
Attributes
- interception_point
(experimental) The interception point (REQUEST or RESPONSE).
- Stability:
experimental
Static Methods
- classmethod for_request(lambda_function, *, pass_request_headers=None)
(experimental) Create a REQUEST interceptor that executes before the gateway calls the target.
Important: When this interceptor is added to a gateway, the gateway’s IAM role will automatically be granted
lambda:InvokeFunctionpermission on the specified Lambda function.- Parameters:
lambda_function (
IFunction) – The Lambda function to invoke.pass_request_headers (
Optional[bool]) – (experimental) Whether to pass request headers to the interceptor Lambda function. Security Warning: Request headers can contain sensitive information such as authentication tokens and credentials. Only enable this if your interceptor needs access to headers and you have verified that sensitive information is not logged or exposed. Default: false - Headers are not passed to interceptor for security
- Return type:
- Returns:
A configured LambdaInterceptor for request interception
- Stability:
experimental
- classmethod for_response(lambda_function, *, pass_request_headers=None)
(experimental) Create a RESPONSE interceptor that executes after the target responds.
Important: When this interceptor is added to a gateway, the gateway’s IAM role will automatically be granted
lambda:InvokeFunctionpermission on the specified Lambda function.- Parameters:
lambda_function (
IFunction) – The Lambda function to invoke.pass_request_headers (
Optional[bool]) – (experimental) Whether to pass request headers to the interceptor Lambda function. Security Warning: Request headers can contain sensitive information such as authentication tokens and credentials. Only enable this if your interceptor needs access to headers and you have verified that sensitive information is not logged or exposed. Default: false - Headers are not passed to interceptor for security
- Return type:
- Returns:
A configured LambdaInterceptor for response interception
- Stability:
experimental