IApiKeyCredentialProvider

class aws_cdk.aws_bedrockagentcore.IApiKeyCredentialProvider(*args, **kwargs)

Bases: IResource, IGrantable, IApiKeyCredentialProviderRef, Protocol

An API key credential provider registered in AgentCore Token Vault.

Methods

apply_removal_policy(policy)

Apply the given removal policy to this resource.

The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you’ve removed it from the CDK application or because you’ve made a change that requires the resource to be replaced.

The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN).

Parameters:: policy (RemovalPolicy)
Return type:: None

bind_for_gateway_api_key_target()

ARNs for use with gateway targets (GatewayCredentialProvider.fromApiKeyIdentity or fromApiKeyIdentityArn).

Return type:: GatewayApiKeyIdentityBinding

grant(grantee, *actions)

Grants IAM actions to the IAM principal.

Parameters:

grantee (IGrantable)
actions (str)

Return type:

Grant

grant_admin(grantee)

Grant control plane permissions to manage this provider.

Parameters:: grantee (IGrantable)
Return type:: Grant

grant_full_access(grantee)

Grant read, admin, and credential retrieval permissions.

Parameters:: grantee (IGrantable)
Return type:: Grant

grant_read(grantee)

Grant GetApiKeyCredentialProvider and ListApiKeyCredentialProviders, scoped to this provider and parent resources required by the Bedrock AgentCore authorization model.

Parameters:: grantee (IGrantable)
Return type:: Grant

grant_use(grantee)

Grant permission to retrieve API key material for outbound calls (GetResourceApiKey).

Parameters:: grantee (IGrantable)
Return type:: Grant

with_(*mixins)

Applies one or more mixins to this construct.

Mixins are applied in order. The list of constructs is captured at the start of the call, so constructs added by a mixin will not be visited.

Parameters:: mixins (IMixin) – The mixins to apply.
Return type:: IConstruct
Returns:: This construct for chaining

Attributes

api_key_credential_provider_ref

(experimental) A reference to a ApiKeyCredentialProvider resource.

Stability:: experimental

api_key_secret_arn

The ARN of the Secrets Manager secret that stores the API key after the resource is created.

May be undefined for resources imported without this attribute.

Attribute:: true

created_time

Timestamp when the credential provider was created.

Attribute:: true

credential_provider_arn

The ARN of this credential provider.

Attribute:: true

env

The environment this resource belongs to.

For resources that are created and managed in a Stack (those created by creating new class instances like new Role(), new Bucket(), etc.), this is always the same as the environment of the stack they belong to.

For referenced resources (those obtained from referencing methods like Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be different than the stack they were imported into.

grant_principal: The principal to grant permissions to.

last_updated_time

Timestamp when the credential provider was last updated.

Attribute:: true

node: The tree node.

stack: The stack in which this resource is defined.