Class: Aws::BedrockAgentCoreControl::Client

Inherits:

Seahorse::Client::Base

• Object
• Seahorse::Client::Base
• Aws::BedrockAgentCoreControl::Client

Includes:

ClientStubs

Defined in:

gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb

Overview

An API client for BedrockAgentCoreControl. To construct a client, you need to configure a :region and :credentials.

client = Aws::BedrockAgentCoreControl::Client.new(
  region: region_name,
  credentials: credentials,
  # ...
)

For details on configuring region and credentials see the developer guide.

See #initialize for a full list of supported configuration options.

Instance Attribute Summary

Attributes inherited from Seahorse::Client::Base

#config, #handlers

API Operations

• #create_agent_runtime(params = {}) ⇒ Types::CreateAgentRuntimeResponse

  Creates an Amazon Bedrock AgentCore Runtime.

• #create_agent_runtime_endpoint(params = {}) ⇒ Types::CreateAgentRuntimeEndpointResponse

  Creates an AgentCore Runtime endpoint.

• #create_api_key_credential_provider(params = {}) ⇒ Types::CreateApiKeyCredentialProviderResponse

  Creates a new API key credential provider.

• #create_browser(params = {}) ⇒ Types::CreateBrowserResponse

  Creates a custom browser.

• #create_code_interpreter(params = {}) ⇒ Types::CreateCodeInterpreterResponse

  Creates a custom code interpreter.

• #create_evaluator(params = {}) ⇒ Types::CreateEvaluatorResponse

  Creates a custom evaluator for agent quality assessment.

• #create_gateway(params = {}) ⇒ Types::CreateGatewayResponse

  Creates a gateway for Amazon Bedrock Agent.

• #create_gateway_target(params = {}) ⇒ Types::CreateGatewayTargetResponse

  Creates a target for a gateway.

• #create_memory(params = {}) ⇒ Types::CreateMemoryOutput

  Creates a new Amazon Bedrock AgentCore Memory resource.

• #create_oauth_2_credential_provider(params = {}) ⇒ Types::CreateOauth2CredentialProviderResponse

  Creates a new OAuth2 credential provider.

• #create_online_evaluation_config(params = {}) ⇒ Types::CreateOnlineEvaluationConfigResponse

  Creates an online evaluation configuration for continuous monitoring of agent performance.

• #create_policy(params = {}) ⇒ Types::CreatePolicyResponse

  Creates a policy within the AgentCore Policy system.

• #create_policy_engine(params = {}) ⇒ Types::CreatePolicyEngineResponse

  Creates a new policy engine within the AgentCore Policy system.

• #create_workload_identity(params = {}) ⇒ Types::CreateWorkloadIdentityResponse

  Creates a new workload identity.

• #delete_agent_runtime(params = {}) ⇒ Types::DeleteAgentRuntimeResponse

  Deletes an Amazon Bedrock AgentCore Runtime.

• #delete_agent_runtime_endpoint(params = {}) ⇒ Types::DeleteAgentRuntimeEndpointResponse

  Deletes an AAgentCore Runtime endpoint.

• #delete_api_key_credential_provider(params = {}) ⇒ Struct

  Deletes an API key credential provider.

• #delete_browser(params = {}) ⇒ Types::DeleteBrowserResponse

  Deletes a custom browser.

• #delete_code_interpreter(params = {}) ⇒ Types::DeleteCodeInterpreterResponse

  Deletes a custom code interpreter.

• #delete_evaluator(params = {}) ⇒ Types::DeleteEvaluatorResponse

  Deletes a custom evaluator.

• #delete_gateway(params = {}) ⇒ Types::DeleteGatewayResponse

  Deletes a gateway.

• #delete_gateway_target(params = {}) ⇒ Types::DeleteGatewayTargetResponse

  Deletes a gateway target.

• #delete_memory(params = {}) ⇒ Types::DeleteMemoryOutput

  Deletes an Amazon Bedrock AgentCore Memory resource.

• #delete_oauth_2_credential_provider(params = {}) ⇒ Struct

  Deletes an OAuth2 credential provider.

• #delete_online_evaluation_config(params = {}) ⇒ Types::DeleteOnlineEvaluationConfigResponse

  Deletes an online evaluation configuration and stops any ongoing evaluation processes associated with it.

• #delete_policy(params = {}) ⇒ Types::DeletePolicyResponse

  Deletes an existing policy from the AgentCore Policy system.

• #delete_policy_engine(params = {}) ⇒ Types::DeletePolicyEngineResponse

  Deletes an existing policy engine from the AgentCore Policy system.

• #delete_resource_policy(params = {}) ⇒ Struct

  Deletes the resource-based policy for a specified resource.

• #delete_workload_identity(params = {}) ⇒ Struct

  Deletes a workload identity.

• #get_agent_runtime(params = {}) ⇒ Types::GetAgentRuntimeResponse

  Gets an Amazon Bedrock AgentCore Runtime.

• #get_agent_runtime_endpoint(params = {}) ⇒ Types::GetAgentRuntimeEndpointResponse

  Gets information about an Amazon Secure AgentEndpoint.

• #get_api_key_credential_provider(params = {}) ⇒ Types::GetApiKeyCredentialProviderResponse

  Retrieves information about an API key credential provider.

• #get_browser(params = {}) ⇒ Types::GetBrowserResponse

  Gets information about a custom browser.

• #get_code_interpreter(params = {}) ⇒ Types::GetCodeInterpreterResponse

  Gets information about a custom code interpreter.

• #get_evaluator(params = {}) ⇒ Types::GetEvaluatorResponse

  Retrieves detailed information about an evaluator, including its configuration, status, and metadata.

• #get_gateway(params = {}) ⇒ Types::GetGatewayResponse

  Retrieves information about a specific Gateway.

• #get_gateway_target(params = {}) ⇒ Types::GetGatewayTargetResponse

  Retrieves information about a specific gateway target.

• #get_memory(params = {}) ⇒ Types::GetMemoryOutput

  Retrieve an existing Amazon Bedrock AgentCore Memory resource.

• #get_oauth_2_credential_provider(params = {}) ⇒ Types::GetOauth2CredentialProviderResponse

  Retrieves information about an OAuth2 credential provider.

• #get_online_evaluation_config(params = {}) ⇒ Types::GetOnlineEvaluationConfigResponse

  Retrieves detailed information about an online evaluation configuration, including its rules, data sources, evaluators, and execution status.

• #get_policy(params = {}) ⇒ Types::GetPolicyResponse

  Retrieves detailed information about a specific policy within the AgentCore Policy system.

• #get_policy_engine(params = {}) ⇒ Types::GetPolicyEngineResponse

  Retrieves detailed information about a specific policy engine within the AgentCore Policy system.

• #get_policy_generation(params = {}) ⇒ Types::GetPolicyGenerationResponse

  Retrieves information about a policy generation request within the AgentCore Policy system.

• #get_resource_policy(params = {}) ⇒ Types::GetResourcePolicyResponse

  Retrieves the resource-based policy for a specified resource.

• #get_token_vault(params = {}) ⇒ Types::GetTokenVaultResponse

  Retrieves information about a token vault.

• #get_workload_identity(params = {}) ⇒ Types::GetWorkloadIdentityResponse

  Retrieves information about a workload identity.

• #list_agent_runtime_endpoints(params = {}) ⇒ Types::ListAgentRuntimeEndpointsResponse

  Lists all endpoints for a specific Amazon Secure Agent.

• #list_agent_runtime_versions(params = {}) ⇒ Types::ListAgentRuntimeVersionsResponse

  Lists all versions of a specific Amazon Secure Agent.

• #list_agent_runtimes(params = {}) ⇒ Types::ListAgentRuntimesResponse

  Lists all Amazon Secure Agents in your account.

• #list_api_key_credential_providers(params = {}) ⇒ Types::ListApiKeyCredentialProvidersResponse

  Lists all API key credential providers in your account.

• #list_browsers(params = {}) ⇒ Types::ListBrowsersResponse

  Lists all custom browsers in your account.

• #list_code_interpreters(params = {}) ⇒ Types::ListCodeInterpretersResponse

  Lists all custom code interpreters in your account.

• #list_evaluators(params = {}) ⇒ Types::ListEvaluatorsResponse

  Lists all available evaluators, including both builtin evaluators provided by the service and custom evaluators created by the user.

• #list_gateway_targets(params = {}) ⇒ Types::ListGatewayTargetsResponse

  Lists all targets for a specific gateway.

• #list_gateways(params = {}) ⇒ Types::ListGatewaysResponse

  Lists all gateways in the account.

• #list_memories(params = {}) ⇒ Types::ListMemoriesOutput

  Lists the available Amazon Bedrock AgentCore Memory resources in the current Amazon Web Services Region.

• #list_oauth_2_credential_providers(params = {}) ⇒ Types::ListOauth2CredentialProvidersResponse

  Lists all OAuth2 credential providers in your account.

• #list_online_evaluation_configs(params = {}) ⇒ Types::ListOnlineEvaluationConfigsResponse

  Lists all online evaluation configurations in the account, providing summary information about each configuration's status and settings.

• #list_policies(params = {}) ⇒ Types::ListPoliciesResponse

  Retrieves a list of policies within the AgentCore Policy engine.

• #list_policy_engines(params = {}) ⇒ Types::ListPolicyEnginesResponse

  Retrieves a list of policy engines within the AgentCore Policy system.

• #list_policy_generation_assets(params = {}) ⇒ Types::ListPolicyGenerationAssetsResponse

  Retrieves a list of generated policy assets from a policy generation request within the AgentCore Policy system.

• #list_policy_generations(params = {}) ⇒ Types::ListPolicyGenerationsResponse

  Retrieves a list of policy generation requests within the AgentCore Policy system.

• #list_tags_for_resource(params = {}) ⇒ Types::ListTagsForResourceResponse

  Lists the tags associated with the specified resource.

• #list_workload_identities(params = {}) ⇒ Types::ListWorkloadIdentitiesResponse

  Lists all workload identities in your account.

• #put_resource_policy(params = {}) ⇒ Types::PutResourcePolicyResponse

  Creates or updates a resource-based policy for a resource with the specified resourceArn.

• #set_token_vault_cmk(params = {}) ⇒ Types::SetTokenVaultCMKResponse

  Sets the customer master key (CMK) for a token vault.

• #start_policy_generation(params = {}) ⇒ Types::StartPolicyGenerationResponse

  Initiates the AI-powered generation of Cedar policies from natural language descriptions within the AgentCore Policy system.

• #synchronize_gateway_targets(params = {}) ⇒ Types::SynchronizeGatewayTargetsResponse

  The gateway targets.

• #tag_resource(params = {}) ⇒ Struct

  Associates the specified tags to a resource with the specified resourceArn.

• #untag_resource(params = {}) ⇒ Struct

  Removes the specified tags from the specified resource.

• #update_agent_runtime(params = {}) ⇒ Types::UpdateAgentRuntimeResponse

  Updates an existing Amazon Secure Agent.

• #update_agent_runtime_endpoint(params = {}) ⇒ Types::UpdateAgentRuntimeEndpointResponse

  Updates an existing Amazon Bedrock AgentCore Runtime endpoint.

• #update_api_key_credential_provider(params = {}) ⇒ Types::UpdateApiKeyCredentialProviderResponse

  Updates an existing API key credential provider.

• #update_evaluator(params = {}) ⇒ Types::UpdateEvaluatorResponse

  Updates a custom evaluator's configuration, description, or evaluation level.

• #update_gateway(params = {}) ⇒ Types::UpdateGatewayResponse

  Updates an existing gateway.

• #update_gateway_target(params = {}) ⇒ Types::UpdateGatewayTargetResponse

  Updates an existing gateway target.

• #update_memory(params = {}) ⇒ Types::UpdateMemoryOutput

  Update an Amazon Bedrock AgentCore Memory resource memory.

• #update_oauth_2_credential_provider(params = {}) ⇒ Types::UpdateOauth2CredentialProviderResponse

  Updates an existing OAuth2 credential provider.

• #update_online_evaluation_config(params = {}) ⇒ Types::UpdateOnlineEvaluationConfigResponse

  Updates an online evaluation configuration's settings, including rules, data sources, evaluators, and execution status.

• #update_policy(params = {}) ⇒ Types::UpdatePolicyResponse

  Updates an existing policy within the AgentCore Policy system.

• #update_policy_engine(params = {}) ⇒ Types::UpdatePolicyEngineResponse

  Updates an existing policy engine within the AgentCore Policy system.

• #update_workload_identity(params = {}) ⇒ Types::UpdateWorkloadIdentityResponse

  Updates an existing workload identity.

Instance Method Summary

• #initialize(options) ⇒ Client constructor

  A new instance of Client.

• #wait_until(waiter_name, params = {}, options = {}) {|w.waiter| ... } ⇒ Boolean

  Polls an API operation until a resource enters a desired state.

Methods included from ClientStubs

#api_requests, #stub_data, #stub_responses

Methods inherited from Seahorse::Client::Base

add_plugin, api, clear_plugins, define, new, #operation_names, plugins, remove_plugin, set_api, set_plugins

Methods included from Seahorse::Client::HandlerBuilder

#handle, #handle_request, #handle_response

Constructor Details

#initialize(options) ⇒ Client

Returns a new instance of Client.

Parameters:

• options (Hash)

Options Hash (options):

• :plugins (Array<Seahorse::Client::Plugin>) — default: []] —

  A list of plugins to apply to the client. Each plugin is either a class name or an instance of a plugin class.

• :credentials (required, Aws::CredentialProvider) —

  Your AWS credentials used for authentication. This can be any class that includes and implements Aws::CredentialProvider, or instance of any one of the following classes:

  • Aws::Credentials - Used for configuring static, non-refreshing credentials.

  • Aws::SharedCredentials - Used for loading static credentials from a shared file, such as ~/.aws/config.

  • Aws::AssumeRoleCredentials - Used when you need to assume a role.

  • Aws::AssumeRoleWebIdentityCredentials - Used when you need to assume a role after providing credentials via the web.

  • Aws::SSOCredentials - Used for loading credentials from AWS SSO using an access token generated from aws login.

  • Aws::ProcessCredentials - Used for loading credentials from a process that outputs to stdout.

  • Aws::InstanceProfileCredentials - Used for loading credentials from an EC2 IMDS on an EC2 instance.

  • Aws::ECSCredentials - Used for loading credentials from instances running in ECS.

  • Aws::CognitoIdentityCredentials - Used for loading credentials from the Cognito Identity service.

  When :credentials are not configured directly, the following locations will be searched for credentials:

  • Aws.config[:credentials]

  • The :access_key_id, :secret_access_key, :session_token, and :account_id options.

  • ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY'], ENV['AWS_SESSION_TOKEN'], and ENV['AWS_ACCOUNT_ID'].

  • ~/.aws/credentials

  • ~/.aws/config

  • EC2/ECS IMDS instance profile - When used by default, the timeouts are very aggressive. Construct and pass an instance of Aws::InstanceProfileCredentials or Aws::ECSCredentials to enable retries and extended timeouts. Instance profile credential fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED'] to true.

• :region (required, String) —

  The AWS region to connect to. The configured :region is used to determine the service :endpoint. When not passed, a default :region is searched for in the following locations:

  • Aws.config[:region]
  • ENV['AWS_REGION']
  • ENV['AMAZON_REGION']
  • ENV['AWS_DEFAULT_REGION']
  • ~/.aws/credentials
  • ~/.aws/config
• :access_key_id (String)
• :account_id (String)
• :active_endpoint_cache (Boolean) — default: false —

  When set to true, a thread polling for endpoints will be running in the background every 60 secs (default). Defaults to false.

• :adaptive_retry_wait_to_fill (Boolean) — default: true —

  Used only in adaptive retry mode. When true, the request will sleep until there is sufficent client side capacity to retry the request. When false, the request will raise a RetryCapacityNotAvailableError and will not retry instead of sleeping.

• :auth_scheme_preference (Array<String>) —

  A list of preferred authentication schemes to use when making a request. Supported values are: sigv4, sigv4a, httpBearerAuth, and noAuth. When set using ENV['AWS_AUTH_SCHEME_PREFERENCE'] or in shared config as auth_scheme_preference, the value should be a comma-separated list.

• :client_side_monitoring (Boolean) — default: false —

  When true, client-side metrics will be collected for all API requests from this client.

• :client_side_monitoring_client_id (String) — default: "" —

  Allows you to provide an identifier for this client which will be attached to all generated client side metrics. Defaults to an empty string.

• :client_side_monitoring_host (String) — default: "127.0.0.1" —

  Allows you to specify the DNS hostname or IPv4 or IPv6 address that the client side monitoring agent is running on, where client metrics will be published via UDP.

• :client_side_monitoring_port (Integer) — default: 31000 —

  Required for publishing client metrics. The port that the client side monitoring agent is running on, where client metrics will be published via UDP.

• :client_side_monitoring_publisher (Aws::ClientSideMonitoring::Publisher) — default: Aws::ClientSideMonitoring::Publisher —

  Allows you to provide a custom client-side monitoring publisher class. By default, will use the Client Side Monitoring Agent Publisher.

• :convert_params (Boolean) — default: true —

  When true, an attempt is made to coerce request parameters into the required types.

• :correct_clock_skew (Boolean) — default: true —

  Used only in standard and adaptive retry modes. Specifies whether to apply a clock skew correction and retry requests with skewed client clocks.

• :defaults_mode (String) — default: "legacy" —

  See DefaultsModeConfiguration for a list of the accepted modes and the configuration defaults that are included.

• :disable_host_prefix_injection (Boolean) — default: false —

  When true, the SDK will not prepend the modeled host prefix to the endpoint.

• :disable_request_compression (Boolean) — default: false —

  When set to 'true' the request body will not be compressed for supported operations.

• :endpoint (String, URI::HTTPS, URI::HTTP) —

  Normally you should not configure the :endpoint option directly. This is normally constructed from the :region option. Configuring :endpoint is normally reserved for connecting to test or custom endpoints. The endpoint should be a URI formatted like:

  'http://example.com'
  'https://example.com'
  'http://example.com:123'
  

• :endpoint_cache_max_entries (Integer) — default: 1000 —

  Used for the maximum size limit of the LRU cache storing endpoints data for endpoint discovery enabled operations. Defaults to 1000.

• :endpoint_cache_max_threads (Integer) — default: 10 —

  Used for the maximum threads in use for polling endpoints to be cached, defaults to 10.

• :endpoint_cache_poll_interval (Integer) — default: 60 —

  When :endpoint_discovery and :active_endpoint_cache is enabled, Use this option to config the time interval in seconds for making requests fetching endpoints information. Defaults to 60 sec.

• :endpoint_discovery (Boolean) — default: false —

  When set to true, endpoint discovery will be enabled for operations when available.

• :ignore_configured_endpoint_urls (Boolean) —

  Setting to true disables use of endpoint URLs provided via environment variables and the shared configuration file.

• :log_formatter (Aws::Log::Formatter) — default: Aws::Log::Formatter.default —

  The log formatter.

• :log_level (Symbol) — default: :info —

  The log level to send messages to the :logger at.

• :logger (Logger) —

  The Logger instance to send log messages to. If this option is not set, logging will be disabled.

• :max_attempts (Integer) — default: 3 —

  An integer representing the maximum number attempts that will be made for a single request, including the initial attempt. For example, setting this value to 5 will result in a request being retried up to 4 times. Used in standard and adaptive retry modes.

• :profile (String) — default: "default" —

  Used when loading credentials from the shared credentials file at HOME/.aws/credentials. When not specified, 'default' is used.

• :request_checksum_calculation (String) — default: "when_supported" —

  Determines when a checksum will be calculated for request payloads. Values are:

  • when_supported - (default) When set, a checksum will be calculated for all request payloads of operations modeled with the httpChecksum trait where requestChecksumRequired is true and/or a requestAlgorithmMember is modeled.
  • when_required - When set, a checksum will only be calculated for request payloads of operations modeled with the httpChecksum trait where requestChecksumRequired is true or where a requestAlgorithmMember is modeled and supplied.
• :request_min_compression_size_bytes (Integer) — default: 10240 —

  The minimum size in bytes that triggers compression for request bodies. The value must be non-negative integer value between 0 and 10485780 bytes inclusive.

• :response_checksum_validation (String) — default: "when_supported" —

  Determines when checksum validation will be performed on response payloads. Values are:

  • when_supported - (default) When set, checksum validation is performed on all response payloads of operations modeled with the httpChecksum trait where responseAlgorithms is modeled, except when no modeled checksum algorithms are supported.
  • when_required - When set, checksum validation is not performed on response payloads of operations unless the checksum algorithm is supported and the requestValidationModeMember member is set to ENABLED.
• :retry_backoff (Proc) —

  A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay. This option is only used in the legacy retry mode.

• :retry_base_delay (Float) — default: 0.3 —

  The base delay in seconds used by the default backoff function. This option is only used in the legacy retry mode.

• :retry_jitter (Symbol) — default: :none —

  A delay randomiser function used by the default backoff function. Some predefined functions can be referenced by name - :none, :equal, :full, otherwise a Proc that takes and returns a number. This option is only used in the legacy retry mode.

  @see https://www.awsarchitectureblog.com/2015/03/backoff.html

• :retry_limit (Integer) — default: 3 —

  The maximum number of times to retry failed requests. Only ~ 500 level server errors and certain ~ 400 level client errors are retried. Generally, these are throttling errors, data checksum errors, networking errors, timeout errors, auth errors, endpoint discovery, and errors from expired credentials. This option is only used in the legacy retry mode.

• :retry_max_delay (Integer) — default: 0 —

  The maximum number of seconds to delay between retries (0 for no limit) used by the default backoff function. This option is only used in the legacy retry mode.

• :retry_mode (String) — default: "legacy" —

  Specifies which retry algorithm to use. Values are:

  • legacy - The pre-existing retry behavior. This is default value if no retry mode is provided.

  • standard - A standardized set of retry rules across the AWS SDKs. This includes support for retry quotas, which limit the number of unsuccessful retries a client can make.

  • adaptive - An experimental retry mode that includes all the functionality of standard mode along with automatic client side throttling. This is a provisional mode that may change behavior in the future.

• :sdk_ua_app_id (String) —

  A unique and opaque application ID that is appended to the User-Agent header as app/sdk_ua_app_id. It should have a maximum length of 50. This variable is sourced from environment variable AWS_SDK_UA_APP_ID or the shared config profile attribute sdk_ua_app_id.

• :secret_access_key (String)
• :session_token (String)
• :sigv4a_signing_region_set (Array) —

  A list of regions that should be signed with SigV4a signing. When not passed, a default :sigv4a_signing_region_set is searched for in the following locations:

  • Aws.config[:sigv4a_signing_region_set]
  • ENV['AWS_SIGV4A_SIGNING_REGION_SET']
  • ~/.aws/config
• :stub_responses (Boolean) — default: false —

  Causes the client to return stubbed responses. By default fake responses are generated and returned. You can specify the response data to return or errors to raise by calling ClientStubs#stub_responses. See ClientStubs for more information.

  Please note When response stubbing is enabled, no HTTP requests are made, and retries are disabled.

• :telemetry_provider (Aws::Telemetry::TelemetryProviderBase) — default: Aws::Telemetry::NoOpTelemetryProvider —

  Allows you to provide a telemetry provider, which is used to emit telemetry data. By default, uses NoOpTelemetryProvider which will not record or emit any telemetry data. The SDK supports the following telemetry providers:

  • OpenTelemetry (OTel) - To use the OTel provider, install and require the opentelemetry-sdk gem and then, pass in an instance of a Aws::Telemetry::OTelProvider for telemetry provider.
• :token_provider (Aws::TokenProvider) —

  Your Bearer token used for authentication. This can be any class that includes and implements Aws::TokenProvider, or instance of any one of the following classes:

  • Aws::StaticTokenProvider - Used for configuring static, non-refreshing tokens.

  • Aws::SSOTokenProvider - Used for loading tokens from AWS SSO using an access token generated from aws login.

  When :token_provider is not configured directly, the Aws::TokenProviderChain will be used to search for tokens configured for your profile in shared configuration files.

• :use_dualstack_endpoint (Boolean) —

  When set to true, dualstack enabled endpoints (with .aws TLD) will be used if available.

• :use_fips_endpoint (Boolean) —

  When set to true, fips compatible endpoints will be used if available. When a fips region is used, the region is normalized and this config is set to true.

• :validate_params (Boolean) — default: true —

  When true, request parameters are validated before sending the request.

• :endpoint_provider (Aws::BedrockAgentCoreControl::EndpointProvider) —

  The endpoint provider used to resolve endpoints. Any object that responds to #resolve_endpoint(parameters) where parameters is a Struct similar to Aws::BedrockAgentCoreControl::EndpointParameters.

• :http_continue_timeout (Float) — default: 1 —

  The number of seconds to wait for a 100-continue response before sending the request body. This option has no effect unless the request has "Expect" header set to "100-continue". Defaults to nil which disables this behaviour. This value can safely be set per request on the session.

• :http_idle_timeout (Float) — default: 5 —

  The number of seconds a connection is allowed to sit idle before it is considered stale. Stale connections are closed and removed from the pool before making a request.

• :http_open_timeout (Float) — default: 15 —

  The default number of seconds to wait for response data. This value can safely be set per-request on the session.

• :http_proxy (URI::HTTP, String) —

  A proxy to send requests through. Formatted like 'http://proxy.com:123'.

• :http_read_timeout (Float) — default: 60 —

  The default number of seconds to wait for response data. This value can safely be set per-request on the session.

• :http_wire_trace (Boolean) — default: false —

  When true, HTTP debug output will be sent to the :logger.

• :on_chunk_received (Proc) —

  When a Proc object is provided, it will be used as callback when each chunk of the response body is received. It provides three arguments: the chunk, the number of bytes received, and the total number of bytes in the response (or nil if the server did not send a content-length).

• :on_chunk_sent (Proc) —

  When a Proc object is provided, it will be used as callback when each chunk of the request body is sent. It provides three arguments: the chunk, the number of bytes read from the body, and the total number of bytes in the body.

• :raise_response_errors (Boolean) — default: true —

  When true, response errors are raised.

• :ssl_ca_bundle (String) —

  Full path to the SSL certificate authority bundle file that should be used when verifying peer certificates. If you do not pass :ssl_ca_bundle or :ssl_ca_directory the the system default will be used if available.

• :ssl_ca_directory (String) —

  Full path of the directory that contains the unbundled SSL certificate authority files for verifying peer certificates. If you do not pass :ssl_ca_bundle or :ssl_ca_directory the the system default will be used if available.

• :ssl_ca_store (String) —

  Sets the X509::Store to verify peer certificate.

• :ssl_cert (OpenSSL::X509::Certificate) —

  Sets a client certificate when creating http connections.

• :ssl_key (OpenSSL::PKey) —

  Sets a client key when creating http connections.

• :ssl_timeout (Float) —

  Sets the SSL timeout in seconds

• :ssl_verify_peer (Boolean) — default: true —

  When true, SSL peer certificates are verified when establishing a connection.

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 473

def initialize(*args)
  super
end

Instance Method Details

#create_agent_runtime(params = {}) ⇒ Types::CreateAgentRuntimeResponse

Creates an Amazon Bedrock AgentCore Runtime.

Examples:

Request syntax with placeholder values

resp = client.create_agent_runtime({
  agent_runtime_name: "AgentRuntimeName", # required
  agent_runtime_artifact: { # required
    container_configuration: {
      container_uri: "RuntimeContainerUri", # required
    },
    code_configuration: {
      code: { # required
        s3: {
          bucket: "S3LocationBucketString", # required
          prefix: "S3LocationPrefixString", # required
          version_id: "S3LocationVersionIdString",
        },
      },
      runtime: "PYTHON_3_10", # required, accepts PYTHON_3_10, PYTHON_3_11, PYTHON_3_12, PYTHON_3_13
      entry_point: ["entryPoint"], # required
    },
  },
  role_arn: "RoleArn", # required
  network_configuration: { # required
    network_mode: "PUBLIC", # required, accepts PUBLIC, VPC
    network_mode_config: {
      security_groups: ["SecurityGroupId"], # required
      subnets: ["SubnetId"], # required
    },
  },
  client_token: "ClientToken",
  description: "Description",
  authorizer_configuration: {
    custom_jwt_authorizer: {
      discovery_url: "DiscoveryUrl", # required
      allowed_audience: ["AllowedAudience"],
      allowed_clients: ["AllowedClient"],
      allowed_scopes: ["AllowedScopeType"],
      custom_claims: [
        {
          inbound_token_claim_name: "InboundTokenClaimNameType", # required
          inbound_token_claim_value_type: "STRING", # required, accepts STRING, STRING_ARRAY
          authorizing_claim_match_value: { # required
            claim_match_value: { # required
              match_value_string: "MatchValueString",
              match_value_string_list: ["MatchValueString"],
            },
            claim_match_operator: "EQUALS", # required, accepts EQUALS, CONTAINS, CONTAINS_ANY
          },
        },
      ],
    },
  },
  request_header_configuration: {
    request_header_allowlist: ["HeaderName"],
  },
  protocol_configuration: {
    server_protocol: "MCP", # required, accepts MCP, HTTP, A2A
  },
  lifecycle_configuration: {
    idle_runtime_session_timeout: 1,
    max_lifetime: 1,
  },
  environment_variables: {
    "EnvironmentVariableKey" => "EnvironmentVariableValue",
  },
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure

resp.agent_runtime_arn #=> String
resp.workload_identity_details.workload_identity_arn #=> String
resp.agent_runtime_id #=> String
resp.agent_runtime_version #=> String
resp.created_at #=> Time
resp.status #=> String, one of "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "READY", "DELETING"

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_runtime_name (required, String) —

  The name of the AgentCore Runtime.

• :agent_runtime_artifact (required, Types::AgentRuntimeArtifact) —

  The artifact of the AgentCore Runtime.

• :role_arn (required, String) —

  The IAM role ARN that provides permissions for the AgentCore Runtime.

• :network_configuration (required, Types::NetworkConfiguration) —

  The network configuration for the AgentCore Runtime.

• :client_token (String) —

  A unique, case-sensitive identifier to ensure idempotency of the request.

  A suitable default value is auto-generated. You should normally not need to pass this option.**

• :description (String) —

  The description of the AgentCore Runtime.

• :authorizer_configuration (Types::AuthorizerConfiguration) —

  The authorizer configuration for the AgentCore Runtime.

• :request_header_configuration (Types::RequestHeaderConfiguration) —

  Configuration for HTTP request headers that will be passed through to the runtime.

• :protocol_configuration (Types::ProtocolConfiguration) —

  The protocol configuration for an agent runtime. This structure defines how the agent runtime communicates with clients.

• :lifecycle_configuration (Types::LifecycleConfiguration) —

  The life cycle configuration for the AgentCore Runtime.

• :environment_variables (Hash<String,String>) —

  Environment variables to set in the AgentCore Runtime environment.

• :tags (Hash<String,String>) —

  A map of tag keys and values to assign to the agent runtime. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment.

Returns:

• (Types::CreateAgentRuntimeResponse) —

  Returns a response object which responds to the following methods:

  • #agent_runtime_arn => String
  • #workload_identity_details => Types::WorkloadIdentityDetails
  • #agent_runtime_id => String
  • #agent_runtime_version => String
  • #created_at => Time
  • #status => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 616

def create_agent_runtime(params = {}, options = {})
  req = build_request(:create_agent_runtime, params)
  req.send_request(options)
end

#create_agent_runtime_endpoint(params = {}) ⇒ Types::CreateAgentRuntimeEndpointResponse

Creates an AgentCore Runtime endpoint.

Examples:

Request syntax with placeholder values

resp = client.create_agent_runtime_endpoint({
  agent_runtime_id: "AgentRuntimeId", # required
  name: "EndpointName", # required
  agent_runtime_version: "AgentRuntimeVersion",
  description: "AgentEndpointDescription",
  client_token: "ClientToken",
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure

resp.target_version #=> String
resp.agent_runtime_endpoint_arn #=> String
resp.agent_runtime_arn #=> String
resp.agent_runtime_id #=> String
resp.endpoint_name #=> String
resp.status #=> String, one of "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "READY", "DELETING"
resp.created_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_runtime_id (required, String) —

  The unique identifier of the AgentCore Runtime to create an endpoint for.

• :name (required, String) —

  The name of the AgentCore Runtime endpoint.

• :agent_runtime_version (String) —

  The version of the AgentCore Runtime to use for the endpoint.

• :description (String) —

  The description of the AgentCore Runtime endpoint.

• :client_token (String) —

  A unique, case-sensitive identifier to ensure idempotency of the request.

  A suitable default value is auto-generated. You should normally not need to pass this option.**

• :tags (Hash<String,String>) —

  A map of tag keys and values to assign to the agent runtime endpoint. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment.

Returns:

• (Types::CreateAgentRuntimeEndpointResponse) —

  Returns a response object which responds to the following methods:

  • #target_version => String
  • #agent_runtime_endpoint_arn => String
  • #agent_runtime_arn => String
  • #agent_runtime_id => String
  • #endpoint_name => String
  • #status => String
  • #created_at => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 685

def create_agent_runtime_endpoint(params = {}, options = {})
  req = build_request(:create_agent_runtime_endpoint, params)
  req.send_request(options)
end

#create_api_key_credential_provider(params = {}) ⇒ Types::CreateApiKeyCredentialProviderResponse

Creates a new API key credential provider.

Examples:

Request syntax with placeholder values

resp = client.create_api_key_credential_provider({
  name: "CredentialProviderName", # required
  api_key: "ApiKeyType", # required
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure

resp.api_key_secret_arn.secret_arn #=> String
resp.name #=> String
resp.credential_provider_arn #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :name (required, String) —

  The name of the API key credential provider. The name must be unique within your account.

• :api_key (required, String) —

  The API key to use for authentication. This value is encrypted and stored securely.

• :tags (Hash<String,String>) —

  A map of tag keys and values to assign to the API key credential provider. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment.

Returns:

• (Types::CreateApiKeyCredentialProviderResponse) —

  Returns a response object which responds to the following methods:

  • #api_key_secret_arn => Types::Secret
  • #name => String
  • #credential_provider_arn => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 731

def create_api_key_credential_provider(params = {}, options = {})
  req = build_request(:create_api_key_credential_provider, params)
  req.send_request(options)
end

#create_browser(params = {}) ⇒ Types::CreateBrowserResponse

Creates a custom browser.

Examples:

Request syntax with placeholder values

resp = client.create_browser({
  name: "SandboxName", # required
  description: "Description",
  execution_role_arn: "RoleArn",
  network_configuration: { # required
    network_mode: "PUBLIC", # required, accepts PUBLIC, VPC
    vpc_config: {
      security_groups: ["SecurityGroupId"], # required
      subnets: ["SubnetId"], # required
    },
  },
  recording: {
    enabled: false,
    s3_location: {
      bucket: "S3LocationBucketString", # required
      prefix: "S3LocationPrefixString", # required
      version_id: "S3LocationVersionIdString",
    },
  },
  browser_signing: {
    enabled: false, # required
  },
  client_token: "ClientToken",
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure

resp.browser_id #=> String
resp.browser_arn #=> String
resp.created_at #=> Time
resp.status #=> String, one of "CREATING", "CREATE_FAILED", "READY", "DELETING", "DELETE_FAILED", "DELETED"

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :name (required, String) —

  The name of the browser. The name must be unique within your account.

• :description (String) —

  The description of the browser.

• :execution_role_arn (String) —

  The Amazon Resource Name (ARN) of the IAM role that provides permissions for the browser to access Amazon Web Services services.

• :network_configuration (required, Types::BrowserNetworkConfiguration) —

  The network configuration for the browser. This configuration specifies the network mode for the browser.

• :recording (Types::RecordingConfig) —

  The recording configuration for the browser. When enabled, browser sessions are recorded and stored in the specified Amazon S3 location.

• :browser_signing (Types::BrowserSigningConfigInput) —

  The browser signing configuration that enables cryptographic agent identification using HTTP message signatures for web bot authentication.

• :client_token (String) —

  A unique, case-sensitive identifier to ensure that the operation completes no more than one time. If this token matches a previous request, Amazon Bedrock ignores the request but does not return an error.

  A suitable default value is auto-generated. You should normally not need to pass this option.**

• :tags (Hash<String,String>) —

  A map of tag keys and values to assign to the browser. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment.

Returns:

• (Types::CreateBrowserResponse) —

  Returns a response object which responds to the following methods:

  • #browser_id => String
  • #browser_arn => String
  • #created_at => Time
  • #status => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 823

def create_browser(params = {}, options = {})
  req = build_request(:create_browser, params)
  req.send_request(options)
end

#create_code_interpreter(params = {}) ⇒ Types::CreateCodeInterpreterResponse

Creates a custom code interpreter.

Examples:

Request syntax with placeholder values

resp = client.create_code_interpreter({
  name: "SandboxName", # required
  description: "Description",
  execution_role_arn: "RoleArn",
  network_configuration: { # required
    network_mode: "PUBLIC", # required, accepts PUBLIC, SANDBOX, VPC
    vpc_config: {
      security_groups: ["SecurityGroupId"], # required
      subnets: ["SubnetId"], # required
    },
  },
  client_token: "ClientToken",
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure

resp.code_interpreter_id #=> String
resp.code_interpreter_arn #=> String
resp.created_at #=> Time
resp.status #=> String, one of "CREATING", "CREATE_FAILED", "READY", "DELETING", "DELETE_FAILED", "DELETED"

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :name (required, String) —

  The name of the code interpreter. The name must be unique within your account.

• :description (String) —

  The description of the code interpreter.

• :execution_role_arn (String) —

  The Amazon Resource Name (ARN) of the IAM role that provides permissions for the code interpreter to access Amazon Web Services services.

• :network_configuration (required, Types::CodeInterpreterNetworkConfiguration) —

  The network configuration for the code interpreter. This configuration specifies the network mode for the code interpreter.

• :client_token (String) —

  A unique, case-sensitive identifier to ensure that the operation completes no more than one time. If this token matches a previous request, Amazon Bedrock ignores the request but does not return an error.

  A suitable default value is auto-generated. You should normally not need to pass this option.**

• :tags (Hash<String,String>) —

  A map of tag keys and values to assign to the code interpreter. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment.

Returns:

• (Types::CreateCodeInterpreterResponse) —

  Returns a response object which responds to the following methods:

  • #code_interpreter_id => String
  • #code_interpreter_arn => String
  • #created_at => Time
  • #status => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 897

def create_code_interpreter(params = {}, options = {})
  req = build_request(:create_code_interpreter, params)
  req.send_request(options)
end

#create_evaluator(params = {}) ⇒ Types::CreateEvaluatorResponse

Creates a custom evaluator for agent quality assessment. Custom evaluators use LLM-as-a-Judge configurations with user-defined prompts, rating scales, and model settings to evaluate agent performance at tool call, trace, or session levels.

Examples:

Request syntax with placeholder values

resp = client.create_evaluator({
  client_token: "ClientToken",
  evaluator_name: "CustomEvaluatorName", # required
  description: "EvaluatorDescription",
  evaluator_config: { # required
    llm_as_a_judge: {
      instructions: "EvaluatorInstructions", # required
      rating_scale: { # required
        numerical: [
          {
            definition: "String", # required
            value: 1.0, # required
            label: "NumericalScaleDefinitionLabelString", # required
          },
        ],
        categorical: [
          {
            definition: "String", # required
            label: "CategoricalScaleDefinitionLabelString", # required
          },
        ],
      },
      model_config: { # required
        bedrock_evaluator_model_config: {
          model_id: "ModelId", # required
          inference_config: {
            max_tokens: 1,
            temperature: 1.0,
            top_p: 1.0,
            stop_sequences: ["NonEmptyString"],
          },
          additional_model_request_fields: {
          },
        },
      },
    },
  },
  level: "TOOL_CALL", # required, accepts TOOL_CALL, TRACE, SESSION
})

Response structure

resp.evaluator_arn #=> String
resp.evaluator_id #=> String
resp.created_at #=> Time
resp.status #=> String, one of "ACTIVE", "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "DELETING"

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :client_token (String) —

  A unique, case-sensitive identifier to ensure that the API request completes no more than one time. If you don't specify this field, a value is randomly generated for you. If this token matches a previous request, the service ignores the request, but doesn't return an error. For more information, see Ensuring idempotency.

  A suitable default value is auto-generated. You should normally not need to pass this option.**

• :evaluator_name (required, String) —

  The name of the evaluator. Must be unique within your account.

• :description (String) —

  The description of the evaluator that explains its purpose and evaluation criteria.

• :evaluator_config (required, Types::EvaluatorConfig) —

  The configuration for the evaluator, including LLM-as-a-Judge settings with instructions, rating scale, and model configuration.

• :level (required, String) —

  The evaluation level that determines the scope of evaluation. Valid values are TOOL_CALL for individual tool invocations, TRACE for single request-response interactions, or SESSION for entire conversation sessions.

Returns:

• (Types::CreateEvaluatorResponse) —

  Returns a response object which responds to the following methods:

  • #evaluator_arn => String
  • #evaluator_id => String
  • #created_at => Time
  • #status => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 998

def create_evaluator(params = {}, options = {})
  req = build_request(:create_evaluator, params)
  req.send_request(options)
end

#create_gateway(params = {}) ⇒ Types::CreateGatewayResponse

Creates a gateway for Amazon Bedrock Agent. A gateway serves as an integration point between your agent and external services.

If you specify CUSTOM_JWT as the authorizerType, you must provide an authorizerConfiguration.

Examples:

Request syntax with placeholder values

resp = client.create_gateway({
  name: "GatewayName", # required
  description: "GatewayDescription",
  client_token: "ClientToken",
  role_arn: "RoleArn", # required
  protocol_type: "MCP", # required, accepts MCP
  protocol_configuration: {
    mcp: {
      supported_versions: ["McpVersion"],
      instructions: "McpInstructions",
      search_type: "SEMANTIC", # accepts SEMANTIC
    },
  },
  authorizer_type: "CUSTOM_JWT", # required, accepts CUSTOM_JWT, AWS_IAM, NONE
  authorizer_configuration: {
    custom_jwt_authorizer: {
      discovery_url: "DiscoveryUrl", # required
      allowed_audience: ["AllowedAudience"],
      allowed_clients: ["AllowedClient"],
      allowed_scopes: ["AllowedScopeType"],
      custom_claims: [
        {
          inbound_token_claim_name: "InboundTokenClaimNameType", # required
          inbound_token_claim_value_type: "STRING", # required, accepts STRING, STRING_ARRAY
          authorizing_claim_match_value: { # required
            claim_match_value: { # required
              match_value_string: "MatchValueString",
              match_value_string_list: ["MatchValueString"],
            },
            claim_match_operator: "EQUALS", # required, accepts EQUALS, CONTAINS, CONTAINS_ANY
          },
        },
      ],
    },
  },
  kms_key_arn: "KmsKeyArn",
  interceptor_configurations: [
    {
      interceptor: { # required
        lambda: {
          arn: "LambdaFunctionArn", # required
        },
      },
      interception_points: ["REQUEST"], # required, accepts REQUEST, RESPONSE
      input_configuration: {
        pass_request_headers: false, # required
      },
    },
  ],
  policy_engine_configuration: {
    arn: "GatewayPolicyEngineArn", # required
    mode: "LOG_ONLY", # required, accepts LOG_ONLY, ENFORCE
  },
  exception_level: "DEBUG", # accepts DEBUG
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure

resp.gateway_arn #=> String
resp.gateway_id #=> String
resp.gateway_url #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.status #=> String, one of "CREATING", "UPDATING", "UPDATE_UNSUCCESSFUL", "DELETING", "READY", "FAILED"
resp.status_reasons #=> Array
resp.status_reasons[0] #=> String
resp.name #=> String
resp.description #=> String
resp.role_arn #=> String
resp.protocol_type #=> String, one of "MCP"
resp.protocol_configuration.mcp.supported_versions #=> Array
resp.protocol_configuration.mcp.supported_versions[0] #=> String
resp.protocol_configuration.mcp.instructions #=> String
resp.protocol_configuration.mcp.search_type #=> String, one of "SEMANTIC"
resp.authorizer_type #=> String, one of "CUSTOM_JWT", "AWS_IAM", "NONE"
resp.authorizer_configuration.custom_jwt_authorizer.discovery_url #=> String
resp.authorizer_configuration.custom_jwt_authorizer.allowed_audience #=> Array
resp.authorizer_configuration.custom_jwt_authorizer.allowed_audience[0] #=> String
resp.authorizer_configuration.custom_jwt_authorizer.allowed_clients #=> Array
resp.authorizer_configuration.custom_jwt_authorizer.allowed_clients[0] #=> String
resp.authorizer_configuration.custom_jwt_authorizer.allowed_scopes #=> Array
resp.authorizer_configuration.custom_jwt_authorizer.allowed_scopes[0] #=> String
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims #=> Array
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_name #=> String
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_value_type #=> String, one of "STRING", "STRING_ARRAY"
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].authorizing_claim_match_value.claim_match_value.match_value_string #=> String
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].authorizing_claim_match_value.claim_match_value.match_value_string_list #=> Array
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].authorizing_claim_match_value.claim_match_value.match_value_string_list[0] #=> String
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].authorizing_claim_match_value.claim_match_operator #=> String, one of "EQUALS", "CONTAINS", "CONTAINS_ANY"
resp.kms_key_arn #=> String
resp.interceptor_configurations #=> Array
resp.interceptor_configurations[0].interceptor.lambda.arn #=> String
resp.interceptor_configurations[0].interception_points #=> Array
resp.interceptor_configurations[0].interception_points[0] #=> String, one of "REQUEST", "RESPONSE"
resp.interceptor_configurations[0].input_configuration.pass_request_headers #=> Boolean
resp.policy_engine_configuration.arn #=> String
resp.policy_engine_configuration.mode #=> String, one of "LOG_ONLY", "ENFORCE"
resp.workload_identity_details.workload_identity_arn #=> String
resp.exception_level #=> String, one of "DEBUG"

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :name (required, String) —

  The name of the gateway. The name must be unique within your account.

• :description (String) —

  The description of the gateway.

• :client_token (String) —

  A unique, case-sensitive identifier to ensure that the API request completes no more than one time. If you don't specify this field, a value is randomly generated for you. If this token matches a previous request, the service ignores the request, but doesn't return an error. For more information, see Ensuring idempotency.

  A suitable default value is auto-generated. You should normally not need to pass this option.**

• :role_arn (required, String) —

  The Amazon Resource Name (ARN) of the IAM role that provides permissions for the gateway to access Amazon Web Services services.

• :protocol_type (required, String) —

  The protocol type for the gateway.

• :protocol_configuration (Types::GatewayProtocolConfiguration) —

  The configuration settings for the protocol specified in the protocolType parameter.

• :authorizer_type (required, String) —

  The type of authorizer to use for the gateway.

  • CUSTOM_JWT - Authorize with a bearer token.

  • AWS_IAM - Authorize with your Amazon Web Services IAM credentials.

  • NONE - No authorization

• :authorizer_configuration (Types::AuthorizerConfiguration) —

  The authorizer configuration for the gateway. Required if authorizerType is CUSTOM_JWT.

• :kms_key_arn (String) —

  The Amazon Resource Name (ARN) of the KMS key used to encrypt data associated with the gateway.

• :interceptor_configurations (Array<Types::GatewayInterceptorConfiguration>) —

  A list of configuration settings for a gateway interceptor. Gateway interceptors allow custom code to be invoked during gateway invocations.

• :policy_engine_configuration (Types::GatewayPolicyEngineConfiguration) —

  The policy engine configuration for the gateway. A policy engine is a collection of policies that evaluates and authorizes agent tool calls. When associated with a gateway, the policy engine intercepts all agent requests and determines whether to allow or deny each action based on the defined policies.

• :exception_level (String) —

  The level of detail in error messages returned when invoking the gateway.

  • If the value is DEBUG, granular exception messages are returned to help a user debug the gateway.

  • If the value is omitted, a generic error message is returned to the end user.

• :tags (Hash<String,String>) —

  A map of key-value pairs to associate with the gateway as metadata tags.

Returns:

• (Types::CreateGatewayResponse) —

  Returns a response object which responds to the following methods:

  • #gateway_arn => String
  • #gateway_id => String
  • #gateway_url => String
  • #created_at => Time
  • #updated_at => Time
  • #status => String
  • #status_reasons => Array<String>
  • #name => String
  • #description => String
  • #role_arn => String
  • #protocol_type => String
  • #protocol_configuration => Types::GatewayProtocolConfiguration
  • #authorizer_type => String
  • #authorizer_configuration => Types::AuthorizerConfiguration
  • #kms_key_arn => String
  • #interceptor_configurations => Array<Types::GatewayInterceptorConfiguration>
  • #policy_engine_configuration => Types::GatewayPolicyEngineConfiguration
  • #workload_identity_details => Types::WorkloadIdentityDetails
  • #exception_level => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 1214

def create_gateway(params = {}, options = {})
  req = build_request(:create_gateway, params)
  req.send_request(options)
end

#create_gateway_target(params = {}) ⇒ Types::CreateGatewayTargetResponse

Creates a target for a gateway. A target defines an endpoint that the gateway can connect to.

Examples:

Request syntax with placeholder values

resp = client.create_gateway_target({
  gateway_identifier: "GatewayIdentifier", # required
  name: "TargetName", # required
  description: "TargetDescription",
  client_token: "ClientToken",
  target_configuration: { # required
    mcp: {
      open_api_schema: {
        s3: {
          uri: "S3BucketUri",
          bucket_owner_account_id: "AwsAccountId",
        },
        inline_payload: "InlinePayload",
      },
      smithy_model: {
        s3: {
          uri: "S3BucketUri",
          bucket_owner_account_id: "AwsAccountId",
        },
        inline_payload: "InlinePayload",
      },
      lambda: {
        lambda_arn: "LambdaFunctionArn", # required
        tool_schema: { # required
          s3: {
            uri: "S3BucketUri",
            bucket_owner_account_id: "AwsAccountId",
          },
          inline_payload: [
            {
              name: "String", # required
              description: "String", # required
              input_schema: { # required
                type: "string", # required, accepts string, number, object, array, boolean, integer
                properties: {
                  "String" => {
                    # recursive SchemaDefinition
                  },
                },
                required: ["String"],
                items: {
                  # recursive SchemaDefinition
                },
                description: "String",
              },
              output_schema: {
                type: "string", # required, accepts string, number, object, array, boolean, integer
                properties: {
                  "String" => {
                    # recursive SchemaDefinition
                  },
                },
                required: ["String"],
                items: {
                  # recursive SchemaDefinition
                },
                description: "String",
              },
            },
          ],
        },
      },
      mcp_server: {
        endpoint: "McpServerTargetConfigurationEndpointString", # required
      },
      api_gateway: {
        rest_api_id: "String", # required
        stage: "String", # required
        api_gateway_tool_configuration: { # required
          tool_overrides: [
            {
              name: "String", # required
              description: "String",
              path: "String", # required
              method: "GET", # required, accepts GET, DELETE, HEAD, OPTIONS, PATCH, PUT, POST
            },
          ],
          tool_filters: [ # required
            {
              filter_path: "String", # required
              methods: ["GET"], # required, accepts GET, DELETE, HEAD, OPTIONS, PATCH, PUT, POST
            },
          ],
        },
      },
    },
  },
  credential_provider_configurations: [
    {
      credential_provider_type: "GATEWAY_IAM_ROLE", # required, accepts GATEWAY_IAM_ROLE, OAUTH, API_KEY
      credential_provider: {
        oauth_credential_provider: {
          provider_arn: "OAuthCredentialProviderArn", # required
          scopes: ["OAuthScope"], # required
          custom_parameters: {
            "OAuthCustomParametersKey" => "OAuthCustomParametersValue",
          },
          grant_type: "CLIENT_CREDENTIALS", # accepts CLIENT_CREDENTIALS, AUTHORIZATION_CODE
          default_return_url: "OAuthDefaultReturnUrl",
        },
        api_key_credential_provider: {
          provider_arn: "ApiKeyCredentialProviderArn", # required
          credential_parameter_name: "ApiKeyCredentialParameterName",
          credential_prefix: "ApiKeyCredentialPrefix",
          credential_location: "HEADER", # accepts HEADER, QUERY_PARAMETER
        },
      },
    },
  ],
})

Response structure

resp.gateway_arn #=> String
resp.target_id #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.status #=> String, one of "CREATING", "UPDATING", "UPDATE_UNSUCCESSFUL", "DELETING", "READY", "FAILED", "SYNCHRONIZING", "SYNCHRONIZE_UNSUCCESSFUL"
resp.status_reasons #=> Array
resp.status_reasons[0] #=> String
resp.name #=> String
resp.description #=> String
resp.target_configuration.mcp.open_api_schema.s3.uri #=> String
resp.target_configuration.mcp.open_api_schema.s3.bucket_owner_account_id #=> String
resp.target_configuration.mcp.open_api_schema.inline_payload #=> String
resp.target_configuration.mcp.smithy_model.s3.uri #=> String
resp.target_configuration.mcp.smithy_model.s3.bucket_owner_account_id #=> String
resp.target_configuration.mcp.smithy_model.inline_payload #=> String
resp.target_configuration.mcp.lambda.lambda_arn #=> String
resp.target_configuration.mcp.lambda.tool_schema.s3.uri #=> String
resp.target_configuration.mcp.lambda.tool_schema.s3.bucket_owner_account_id #=> String
resp.target_configuration.mcp.lambda.tool_schema.inline_payload #=> Array
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].name #=> String
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].description #=> String
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.type #=> String, one of "string", "number", "object", "array", "boolean", "integer"
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.properties #=> Hash
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.properties["String"] #=> Types::SchemaDefinition
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.required #=> Array
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.required[0] #=> String
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.items #=> Types::SchemaDefinition
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.description #=> String
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.type #=> String, one of "string", "number", "object", "array", "boolean", "integer"
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.properties #=> Hash
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.properties["String"] #=> Types::SchemaDefinition
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.required #=> Array
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.required[0] #=> String
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.items #=> Types::SchemaDefinition
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.description #=> String
resp.target_configuration.mcp.mcp_server.endpoint #=> String
resp.target_configuration.mcp.api_gateway.rest_api_id #=> String
resp.target_configuration.mcp.api_gateway.stage #=> String
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_overrides #=> Array
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_overrides[0].name #=> String
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_overrides[0].description #=> String
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_overrides[0].path #=> String
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_overrides[0].method #=> String, one of "GET", "DELETE", "HEAD", "OPTIONS", "PATCH", "PUT", "POST"
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters #=> Array
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters[0].filter_path #=> String
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters[0].methods #=> Array
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters[0].methods[0] #=> String, one of "GET", "DELETE", "HEAD", "OPTIONS", "PATCH", "PUT", "POST"
resp.credential_provider_configurations #=> Array
resp.credential_provider_configurations[0].credential_provider_type #=> String, one of "GATEWAY_IAM_ROLE", "OAUTH", "API_KEY"
resp.credential_provider_configurations[0].credential_provider.oauth_credential_provider.provider_arn #=> String
resp.credential_provider_configurations[0].credential_provider.oauth_credential_provider.scopes #=> Array
resp.credential_provider_configurations[0].credential_provider.oauth_credential_provider.scopes[0] #=> String
resp.credential_provider_configurations[0].credential_provider.oauth_credential_provider.custom_parameters #=> Hash
resp.credential_provider_configurations[0].credential_provider.oauth_credential_provider.custom_parameters["OAuthCustomParametersKey"] #=> String
resp.credential_provider_configurations[0].credential_provider.oauth_credential_provider.grant_type #=> String, one of "CLIENT_CREDENTIALS", "AUTHORIZATION_CODE"
resp.credential_provider_configurations[0].credential_provider.oauth_credential_provider.default_return_url #=> String
resp.credential_provider_configurations[0].credential_provider.api_key_credential_provider.provider_arn #=> String
resp.credential_provider_configurations[0].credential_provider.api_key_credential_provider.credential_parameter_name #=> String
resp.credential_provider_configurations[0].credential_provider.api_key_credential_provider.credential_prefix #=> String
resp.credential_provider_configurations[0].credential_provider.api_key_credential_provider.credential_location #=> String, one of "HEADER", "QUERY_PARAMETER"
resp.last_synchronized_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :gateway_identifier (required, String) —

  The identifier of the gateway to create a target for.

• :name (required, String) —

  The name of the gateway target. The name must be unique within the gateway.

• :description (String) —

  The description of the gateway target.

• :client_token (String) —

  A unique, case-sensitive identifier to ensure that the API request completes no more than one time. If you don't specify this field, a value is randomly generated for you. If this token matches a previous request, the service ignores the request, but doesn't return an error. For more information, see Ensuring idempotency.

  A suitable default value is auto-generated. You should normally not need to pass this option.**

• :target_configuration (required, Types::TargetConfiguration) —

  The configuration settings for the target, including endpoint information and schema definitions.

• :credential_provider_configurations (Array<Types::CredentialProviderConfiguration>) —

  The credential provider configurations for the target. These configurations specify how the gateway authenticates with the target endpoint.

Returns:

• (Types::CreateGatewayTargetResponse) —

  Returns a response object which responds to the following methods:

  • #gateway_arn => String
  • #target_id => String
  • #created_at => Time
  • #updated_at => Time
  • #status => String
  • #status_reasons => Array<String>
  • #name => String
  • #description => String
  • #target_configuration => Types::TargetConfiguration
  • #credential_provider_configurations => Array<Types::CredentialProviderConfiguration>
  • #last_synchronized_at => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 1450

def create_gateway_target(params = {}, options = {})
  req = build_request(:create_gateway_target, params)
  req.send_request(options)
end

#create_memory(params = {}) ⇒ Types::CreateMemoryOutput

Creates a new Amazon Bedrock AgentCore Memory resource.

Examples:

Request syntax with placeholder values

resp = client.create_memory({
  client_token: "CreateMemoryInputClientTokenString",
  name: "Name", # required
  description: "Description",
  encryption_key_arn: "Arn",
  memory_execution_role_arn: "Arn",
  event_expiry_duration: 1, # required
  memory_strategies: [
    {
      semantic_memory_strategy: {
        name: "Name", # required
        description: "Description",
        namespaces: ["Namespace"],
      },
      summary_memory_strategy: {
        name: "Name", # required
        description: "Description",
        namespaces: ["Namespace"],
      },
      user_preference_memory_strategy: {
        name: "Name", # required
        description: "Description",
        namespaces: ["Namespace"],
      },
      custom_memory_strategy: {
        name: "Name", # required
        description: "Description",
        namespaces: ["Namespace"],
        configuration: {
          semantic_override: {
            extraction: {
              append_to_prompt: "Prompt", # required
              model_id: "String", # required
            },
            consolidation: {
              append_to_prompt: "Prompt", # required
              model_id: "String", # required
            },
          },
          summary_override: {
            consolidation: {
              append_to_prompt: "Prompt", # required
              model_id: "String", # required
            },
          },
          user_preference_override: {
            extraction: {
              append_to_prompt: "Prompt", # required
              model_id: "String", # required
            },
            consolidation: {
              append_to_prompt: "Prompt", # required
              model_id: "String", # required
            },
          },
          episodic_override: {
            extraction: {
              append_to_prompt: "Prompt", # required
              model_id: "String", # required
            },
            consolidation: {
              append_to_prompt: "Prompt", # required
              model_id: "String", # required
            },
            reflection: {
              append_to_prompt: "Prompt", # required
              model_id: "String", # required
              namespaces: ["Namespace"],
            },
          },
          self_managed_configuration: {
            trigger_conditions: [
              {
                message_based_trigger: {
                  message_count: 1,
                },
                token_based_trigger: {
                  token_count: 1,
                },
                time_based_trigger: {
                  idle_session_timeout: 1,
                },
              },
            ],
            invocation_configuration: { # required
              topic_arn: "Arn", # required
              payload_delivery_bucket_name: "InvocationConfigurationInputPayloadDeliveryBucketNameString", # required
            },
            historical_context_window_size: 1,
          },
        },
      },
      episodic_memory_strategy: {
        name: "Name", # required
        description: "Description",
        namespaces: ["Namespace"],
        reflection_configuration: {
          namespaces: ["Namespace"], # required
        },
      },
    },
  ],
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure

resp.memory.arn #=> String
resp.memory.id #=> String
resp.memory.name #=> String
resp.memory.description #=> String
resp.memory.encryption_key_arn #=> String
resp.memory.memory_execution_role_arn #=> String
resp.memory.event_expiry_duration #=> Integer
resp.memory.status #=> String, one of "CREATING", "ACTIVE", "FAILED", "DELETING"
resp.memory.failure_reason #=> String
resp.memory.created_at #=> Time
resp.memory.updated_at #=> Time
resp.memory.strategies #=> Array
resp.memory.strategies[0].strategy_id #=> String
resp.memory.strategies[0].name #=> String
resp.memory.strategies[0].description #=> String
resp.memory.strategies[0].configuration.type #=> String, one of "SEMANTIC_OVERRIDE", "SUMMARY_OVERRIDE", "USER_PREFERENCE_OVERRIDE", "SELF_MANAGED", "EPISODIC_OVERRIDE"
resp.memory.strategies[0].configuration.extraction.custom_extraction_configuration.semantic_extraction_override.append_to_prompt #=> String
resp.memory.strategies[0].configuration.extraction.custom_extraction_configuration.semantic_extraction_override.model_id #=> String
resp.memory.strategies[0].configuration.extraction.custom_extraction_configuration.user_preference_extraction_override.append_to_prompt #=> String
resp.memory.strategies[0].configuration.extraction.custom_extraction_configuration.user_preference_extraction_override.model_id #=> String
resp.memory.strategies[0].configuration.extraction.custom_extraction_configuration.episodic_extraction_override.append_to_prompt #=> String
resp.memory.strategies[0].configuration.extraction.custom_extraction_configuration.episodic_extraction_override.model_id #=> String
resp.memory.strategies[0].configuration.consolidation.custom_consolidation_configuration.semantic_consolidation_override.append_to_prompt #=> String
resp.memory.strategies[0].configuration.consolidation.custom_consolidation_configuration.semantic_consolidation_override.model_id #=> String
resp.memory.strategies[0].configuration.consolidation.custom_consolidation_configuration.summary_consolidation_override.append_to_prompt #=> String
resp.memory.strategies[0].configuration.consolidation.custom_consolidation_configuration.summary_consolidation_override.model_id #=> String
resp.memory.strategies[0].configuration.consolidation.custom_consolidation_configuration.user_preference_consolidation_override.append_to_prompt #=> String
resp.memory.strategies[0].configuration.consolidation.custom_consolidation_configuration.user_preference_consolidation_override.model_id #=> String
resp.memory.strategies[0].configuration.consolidation.custom_consolidation_configuration.episodic_consolidation_override.append_to_prompt #=> String
resp.memory.strategies[0].configuration.consolidation.custom_consolidation_configuration.episodic_consolidation_override.model_id #=> String
resp.memory.strategies[0].configuration.reflection.custom_reflection_configuration.episodic_reflection_override.append_to_prompt #=> String
resp.memory.strategies[0].configuration.reflection.custom_reflection_configuration.episodic_reflection_override.model_id #=> String
resp.memory.strategies[0].configuration.reflection.custom_reflection_configuration.episodic_reflection_override.namespaces #=> Array
resp.memory.strategies[0].configuration.reflection.custom_reflection_configuration.episodic_reflection_override.namespaces[0] #=> String
resp.memory.strategies[0].configuration.reflection.episodic_reflection_configuration.namespaces #=> Array
resp.memory.strategies[0].configuration.reflection.episodic_reflection_configuration.namespaces[0] #=> String
resp.memory.strategies[0].configuration.self_managed_configuration.trigger_conditions #=> Array
resp.memory.strategies[0].configuration.self_managed_configuration.trigger_conditions[0].message_based_trigger.message_count #=> Integer
resp.memory.strategies[0].configuration.self_managed_configuration.trigger_conditions[0].token_based_trigger.token_count #=> Integer
resp.memory.strategies[0].configuration.self_managed_configuration.trigger_conditions[0].time_based_trigger.idle_session_timeout #=> Integer
resp.memory.strategies[0].configuration.self_managed_configuration.invocation_configuration.topic_arn #=> String
resp.memory.strategies[0].configuration.self_managed_configuration.invocation_configuration.payload_delivery_bucket_name #=> String
resp.memory.strategies[0].configuration.self_managed_configuration.historical_context_window_size #=> Integer
resp.memory.strategies[0].type #=> String, one of "SEMANTIC", "SUMMARIZATION", "USER_PREFERENCE", "CUSTOM", "EPISODIC"
resp.memory.strategies[0].namespaces #=> Array
resp.memory.strategies[0].namespaces[0] #=> String
resp.memory.strategies[0].created_at #=> Time
resp.memory.strategies[0].updated_at #=> Time
resp.memory.strategies[0].status #=> String, one of "CREATING", "ACTIVE", "DELETING", "FAILED"

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :client_token (String) —

  A unique, case-sensitive identifier to ensure that the operation completes no more than one time. If this token matches a previous request, Amazon Bedrock ignores the request but does not return an error.

  A suitable default value is auto-generated. You should normally not need to pass this option.**

• :name (required, String) —

  The name of the memory. The name must be unique within your account.

• :description (String) —

  The description of the memory.

• :encryption_key_arn (String) —

  The Amazon Resource Name (ARN) of the KMS key used to encrypt the memory data.

• :memory_execution_role_arn (String) —

  The Amazon Resource Name (ARN) of the IAM role that provides permissions for the memory to access Amazon Web Services services.

• :event_expiry_duration (required, Integer) —

  The duration after which memory events expire. Specified as an ISO 8601 duration.

• :memory_strategies (Array<Types::MemoryStrategyInput>) —

  The memory strategies to use for this memory. Strategies define how information is extracted, processed, and consolidated.

• :tags (Hash<String,String>) —

  A map of tag keys and values to assign to an AgentCore Memory. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment.

Returns:

• (Types::CreateMemoryOutput) —

  Returns a response object which responds to the following methods:

  • #memory => Types::Memory

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 1662

def create_memory(params = {}, options = {})
  req = build_request(:create_memory, params)
  req.send_request(options)
end

#create_oauth_2_credential_provider(params = {}) ⇒ Types::CreateOauth2CredentialProviderResponse

Creates a new OAuth2 credential provider.

Examples:

Request syntax with placeholder values

resp = client.create_oauth_2_credential_provider({
  name: "CredentialProviderName", # required
  credential_provider_vendor: "GoogleOauth2", # required, accepts GoogleOauth2, GithubOauth2, SlackOauth2, SalesforceOauth2, MicrosoftOauth2, CustomOauth2, AtlassianOauth2, LinkedinOauth2, XOauth2, OktaOauth2, OneLoginOauth2, PingOneOauth2, FacebookOauth2, YandexOauth2, RedditOauth2, ZoomOauth2, TwitchOauth2, SpotifyOauth2, DropboxOauth2, NotionOauth2, HubspotOauth2, CyberArkOauth2, FusionAuthOauth2, Auth0Oauth2, CognitoOauth2
  oauth2_provider_config_input: { # required
    custom_oauth_2_provider_config: {
      oauth_discovery: { # required
        discovery_url: "DiscoveryUrlType",
        authorization_server_metadata: {
          issuer: "IssuerUrlType", # required
          authorization_endpoint: "AuthorizationEndpointType", # required
          token_endpoint: "TokenEndpointType", # required
          response_types: ["ResponseType"],
          token_endpoint_auth_methods: ["TokenAuthMethod"],
        },
      },
      client_id: "ClientIdType", # required
      client_secret: "ClientSecretType", # required
    },
    google_oauth_2_provider_config: {
      client_id: "ClientIdType", # required
      client_secret: "ClientSecretType", # required
    },
    github_oauth_2_provider_config: {
      client_id: "ClientIdType", # required
      client_secret: "ClientSecretType", # required
    },
    slack_oauth_2_provider_config: {
      client_id: "ClientIdType", # required
      client_secret: "ClientSecretType", # required
    },
    salesforce_oauth_2_provider_config: {
      client_id: "ClientIdType", # required
      client_secret: "ClientSecretType", # required
    },
    microsoft_oauth_2_provider_config: {
      client_id: "ClientIdType", # required
      client_secret: "ClientSecretType", # required
      tenant_id: "TenantIdType",
    },
    atlassian_oauth_2_provider_config: {
      client_id: "ClientIdType", # required
      client_secret: "ClientSecretType", # required
    },
    linkedin_oauth_2_provider_config: {
      client_id: "ClientIdType", # required
      client_secret: "ClientSecretType", # required
    },
    included_oauth_2_provider_config: {
      client_id: "ClientIdType", # required
      client_secret: "ClientSecretType", # required
      issuer: "IssuerUrlType",
      authorization_endpoint: "AuthorizationEndpointType",
      token_endpoint: "TokenEndpointType",
    },
  },
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure

resp.client_secret_arn.secret_arn #=> String
resp.name #=> String
resp.credential_provider_arn #=> String
resp.callback_url #=> String
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.client_id #=> String
resp.oauth2_provider_config_output.google_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.google_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.google_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.google_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.google_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.google_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.google_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.google_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.google_oauth_2_provider_config.client_id #=> String
resp.oauth2_provider_config_output.github_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.github_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.github_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.github_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.github_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.github_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.github_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.github_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.github_oauth_2_provider_config.client_id #=> String
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.client_id #=> String
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.client_id #=> String
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.client_id #=> String
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.client_id #=> String
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.client_id #=> String
resp.oauth2_provider_config_output.included_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.included_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.included_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.included_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.included_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.included_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.included_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.included_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.included_oauth_2_provider_config.client_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :name (required, String) —

  The name of the OAuth2 credential provider. The name must be unique within your account.

• :credential_provider_vendor (required, String) —

  The vendor of the OAuth2 credential provider. This specifies which OAuth2 implementation to use.

• :oauth2_provider_config_input (required, Types::Oauth2ProviderConfigInput) —

  The configuration settings for the OAuth2 provider, including client ID, client secret, and other vendor-specific settings.

• :tags (Hash<String,String>) —

  A map of tag keys and values to assign to the OAuth2 credential provider. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment.

Returns:

• (Types::CreateOauth2CredentialProviderResponse) —

  Returns a response object which responds to the following methods:

  • #client_secret_arn => Types::Secret
  • #name => String
  • #credential_provider_arn => String
  • #callback_url => String
  • #oauth2_provider_config_output => Types::Oauth2ProviderConfigOutput

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 1848

def create_oauth_2_credential_provider(params = {}, options = {})
  req = build_request(:create_oauth_2_credential_provider, params)
  req.send_request(options)
end

#create_online_evaluation_config(params = {}) ⇒ Types::CreateOnlineEvaluationConfigResponse

Creates an online evaluation configuration for continuous monitoring of agent performance. Online evaluation automatically samples live traffic from CloudWatch logs at specified rates and applies evaluators to assess agent quality in production.

Examples:

Request syntax with placeholder values

resp = client.create_online_evaluation_config({
  client_token: "ClientToken",
  online_evaluation_config_name: "EvaluationConfigName", # required
  description: "EvaluationConfigDescription",
  rule: { # required
    sampling_config: { # required
      sampling_percentage: 1.0, # required
    },
    filters: [
      {
        key: "FilterKeyString", # required
        operator: "Equals", # required, accepts Equals, NotEquals, GreaterThan, LessThan, GreaterThanOrEqual, LessThanOrEqual, Contains, NotContains
        value: { # required
          string_value: "FilterValueStringValueString",
          double_value: 1.0,
          boolean_value: false,
        },
      },
    ],
    session_config: {
      session_timeout_minutes: 1, # required
    },
  },
  data_source_config: { # required
    cloud_watch_logs: {
      log_group_names: ["LogGroupName"], # required
      service_names: ["ServiceName"], # required
    },
  },
  evaluators: [ # required
    {
      evaluator_id: "EvaluatorId",
    },
  ],
  evaluation_execution_role_arn: "RoleArn", # required
  enable_on_create: false, # required
})

Response structure

resp.online_evaluation_config_arn #=> String
resp.online_evaluation_config_id #=> String
resp.created_at #=> Time
resp.output_config.cloud_watch_config.log_group_name #=> String
resp.status #=> String, one of "ACTIVE", "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "DELETING"
resp.execution_status #=> String, one of "ENABLED", "DISABLED"
resp.failure_reason #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :client_token (String) —

  A unique, case-sensitive identifier to ensure that the API request completes no more than one time. If you don't specify this field, a value is randomly generated for you. If this token matches a previous request, the service ignores the request, but doesn't return an error. For more information, see Ensuring idempotency.

  A suitable default value is auto-generated. You should normally not need to pass this option.**

• :online_evaluation_config_name (required, String) —

  The name of the online evaluation configuration. Must be unique within your account.

• :description (String) —

  The description of the online evaluation configuration that explains its monitoring purpose and scope.

• :rule (required, Types::Rule) —

  The evaluation rule that defines sampling configuration, filters, and session detection settings for the online evaluation.

• :data_source_config (required, Types::DataSourceConfig) —

  The data source configuration that specifies CloudWatch log groups and service names to monitor for agent traces.

• :evaluators (required, Array<Types::EvaluatorReference>) —

  The list of evaluators to apply during online evaluation. Can include both built-in evaluators and custom evaluators created with CreateEvaluator.

• :evaluation_execution_role_arn (required, String) —

  The Amazon Resource Name (ARN) of the IAM role that grants permissions to read from CloudWatch logs, write evaluation results, and invoke Amazon Bedrock models for evaluation.

• :enable_on_create (required, Boolean) —

  Whether to enable the online evaluation configuration immediately upon creation. If true, evaluation begins automatically.

Returns:

• (Types::CreateOnlineEvaluationConfigResponse) —

  Returns a response object which responds to the following methods:

  • #online_evaluation_config_arn => String
  • #online_evaluation_config_id => String
  • #created_at => Time
  • #output_config => Types::OutputConfig
  • #status => String
  • #execution_status => String
  • #failure_reason => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 1966

def create_online_evaluation_config(params = {}, options = {})
  req = build_request(:create_online_evaluation_config, params)
  req.send_request(options)
end

#create_policy(params = {}) ⇒ Types::CreatePolicyResponse

Creates a policy within the AgentCore Policy system. Policies provide real-time, deterministic control over agentic interactions with AgentCore Gateway. Using the Cedar policy language, you can define fine-grained policies that specify which interactions with Gateway tools are permitted based on input parameters and OAuth claims, ensuring agents operate within defined boundaries and business rules. The policy is validated during creation against the Cedar schema generated from the Gateway's tools' input schemas, which defines the available tools, their parameters, and expected data types. This is an asynchronous operation. Use the GetPolicy operation to poll the status field to track completion.

Examples:

Request syntax with placeholder values

resp = client.create_policy({
  name: "PolicyName", # required
  definition: { # required
    cedar: {
      statement: "Statement", # required
    },
  },
  description: "Description",
  validation_mode: "FAIL_ON_ANY_FINDINGS", # accepts FAIL_ON_ANY_FINDINGS, IGNORE_ALL_FINDINGS
  policy_engine_id: "ResourceId", # required
  client_token: "ClientToken",
})

Response structure

resp.policy_id #=> String
resp.name #=> String
resp.policy_engine_id #=> String
resp.definition.cedar.statement #=> String
resp.description #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.policy_arn #=> String
resp.status #=> String, one of "CREATING", "ACTIVE", "UPDATING", "DELETING", "CREATE_FAILED", "UPDATE_FAILED", "DELETE_FAILED"
resp.status_reasons #=> Array
resp.status_reasons[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :name (required, String) —

  The customer-assigned immutable name for the policy. Must be unique within the account. This name is used for policy identification and cannot be changed after creation.

• :definition (required, Types::PolicyDefinition) —

  The Cedar policy statement that defines the access control rules. This contains the actual policy logic written in Cedar policy language, specifying effect (permit or forbid), principals, actions, resources, and conditions for agent behavior control.

• :description (String) —

  A human-readable description of the policy's purpose and functionality (1-4,096 characters). This helps policy administrators understand the policy's intent, business rules, and operational scope. Use this field to document why the policy exists, what business requirement it addresses, and any special considerations for maintenance. Clear descriptions are essential for policy governance, auditing, and troubleshooting.

• :validation_mode (String) —

  The validation mode for the policy creation. Determines how Cedar analyzer validation results are handled during policy creation. FAIL_ON_ANY_FINDINGS (default) runs the Cedar analyzer to validate the policy against the Cedar schema and tool context, failing creation if the analyzer detects any validation issues to ensure strict conformance. IGNORE_ALL_FINDINGS runs the Cedar analyzer but allows policy creation even if validation issues are detected, useful for testing or when the policy schema is evolving. Use FAIL_ON_ANY_FINDINGS for production policies to ensure correctness, and IGNORE_ALL_FINDINGS only when you understand and accept the analyzer findings.

• :policy_engine_id (required, String) —

  The identifier of the policy engine which contains this policy. Policy engines group related policies and provide the execution context for policy evaluation.

• :client_token (String) —

  A unique, case-sensitive identifier to ensure the idempotency of the request. The AWS SDK automatically generates this token, so you don't need to provide it in most cases. If you retry a request with the same client token, the service returns the same response without creating a duplicate policy.

  A suitable default value is auto-generated. You should normally not need to pass this option.**

Returns:

• (Types::CreatePolicyResponse) —

  Returns a response object which responds to the following methods:

  • #policy_id => String
  • #name => String
  • #policy_engine_id => String
  • #definition => Types::PolicyDefinition
  • #description => String
  • #created_at => Time
  • #updated_at => Time
  • #policy_arn => String
  • #status => String
  • #status_reasons => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 2081

def create_policy(params = {}, options = {})
  req = build_request(:create_policy, params)
  req.send_request(options)
end

#create_policy_engine(params = {}) ⇒ Types::CreatePolicyEngineResponse

Creates a new policy engine within the AgentCore Policy system. A policy engine is a collection of policies that evaluates and authorizes agent tool calls. When associated with Gateways (each Gateway can be associated with at most one policy engine, but multiple Gateways can be associated with the same engine), the policy engine intercepts all agent requests and determines whether to allow or deny each action based on the defined policies. This is an asynchronous operation. Use the GetPolicyEngine operation to poll the status field to track completion.

Examples:

Request syntax with placeholder values

resp = client.create_policy_engine({
  name: "PolicyEngineName", # required
  description: "Description",
  client_token: "ClientToken",
})

Response structure

resp.policy_engine_id #=> String
resp.name #=> String
resp.description #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.policy_engine_arn #=> String
resp.status #=> String, one of "CREATING", "ACTIVE", "UPDATING", "DELETING", "CREATE_FAILED", "UPDATE_FAILED", "DELETE_FAILED"
resp.status_reasons #=> Array
resp.status_reasons[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :name (required, String) —

  The customer-assigned immutable name for the policy engine. This name identifies the policy engine and cannot be changed after creation.

• :description (String) —

  A human-readable description of the policy engine's purpose and scope (1-4,096 characters). This helps administrators understand the policy engine's role in the overall governance strategy. Document which Gateway this engine will be associated with, what types of tools or workflows it governs, and the team or service responsible for maintaining it. Clear descriptions are essential when managing multiple policy engines across different services or environments.

• :client_token (String) —

  A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. If you retry a request with the same client token, the service returns the same response without creating a duplicate policy engine.

  A suitable default value is auto-generated. You should normally not need to pass this option.**

Returns:

• (Types::CreatePolicyEngineResponse) —

  Returns a response object which responds to the following methods:

  • #policy_engine_id => String
  • #name => String
  • #description => String
  • #created_at => Time
  • #updated_at => Time
  • #policy_engine_arn => String
  • #status => String
  • #status_reasons => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 2157

def create_policy_engine(params = {}, options = {})
  req = build_request(:create_policy_engine, params)
  req.send_request(options)
end

#create_workload_identity(params = {}) ⇒ Types::CreateWorkloadIdentityResponse

Creates a new workload identity.

Examples:

Request syntax with placeholder values

resp = client.create_workload_identity({
  name: "WorkloadIdentityNameType", # required
  allowed_resource_oauth_2_return_urls: ["ResourceOauth2ReturnUrlType"],
  tags: {
    "TagKey" => "TagValue",
  },
})

Response structure

resp.name #=> String
resp.workload_identity_arn #=> String
resp.allowed_resource_oauth_2_return_urls #=> Array
resp.allowed_resource_oauth_2_return_urls[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :name (required, String) —

  The name of the workload identity. The name must be unique within your account.

• :allowed_resource_oauth_2_return_urls (Array<String>) —

  The list of allowed OAuth2 return URLs for resources associated with this workload identity.

• :tags (Hash<String,String>) —

  A map of tag keys and values to assign to the workload identity. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment.

Returns:

• (Types::CreateWorkloadIdentityResponse) —

  Returns a response object which responds to the following methods:

  • #name => String
  • #workload_identity_arn => String
  • #allowed_resource_oauth_2_return_urls => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 2204

def create_workload_identity(params = {}, options = {})
  req = build_request(:create_workload_identity, params)
  req.send_request(options)
end

#delete_agent_runtime(params = {}) ⇒ Types::DeleteAgentRuntimeResponse

Deletes an Amazon Bedrock AgentCore Runtime.

Examples:

Request syntax with placeholder values

resp = client.delete_agent_runtime({
  agent_runtime_id: "AgentRuntimeId", # required
  client_token: "ClientToken",
})

Response structure

resp.status #=> String, one of "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "READY", "DELETING"
resp.agent_runtime_id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_runtime_id (required, String) —

  The unique identifier of the AgentCore Runtime to delete.

• :client_token (String) —

  A unique, case-sensitive identifier to ensure that the operation completes no more than one time. If this token matches a previous request, the service ignores the request but does not return an error.

  A suitable default value is auto-generated. You should normally not need to pass this option.**

Returns:

• (Types::DeleteAgentRuntimeResponse) —

  Returns a response object which responds to the following methods:

  • #status => String
  • #agent_runtime_id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 2243

def delete_agent_runtime(params = {}, options = {})
  req = build_request(:delete_agent_runtime, params)
  req.send_request(options)
end

#delete_agent_runtime_endpoint(params = {}) ⇒ Types::DeleteAgentRuntimeEndpointResponse

Deletes an AAgentCore Runtime endpoint.

Examples:

Request syntax with placeholder values

resp = client.delete_agent_runtime_endpoint({
  agent_runtime_id: "AgentRuntimeId", # required
  endpoint_name: "EndpointName", # required
  client_token: "ClientToken",
})

Response structure

resp.status #=> String, one of "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "READY", "DELETING"
resp.agent_runtime_id #=> String
resp.endpoint_name #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_runtime_id (required, String) —

  The unique identifier of the AgentCore Runtime associated with the endpoint.

• :endpoint_name (required, String) —

  The name of the AgentCore Runtime endpoint to delete.

• :client_token (String) —

  A unique, case-sensitive identifier to ensure idempotency of the request.

  A suitable default value is auto-generated. You should normally not need to pass this option.**

Returns:

• (Types::DeleteAgentRuntimeEndpointResponse) —

  Returns a response object which responds to the following methods:

  • #status => String
  • #agent_runtime_id => String
  • #endpoint_name => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 2288

def delete_agent_runtime_endpoint(params = {}, options = {})
  req = build_request(:delete_agent_runtime_endpoint, params)
  req.send_request(options)
end

#delete_api_key_credential_provider(params = {}) ⇒ Struct

Deletes an API key credential provider.

Examples:

Request syntax with placeholder values

resp = client.delete_api_key_credential_provider({
  name: "CredentialProviderName", # required
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :name (required, String) —

  The name of the API key credential provider to delete.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 2310

def delete_api_key_credential_provider(params = {}, options = {})
  req = build_request(:delete_api_key_credential_provider, params)
  req.send_request(options)
end

#delete_browser(params = {}) ⇒ Types::DeleteBrowserResponse

Deletes a custom browser.

Examples:

Request syntax with placeholder values

resp = client.delete_browser({
  browser_id: "BrowserId", # required
  client_token: "ClientToken",
})

Response structure

resp.browser_id #=> String
resp.status #=> String, one of "CREATING", "CREATE_FAILED", "READY", "DELETING", "DELETE_FAILED", "DELETED"
resp.last_updated_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :browser_id (required, String) —

  The unique identifier of the browser to delete.

• :client_token (String) —

  A unique, case-sensitive identifier to ensure idempotency of the request.

  A suitable default value is auto-generated. You should normally not need to pass this option.**

Returns:

• (Types::DeleteBrowserResponse) —

  Returns a response object which responds to the following methods:

  • #browser_id => String
  • #status => String
  • #last_updated_at => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 2350

def delete_browser(params = {}, options = {})
  req = build_request(:delete_browser, params)
  req.send_request(options)
end

#delete_code_interpreter(params = {}) ⇒ Types::DeleteCodeInterpreterResponse

Deletes a custom code interpreter.

Examples:

Request syntax with placeholder values

resp = client.delete_code_interpreter({
  code_interpreter_id: "CodeInterpreterId", # required
  client_token: "ClientToken",
})

Response structure

resp.code_interpreter_id #=> String
resp.status #=> String, one of "CREATING", "CREATE_FAILED", "READY", "DELETING", "DELETE_FAILED", "DELETED"
resp.last_updated_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :code_interpreter_id (required, String) —

  The unique identifier of the code interpreter to delete.

• :client_token (String) —

  A unique, case-sensitive identifier to ensure idempotency of the request.

  A suitable default value is auto-generated. You should normally not need to pass this option.**

Returns:

• (Types::DeleteCodeInterpreterResponse) —

  Returns a response object which responds to the following methods:

  • #code_interpreter_id => String
  • #status => String
  • #last_updated_at => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 2390

def delete_code_interpreter(params = {}, options = {})
  req = build_request(:delete_code_interpreter, params)
  req.send_request(options)
end

#delete_evaluator(params = {}) ⇒ Types::DeleteEvaluatorResponse

Deletes a custom evaluator. Builtin evaluators cannot be deleted. The evaluator must not be referenced by any active online evaluation configurations.

Examples:

Request syntax with placeholder values

resp = client.delete_evaluator({
  evaluator_id: "EvaluatorId", # required
})

Response structure

resp.evaluator_arn #=> String
resp.evaluator_id #=> String
resp.status #=> String, one of "ACTIVE", "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "DELETING"

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :evaluator_id (required, String) —

  The unique identifier of the evaluator to delete.

Returns:

• (Types::DeleteEvaluatorResponse) —

  Returns a response object which responds to the following methods:

  • #evaluator_arn => String
  • #evaluator_id => String
  • #status => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 2424

def delete_evaluator(params = {}, options = {})
  req = build_request(:delete_evaluator, params)
  req.send_request(options)
end

#delete_gateway(params = {}) ⇒ Types::DeleteGatewayResponse

Deletes a gateway.

Examples:

Request syntax with placeholder values

resp = client.delete_gateway({
  gateway_identifier: "GatewayIdentifier", # required
})

Response structure

resp.gateway_id #=> String
resp.status #=> String, one of "CREATING", "UPDATING", "UPDATE_UNSUCCESSFUL", "DELETING", "READY", "FAILED"
resp.status_reasons #=> Array
resp.status_reasons[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :gateway_identifier (required, String) —

  The identifier of the gateway to delete.

Returns:

• (Types::DeleteGatewayResponse) —

  Returns a response object which responds to the following methods:

  • #gateway_id => String
  • #status => String
  • #status_reasons => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 2457

def delete_gateway(params = {}, options = {})
  req = build_request(:delete_gateway, params)
  req.send_request(options)
end

#delete_gateway_target(params = {}) ⇒ Types::DeleteGatewayTargetResponse

Deletes a gateway target.

Examples:

Request syntax with placeholder values

resp = client.delete_gateway_target({
  gateway_identifier: "GatewayIdentifier", # required
  target_id: "TargetId", # required
})

Response structure

resp.gateway_arn #=> String
resp.target_id #=> String
resp.status #=> String, one of "CREATING", "UPDATING", "UPDATE_UNSUCCESSFUL", "DELETING", "READY", "FAILED", "SYNCHRONIZING", "SYNCHRONIZE_UNSUCCESSFUL"
resp.status_reasons #=> Array
resp.status_reasons[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :gateway_identifier (required, String) —

  The unique identifier of the gateway associated with the target.

• :target_id (required, String) —

  The unique identifier of the gateway target to delete.

Returns:

• (Types::DeleteGatewayTargetResponse) —

  Returns a response object which responds to the following methods:

  • #gateway_arn => String
  • #target_id => String
  • #status => String
  • #status_reasons => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 2496

def delete_gateway_target(params = {}, options = {})
  req = build_request(:delete_gateway_target, params)
  req.send_request(options)
end

#delete_memory(params = {}) ⇒ Types::DeleteMemoryOutput

Deletes an Amazon Bedrock AgentCore Memory resource.

Examples:

Request syntax with placeholder values

resp = client.delete_memory({
  client_token: "DeleteMemoryInputClientTokenString",
  memory_id: "MemoryId", # required
})

Response structure

resp.memory_id #=> String
resp.status #=> String, one of "CREATING", "ACTIVE", "FAILED", "DELETING"

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :client_token (String) —

  A client token is used for keeping track of idempotent requests. It can contain a session id which can be around 250 chars, combined with a unique AWS identifier.

  A suitable default value is auto-generated. You should normally not need to pass this option.**

• :memory_id (required, String) —

  The unique identifier of the memory to delete.

Returns:

• (Types::DeleteMemoryOutput) —

  Returns a response object which responds to the following methods:

  • #memory_id => String
  • #status => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 2535

def delete_memory(params = {}, options = {})
  req = build_request(:delete_memory, params)
  req.send_request(options)
end

#delete_oauth_2_credential_provider(params = {}) ⇒ Struct

Deletes an OAuth2 credential provider.

Examples:

Request syntax with placeholder values

resp = client.delete_oauth_2_credential_provider({
  name: "CredentialProviderName", # required
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :name (required, String) —

  The name of the OAuth2 credential provider to delete.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 2557

def delete_oauth_2_credential_provider(params = {}, options = {})
  req = build_request(:delete_oauth_2_credential_provider, params)
  req.send_request(options)
end

#delete_online_evaluation_config(params = {}) ⇒ Types::DeleteOnlineEvaluationConfigResponse

Deletes an online evaluation configuration and stops any ongoing evaluation processes associated with it.

Examples:

Request syntax with placeholder values

resp = client.delete_online_evaluation_config({
  online_evaluation_config_id: "OnlineEvaluationConfigId", # required
})

Response structure

resp.online_evaluation_config_arn #=> String
resp.online_evaluation_config_id #=> String
resp.status #=> String, one of "ACTIVE", "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "DELETING"

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :online_evaluation_config_id (required, String) —

  The unique identifier of the online evaluation configuration to delete.

Returns:

• (Types::DeleteOnlineEvaluationConfigResponse) —

  Returns a response object which responds to the following methods:

  • #online_evaluation_config_arn => String
  • #online_evaluation_config_id => String
  • #status => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 2591

def delete_online_evaluation_config(params = {}, options = {})
  req = build_request(:delete_online_evaluation_config, params)
  req.send_request(options)
end

#delete_policy(params = {}) ⇒ Types::DeletePolicyResponse

Deletes an existing policy from the AgentCore Policy system. Once deleted, the policy can no longer be used for agent behavior control and all references to it become invalid. This is an asynchronous operation. Use the GetPolicy operation to poll the status field to track completion.

Examples:

Request syntax with placeholder values

resp = client.delete_policy({
  policy_engine_id: "ResourceId", # required
  policy_id: "ResourceId", # required
})

Response structure

resp.policy_id #=> String
resp.name #=> String
resp.policy_engine_id #=> String
resp.definition.cedar.statement #=> String
resp.description #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.policy_arn #=> String
resp.status #=> String, one of "CREATING", "ACTIVE", "UPDATING", "DELETING", "CREATE_FAILED", "UPDATE_FAILED", "DELETE_FAILED"
resp.status_reasons #=> Array
resp.status_reasons[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :policy_engine_id (required, String) —

  The identifier of the policy engine that manages the policy to be deleted. This ensures the policy is deleted from the correct policy engine context.

• :policy_id (required, String) —

  The unique identifier of the policy to be deleted. This must be a valid policy ID that exists within the specified policy engine.

Returns:

• (Types::DeletePolicyResponse) —

  Returns a response object which responds to the following methods:

  • #policy_id => String
  • #name => String
  • #policy_engine_id => String
  • #definition => Types::PolicyDefinition
  • #description => String
  • #created_at => Time
  • #updated_at => Time
  • #policy_arn => String
  • #status => String
  • #status_reasons => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 2649

def delete_policy(params = {}, options = {})
  req = build_request(:delete_policy, params)
  req.send_request(options)
end

#delete_policy_engine(params = {}) ⇒ Types::DeletePolicyEngineResponse

Deletes an existing policy engine from the AgentCore Policy system. The policy engine must not have any associated policies before deletion. Once deleted, the policy engine and all its configurations become unavailable for policy management and evaluation. This is an asynchronous operation. Use the GetPolicyEngine operation to poll the status field to track completion.

Examples:

Request syntax with placeholder values

resp = client.delete_policy_engine({
  policy_engine_id: "ResourceId", # required
})

Response structure

resp.policy_engine_id #=> String
resp.name #=> String
resp.description #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.policy_engine_arn #=> String
resp.status #=> String, one of "CREATING", "ACTIVE", "UPDATING", "DELETING", "CREATE_FAILED", "UPDATE_FAILED", "DELETE_FAILED"
resp.status_reasons #=> Array
resp.status_reasons[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :policy_engine_id (required, String) —

  The unique identifier of the policy engine to be deleted. This must be a valid policy engine ID that exists within the account.

Returns:

• (Types::DeletePolicyEngineResponse) —

  Returns a response object which responds to the following methods:

  • #policy_engine_id => String
  • #name => String
  • #description => String
  • #created_at => Time
  • #updated_at => Time
  • #policy_engine_arn => String
  • #status => String
  • #status_reasons => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 2698

def delete_policy_engine(params = {}, options = {})
  req = build_request(:delete_policy_engine, params)
  req.send_request(options)
end

#delete_resource_policy(params = {}) ⇒ Struct

Deletes the resource-based policy for a specified resource.

This feature is currently available only for AgentCore Runtime and Gateway.

Examples:

Request syntax with placeholder values

resp = client.delete_resource_policy({
  resource_arn: "BedrockAgentcoreResourceArn", # required
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :resource_arn (required, String) —

  The Amazon Resource Name (ARN) of the resource for which to delete the resource policy.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 2726

def delete_resource_policy(params = {}, options = {})
  req = build_request(:delete_resource_policy, params)
  req.send_request(options)
end

#delete_workload_identity(params = {}) ⇒ Struct

Deletes a workload identity.

Examples:

Request syntax with placeholder values

resp = client.delete_workload_identity({
  name: "WorkloadIdentityNameType", # required
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :name (required, String) —

  The name of the workload identity to delete.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 2748

def delete_workload_identity(params = {}, options = {})
  req = build_request(:delete_workload_identity, params)
  req.send_request(options)
end

#get_agent_runtime(params = {}) ⇒ Types::GetAgentRuntimeResponse

Gets an Amazon Bedrock AgentCore Runtime.

Examples:

Request syntax with placeholder values

resp = client.get_agent_runtime({
  agent_runtime_id: "AgentRuntimeId", # required
  agent_runtime_version: "AgentRuntimeVersion",
})

Response structure

resp.agent_runtime_arn #=> String
resp.agent_runtime_name #=> String
resp.agent_runtime_id #=> String
resp.agent_runtime_version #=> String
resp.created_at #=> Time
resp.last_updated_at #=> Time
resp.role_arn #=> String
resp.network_configuration.network_mode #=> String, one of "PUBLIC", "VPC"
resp.network_configuration.network_mode_config.security_groups #=> Array
resp.network_configuration.network_mode_config.security_groups[0] #=> String
resp.network_configuration.network_mode_config.subnets #=> Array
resp.network_configuration.network_mode_config.subnets[0] #=> String
resp.status #=> String, one of "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "READY", "DELETING"
resp.lifecycle_configuration.idle_runtime_session_timeout #=> Integer
resp.lifecycle_configuration.max_lifetime #=> Integer
resp.failure_reason #=> String
resp.description #=> String
resp.workload_identity_details.workload_identity_arn #=> String
resp.agent_runtime_artifact.container_configuration.container_uri #=> String
resp.agent_runtime_artifact.code_configuration.code.s3.bucket #=> String
resp.agent_runtime_artifact.code_configuration.code.s3.prefix #=> String
resp.agent_runtime_artifact.code_configuration.code.s3.version_id #=> String
resp.agent_runtime_artifact.code_configuration.runtime #=> String, one of "PYTHON_3_10", "PYTHON_3_11", "PYTHON_3_12", "PYTHON_3_13"
resp.agent_runtime_artifact.code_configuration.entry_point #=> Array
resp.agent_runtime_artifact.code_configuration.entry_point[0] #=> String
resp.protocol_configuration.server_protocol #=> String, one of "MCP", "HTTP", "A2A"
resp.environment_variables #=> Hash
resp.environment_variables["EnvironmentVariableKey"] #=> String
resp.authorizer_configuration.custom_jwt_authorizer.discovery_url #=> String
resp.authorizer_configuration.custom_jwt_authorizer.allowed_audience #=> Array
resp.authorizer_configuration.custom_jwt_authorizer.allowed_audience[0] #=> String
resp.authorizer_configuration.custom_jwt_authorizer.allowed_clients #=> Array
resp.authorizer_configuration.custom_jwt_authorizer.allowed_clients[0] #=> String
resp.authorizer_configuration.custom_jwt_authorizer.allowed_scopes #=> Array
resp.authorizer_configuration.custom_jwt_authorizer.allowed_scopes[0] #=> String
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims #=> Array
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_name #=> String
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_value_type #=> String, one of "STRING", "STRING_ARRAY"
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].authorizing_claim_match_value.claim_match_value.match_value_string #=> String
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].authorizing_claim_match_value.claim_match_value.match_value_string_list #=> Array
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].authorizing_claim_match_value.claim_match_value.match_value_string_list[0] #=> String
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].authorizing_claim_match_value.claim_match_operator #=> String, one of "EQUALS", "CONTAINS", "CONTAINS_ANY"
resp.request_header_configuration.request_header_allowlist #=> Array
resp.request_header_configuration.request_header_allowlist[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_runtime_id (required, String) —

  The unique identifier of the AgentCore Runtime to retrieve.

• :agent_runtime_version (String) —

  The version of the AgentCore Runtime to retrieve.

Returns:

• (Types::GetAgentRuntimeResponse) —

  Returns a response object which responds to the following methods:

  • #agent_runtime_arn => String
  • #agent_runtime_name => String
  • #agent_runtime_id => String
  • #agent_runtime_version => String
  • #created_at => Time
  • #last_updated_at => Time
  • #role_arn => String
  • #network_configuration => Types::NetworkConfiguration
  • #status => String
  • #lifecycle_configuration => Types::LifecycleConfiguration
  • #failure_reason => String
  • #description => String
  • #workload_identity_details => Types::WorkloadIdentityDetails
  • #agent_runtime_artifact => Types::AgentRuntimeArtifact
  • #protocol_configuration => Types::ProtocolConfiguration
  • #environment_variables => Hash<String,String>
  • #authorizer_configuration => Types::AuthorizerConfiguration
  • #request_header_configuration => Types::RequestHeaderConfiguration

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 2840

def get_agent_runtime(params = {}, options = {})
  req = build_request(:get_agent_runtime, params)
  req.send_request(options)
end

#get_agent_runtime_endpoint(params = {}) ⇒ Types::GetAgentRuntimeEndpointResponse

Gets information about an Amazon Secure AgentEndpoint.

Examples:

Request syntax with placeholder values

resp = client.get_agent_runtime_endpoint({
  agent_runtime_id: "AgentRuntimeId", # required
  endpoint_name: "EndpointName", # required
})

Response structure

resp.live_version #=> String
resp.target_version #=> String
resp.agent_runtime_endpoint_arn #=> String
resp.agent_runtime_arn #=> String
resp.description #=> String
resp.status #=> String, one of "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "READY", "DELETING"
resp.created_at #=> Time
resp.last_updated_at #=> Time
resp.failure_reason #=> String
resp.name #=> String
resp.id #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_runtime_id (required, String) —

  The unique identifier of the AgentCore Runtime associated with the endpoint.

• :endpoint_name (required, String) —

  The name of the AgentCore Runtime endpoint to retrieve.

Returns:

• (Types::GetAgentRuntimeEndpointResponse) —

  Returns a response object which responds to the following methods:

  • #live_version => String
  • #target_version => String
  • #agent_runtime_endpoint_arn => String
  • #agent_runtime_arn => String
  • #description => String
  • #status => String
  • #created_at => Time
  • #last_updated_at => Time
  • #failure_reason => String
  • #name => String
  • #id => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 2893

def get_agent_runtime_endpoint(params = {}, options = {})
  req = build_request(:get_agent_runtime_endpoint, params)
  req.send_request(options)
end

#get_api_key_credential_provider(params = {}) ⇒ Types::GetApiKeyCredentialProviderResponse

Retrieves information about an API key credential provider.

Examples:

Request syntax with placeholder values

resp = client.get_api_key_credential_provider({
  name: "CredentialProviderName", # required
})

Response structure

resp.api_key_secret_arn.secret_arn #=> String
resp.name #=> String
resp.credential_provider_arn #=> String
resp.created_time #=> Time
resp.last_updated_time #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :name (required, String) —

  The name of the API key credential provider to retrieve.

Returns:

• (Types::GetApiKeyCredentialProviderResponse) —

  Returns a response object which responds to the following methods:

  • #api_key_secret_arn => Types::Secret
  • #name => String
  • #credential_provider_arn => String
  • #created_time => Time
  • #last_updated_time => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 2929

def get_api_key_credential_provider(params = {}, options = {})
  req = build_request(:get_api_key_credential_provider, params)
  req.send_request(options)
end

#get_browser(params = {}) ⇒ Types::GetBrowserResponse

Gets information about a custom browser.

Examples:

Request syntax with placeholder values

resp = client.get_browser({
  browser_id: "BrowserId", # required
})

Response structure

resp.browser_id #=> String
resp.browser_arn #=> String
resp.name #=> String
resp.description #=> String
resp.execution_role_arn #=> String
resp.network_configuration.network_mode #=> String, one of "PUBLIC", "VPC"
resp.network_configuration.vpc_config.security_groups #=> Array
resp.network_configuration.vpc_config.security_groups[0] #=> String
resp.network_configuration.vpc_config.subnets #=> Array
resp.network_configuration.vpc_config.subnets[0] #=> String
resp.recording.enabled #=> Boolean
resp.recording.s3_location.bucket #=> String
resp.recording.s3_location.prefix #=> String
resp.recording.s3_location.version_id #=> String
resp.browser_signing.enabled #=> Boolean
resp.status #=> String, one of "CREATING", "CREATE_FAILED", "READY", "DELETING", "DELETE_FAILED", "DELETED"
resp.failure_reason #=> String
resp.created_at #=> Time
resp.last_updated_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :browser_id (required, String) —

  The unique identifier of the browser to retrieve.

Returns:

• (Types::GetBrowserResponse) —

  Returns a response object which responds to the following methods:

  • #browser_id => String
  • #browser_arn => String
  • #name => String
  • #description => String
  • #execution_role_arn => String
  • #network_configuration => Types::BrowserNetworkConfiguration
  • #recording => Types::RecordingConfig
  • #browser_signing => Types::BrowserSigningConfigOutput
  • #status => String
  • #failure_reason => String
  • #created_at => Time
  • #last_updated_at => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 2986

def get_browser(params = {}, options = {})
  req = build_request(:get_browser, params)
  req.send_request(options)
end

#get_code_interpreter(params = {}) ⇒ Types::GetCodeInterpreterResponse

Gets information about a custom code interpreter.

Examples:

Request syntax with placeholder values

resp = client.get_code_interpreter({
  code_interpreter_id: "CodeInterpreterId", # required
})

Response structure

resp.code_interpreter_id #=> String
resp.code_interpreter_arn #=> String
resp.name #=> String
resp.description #=> String
resp.execution_role_arn #=> String
resp.network_configuration.network_mode #=> String, one of "PUBLIC", "SANDBOX", "VPC"
resp.network_configuration.vpc_config.security_groups #=> Array
resp.network_configuration.vpc_config.security_groups[0] #=> String
resp.network_configuration.vpc_config.subnets #=> Array
resp.network_configuration.vpc_config.subnets[0] #=> String
resp.status #=> String, one of "CREATING", "CREATE_FAILED", "READY", "DELETING", "DELETE_FAILED", "DELETED"
resp.failure_reason #=> String
resp.created_at #=> Time
resp.last_updated_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :code_interpreter_id (required, String) —

  The unique identifier of the code interpreter to retrieve.

Returns:

• (Types::GetCodeInterpreterResponse) —

  Returns a response object which responds to the following methods:

  • #code_interpreter_id => String
  • #code_interpreter_arn => String
  • #name => String
  • #description => String
  • #execution_role_arn => String
  • #network_configuration => Types::CodeInterpreterNetworkConfiguration
  • #status => String
  • #failure_reason => String
  • #created_at => Time
  • #last_updated_at => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 3036

def get_code_interpreter(params = {}, options = {})
  req = build_request(:get_code_interpreter, params)
  req.send_request(options)
end

#get_evaluator(params = {}) ⇒ Types::GetEvaluatorResponse

Retrieves detailed information about an evaluator, including its configuration, status, and metadata. Works with both built-in and custom evaluators.

Examples:

Request syntax with placeholder values

resp = client.get_evaluator({
  evaluator_id: "EvaluatorId", # required
})

Response structure

resp.evaluator_arn #=> String
resp.evaluator_id #=> String
resp.evaluator_name #=> String
resp.description #=> String
resp.evaluator_config.llm_as_a_judge.instructions #=> String
resp.evaluator_config.llm_as_a_judge.rating_scale.numerical #=> Array
resp.evaluator_config.llm_as_a_judge.rating_scale.numerical[0].definition #=> String
resp.evaluator_config.llm_as_a_judge.rating_scale.numerical[0].value #=> Float
resp.evaluator_config.llm_as_a_judge.rating_scale.numerical[0].label #=> String
resp.evaluator_config.llm_as_a_judge.rating_scale.categorical #=> Array
resp.evaluator_config.llm_as_a_judge.rating_scale.categorical[0].definition #=> String
resp.evaluator_config.llm_as_a_judge.rating_scale.categorical[0].label #=> String
resp.evaluator_config.llm_as_a_judge.model_config.bedrock_evaluator_model_config.model_id #=> String
resp.evaluator_config.llm_as_a_judge.model_config.bedrock_evaluator_model_config.inference_config.max_tokens #=> Integer
resp.evaluator_config.llm_as_a_judge.model_config.bedrock_evaluator_model_config.inference_config.temperature #=> Float
resp.evaluator_config.llm_as_a_judge.model_config.bedrock_evaluator_model_config.inference_config.top_p #=> Float
resp.evaluator_config.llm_as_a_judge.model_config.bedrock_evaluator_model_config.inference_config.stop_sequences #=> Array
resp.evaluator_config.llm_as_a_judge.model_config.bedrock_evaluator_model_config.inference_config.stop_sequences[0] #=> String
resp.level #=> String, one of "TOOL_CALL", "TRACE", "SESSION"
resp.status #=> String, one of "ACTIVE", "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "DELETING"
resp.created_at #=> Time
resp.updated_at #=> Time
resp.locked_for_modification #=> Boolean

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :evaluator_id (required, String) —

  The unique identifier of the evaluator to retrieve. Can be a built-in evaluator ID (e.g., Builtin.Helpfulness) or a custom evaluator ID.

Returns:

• (Types::GetEvaluatorResponse) —

  Returns a response object which responds to the following methods:

  • #evaluator_arn => String
  • #evaluator_id => String
  • #evaluator_name => String
  • #description => String
  • #evaluator_config => Types::EvaluatorConfig
  • #level => String
  • #status => String
  • #created_at => Time
  • #updated_at => Time
  • #locked_for_modification => Boolean

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 3098

def get_evaluator(params = {}, options = {})
  req = build_request(:get_evaluator, params)
  req.send_request(options)
end

#get_gateway(params = {}) ⇒ Types::GetGatewayResponse

Retrieves information about a specific Gateway.

Examples:

Request syntax with placeholder values

resp = client.get_gateway({
  gateway_identifier: "GatewayIdentifier", # required
})

Response structure

resp.gateway_arn #=> String
resp.gateway_id #=> String
resp.gateway_url #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.status #=> String, one of "CREATING", "UPDATING", "UPDATE_UNSUCCESSFUL", "DELETING", "READY", "FAILED"
resp.status_reasons #=> Array
resp.status_reasons[0] #=> String
resp.name #=> String
resp.description #=> String
resp.role_arn #=> String
resp.protocol_type #=> String, one of "MCP"
resp.protocol_configuration.mcp.supported_versions #=> Array
resp.protocol_configuration.mcp.supported_versions[0] #=> String
resp.protocol_configuration.mcp.instructions #=> String
resp.protocol_configuration.mcp.search_type #=> String, one of "SEMANTIC"
resp.authorizer_type #=> String, one of "CUSTOM_JWT", "AWS_IAM", "NONE"
resp.authorizer_configuration.custom_jwt_authorizer.discovery_url #=> String
resp.authorizer_configuration.custom_jwt_authorizer.allowed_audience #=> Array
resp.authorizer_configuration.custom_jwt_authorizer.allowed_audience[0] #=> String
resp.authorizer_configuration.custom_jwt_authorizer.allowed_clients #=> Array
resp.authorizer_configuration.custom_jwt_authorizer.allowed_clients[0] #=> String
resp.authorizer_configuration.custom_jwt_authorizer.allowed_scopes #=> Array
resp.authorizer_configuration.custom_jwt_authorizer.allowed_scopes[0] #=> String
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims #=> Array
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_name #=> String
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_value_type #=> String, one of "STRING", "STRING_ARRAY"
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].authorizing_claim_match_value.claim_match_value.match_value_string #=> String
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].authorizing_claim_match_value.claim_match_value.match_value_string_list #=> Array
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].authorizing_claim_match_value.claim_match_value.match_value_string_list[0] #=> String
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].authorizing_claim_match_value.claim_match_operator #=> String, one of "EQUALS", "CONTAINS", "CONTAINS_ANY"
resp.kms_key_arn #=> String
resp.interceptor_configurations #=> Array
resp.interceptor_configurations[0].interceptor.lambda.arn #=> String
resp.interceptor_configurations[0].interception_points #=> Array
resp.interceptor_configurations[0].interception_points[0] #=> String, one of "REQUEST", "RESPONSE"
resp.interceptor_configurations[0].input_configuration.pass_request_headers #=> Boolean
resp.policy_engine_configuration.arn #=> String
resp.policy_engine_configuration.mode #=> String, one of "LOG_ONLY", "ENFORCE"
resp.workload_identity_details.workload_identity_arn #=> String
resp.exception_level #=> String, one of "DEBUG"

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :gateway_identifier (required, String) —

  The identifier of the gateway to retrieve.

Returns:

• (Types::GetGatewayResponse) —

  Returns a response object which responds to the following methods:

  • #gateway_arn => String
  • #gateway_id => String
  • #gateway_url => String
  • #created_at => Time
  • #updated_at => Time
  • #status => String
  • #status_reasons => Array<String>
  • #name => String
  • #description => String
  • #role_arn => String
  • #protocol_type => String
  • #protocol_configuration => Types::GatewayProtocolConfiguration
  • #authorizer_type => String
  • #authorizer_configuration => Types::AuthorizerConfiguration
  • #kms_key_arn => String
  • #interceptor_configurations => Array<Types::GatewayInterceptorConfiguration>
  • #policy_engine_configuration => Types::GatewayPolicyEngineConfiguration
  • #workload_identity_details => Types::WorkloadIdentityDetails
  • #exception_level => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 3184

def get_gateway(params = {}, options = {})
  req = build_request(:get_gateway, params)
  req.send_request(options)
end

#get_gateway_target(params = {}) ⇒ Types::GetGatewayTargetResponse

Retrieves information about a specific gateway target.

Examples:

Request syntax with placeholder values

resp = client.get_gateway_target({
  gateway_identifier: "GatewayIdentifier", # required
  target_id: "TargetId", # required
})

Response structure

resp.gateway_arn #=> String
resp.target_id #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.status #=> String, one of "CREATING", "UPDATING", "UPDATE_UNSUCCESSFUL", "DELETING", "READY", "FAILED", "SYNCHRONIZING", "SYNCHRONIZE_UNSUCCESSFUL"
resp.status_reasons #=> Array
resp.status_reasons[0] #=> String
resp.name #=> String
resp.description #=> String
resp.target_configuration.mcp.open_api_schema.s3.uri #=> String
resp.target_configuration.mcp.open_api_schema.s3.bucket_owner_account_id #=> String
resp.target_configuration.mcp.open_api_schema.inline_payload #=> String
resp.target_configuration.mcp.smithy_model.s3.uri #=> String
resp.target_configuration.mcp.smithy_model.s3.bucket_owner_account_id #=> String
resp.target_configuration.mcp.smithy_model.inline_payload #=> String
resp.target_configuration.mcp.lambda.lambda_arn #=> String
resp.target_configuration.mcp.lambda.tool_schema.s3.uri #=> String
resp.target_configuration.mcp.lambda.tool_schema.s3.bucket_owner_account_id #=> String
resp.target_configuration.mcp.lambda.tool_schema.inline_payload #=> Array
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].name #=> String
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].description #=> String
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.type #=> String, one of "string", "number", "object", "array", "boolean", "integer"
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.properties #=> Hash
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.properties["String"] #=> Types::SchemaDefinition
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.required #=> Array
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.required[0] #=> String
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.items #=> Types::SchemaDefinition
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.description #=> String
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.type #=> String, one of "string", "number", "object", "array", "boolean", "integer"
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.properties #=> Hash
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.properties["String"] #=> Types::SchemaDefinition
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.required #=> Array
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.required[0] #=> String
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.items #=> Types::SchemaDefinition
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.description #=> String
resp.target_configuration.mcp.mcp_server.endpoint #=> String
resp.target_configuration.mcp.api_gateway.rest_api_id #=> String
resp.target_configuration.mcp.api_gateway.stage #=> String
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_overrides #=> Array
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_overrides[0].name #=> String
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_overrides[0].description #=> String
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_overrides[0].path #=> String
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_overrides[0].method #=> String, one of "GET", "DELETE", "HEAD", "OPTIONS", "PATCH", "PUT", "POST"
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters #=> Array
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters[0].filter_path #=> String
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters[0].methods #=> Array
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters[0].methods[0] #=> String, one of "GET", "DELETE", "HEAD", "OPTIONS", "PATCH", "PUT", "POST"
resp.credential_provider_configurations #=> Array
resp.credential_provider_configurations[0].credential_provider_type #=> String, one of "GATEWAY_IAM_ROLE", "OAUTH", "API_KEY"
resp.credential_provider_configurations[0].credential_provider.oauth_credential_provider.provider_arn #=> String
resp.credential_provider_configurations[0].credential_provider.oauth_credential_provider.scopes #=> Array
resp.credential_provider_configurations[0].credential_provider.oauth_credential_provider.scopes[0] #=> String
resp.credential_provider_configurations[0].credential_provider.oauth_credential_provider.custom_parameters #=> Hash
resp.credential_provider_configurations[0].credential_provider.oauth_credential_provider.custom_parameters["OAuthCustomParametersKey"] #=> String
resp.credential_provider_configurations[0].credential_provider.oauth_credential_provider.grant_type #=> String, one of "CLIENT_CREDENTIALS", "AUTHORIZATION_CODE"
resp.credential_provider_configurations[0].credential_provider.oauth_credential_provider.default_return_url #=> String
resp.credential_provider_configurations[0].credential_provider.api_key_credential_provider.provider_arn #=> String
resp.credential_provider_configurations[0].credential_provider.api_key_credential_provider.credential_parameter_name #=> String
resp.credential_provider_configurations[0].credential_provider.api_key_credential_provider.credential_prefix #=> String
resp.credential_provider_configurations[0].credential_provider.api_key_credential_provider.credential_location #=> String, one of "HEADER", "QUERY_PARAMETER"
resp.last_synchronized_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :gateway_identifier (required, String) —

  The identifier of the gateway that contains the target.

• :target_id (required, String) —

  The unique identifier of the target to retrieve.

Returns:

• (Types::GetGatewayTargetResponse) —

  Returns a response object which responds to the following methods:

  • #gateway_arn => String
  • #target_id => String
  • #created_at => Time
  • #updated_at => Time
  • #status => String
  • #status_reasons => Array<String>
  • #name => String
  • #description => String
  • #target_configuration => Types::TargetConfiguration
  • #credential_provider_configurations => Array<Types::CredentialProviderConfiguration>
  • #last_synchronized_at => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 3286

def get_gateway_target(params = {}, options = {})
  req = build_request(:get_gateway_target, params)
  req.send_request(options)
end

#get_memory(params = {}) ⇒ Types::GetMemoryOutput

Retrieve an existing Amazon Bedrock AgentCore Memory resource.

The following waiters are defined for this operation (see #wait_until for detailed usage):

• memory_created

Examples:

Request syntax with placeholder values

resp = client.get_memory({
  memory_id: "MemoryId", # required
})

Response structure

resp.memory.arn #=> String
resp.memory.id #=> String
resp.memory.name #=> String
resp.memory.description #=> String
resp.memory.encryption_key_arn #=> String
resp.memory.memory_execution_role_arn #=> String
resp.memory.event_expiry_duration #=> Integer
resp.memory.status #=> String, one of "CREATING", "ACTIVE", "FAILED", "DELETING"
resp.memory.failure_reason #=> String
resp.memory.created_at #=> Time
resp.memory.updated_at #=> Time
resp.memory.strategies #=> Array
resp.memory.strategies[0].strategy_id #=> String
resp.memory.strategies[0].name #=> String
resp.memory.strategies[0].description #=> String
resp.memory.strategies[0].configuration.type #=> String, one of "SEMANTIC_OVERRIDE", "SUMMARY_OVERRIDE", "USER_PREFERENCE_OVERRIDE", "SELF_MANAGED", "EPISODIC_OVERRIDE"
resp.memory.strategies[0].configuration.extraction.custom_extraction_configuration.semantic_extraction_override.append_to_prompt #=> String
resp.memory.strategies[0].configuration.extraction.custom_extraction_configuration.semantic_extraction_override.model_id #=> String
resp.memory.strategies[0].configuration.extraction.custom_extraction_configuration.user_preference_extraction_override.append_to_prompt #=> String
resp.memory.strategies[0].configuration.extraction.custom_extraction_configuration.user_preference_extraction_override.model_id #=> String
resp.memory.strategies[0].configuration.extraction.custom_extraction_configuration.episodic_extraction_override.append_to_prompt #=> String
resp.memory.strategies[0].configuration.extraction.custom_extraction_configuration.episodic_extraction_override.model_id #=> String
resp.memory.strategies[0].configuration.consolidation.custom_consolidation_configuration.semantic_consolidation_override.append_to_prompt #=> String
resp.memory.strategies[0].configuration.consolidation.custom_consolidation_configuration.semantic_consolidation_override.model_id #=> String
resp.memory.strategies[0].configuration.consolidation.custom_consolidation_configuration.summary_consolidation_override.append_to_prompt #=> String
resp.memory.strategies[0].configuration.consolidation.custom_consolidation_configuration.summary_consolidation_override.model_id #=> String
resp.memory.strategies[0].configuration.consolidation.custom_consolidation_configuration.user_preference_consolidation_override.append_to_prompt #=> String
resp.memory.strategies[0].configuration.consolidation.custom_consolidation_configuration.user_preference_consolidation_override.model_id #=> String
resp.memory.strategies[0].configuration.consolidation.custom_consolidation_configuration.episodic_consolidation_override.append_to_prompt #=> String
resp.memory.strategies[0].configuration.consolidation.custom_consolidation_configuration.episodic_consolidation_override.model_id #=> String
resp.memory.strategies[0].configuration.reflection.custom_reflection_configuration.episodic_reflection_override.append_to_prompt #=> String
resp.memory.strategies[0].configuration.reflection.custom_reflection_configuration.episodic_reflection_override.model_id #=> String
resp.memory.strategies[0].configuration.reflection.custom_reflection_configuration.episodic_reflection_override.namespaces #=> Array
resp.memory.strategies[0].configuration.reflection.custom_reflection_configuration.episodic_reflection_override.namespaces[0] #=> String
resp.memory.strategies[0].configuration.reflection.episodic_reflection_configuration.namespaces #=> Array
resp.memory.strategies[0].configuration.reflection.episodic_reflection_configuration.namespaces[0] #=> String
resp.memory.strategies[0].configuration.self_managed_configuration.trigger_conditions #=> Array
resp.memory.strategies[0].configuration.self_managed_configuration.trigger_conditions[0].message_based_trigger.message_count #=> Integer
resp.memory.strategies[0].configuration.self_managed_configuration.trigger_conditions[0].token_based_trigger.token_count #=> Integer
resp.memory.strategies[0].configuration.self_managed_configuration.trigger_conditions[0].time_based_trigger.idle_session_timeout #=> Integer
resp.memory.strategies[0].configuration.self_managed_configuration.invocation_configuration.topic_arn #=> String
resp.memory.strategies[0].configuration.self_managed_configuration.invocation_configuration.payload_delivery_bucket_name #=> String
resp.memory.strategies[0].configuration.self_managed_configuration.historical_context_window_size #=> Integer
resp.memory.strategies[0].type #=> String, one of "SEMANTIC", "SUMMARIZATION", "USER_PREFERENCE", "CUSTOM", "EPISODIC"
resp.memory.strategies[0].namespaces #=> Array
resp.memory.strategies[0].namespaces[0] #=> String
resp.memory.strategies[0].created_at #=> Time
resp.memory.strategies[0].updated_at #=> Time
resp.memory.strategies[0].status #=> String, one of "CREATING", "ACTIVE", "DELETING", "FAILED"

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :memory_id (required, String) —

  The unique identifier of the memory to retrieve.

Returns:

• (Types::GetMemoryOutput) —

  Returns a response object which responds to the following methods:

  • #memory => Types::Memory

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 3367

def get_memory(params = {}, options = {})
  req = build_request(:get_memory, params)
  req.send_request(options)
end

#get_oauth_2_credential_provider(params = {}) ⇒ Types::GetOauth2CredentialProviderResponse

Retrieves information about an OAuth2 credential provider.

Examples:

Request syntax with placeholder values

resp = client.get_oauth_2_credential_provider({
  name: "CredentialProviderName", # required
})

Response structure

resp.client_secret_arn.secret_arn #=> String
resp.name #=> String
resp.credential_provider_arn #=> String
resp.credential_provider_vendor #=> String, one of "GoogleOauth2", "GithubOauth2", "SlackOauth2", "SalesforceOauth2", "MicrosoftOauth2", "CustomOauth2", "AtlassianOauth2", "LinkedinOauth2", "XOauth2", "OktaOauth2", "OneLoginOauth2", "PingOneOauth2", "FacebookOauth2", "YandexOauth2", "RedditOauth2", "ZoomOauth2", "TwitchOauth2", "SpotifyOauth2", "DropboxOauth2", "NotionOauth2", "HubspotOauth2", "CyberArkOauth2", "FusionAuthOauth2", "Auth0Oauth2", "CognitoOauth2"
resp.callback_url #=> String
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.client_id #=> String
resp.oauth2_provider_config_output.google_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.google_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.google_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.google_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.google_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.google_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.google_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.google_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.google_oauth_2_provider_config.client_id #=> String
resp.oauth2_provider_config_output.github_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.github_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.github_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.github_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.github_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.github_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.github_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.github_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.github_oauth_2_provider_config.client_id #=> String
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.client_id #=> String
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.client_id #=> String
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.client_id #=> String
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.client_id #=> String
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.client_id #=> String
resp.oauth2_provider_config_output.included_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.included_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.included_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.included_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.included_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.included_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.included_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.included_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.included_oauth_2_provider_config.client_id #=> String
resp.created_time #=> Time
resp.last_updated_time #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :name (required, String) —

  The name of the OAuth2 credential provider to retrieve.

Returns:

• (Types::GetOauth2CredentialProviderResponse) —

  Returns a response object which responds to the following methods:

  • #client_secret_arn => Types::Secret
  • #name => String
  • #credential_provider_arn => String
  • #credential_provider_vendor => String
  • #callback_url => String
  • #oauth2_provider_config_output => Types::Oauth2ProviderConfigOutput
  • #created_time => Time
  • #last_updated_time => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 3489

def get_oauth_2_credential_provider(params = {}, options = {})
  req = build_request(:get_oauth_2_credential_provider, params)
  req.send_request(options)
end

#get_online_evaluation_config(params = {}) ⇒ Types::GetOnlineEvaluationConfigResponse

Retrieves detailed information about an online evaluation configuration, including its rules, data sources, evaluators, and execution status.

Examples:

Request syntax with placeholder values

resp = client.get_online_evaluation_config({
  online_evaluation_config_id: "OnlineEvaluationConfigId", # required
})

Response structure

resp.online_evaluation_config_arn #=> String
resp.online_evaluation_config_id #=> String
resp.online_evaluation_config_name #=> String
resp.description #=> String
resp.rule.sampling_config.sampling_percentage #=> Float
resp.rule.filters #=> Array
resp.rule.filters[0].key #=> String
resp.rule.filters[0].operator #=> String, one of "Equals", "NotEquals", "GreaterThan", "LessThan", "GreaterThanOrEqual", "LessThanOrEqual", "Contains", "NotContains"
resp.rule.filters[0].value.string_value #=> String
resp.rule.filters[0].value.double_value #=> Float
resp.rule.filters[0].value.boolean_value #=> Boolean
resp.rule.session_config.session_timeout_minutes #=> Integer
resp.data_source_config.cloud_watch_logs.log_group_names #=> Array
resp.data_source_config.cloud_watch_logs.log_group_names[0] #=> String
resp.data_source_config.cloud_watch_logs.service_names #=> Array
resp.data_source_config.cloud_watch_logs.service_names[0] #=> String
resp.evaluators #=> Array
resp.evaluators[0].evaluator_id #=> String
resp.output_config.cloud_watch_config.log_group_name #=> String
resp.evaluation_execution_role_arn #=> String
resp.status #=> String, one of "ACTIVE", "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "DELETING"
resp.execution_status #=> String, one of "ENABLED", "DISABLED"
resp.created_at #=> Time
resp.updated_at #=> Time
resp.failure_reason #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :online_evaluation_config_id (required, String) —

  The unique identifier of the online evaluation configuration to retrieve.

Returns:

• (Types::GetOnlineEvaluationConfigResponse) —

  Returns a response object which responds to the following methods:

  • #online_evaluation_config_arn => String
  • #online_evaluation_config_id => String
  • #online_evaluation_config_name => String
  • #description => String
  • #rule => Types::Rule
  • #data_source_config => Types::DataSourceConfig
  • #evaluators => Array<Types::EvaluatorReference>
  • #output_config => Types::OutputConfig
  • #evaluation_execution_role_arn => String
  • #status => String
  • #execution_status => String
  • #created_at => Time
  • #updated_at => Time
  • #failure_reason => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 3557

def get_online_evaluation_config(params = {}, options = {})
  req = build_request(:get_online_evaluation_config, params)
  req.send_request(options)
end

#get_policy(params = {}) ⇒ Types::GetPolicyResponse

Retrieves detailed information about a specific policy within the AgentCore Policy system. This operation returns the complete policy definition, metadata, and current status, allowing administrators to review and manage policy configurations.

The following waiters are defined for this operation (see #wait_until for detailed usage):

• policy_active
• policy_deleted

Examples:

Request syntax with placeholder values

resp = client.get_policy({
  policy_engine_id: "ResourceId", # required
  policy_id: "ResourceId", # required
})

Response structure

resp.policy_id #=> String
resp.name #=> String
resp.policy_engine_id #=> String
resp.definition.cedar.statement #=> String
resp.description #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.policy_arn #=> String
resp.status #=> String, one of "CREATING", "ACTIVE", "UPDATING", "DELETING", "CREATE_FAILED", "UPDATE_FAILED", "DELETE_FAILED"
resp.status_reasons #=> Array
resp.status_reasons[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :policy_engine_id (required, String) —

  The identifier of the policy engine that manages the policy to be retrieved.

• :policy_id (required, String) —

  The unique identifier of the policy to be retrieved. This must be a valid policy ID that exists within the specified policy engine.

Returns:

• (Types::GetPolicyResponse) —

  Returns a response object which responds to the following methods:

  • #policy_id => String
  • #name => String
  • #policy_engine_id => String
  • #definition => Types::PolicyDefinition
  • #description => String
  • #created_at => Time
  • #updated_at => Time
  • #policy_arn => String
  • #status => String
  • #status_reasons => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 3619

def get_policy(params = {}, options = {})
  req = build_request(:get_policy, params)
  req.send_request(options)
end

#get_policy_engine(params = {}) ⇒ Types::GetPolicyEngineResponse

Retrieves detailed information about a specific policy engine within the AgentCore Policy system. This operation returns the complete policy engine configuration, metadata, and current status, allowing administrators to review and manage policy engine settings.

The following waiters are defined for this operation (see #wait_until for detailed usage):

• policy_engine_active
• policy_engine_deleted

Examples:

Request syntax with placeholder values

resp = client.get_policy_engine({
  policy_engine_id: "ResourceId", # required
})

Response structure

resp.policy_engine_id #=> String
resp.name #=> String
resp.description #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.policy_engine_arn #=> String
resp.status #=> String, one of "CREATING", "ACTIVE", "UPDATING", "DELETING", "CREATE_FAILED", "UPDATE_FAILED", "DELETE_FAILED"
resp.status_reasons #=> Array
resp.status_reasons[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :policy_engine_id (required, String) —

  The unique identifier of the policy engine to be retrieved. This must be a valid policy engine ID that exists within the account.

Returns:

• (Types::GetPolicyEngineResponse) —

  Returns a response object which responds to the following methods:

  • #policy_engine_id => String
  • #name => String
  • #description => String
  • #created_at => Time
  • #updated_at => Time
  • #policy_engine_arn => String
  • #status => String
  • #status_reasons => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 3672

def get_policy_engine(params = {}, options = {})
  req = build_request(:get_policy_engine, params)
  req.send_request(options)
end

#get_policy_generation(params = {}) ⇒ Types::GetPolicyGenerationResponse

Retrieves information about a policy generation request within the AgentCore Policy system. Policy generation converts natural language descriptions into Cedar policy statements using AI-powered translation, enabling non-technical users to create policies.

The following waiters are defined for this operation (see #wait_until for detailed usage):

• policy_generation_completed

Examples:

Request syntax with placeholder values

resp = client.get_policy_generation({
  policy_generation_id: "ResourceId", # required
  policy_engine_id: "ResourceId", # required
})

Response structure

resp.policy_engine_id #=> String
resp.policy_generation_id #=> String
resp.name #=> String
resp.policy_generation_arn #=> String
resp.resource.arn #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.status #=> String, one of "GENERATING", "GENERATED", "GENERATE_FAILED", "DELETE_FAILED"
resp.status_reasons #=> Array
resp.status_reasons[0] #=> String
resp.findings #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :policy_generation_id (required, String) —

  The unique identifier of the policy generation request to be retrieved. This must be a valid generation ID from a previous StartPolicyGeneration call.

• :policy_engine_id (required, String) —

  The identifier of the policy engine associated with the policy generation request. This provides the context for the generation operation and schema validation.

Returns:

• (Types::GetPolicyGenerationResponse) —

  Returns a response object which responds to the following methods:

  • #policy_engine_id => String
  • #policy_generation_id => String
  • #name => String
  • #policy_generation_arn => String
  • #resource => Types::Resource
  • #created_at => Time
  • #updated_at => Time
  • #status => String
  • #status_reasons => Array<String>
  • #findings => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 3739

def get_policy_generation(params = {}, options = {})
  req = build_request(:get_policy_generation, params)
  req.send_request(options)
end

#get_resource_policy(params = {}) ⇒ Types::GetResourcePolicyResponse

Retrieves the resource-based policy for a specified resource.

This feature is currently available only for AgentCore Runtime and Gateway.

Examples:

Request syntax with placeholder values

resp = client.get_resource_policy({
  resource_arn: "BedrockAgentcoreResourceArn", # required
})

Response structure

resp.policy #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :resource_arn (required, String) —

  The Amazon Resource Name (ARN) of the resource for which to retrieve the resource policy.

Returns:

• (Types::GetResourcePolicyResponse) —

  Returns a response object which responds to the following methods:

  • #policy => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 3773

def get_resource_policy(params = {}, options = {})
  req = build_request(:get_resource_policy, params)
  req.send_request(options)
end

#get_token_vault(params = {}) ⇒ Types::GetTokenVaultResponse

Retrieves information about a token vault.

Examples:

Request syntax with placeholder values

resp = client.get_token_vault({
  token_vault_id: "TokenVaultIdType",
})

Response structure

resp.token_vault_id #=> String
resp.kms_configuration.key_type #=> String, one of "CustomerManagedKey", "ServiceManagedKey"
resp.kms_configuration.kms_key_arn #=> String
resp.last_modified_date #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :token_vault_id (String) —

  The unique identifier of the token vault to retrieve.

Returns:

• (Types::GetTokenVaultResponse) —

  Returns a response object which responds to the following methods:

  • #token_vault_id => String
  • #kms_configuration => Types::KmsConfiguration
  • #last_modified_date => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 3806

def get_token_vault(params = {}, options = {})
  req = build_request(:get_token_vault, params)
  req.send_request(options)
end

#get_workload_identity(params = {}) ⇒ Types::GetWorkloadIdentityResponse

Retrieves information about a workload identity.

Examples:

Request syntax with placeholder values

resp = client.get_workload_identity({
  name: "WorkloadIdentityNameType", # required
})

Response structure

resp.name #=> String
resp.workload_identity_arn #=> String
resp.allowed_resource_oauth_2_return_urls #=> Array
resp.allowed_resource_oauth_2_return_urls[0] #=> String
resp.created_time #=> Time
resp.last_updated_time #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :name (required, String) —

  The name of the workload identity to retrieve.

Returns:

• (Types::GetWorkloadIdentityResponse) —

  Returns a response object which responds to the following methods:

  • #name => String
  • #workload_identity_arn => String
  • #allowed_resource_oauth_2_return_urls => Array<String>
  • #created_time => Time
  • #last_updated_time => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 3843

def get_workload_identity(params = {}, options = {})
  req = build_request(:get_workload_identity, params)
  req.send_request(options)
end

#list_agent_runtime_endpoints(params = {}) ⇒ Types::ListAgentRuntimeEndpointsResponse

Lists all endpoints for a specific Amazon Secure Agent.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_agent_runtime_endpoints({
  agent_runtime_id: "AgentRuntimeId", # required
  max_results: 1,
  next_token: "NextToken",
})

Response structure

resp.runtime_endpoints #=> Array
resp.runtime_endpoints[0].name #=> String
resp.runtime_endpoints[0].live_version #=> String
resp.runtime_endpoints[0].target_version #=> String
resp.runtime_endpoints[0].agent_runtime_endpoint_arn #=> String
resp.runtime_endpoints[0].agent_runtime_arn #=> String
resp.runtime_endpoints[0].status #=> String, one of "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "READY", "DELETING"
resp.runtime_endpoints[0].id #=> String
resp.runtime_endpoints[0].description #=> String
resp.runtime_endpoints[0].created_at #=> Time
resp.runtime_endpoints[0].last_updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_runtime_id (required, String) —

  The unique identifier of the AgentCore Runtime to list endpoints for.

• :max_results (Integer) —

  The maximum number of results to return in the response.

• :next_token (String) —

  A token to retrieve the next page of results.

Returns:

• (Types::ListAgentRuntimeEndpointsResponse) —

  Returns a response object which responds to the following methods:

  • #runtime_endpoints => Array<Types::AgentRuntimeEndpoint>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 3893

def list_agent_runtime_endpoints(params = {}, options = {})
  req = build_request(:list_agent_runtime_endpoints, params)
  req.send_request(options)
end

#list_agent_runtime_versions(params = {}) ⇒ Types::ListAgentRuntimeVersionsResponse

Lists all versions of a specific Amazon Secure Agent.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_agent_runtime_versions({
  agent_runtime_id: "AgentRuntimeId", # required
  max_results: 1,
  next_token: "NextToken",
})

Response structure

resp.agent_runtimes #=> Array
resp.agent_runtimes[0].agent_runtime_arn #=> String
resp.agent_runtimes[0].agent_runtime_id #=> String
resp.agent_runtimes[0].agent_runtime_version #=> String
resp.agent_runtimes[0].agent_runtime_name #=> String
resp.agent_runtimes[0].description #=> String
resp.agent_runtimes[0].last_updated_at #=> Time
resp.agent_runtimes[0].status #=> String, one of "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "READY", "DELETING"
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_runtime_id (required, String) —

  The unique identifier of the AgentCore Runtime to list versions for.

• :max_results (Integer) —

  The maximum number of results to return in the response.

• :next_token (String) —

  A token to retrieve the next page of results.

Returns:

• (Types::ListAgentRuntimeVersionsResponse) —

  Returns a response object which responds to the following methods:

  • #agent_runtimes => Array<Types::AgentRuntime>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 3940

def list_agent_runtime_versions(params = {}, options = {})
  req = build_request(:list_agent_runtime_versions, params)
  req.send_request(options)
end

#list_agent_runtimes(params = {}) ⇒ Types::ListAgentRuntimesResponse

Lists all Amazon Secure Agents in your account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_agent_runtimes({
  max_results: 1,
  next_token: "NextToken",
})

Response structure

resp.agent_runtimes #=> Array
resp.agent_runtimes[0].agent_runtime_arn #=> String
resp.agent_runtimes[0].agent_runtime_id #=> String
resp.agent_runtimes[0].agent_runtime_version #=> String
resp.agent_runtimes[0].agent_runtime_name #=> String
resp.agent_runtimes[0].description #=> String
resp.agent_runtimes[0].last_updated_at #=> Time
resp.agent_runtimes[0].status #=> String, one of "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "READY", "DELETING"
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :max_results (Integer) —

  The maximum number of results to return in the response.

• :next_token (String) —

  A token to retrieve the next page of results.

Returns:

• (Types::ListAgentRuntimesResponse) —

  Returns a response object which responds to the following methods:

  • #agent_runtimes => Array<Types::AgentRuntime>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 3983

def list_agent_runtimes(params = {}, options = {})
  req = build_request(:list_agent_runtimes, params)
  req.send_request(options)
end

#list_api_key_credential_providers(params = {}) ⇒ Types::ListApiKeyCredentialProvidersResponse

Lists all API key credential providers in your account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_api_key_credential_providers({
  next_token: "String",
  max_results: 1,
})

Response structure

resp.credential_providers #=> Array
resp.credential_providers[0].name #=> String
resp.credential_providers[0].credential_provider_arn #=> String
resp.credential_providers[0].created_time #=> Time
resp.credential_providers[0].last_updated_time #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :next_token (String) —

  Pagination token.

• :max_results (Integer) —

  Maximum number of results to return.

Returns:

• (Types::ListApiKeyCredentialProvidersResponse) —

  Returns a response object which responds to the following methods:

  • #credential_providers => Array<Types::ApiKeyCredentialProviderItem>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 4023

def list_api_key_credential_providers(params = {}, options = {})
  req = build_request(:list_api_key_credential_providers, params)
  req.send_request(options)
end

#list_browsers(params = {}) ⇒ Types::ListBrowsersResponse

Lists all custom browsers in your account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_browsers({
  max_results: 1,
  next_token: "NextToken",
  type: "SYSTEM", # accepts SYSTEM, CUSTOM
})

Response structure

resp.browser_summaries #=> Array
resp.browser_summaries[0].browser_id #=> String
resp.browser_summaries[0].browser_arn #=> String
resp.browser_summaries[0].name #=> String
resp.browser_summaries[0].description #=> String
resp.browser_summaries[0].status #=> String, one of "CREATING", "CREATE_FAILED", "READY", "DELETING", "DELETE_FAILED", "DELETED"
resp.browser_summaries[0].created_at #=> Time
resp.browser_summaries[0].last_updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :max_results (Integer) —

  The maximum number of results to return in a single call. The default value is 10. The maximum value is 50.

• :next_token (String) —

  The token for the next set of results. Use the value returned in the previous response in the next request to retrieve the next set of results.

• :type (String) —

  The type of browsers to list. If not specified, all browser types are returned.

Returns:

• (Types::ListBrowsersResponse) —

  Returns a response object which responds to the following methods:

  • #browser_summaries => Array<Types::BrowserSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 4074

def list_browsers(params = {}, options = {})
  req = build_request(:list_browsers, params)
  req.send_request(options)
end

#list_code_interpreters(params = {}) ⇒ Types::ListCodeInterpretersResponse

Lists all custom code interpreters in your account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_code_interpreters({
  max_results: 1,
  next_token: "NextToken",
  type: "SYSTEM", # accepts SYSTEM, CUSTOM
})

Response structure

resp.code_interpreter_summaries #=> Array
resp.code_interpreter_summaries[0].code_interpreter_id #=> String
resp.code_interpreter_summaries[0].code_interpreter_arn #=> String
resp.code_interpreter_summaries[0].name #=> String
resp.code_interpreter_summaries[0].description #=> String
resp.code_interpreter_summaries[0].status #=> String, one of "CREATING", "CREATE_FAILED", "READY", "DELETING", "DELETE_FAILED", "DELETED"
resp.code_interpreter_summaries[0].created_at #=> Time
resp.code_interpreter_summaries[0].last_updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :max_results (Integer) —

  The maximum number of results to return in the response.

• :next_token (String) —

  A token to retrieve the next page of results.

• :type (String) —

  The type of code interpreters to list.

Returns:

• (Types::ListCodeInterpretersResponse) —

  Returns a response object which responds to the following methods:

  • #code_interpreter_summaries => Array<Types::CodeInterpreterSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 4121

def list_code_interpreters(params = {}, options = {})
  req = build_request(:list_code_interpreters, params)
  req.send_request(options)
end

#list_evaluators(params = {}) ⇒ Types::ListEvaluatorsResponse

Lists all available evaluators, including both builtin evaluators provided by the service and custom evaluators created by the user.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_evaluators({
  next_token: "String",
  max_results: 1,
})

Response structure

resp.evaluators #=> Array
resp.evaluators[0].evaluator_arn #=> String
resp.evaluators[0].evaluator_id #=> String
resp.evaluators[0].evaluator_name #=> String
resp.evaluators[0].description #=> String
resp.evaluators[0].evaluator_type #=> String, one of "Builtin", "Custom"
resp.evaluators[0].level #=> String, one of "TOOL_CALL", "TRACE", "SESSION"
resp.evaluators[0].status #=> String, one of "ACTIVE", "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "DELETING"
resp.evaluators[0].created_at #=> Time
resp.evaluators[0].updated_at #=> Time
resp.evaluators[0].locked_for_modification #=> Boolean
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :next_token (String) —

  The pagination token from a previous request to retrieve the next page of results.

• :max_results (Integer) —

  The maximum number of evaluators to return in a single response.

Returns:

• (Types::ListEvaluatorsResponse) —

  Returns a response object which responds to the following methods:

  • #evaluators => Array<Types::EvaluatorSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 4169

def list_evaluators(params = {}, options = {})
  req = build_request(:list_evaluators, params)
  req.send_request(options)
end

#list_gateway_targets(params = {}) ⇒ Types::ListGatewayTargetsResponse

Lists all targets for a specific gateway.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_gateway_targets({
  gateway_identifier: "GatewayIdentifier", # required
  max_results: 1,
  next_token: "TargetNextToken",
})

Response structure

resp.items #=> Array
resp.items[0].target_id #=> String
resp.items[0].name #=> String
resp.items[0].status #=> String, one of "CREATING", "UPDATING", "UPDATE_UNSUCCESSFUL", "DELETING", "READY", "FAILED", "SYNCHRONIZING", "SYNCHRONIZE_UNSUCCESSFUL"
resp.items[0].description #=> String
resp.items[0].created_at #=> Time
resp.items[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :gateway_identifier (required, String) —

  The identifier of the gateway to list targets for.

• :max_results (Integer) —

  The maximum number of results to return in the response. If the total number of results is greater than this value, use the token returned in the response in the nextToken field when making another request to return the next batch of results.

• :next_token (String) —

  If the total number of results is greater than the maxResults value provided in the request, enter the token returned in the nextToken field in the response in this field to return the next batch of results.

Returns:

• (Types::ListGatewayTargetsResponse) —

  Returns a response object which responds to the following methods:

  • #items => Array<Types::TargetSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 4221

def list_gateway_targets(params = {}, options = {})
  req = build_request(:list_gateway_targets, params)
  req.send_request(options)
end

#list_gateways(params = {}) ⇒ Types::ListGatewaysResponse

Lists all gateways in the account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_gateways({
  max_results: 1,
  next_token: "GatewayNextToken",
})

Response structure

resp.items #=> Array
resp.items[0].gateway_id #=> String
resp.items[0].name #=> String
resp.items[0].status #=> String, one of "CREATING", "UPDATING", "UPDATE_UNSUCCESSFUL", "DELETING", "READY", "FAILED"
resp.items[0].description #=> String
resp.items[0].created_at #=> Time
resp.items[0].updated_at #=> Time
resp.items[0].authorizer_type #=> String, one of "CUSTOM_JWT", "AWS_IAM", "NONE"
resp.items[0].protocol_type #=> String, one of "MCP"
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :max_results (Integer) —

  The maximum number of results to return in the response. If the total number of results is greater than this value, use the token returned in the response in the nextToken field when making another request to return the next batch of results.

• :next_token (String) —

  If the total number of results is greater than the maxResults value provided in the request, enter the token returned in the nextToken field in the response in this field to return the next batch of results.

Returns:

• (Types::ListGatewaysResponse) —

  Returns a response object which responds to the following methods:

  • #items => Array<Types::GatewaySummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 4271

def list_gateways(params = {}, options = {})
  req = build_request(:list_gateways, params)
  req.send_request(options)
end

#list_memories(params = {}) ⇒ Types::ListMemoriesOutput

Lists the available Amazon Bedrock AgentCore Memory resources in the current Amazon Web Services Region.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_memories({
  max_results: 1,
  next_token: "String",
})

Response structure

resp.memories #=> Array
resp.memories[0].arn #=> String
resp.memories[0].id #=> String
resp.memories[0].status #=> String, one of "CREATING", "ACTIVE", "FAILED", "DELETING"
resp.memories[0].created_at #=> Time
resp.memories[0].updated_at #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :max_results (Integer) —

  The maximum number of results to return in a single call. The default value is 10. The maximum value is 50.

• :next_token (String) —

  The token for the next set of results. Use the value returned in the previous response in the next request to retrieve the next set of results.

Returns:

• (Types::ListMemoriesOutput) —

  Returns a response object which responds to the following methods:

  • #memories => Array<Types::MemorySummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 4316

def list_memories(params = {}, options = {})
  req = build_request(:list_memories, params)
  req.send_request(options)
end

#list_oauth_2_credential_providers(params = {}) ⇒ Types::ListOauth2CredentialProvidersResponse

Lists all OAuth2 credential providers in your account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_oauth_2_credential_providers({
  next_token: "String",
  max_results: 1,
})

Response structure

resp.credential_providers #=> Array
resp.credential_providers[0].name #=> String
resp.credential_providers[0].credential_provider_vendor #=> String, one of "GoogleOauth2", "GithubOauth2", "SlackOauth2", "SalesforceOauth2", "MicrosoftOauth2", "CustomOauth2", "AtlassianOauth2", "LinkedinOauth2", "XOauth2", "OktaOauth2", "OneLoginOauth2", "PingOneOauth2", "FacebookOauth2", "YandexOauth2", "RedditOauth2", "ZoomOauth2", "TwitchOauth2", "SpotifyOauth2", "DropboxOauth2", "NotionOauth2", "HubspotOauth2", "CyberArkOauth2", "FusionAuthOauth2", "Auth0Oauth2", "CognitoOauth2"
resp.credential_providers[0].credential_provider_arn #=> String
resp.credential_providers[0].created_time #=> Time
resp.credential_providers[0].last_updated_time #=> Time
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :next_token (String) —

  Pagination token.

• :max_results (Integer) —

  Maximum number of results to return.

Returns:

• (Types::ListOauth2CredentialProvidersResponse) —

  Returns a response object which responds to the following methods:

  • #credential_providers => Array<Types::Oauth2CredentialProviderItem>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 4357

def list_oauth_2_credential_providers(params = {}, options = {})
  req = build_request(:list_oauth_2_credential_providers, params)
  req.send_request(options)
end

#list_online_evaluation_configs(params = {}) ⇒ Types::ListOnlineEvaluationConfigsResponse

Lists all online evaluation configurations in the account, providing summary information about each configuration's status and settings.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_online_evaluation_configs({
  next_token: "String",
  max_results: 1,
})

Response structure

resp.online_evaluation_configs #=> Array
resp.online_evaluation_configs[0].online_evaluation_config_arn #=> String
resp.online_evaluation_configs[0].online_evaluation_config_id #=> String
resp.online_evaluation_configs[0].online_evaluation_config_name #=> String
resp.online_evaluation_configs[0].description #=> String
resp.online_evaluation_configs[0].status #=> String, one of "ACTIVE", "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "DELETING"
resp.online_evaluation_configs[0].execution_status #=> String, one of "ENABLED", "DISABLED"
resp.online_evaluation_configs[0].created_at #=> Time
resp.online_evaluation_configs[0].updated_at #=> Time
resp.online_evaluation_configs[0].failure_reason #=> String
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :next_token (String) —

  The pagination token from a previous request to retrieve the next page of results.

• :max_results (Integer) —

  The maximum number of online evaluation configurations to return in a single response.

Returns:

• (Types::ListOnlineEvaluationConfigsResponse) —

  Returns a response object which responds to the following methods:

  • #online_evaluation_configs => Array<Types::OnlineEvaluationConfigSummary>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 4405

def list_online_evaluation_configs(params = {}, options = {})
  req = build_request(:list_online_evaluation_configs, params)
  req.send_request(options)
end

#list_policies(params = {}) ⇒ Types::ListPoliciesResponse

Retrieves a list of policies within the AgentCore Policy engine. This operation supports pagination and filtering to help administrators manage and discover policies across policy engines. Results can be filtered by policy engine or resource associations.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_policies({
  next_token: "NextToken",
  max_results: 1,
  policy_engine_id: "ResourceId", # required
  target_resource_scope: "BedrockAgentcoreResourceArn",
})

Response structure

resp.policies #=> Array
resp.policies[0].policy_id #=> String
resp.policies[0].name #=> String
resp.policies[0].policy_engine_id #=> String
resp.policies[0].definition.cedar.statement #=> String
resp.policies[0].description #=> String
resp.policies[0].created_at #=> Time
resp.policies[0].updated_at #=> Time
resp.policies[0].policy_arn #=> String
resp.policies[0].status #=> String, one of "CREATING", "ACTIVE", "UPDATING", "DELETING", "CREATE_FAILED", "UPDATE_FAILED", "DELETE_FAILED"
resp.policies[0].status_reasons #=> Array
resp.policies[0].status_reasons[0] #=> String
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :next_token (String) —

  A pagination token returned from a previous ListPolicies call. Use this token to retrieve the next page of results when the response is paginated.

• :max_results (Integer) —

  The maximum number of policies to return in a single response. If not specified, the default is 10 policies per page, with a maximum of 100 per page.

• :policy_engine_id (required, String) —

  The identifier of the policy engine whose policies to retrieve.

• :target_resource_scope (String) —

  Optional filter to list policies that apply to a specific resource scope or resource type. This helps narrow down policy results to those relevant for particular Amazon Web Services resources, agent tools, or operational contexts within the policy engine ecosystem.

Returns:

• (Types::ListPoliciesResponse) —

  Returns a response object which responds to the following methods:

  • #policies => Array<Types::Policy>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 4474

def list_policies(params = {}, options = {})
  req = build_request(:list_policies, params)
  req.send_request(options)
end

#list_policy_engines(params = {}) ⇒ Types::ListPolicyEnginesResponse

Retrieves a list of policy engines within the AgentCore Policy system. This operation supports pagination to help administrators discover and manage policy engines across their account. Each policy engine serves as a container for related policies.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_policy_engines({
  next_token: "NextToken",
  max_results: 1,
})

Response structure

resp.policy_engines #=> Array
resp.policy_engines[0].policy_engine_id #=> String
resp.policy_engines[0].name #=> String
resp.policy_engines[0].description #=> String
resp.policy_engines[0].created_at #=> Time
resp.policy_engines[0].updated_at #=> Time
resp.policy_engines[0].policy_engine_arn #=> String
resp.policy_engines[0].status #=> String, one of "CREATING", "ACTIVE", "UPDATING", "DELETING", "CREATE_FAILED", "UPDATE_FAILED", "DELETE_FAILED"
resp.policy_engines[0].status_reasons #=> Array
resp.policy_engines[0].status_reasons[0] #=> String
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :next_token (String) —

  A pagination token returned from a previous ListPolicyEngines call. Use this token to retrieve the next page of results when the response is paginated.

• :max_results (Integer) —

  The maximum number of policy engines to return in a single response. If not specified, the default is 10 policy engines per page, with a maximum of 100 per page.

Returns:

• (Types::ListPolicyEnginesResponse) —

  Returns a response object which responds to the following methods:

  • #policy_engines => Array<Types::PolicyEngine>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 4530

def list_policy_engines(params = {}, options = {})
  req = build_request(:list_policy_engines, params)
  req.send_request(options)
end

#list_policy_generation_assets(params = {}) ⇒ Types::ListPolicyGenerationAssetsResponse

Retrieves a list of generated policy assets from a policy generation request within the AgentCore Policy system. This operation returns the actual Cedar policies and related artifacts produced by the AI-powered policy generation process, allowing users to review and select from multiple generated policy options.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_policy_generation_assets({
  policy_generation_id: "ResourceId", # required
  policy_engine_id: "ResourceId", # required
  next_token: "NextToken",
  max_results: 1,
})

Response structure

resp.policy_generation_assets #=> Array
resp.policy_generation_assets[0].policy_generation_asset_id #=> String
resp.policy_generation_assets[0].definition.cedar.statement #=> String
resp.policy_generation_assets[0].raw_text_fragment #=> String
resp.policy_generation_assets[0].findings #=> Array
resp.policy_generation_assets[0].findings[0].type #=> String, one of "VALID", "INVALID", "NOT_TRANSLATABLE", "ALLOW_ALL", "ALLOW_NONE", "DENY_ALL", "DENY_NONE"
resp.policy_generation_assets[0].findings[0].description #=> String
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :policy_generation_id (required, String) —

  The unique identifier of the policy generation request whose assets are to be retrieved. This must be a valid generation ID from a previous StartPolicyGeneration call that has completed processing.

• :policy_engine_id (required, String) —

  The unique identifier of the policy engine associated with the policy generation request. This provides the context for the generation operation and ensures assets are retrieved from the correct policy engine.

• :next_token (String) —

  A pagination token returned from a previous ListPolicyGenerationAssets call. Use this token to retrieve the next page of assets when the response is paginated due to large numbers of generated policy options.

• :max_results (Integer) —

  The maximum number of policy generation assets to return in a single response. If not specified, the default is 10 assets per page, with a maximum of 100 per page. This helps control response size when dealing with policy generations that produce many alternative policy options.

Returns:

• (Types::ListPolicyGenerationAssetsResponse) —

  Returns a response object which responds to the following methods:

  • #policy_generation_assets => Array<Types::PolicyGenerationAsset>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 4604

def list_policy_generation_assets(params = {}, options = {})
  req = build_request(:list_policy_generation_assets, params)
  req.send_request(options)
end

#list_policy_generations(params = {}) ⇒ Types::ListPolicyGenerationsResponse

Retrieves a list of policy generation requests within the AgentCore Policy system. This operation supports pagination and filtering to help track and manage AI-powered policy generation operations.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_policy_generations({
  next_token: "NextToken",
  max_results: 1,
  policy_engine_id: "ResourceId", # required
})

Response structure

resp.policy_generations #=> Array
resp.policy_generations[0].policy_engine_id #=> String
resp.policy_generations[0].policy_generation_id #=> String
resp.policy_generations[0].name #=> String
resp.policy_generations[0].policy_generation_arn #=> String
resp.policy_generations[0].resource.arn #=> String
resp.policy_generations[0].created_at #=> Time
resp.policy_generations[0].updated_at #=> Time
resp.policy_generations[0].status #=> String, one of "GENERATING", "GENERATED", "GENERATE_FAILED", "DELETE_FAILED"
resp.policy_generations[0].status_reasons #=> Array
resp.policy_generations[0].status_reasons[0] #=> String
resp.policy_generations[0].findings #=> String
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :next_token (String) —

  A pagination token for retrieving additional policy generations when results are paginated.

• :max_results (Integer) —

  The maximum number of policy generations to return in a single response.

• :policy_engine_id (required, String) —

  The identifier of the policy engine whose policy generations to retrieve.

Returns:

• (Types::ListPolicyGenerationsResponse) —

  Returns a response object which responds to the following methods:

  • #policy_generations => Array<Types::PolicyGeneration>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 4660

def list_policy_generations(params = {}, options = {})
  req = build_request(:list_policy_generations, params)
  req.send_request(options)
end

#list_tags_for_resource(params = {}) ⇒ Types::ListTagsForResourceResponse

Lists the tags associated with the specified resource.

This feature is currently available only for AgentCore Runtime, Browser, Code Interpreter tool, and Gateway.

Examples:

Request syntax with placeholder values

resp = client.list_tags_for_resource({
  resource_arn: "TaggableResourcesArn", # required
})

Response structure

resp.tags #=> Hash
resp.tags["TagKey"] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :resource_arn (required, String) —

  The Amazon Resource Name (ARN) of the resource for which you want to list tags.

Returns:

• (Types::ListTagsForResourceResponse) —

  Returns a response object which responds to the following methods:

  • #tags => Hash<String,String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 4695

def list_tags_for_resource(params = {}, options = {})
  req = build_request(:list_tags_for_resource, params)
  req.send_request(options)
end

#list_workload_identities(params = {}) ⇒ Types::ListWorkloadIdentitiesResponse

Lists all workload identities in your account.

The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.

Examples:

Request syntax with placeholder values

resp = client.list_workload_identities({
  next_token: "String",
  max_results: 1,
})

Response structure

resp.workload_identities #=> Array
resp.workload_identities[0].name #=> String
resp.workload_identities[0].workload_identity_arn #=> String
resp.next_token #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :next_token (String) —

  Pagination token.

• :max_results (Integer) —

  Maximum number of results to return.

Returns:

• (Types::ListWorkloadIdentitiesResponse) —

  Returns a response object which responds to the following methods:

  • #workload_identities => Array<Types::WorkloadIdentityType>
  • #next_token => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 4733

def list_workload_identities(params = {}, options = {})
  req = build_request(:list_workload_identities, params)
  req.send_request(options)
end

#put_resource_policy(params = {}) ⇒ Types::PutResourcePolicyResponse

Creates or updates a resource-based policy for a resource with the specified resourceArn.

This feature is currently available only for AgentCore Runtime and Gateway.

Examples:

Request syntax with placeholder values

resp = client.put_resource_policy({
  resource_arn: "BedrockAgentcoreResourceArn", # required
  policy: "ResourcePolicyBody", # required
})

Response structure

resp.policy #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :resource_arn (required, String) —

  The Amazon Resource Name (ARN) of the resource for which to create or update the resource policy.

• :policy (required, String) —

  The resource policy to create or update.

Returns:

• (Types::PutResourcePolicyResponse) —

  Returns a response object which responds to the following methods:

  • #policy => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 4772

def put_resource_policy(params = {}, options = {})
  req = build_request(:put_resource_policy, params)
  req.send_request(options)
end

#set_token_vault_cmk(params = {}) ⇒ Types::SetTokenVaultCMKResponse

Sets the customer master key (CMK) for a token vault.

Examples:

Request syntax with placeholder values

resp = client.set_token_vault_cmk({
  token_vault_id: "TokenVaultIdType",
  kms_configuration: { # required
    key_type: "CustomerManagedKey", # required, accepts CustomerManagedKey, ServiceManagedKey
    kms_key_arn: "KmsKeyArn",
  },
})

Response structure

resp.token_vault_id #=> String
resp.kms_configuration.key_type #=> String, one of "CustomerManagedKey", "ServiceManagedKey"
resp.kms_configuration.kms_key_arn #=> String
resp.last_modified_date #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :token_vault_id (String) —

  The unique identifier of the token vault to update.

• :kms_configuration (required, Types::KmsConfiguration) —

  The KMS configuration for the token vault, including the key type and KMS key ARN.

Returns:

• (Types::SetTokenVaultCMKResponse) —

  Returns a response object which responds to the following methods:

  • #token_vault_id => String
  • #kms_configuration => Types::KmsConfiguration
  • #last_modified_date => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 4813

def set_token_vault_cmk(params = {}, options = {})
  req = build_request(:set_token_vault_cmk, params)
  req.send_request(options)
end

#start_policy_generation(params = {}) ⇒ Types::StartPolicyGenerationResponse

Initiates the AI-powered generation of Cedar policies from natural language descriptions within the AgentCore Policy system. This feature enables both technical and non-technical users to create policies by describing their authorization requirements in plain English, which is then automatically translated into formal Cedar policy statements. The generation process analyzes the natural language input along with the Gateway's tool context to produce validated policy options. Generated policy assets are automatically deleted after 7 days, so you should review and create policies from the generated assets within this timeframe. Once created, policies are permanent and not subject to this expiration. Generated policies should be reviewed and tested in log-only mode before deploying to production. Use this when you want to describe policy intent naturally rather than learning Cedar syntax, though generated policies may require refinement for complex scenarios.

Examples:

Request syntax with placeholder values

resp = client.start_policy_generation({
  policy_engine_id: "ResourceId", # required
  resource: { # required
    arn: "BedrockAgentcoreResourceArn",
  },
  content: { # required
    raw_text: "NaturalLanguage",
  },
  name: "PolicyGenerationName", # required
  client_token: "ClientToken",
})

Response structure

resp.policy_engine_id #=> String
resp.policy_generation_id #=> String
resp.name #=> String
resp.policy_generation_arn #=> String
resp.resource.arn #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.status #=> String, one of "GENERATING", "GENERATED", "GENERATE_FAILED", "DELETE_FAILED"
resp.status_reasons #=> Array
resp.status_reasons[0] #=> String
resp.findings #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :policy_engine_id (required, String) —

  The identifier of the policy engine that provides the context for policy generation. This engine's schema and tool context are used to ensure generated policies are valid and applicable.

• :resource (required, Types::Resource) —

  The resource information that provides context for policy generation. This helps the AI understand the target resources and generate appropriate access control rules.

• :content (required, Types::Content) —

  The natural language description of the desired policy behavior. This content is processed by AI to generate corresponding Cedar policy statements that match the described intent.

• :name (required, String) —

  A customer-assigned name for the policy generation request. This helps track and identify generation operations, especially when running multiple generations simultaneously.

• :client_token (String) —

  A unique, case-sensitive identifier to ensure the idempotency of the request. The AWS SDK automatically generates this token, so you don't need to provide it in most cases. If you retry a request with the same client token, the service returns the same response without starting a duplicate generation.

  A suitable default value is auto-generated. You should normally not need to pass this option.**

Returns:

• (Types::StartPolicyGenerationResponse) —

  Returns a response object which responds to the following methods:

  • #policy_engine_id => String
  • #policy_generation_id => String
  • #name => String
  • #policy_generation_arn => String
  • #resource => Types::Resource
  • #created_at => Time
  • #updated_at => Time
  • #status => String
  • #status_reasons => Array<String>
  • #findings => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 4909

def start_policy_generation(params = {}, options = {})
  req = build_request(:start_policy_generation, params)
  req.send_request(options)
end

#synchronize_gateway_targets(params = {}) ⇒ Types::SynchronizeGatewayTargetsResponse

The gateway targets.

Examples:

Request syntax with placeholder values

resp = client.synchronize_gateway_targets({
  gateway_identifier: "GatewayIdentifier", # required
  target_id_list: ["TargetId"], # required
})

Response structure

resp.targets #=> Array
resp.targets[0].gateway_arn #=> String
resp.targets[0].target_id #=> String
resp.targets[0].created_at #=> Time
resp.targets[0].updated_at #=> Time
resp.targets[0].status #=> String, one of "CREATING", "UPDATING", "UPDATE_UNSUCCESSFUL", "DELETING", "READY", "FAILED", "SYNCHRONIZING", "SYNCHRONIZE_UNSUCCESSFUL"
resp.targets[0].status_reasons #=> Array
resp.targets[0].status_reasons[0] #=> String
resp.targets[0].name #=> String
resp.targets[0].description #=> String
resp.targets[0].target_configuration.mcp.open_api_schema.s3.uri #=> String
resp.targets[0].target_configuration.mcp.open_api_schema.s3.bucket_owner_account_id #=> String
resp.targets[0].target_configuration.mcp.open_api_schema.inline_payload #=> String
resp.targets[0].target_configuration.mcp.smithy_model.s3.uri #=> String
resp.targets[0].target_configuration.mcp.smithy_model.s3.bucket_owner_account_id #=> String
resp.targets[0].target_configuration.mcp.smithy_model.inline_payload #=> String
resp.targets[0].target_configuration.mcp.lambda.lambda_arn #=> String
resp.targets[0].target_configuration.mcp.lambda.tool_schema.s3.uri #=> String
resp.targets[0].target_configuration.mcp.lambda.tool_schema.s3.bucket_owner_account_id #=> String
resp.targets[0].target_configuration.mcp.lambda.tool_schema.inline_payload #=> Array
resp.targets[0].target_configuration.mcp.lambda.tool_schema.inline_payload[0].name #=> String
resp.targets[0].target_configuration.mcp.lambda.tool_schema.inline_payload[0].description #=> String
resp.targets[0].target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.type #=> String, one of "string", "number", "object", "array", "boolean", "integer"
resp.targets[0].target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.properties #=> Hash
resp.targets[0].target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.properties["String"] #=> Types::SchemaDefinition
resp.targets[0].target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.required #=> Array
resp.targets[0].target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.required[0] #=> String
resp.targets[0].target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.items #=> Types::SchemaDefinition
resp.targets[0].target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.description #=> String
resp.targets[0].target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.type #=> String, one of "string", "number", "object", "array", "boolean", "integer"
resp.targets[0].target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.properties #=> Hash
resp.targets[0].target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.properties["String"] #=> Types::SchemaDefinition
resp.targets[0].target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.required #=> Array
resp.targets[0].target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.required[0] #=> String
resp.targets[0].target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.items #=> Types::SchemaDefinition
resp.targets[0].target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.description #=> String
resp.targets[0].target_configuration.mcp.mcp_server.endpoint #=> String
resp.targets[0].target_configuration.mcp.api_gateway.rest_api_id #=> String
resp.targets[0].target_configuration.mcp.api_gateway.stage #=> String
resp.targets[0].target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_overrides #=> Array
resp.targets[0].target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_overrides[0].name #=> String
resp.targets[0].target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_overrides[0].description #=> String
resp.targets[0].target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_overrides[0].path #=> String
resp.targets[0].target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_overrides[0].method #=> String, one of "GET", "DELETE", "HEAD", "OPTIONS", "PATCH", "PUT", "POST"
resp.targets[0].target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters #=> Array
resp.targets[0].target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters[0].filter_path #=> String
resp.targets[0].target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters[0].methods #=> Array
resp.targets[0].target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters[0].methods[0] #=> String, one of "GET", "DELETE", "HEAD", "OPTIONS", "PATCH", "PUT", "POST"
resp.targets[0].credential_provider_configurations #=> Array
resp.targets[0].credential_provider_configurations[0].credential_provider_type #=> String, one of "GATEWAY_IAM_ROLE", "OAUTH", "API_KEY"
resp.targets[0].credential_provider_configurations[0].credential_provider.oauth_credential_provider.provider_arn #=> String
resp.targets[0].credential_provider_configurations[0].credential_provider.oauth_credential_provider.scopes #=> Array
resp.targets[0].credential_provider_configurations[0].credential_provider.oauth_credential_provider.scopes[0] #=> String
resp.targets[0].credential_provider_configurations[0].credential_provider.oauth_credential_provider.custom_parameters #=> Hash
resp.targets[0].credential_provider_configurations[0].credential_provider.oauth_credential_provider.custom_parameters["OAuthCustomParametersKey"] #=> String
resp.targets[0].credential_provider_configurations[0].credential_provider.oauth_credential_provider.grant_type #=> String, one of "CLIENT_CREDENTIALS", "AUTHORIZATION_CODE"
resp.targets[0].credential_provider_configurations[0].credential_provider.oauth_credential_provider.default_return_url #=> String
resp.targets[0].credential_provider_configurations[0].credential_provider.api_key_credential_provider.provider_arn #=> String
resp.targets[0].credential_provider_configurations[0].credential_provider.api_key_credential_provider.credential_parameter_name #=> String
resp.targets[0].credential_provider_configurations[0].credential_provider.api_key_credential_provider.credential_prefix #=> String
resp.targets[0].credential_provider_configurations[0].credential_provider.api_key_credential_provider.credential_location #=> String, one of "HEADER", "QUERY_PARAMETER"
resp.targets[0].last_synchronized_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :gateway_identifier (required, String) —

  The gateway Identifier.

• :target_id_list (required, Array<String>) —

  The target ID list.

Returns:

• (Types::SynchronizeGatewayTargetsResponse) —

  Returns a response object which responds to the following methods:

  • #targets => Array<Types::GatewayTarget>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 5002

def synchronize_gateway_targets(params = {}, options = {})
  req = build_request(:synchronize_gateway_targets, params)
  req.send_request(options)
end

#tag_resource(params = {}) ⇒ Struct

Associates the specified tags to a resource with the specified resourceArn. If existing tags on a resource are not specified in the request parameters, they are not changed. When a resource is deleted, the tags associated with that resource are also deleted.

This feature is currently available only for AgentCore Runtime, Browser, Code Interpreter tool, and Gateway.

Examples:

Request syntax with placeholder values

resp = client.tag_resource({
  resource_arn: "TaggableResourcesArn", # required
  tags: { # required
    "TagKey" => "TagValue",
  },
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :resource_arn (required, String) —

  The Amazon Resource Name (ARN) of the resource that you want to tag.

• :tags (required, Hash<String,String>) —

  The tags to add to the resource. A tag is a key-value pair.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 5038

def tag_resource(params = {}, options = {})
  req = build_request(:tag_resource, params)
  req.send_request(options)
end

#untag_resource(params = {}) ⇒ Struct

Removes the specified tags from the specified resource.

This feature is currently available only for AgentCore Runtime, Browser, Code Interpreter tool, and Gateway.

Examples:

Request syntax with placeholder values

resp = client.untag_resource({
  resource_arn: "TaggableResourcesArn", # required
  tag_keys: ["TagKey"], # required
})

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :resource_arn (required, String) —

  The Amazon Resource Name (ARN) of the resource that you want to untag.

• :tag_keys (required, Array<String>) —

  The tag keys of the tags to remove from the resource.

Returns:

• (Struct) —

  Returns an empty response.

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 5069

def untag_resource(params = {}, options = {})
  req = build_request(:untag_resource, params)
  req.send_request(options)
end

#update_agent_runtime(params = {}) ⇒ Types::UpdateAgentRuntimeResponse

Updates an existing Amazon Secure Agent.

Examples:

Request syntax with placeholder values

resp = client.update_agent_runtime({
  agent_runtime_id: "AgentRuntimeId", # required
  agent_runtime_artifact: { # required
    container_configuration: {
      container_uri: "RuntimeContainerUri", # required
    },
    code_configuration: {
      code: { # required
        s3: {
          bucket: "S3LocationBucketString", # required
          prefix: "S3LocationPrefixString", # required
          version_id: "S3LocationVersionIdString",
        },
      },
      runtime: "PYTHON_3_10", # required, accepts PYTHON_3_10, PYTHON_3_11, PYTHON_3_12, PYTHON_3_13
      entry_point: ["entryPoint"], # required
    },
  },
  role_arn: "RoleArn", # required
  network_configuration: { # required
    network_mode: "PUBLIC", # required, accepts PUBLIC, VPC
    network_mode_config: {
      security_groups: ["SecurityGroupId"], # required
      subnets: ["SubnetId"], # required
    },
  },
  description: "Description",
  authorizer_configuration: {
    custom_jwt_authorizer: {
      discovery_url: "DiscoveryUrl", # required
      allowed_audience: ["AllowedAudience"],
      allowed_clients: ["AllowedClient"],
      allowed_scopes: ["AllowedScopeType"],
      custom_claims: [
        {
          inbound_token_claim_name: "InboundTokenClaimNameType", # required
          inbound_token_claim_value_type: "STRING", # required, accepts STRING, STRING_ARRAY
          authorizing_claim_match_value: { # required
            claim_match_value: { # required
              match_value_string: "MatchValueString",
              match_value_string_list: ["MatchValueString"],
            },
            claim_match_operator: "EQUALS", # required, accepts EQUALS, CONTAINS, CONTAINS_ANY
          },
        },
      ],
    },
  },
  request_header_configuration: {
    request_header_allowlist: ["HeaderName"],
  },
  protocol_configuration: {
    server_protocol: "MCP", # required, accepts MCP, HTTP, A2A
  },
  lifecycle_configuration: {
    idle_runtime_session_timeout: 1,
    max_lifetime: 1,
  },
  environment_variables: {
    "EnvironmentVariableKey" => "EnvironmentVariableValue",
  },
  client_token: "ClientToken",
})

Response structure

resp.agent_runtime_arn #=> String
resp.agent_runtime_id #=> String
resp.workload_identity_details.workload_identity_arn #=> String
resp.agent_runtime_version #=> String
resp.created_at #=> Time
resp.last_updated_at #=> Time
resp.status #=> String, one of "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "READY", "DELETING"

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_runtime_id (required, String) —

  The unique identifier of the AgentCore Runtime to update.

• :agent_runtime_artifact (required, Types::AgentRuntimeArtifact) —

  The updated artifact of the AgentCore Runtime.

• :role_arn (required, String) —

  The updated IAM role ARN that provides permissions for the AgentCore Runtime.

• :network_configuration (required, Types::NetworkConfiguration) —

  The updated network configuration for the AgentCore Runtime.

• :description (String) —

  The updated description of the AgentCore Runtime.

• :authorizer_configuration (Types::AuthorizerConfiguration) —

  The updated authorizer configuration for the AgentCore Runtime.

• :request_header_configuration (Types::RequestHeaderConfiguration) —

  The updated configuration for HTTP request headers that will be passed through to the runtime.

• :protocol_configuration (Types::ProtocolConfiguration) —

  The protocol configuration for an agent runtime. This structure defines how the agent runtime communicates with clients.

• :lifecycle_configuration (Types::LifecycleConfiguration) —

  The updated life cycle configuration for the AgentCore Runtime.

• :environment_variables (Hash<String,String>) —

  Updated environment variables to set in the AgentCore Runtime environment.

• :client_token (String) —

  A unique, case-sensitive identifier to ensure idempotency of the request.

  A suitable default value is auto-generated. You should normally not need to pass this option.**

Returns:

• (Types::UpdateAgentRuntimeResponse) —

  Returns a response object which responds to the following methods:

  • #agent_runtime_arn => String
  • #agent_runtime_id => String
  • #workload_identity_details => Types::WorkloadIdentityDetails
  • #agent_runtime_version => String
  • #created_at => Time
  • #last_updated_at => Time
  • #status => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 5207

def update_agent_runtime(params = {}, options = {})
  req = build_request(:update_agent_runtime, params)
  req.send_request(options)
end

#update_agent_runtime_endpoint(params = {}) ⇒ Types::UpdateAgentRuntimeEndpointResponse

Updates an existing Amazon Bedrock AgentCore Runtime endpoint.

Examples:

Request syntax with placeholder values

resp = client.update_agent_runtime_endpoint({
  agent_runtime_id: "AgentRuntimeId", # required
  endpoint_name: "EndpointName", # required
  agent_runtime_version: "AgentRuntimeVersion",
  description: "AgentEndpointDescription",
  client_token: "ClientToken",
})

Response structure

resp.live_version #=> String
resp.target_version #=> String
resp.agent_runtime_endpoint_arn #=> String
resp.agent_runtime_arn #=> String
resp.status #=> String, one of "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "READY", "DELETING"
resp.created_at #=> Time
resp.last_updated_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :agent_runtime_id (required, String) —

  The unique identifier of the AgentCore Runtime associated with the endpoint.

• :endpoint_name (required, String) —

  The name of the AgentCore Runtime endpoint to update.

• :agent_runtime_version (String) —

  The updated version of the AgentCore Runtime for the endpoint.

• :description (String) —

  The updated description of the AgentCore Runtime endpoint.

• :client_token (String) —

  A unique, case-sensitive identifier to ensure idempotency of the request.

  A suitable default value is auto-generated. You should normally not need to pass this option.**

Returns:

• (Types::UpdateAgentRuntimeEndpointResponse) —

  Returns a response object which responds to the following methods:

  • #live_version => String
  • #target_version => String
  • #agent_runtime_endpoint_arn => String
  • #agent_runtime_arn => String
  • #status => String
  • #created_at => Time
  • #last_updated_at => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 5268

def update_agent_runtime_endpoint(params = {}, options = {})
  req = build_request(:update_agent_runtime_endpoint, params)
  req.send_request(options)
end

#update_api_key_credential_provider(params = {}) ⇒ Types::UpdateApiKeyCredentialProviderResponse

Updates an existing API key credential provider.

Examples:

Request syntax with placeholder values

resp = client.update_api_key_credential_provider({
  name: "CredentialProviderName", # required
  api_key: "ApiKeyType", # required
})

Response structure

resp.api_key_secret_arn.secret_arn #=> String
resp.name #=> String
resp.credential_provider_arn #=> String
resp.created_time #=> Time
resp.last_updated_time #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :name (required, String) —

  The name of the API key credential provider to update.

• :api_key (required, String) —

  The new API key to use for authentication. This value replaces the existing API key and is encrypted and stored securely.

Returns:

• (Types::UpdateApiKeyCredentialProviderResponse) —

  Returns a response object which responds to the following methods:

  • #api_key_secret_arn => Types::Secret
  • #name => String
  • #credential_provider_arn => String
  • #created_time => Time
  • #last_updated_time => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 5309

def update_api_key_credential_provider(params = {}, options = {})
  req = build_request(:update_api_key_credential_provider, params)
  req.send_request(options)
end

#update_evaluator(params = {}) ⇒ Types::UpdateEvaluatorResponse

Updates a custom evaluator's configuration, description, or evaluation level. Built-in evaluators cannot be updated. The evaluator must not be locked for modification.

Examples:

Request syntax with placeholder values

resp = client.update_evaluator({
  client_token: "ClientToken",
  evaluator_id: "EvaluatorId", # required
  description: "EvaluatorDescription",
  evaluator_config: {
    llm_as_a_judge: {
      instructions: "EvaluatorInstructions", # required
      rating_scale: { # required
        numerical: [
          {
            definition: "String", # required
            value: 1.0, # required
            label: "NumericalScaleDefinitionLabelString", # required
          },
        ],
        categorical: [
          {
            definition: "String", # required
            label: "CategoricalScaleDefinitionLabelString", # required
          },
        ],
      },
      model_config: { # required
        bedrock_evaluator_model_config: {
          model_id: "ModelId", # required
          inference_config: {
            max_tokens: 1,
            temperature: 1.0,
            top_p: 1.0,
            stop_sequences: ["NonEmptyString"],
          },
          additional_model_request_fields: {
          },
        },
      },
    },
  },
  level: "TOOL_CALL", # accepts TOOL_CALL, TRACE, SESSION
})

Response structure

resp.evaluator_arn #=> String
resp.evaluator_id #=> String
resp.updated_at #=> Time
resp.status #=> String, one of "ACTIVE", "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "DELETING"

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :client_token (String) —

  A unique, case-sensitive identifier to ensure that the API request completes no more than one time. If you don't specify this field, a value is randomly generated for you. If this token matches a previous request, the service ignores the request, but doesn't return an error. For more information, see Ensuring idempotency.

  A suitable default value is auto-generated. You should normally not need to pass this option.**

• :evaluator_id (required, String) —

  The unique identifier of the evaluator to update.

• :description (String) —

  The updated description of the evaluator.

• :evaluator_config (Types::EvaluatorConfig) —

  The updated configuration for the evaluator, including LLM-as-a-Judge settings with instructions, rating scale, and model configuration.

• :level (String) —

  The updated evaluation level (TOOL_CALL, TRACE, or SESSION) that determines the scope of evaluation.

Returns:

• (Types::UpdateEvaluatorResponse) —

  Returns a response object which responds to the following methods:

  • #evaluator_arn => String
  • #evaluator_id => String
  • #updated_at => Time
  • #status => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 5406

def update_evaluator(params = {}, options = {})
  req = build_request(:update_evaluator, params)
  req.send_request(options)
end

#update_gateway(params = {}) ⇒ Types::UpdateGatewayResponse

Updates an existing gateway.

Examples:

Request syntax with placeholder values

resp = client.update_gateway({
  gateway_identifier: "GatewayIdentifier", # required
  name: "GatewayName", # required
  description: "GatewayDescription",
  role_arn: "RoleArn", # required
  protocol_type: "MCP", # required, accepts MCP
  protocol_configuration: {
    mcp: {
      supported_versions: ["McpVersion"],
      instructions: "McpInstructions",
      search_type: "SEMANTIC", # accepts SEMANTIC
    },
  },
  authorizer_type: "CUSTOM_JWT", # required, accepts CUSTOM_JWT, AWS_IAM, NONE
  authorizer_configuration: {
    custom_jwt_authorizer: {
      discovery_url: "DiscoveryUrl", # required
      allowed_audience: ["AllowedAudience"],
      allowed_clients: ["AllowedClient"],
      allowed_scopes: ["AllowedScopeType"],
      custom_claims: [
        {
          inbound_token_claim_name: "InboundTokenClaimNameType", # required
          inbound_token_claim_value_type: "STRING", # required, accepts STRING, STRING_ARRAY
          authorizing_claim_match_value: { # required
            claim_match_value: { # required
              match_value_string: "MatchValueString",
              match_value_string_list: ["MatchValueString"],
            },
            claim_match_operator: "EQUALS", # required, accepts EQUALS, CONTAINS, CONTAINS_ANY
          },
        },
      ],
    },
  },
  kms_key_arn: "KmsKeyArn",
  interceptor_configurations: [
    {
      interceptor: { # required
        lambda: {
          arn: "LambdaFunctionArn", # required
        },
      },
      interception_points: ["REQUEST"], # required, accepts REQUEST, RESPONSE
      input_configuration: {
        pass_request_headers: false, # required
      },
    },
  ],
  policy_engine_configuration: {
    arn: "GatewayPolicyEngineArn", # required
    mode: "LOG_ONLY", # required, accepts LOG_ONLY, ENFORCE
  },
  exception_level: "DEBUG", # accepts DEBUG
})

Response structure

resp.gateway_arn #=> String
resp.gateway_id #=> String
resp.gateway_url #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.status #=> String, one of "CREATING", "UPDATING", "UPDATE_UNSUCCESSFUL", "DELETING", "READY", "FAILED"
resp.status_reasons #=> Array
resp.status_reasons[0] #=> String
resp.name #=> String
resp.description #=> String
resp.role_arn #=> String
resp.protocol_type #=> String, one of "MCP"
resp.protocol_configuration.mcp.supported_versions #=> Array
resp.protocol_configuration.mcp.supported_versions[0] #=> String
resp.protocol_configuration.mcp.instructions #=> String
resp.protocol_configuration.mcp.search_type #=> String, one of "SEMANTIC"
resp.authorizer_type #=> String, one of "CUSTOM_JWT", "AWS_IAM", "NONE"
resp.authorizer_configuration.custom_jwt_authorizer.discovery_url #=> String
resp.authorizer_configuration.custom_jwt_authorizer.allowed_audience #=> Array
resp.authorizer_configuration.custom_jwt_authorizer.allowed_audience[0] #=> String
resp.authorizer_configuration.custom_jwt_authorizer.allowed_clients #=> Array
resp.authorizer_configuration.custom_jwt_authorizer.allowed_clients[0] #=> String
resp.authorizer_configuration.custom_jwt_authorizer.allowed_scopes #=> Array
resp.authorizer_configuration.custom_jwt_authorizer.allowed_scopes[0] #=> String
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims #=> Array
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_name #=> String
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_value_type #=> String, one of "STRING", "STRING_ARRAY"
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].authorizing_claim_match_value.claim_match_value.match_value_string #=> String
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].authorizing_claim_match_value.claim_match_value.match_value_string_list #=> Array
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].authorizing_claim_match_value.claim_match_value.match_value_string_list[0] #=> String
resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].authorizing_claim_match_value.claim_match_operator #=> String, one of "EQUALS", "CONTAINS", "CONTAINS_ANY"
resp.kms_key_arn #=> String
resp.interceptor_configurations #=> Array
resp.interceptor_configurations[0].interceptor.lambda.arn #=> String
resp.interceptor_configurations[0].interception_points #=> Array
resp.interceptor_configurations[0].interception_points[0] #=> String, one of "REQUEST", "RESPONSE"
resp.interceptor_configurations[0].input_configuration.pass_request_headers #=> Boolean
resp.policy_engine_configuration.arn #=> String
resp.policy_engine_configuration.mode #=> String, one of "LOG_ONLY", "ENFORCE"
resp.workload_identity_details.workload_identity_arn #=> String
resp.exception_level #=> String, one of "DEBUG"

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :gateway_identifier (required, String) —

  The identifier of the gateway to update.

• :name (required, String) —

  The name of the gateway. This name must be the same as the one when the gateway was created.

• :description (String) —

  The updated description for the gateway.

• :role_arn (required, String) —

  The updated IAM role ARN that provides permissions for the gateway.

• :protocol_type (required, String) —

  The updated protocol type for the gateway.

• :protocol_configuration (Types::GatewayProtocolConfiguration) —

  The configuration for a gateway protocol. This structure defines how the gateway communicates with external services.

• :authorizer_type (required, String) —

  The updated authorizer type for the gateway.

• :authorizer_configuration (Types::AuthorizerConfiguration) —

  The updated authorizer configuration for the gateway.

• :kms_key_arn (String) —

  The updated ARN of the KMS key used to encrypt the gateway.

• :interceptor_configurations (Array<Types::GatewayInterceptorConfiguration>) —

  The updated interceptor configurations for the gateway.

• :policy_engine_configuration (Types::GatewayPolicyEngineConfiguration) —

  The updated policy engine configuration for the gateway. A policy engine is a collection of policies that evaluates and authorizes agent tool calls. When associated with a gateway, the policy engine intercepts all agent requests and determines whether to allow or deny each action based on the defined policies.

• :exception_level (String) —

  The level of detail in error messages returned when invoking the gateway.

  • If the value is DEBUG, granular exception messages are returned to help a user debug the gateway.

  • If the value is omitted, a generic error message is returned to the end user.

Returns:

• (Types::UpdateGatewayResponse) —

  Returns a response object which responds to the following methods:

  • #gateway_arn => String
  • #gateway_id => String
  • #gateway_url => String
  • #created_at => Time
  • #updated_at => Time
  • #status => String
  • #status_reasons => Array<String>
  • #name => String
  • #description => String
  • #role_arn => String
  • #protocol_type => String
  • #protocol_configuration => Types::GatewayProtocolConfiguration
  • #authorizer_type => String
  • #authorizer_configuration => Types::AuthorizerConfiguration
  • #kms_key_arn => String
  • #interceptor_configurations => Array<Types::GatewayInterceptorConfiguration>
  • #policy_engine_configuration => Types::GatewayPolicyEngineConfiguration
  • #workload_identity_details => Types::WorkloadIdentityDetails
  • #exception_level => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 5590

def update_gateway(params = {}, options = {})
  req = build_request(:update_gateway, params)
  req.send_request(options)
end

#update_gateway_target(params = {}) ⇒ Types::UpdateGatewayTargetResponse

Updates an existing gateway target.

Examples:

Request syntax with placeholder values

resp = client.update_gateway_target({
  gateway_identifier: "GatewayIdentifier", # required
  target_id: "TargetId", # required
  name: "TargetName", # required
  description: "TargetDescription",
  target_configuration: { # required
    mcp: {
      open_api_schema: {
        s3: {
          uri: "S3BucketUri",
          bucket_owner_account_id: "AwsAccountId",
        },
        inline_payload: "InlinePayload",
      },
      smithy_model: {
        s3: {
          uri: "S3BucketUri",
          bucket_owner_account_id: "AwsAccountId",
        },
        inline_payload: "InlinePayload",
      },
      lambda: {
        lambda_arn: "LambdaFunctionArn", # required
        tool_schema: { # required
          s3: {
            uri: "S3BucketUri",
            bucket_owner_account_id: "AwsAccountId",
          },
          inline_payload: [
            {
              name: "String", # required
              description: "String", # required
              input_schema: { # required
                type: "string", # required, accepts string, number, object, array, boolean, integer
                properties: {
                  "String" => {
                    # recursive SchemaDefinition
                  },
                },
                required: ["String"],
                items: {
                  # recursive SchemaDefinition
                },
                description: "String",
              },
              output_schema: {
                type: "string", # required, accepts string, number, object, array, boolean, integer
                properties: {
                  "String" => {
                    # recursive SchemaDefinition
                  },
                },
                required: ["String"],
                items: {
                  # recursive SchemaDefinition
                },
                description: "String",
              },
            },
          ],
        },
      },
      mcp_server: {
        endpoint: "McpServerTargetConfigurationEndpointString", # required
      },
      api_gateway: {
        rest_api_id: "String", # required
        stage: "String", # required
        api_gateway_tool_configuration: { # required
          tool_overrides: [
            {
              name: "String", # required
              description: "String",
              path: "String", # required
              method: "GET", # required, accepts GET, DELETE, HEAD, OPTIONS, PATCH, PUT, POST
            },
          ],
          tool_filters: [ # required
            {
              filter_path: "String", # required
              methods: ["GET"], # required, accepts GET, DELETE, HEAD, OPTIONS, PATCH, PUT, POST
            },
          ],
        },
      },
    },
  },
  credential_provider_configurations: [
    {
      credential_provider_type: "GATEWAY_IAM_ROLE", # required, accepts GATEWAY_IAM_ROLE, OAUTH, API_KEY
      credential_provider: {
        oauth_credential_provider: {
          provider_arn: "OAuthCredentialProviderArn", # required
          scopes: ["OAuthScope"], # required
          custom_parameters: {
            "OAuthCustomParametersKey" => "OAuthCustomParametersValue",
          },
          grant_type: "CLIENT_CREDENTIALS", # accepts CLIENT_CREDENTIALS, AUTHORIZATION_CODE
          default_return_url: "OAuthDefaultReturnUrl",
        },
        api_key_credential_provider: {
          provider_arn: "ApiKeyCredentialProviderArn", # required
          credential_parameter_name: "ApiKeyCredentialParameterName",
          credential_prefix: "ApiKeyCredentialPrefix",
          credential_location: "HEADER", # accepts HEADER, QUERY_PARAMETER
        },
      },
    },
  ],
})

Response structure

resp.gateway_arn #=> String
resp.target_id #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.status #=> String, one of "CREATING", "UPDATING", "UPDATE_UNSUCCESSFUL", "DELETING", "READY", "FAILED", "SYNCHRONIZING", "SYNCHRONIZE_UNSUCCESSFUL"
resp.status_reasons #=> Array
resp.status_reasons[0] #=> String
resp.name #=> String
resp.description #=> String
resp.target_configuration.mcp.open_api_schema.s3.uri #=> String
resp.target_configuration.mcp.open_api_schema.s3.bucket_owner_account_id #=> String
resp.target_configuration.mcp.open_api_schema.inline_payload #=> String
resp.target_configuration.mcp.smithy_model.s3.uri #=> String
resp.target_configuration.mcp.smithy_model.s3.bucket_owner_account_id #=> String
resp.target_configuration.mcp.smithy_model.inline_payload #=> String
resp.target_configuration.mcp.lambda.lambda_arn #=> String
resp.target_configuration.mcp.lambda.tool_schema.s3.uri #=> String
resp.target_configuration.mcp.lambda.tool_schema.s3.bucket_owner_account_id #=> String
resp.target_configuration.mcp.lambda.tool_schema.inline_payload #=> Array
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].name #=> String
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].description #=> String
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.type #=> String, one of "string", "number", "object", "array", "boolean", "integer"
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.properties #=> Hash
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.properties["String"] #=> Types::SchemaDefinition
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.required #=> Array
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.required[0] #=> String
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.items #=> Types::SchemaDefinition
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].input_schema.description #=> String
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.type #=> String, one of "string", "number", "object", "array", "boolean", "integer"
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.properties #=> Hash
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.properties["String"] #=> Types::SchemaDefinition
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.required #=> Array
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.required[0] #=> String
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.items #=> Types::SchemaDefinition
resp.target_configuration.mcp.lambda.tool_schema.inline_payload[0].output_schema.description #=> String
resp.target_configuration.mcp.mcp_server.endpoint #=> String
resp.target_configuration.mcp.api_gateway.rest_api_id #=> String
resp.target_configuration.mcp.api_gateway.stage #=> String
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_overrides #=> Array
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_overrides[0].name #=> String
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_overrides[0].description #=> String
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_overrides[0].path #=> String
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_overrides[0].method #=> String, one of "GET", "DELETE", "HEAD", "OPTIONS", "PATCH", "PUT", "POST"
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters #=> Array
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters[0].filter_path #=> String
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters[0].methods #=> Array
resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters[0].methods[0] #=> String, one of "GET", "DELETE", "HEAD", "OPTIONS", "PATCH", "PUT", "POST"
resp.credential_provider_configurations #=> Array
resp.credential_provider_configurations[0].credential_provider_type #=> String, one of "GATEWAY_IAM_ROLE", "OAUTH", "API_KEY"
resp.credential_provider_configurations[0].credential_provider.oauth_credential_provider.provider_arn #=> String
resp.credential_provider_configurations[0].credential_provider.oauth_credential_provider.scopes #=> Array
resp.credential_provider_configurations[0].credential_provider.oauth_credential_provider.scopes[0] #=> String
resp.credential_provider_configurations[0].credential_provider.oauth_credential_provider.custom_parameters #=> Hash
resp.credential_provider_configurations[0].credential_provider.oauth_credential_provider.custom_parameters["OAuthCustomParametersKey"] #=> String
resp.credential_provider_configurations[0].credential_provider.oauth_credential_provider.grant_type #=> String, one of "CLIENT_CREDENTIALS", "AUTHORIZATION_CODE"
resp.credential_provider_configurations[0].credential_provider.oauth_credential_provider.default_return_url #=> String
resp.credential_provider_configurations[0].credential_provider.api_key_credential_provider.provider_arn #=> String
resp.credential_provider_configurations[0].credential_provider.api_key_credential_provider.credential_parameter_name #=> String
resp.credential_provider_configurations[0].credential_provider.api_key_credential_provider.credential_prefix #=> String
resp.credential_provider_configurations[0].credential_provider.api_key_credential_provider.credential_location #=> String, one of "HEADER", "QUERY_PARAMETER"
resp.last_synchronized_at #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :gateway_identifier (required, String) —

  The unique identifier of the gateway associated with the target.

• :target_id (required, String) —

  The unique identifier of the gateway target to update.

• :name (required, String) —

  The updated name for the gateway target.

• :description (String) —

  The updated description for the gateway target.

• :target_configuration (required, Types::TargetConfiguration) —

  The configuration for a gateway target. This structure defines how the gateway connects to and interacts with the target endpoint.

• :credential_provider_configurations (Array<Types::CredentialProviderConfiguration>) —

  The updated credential provider configurations for the gateway target.

Returns:

• (Types::UpdateGatewayTargetResponse) —

  Returns a response object which responds to the following methods:

  • #gateway_arn => String
  • #target_id => String
  • #created_at => Time
  • #updated_at => Time
  • #status => String
  • #status_reasons => Array<String>
  • #name => String
  • #description => String
  • #target_configuration => Types::TargetConfiguration
  • #credential_provider_configurations => Array<Types::CredentialProviderConfiguration>
  • #last_synchronized_at => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 5811

def update_gateway_target(params = {}, options = {})
  req = build_request(:update_gateway_target, params)
  req.send_request(options)
end

#update_memory(params = {}) ⇒ Types::UpdateMemoryOutput

Update an Amazon Bedrock AgentCore Memory resource memory.

Examples:

Request syntax with placeholder values

resp = client.update_memory({
  client_token: "UpdateMemoryInputClientTokenString",
  memory_id: "MemoryId", # required
  description: "Description",
  event_expiry_duration: 1,
  memory_execution_role_arn: "Arn",
  memory_strategies: {
    add_memory_strategies: [
      {
        semantic_memory_strategy: {
          name: "Name", # required
          description: "Description",
          namespaces: ["Namespace"],
        },
        summary_memory_strategy: {
          name: "Name", # required
          description: "Description",
          namespaces: ["Namespace"],
        },
        user_preference_memory_strategy: {
          name: "Name", # required
          description: "Description",
          namespaces: ["Namespace"],
        },
        custom_memory_strategy: {
          name: "Name", # required
          description: "Description",
          namespaces: ["Namespace"],
          configuration: {
            semantic_override: {
              extraction: {
                append_to_prompt: "Prompt", # required
                model_id: "String", # required
              },
              consolidation: {
                append_to_prompt: "Prompt", # required
                model_id: "String", # required
              },
            },
            summary_override: {
              consolidation: {
                append_to_prompt: "Prompt", # required
                model_id: "String", # required
              },
            },
            user_preference_override: {
              extraction: {
                append_to_prompt: "Prompt", # required
                model_id: "String", # required
              },
              consolidation: {
                append_to_prompt: "Prompt", # required
                model_id: "String", # required
              },
            },
            episodic_override: {
              extraction: {
                append_to_prompt: "Prompt", # required
                model_id: "String", # required
              },
              consolidation: {
                append_to_prompt: "Prompt", # required
                model_id: "String", # required
              },
              reflection: {
                append_to_prompt: "Prompt", # required
                model_id: "String", # required
                namespaces: ["Namespace"],
              },
            },
            self_managed_configuration: {
              trigger_conditions: [
                {
                  message_based_trigger: {
                    message_count: 1,
                  },
                  token_based_trigger: {
                    token_count: 1,
                  },
                  time_based_trigger: {
                    idle_session_timeout: 1,
                  },
                },
              ],
              invocation_configuration: { # required
                topic_arn: "Arn", # required
                payload_delivery_bucket_name: "InvocationConfigurationInputPayloadDeliveryBucketNameString", # required
              },
              historical_context_window_size: 1,
            },
          },
        },
        episodic_memory_strategy: {
          name: "Name", # required
          description: "Description",
          namespaces: ["Namespace"],
          reflection_configuration: {
            namespaces: ["Namespace"], # required
          },
        },
      },
    ],
    modify_memory_strategies: [
      {
        memory_strategy_id: "String", # required
        description: "Description",
        namespaces: ["Namespace"],
        configuration: {
          extraction: {
            custom_extraction_configuration: {
              semantic_extraction_override: {
                append_to_prompt: "Prompt", # required
                model_id: "String", # required
              },
              user_preference_extraction_override: {
                append_to_prompt: "Prompt", # required
                model_id: "String", # required
              },
              episodic_extraction_override: {
                append_to_prompt: "Prompt", # required
                model_id: "String", # required
              },
            },
          },
          consolidation: {
            custom_consolidation_configuration: {
              semantic_consolidation_override: {
                append_to_prompt: "Prompt", # required
                model_id: "String", # required
              },
              summary_consolidation_override: {
                append_to_prompt: "Prompt", # required
                model_id: "String", # required
              },
              user_preference_consolidation_override: {
                append_to_prompt: "Prompt", # required
                model_id: "String", # required
              },
              episodic_consolidation_override: {
                append_to_prompt: "Prompt", # required
                model_id: "String", # required
              },
            },
          },
          reflection: {
            episodic_reflection_configuration: {
              namespaces: ["Namespace"], # required
            },
            custom_reflection_configuration: {
              episodic_reflection_override: {
                append_to_prompt: "Prompt", # required
                model_id: "String", # required
                namespaces: ["Namespace"],
              },
            },
          },
          self_managed_configuration: {
            trigger_conditions: [
              {
                message_based_trigger: {
                  message_count: 1,
                },
                token_based_trigger: {
                  token_count: 1,
                },
                time_based_trigger: {
                  idle_session_timeout: 1,
                },
              },
            ],
            invocation_configuration: {
              topic_arn: "Arn",
              payload_delivery_bucket_name: "ModifyInvocationConfigurationInputPayloadDeliveryBucketNameString",
            },
            historical_context_window_size: 1,
          },
        },
      },
    ],
    delete_memory_strategies: [
      {
        memory_strategy_id: "String", # required
      },
    ],
  },
})

Response structure

resp.memory.arn #=> String
resp.memory.id #=> String
resp.memory.name #=> String
resp.memory.description #=> String
resp.memory.encryption_key_arn #=> String
resp.memory.memory_execution_role_arn #=> String
resp.memory.event_expiry_duration #=> Integer
resp.memory.status #=> String, one of "CREATING", "ACTIVE", "FAILED", "DELETING"
resp.memory.failure_reason #=> String
resp.memory.created_at #=> Time
resp.memory.updated_at #=> Time
resp.memory.strategies #=> Array
resp.memory.strategies[0].strategy_id #=> String
resp.memory.strategies[0].name #=> String
resp.memory.strategies[0].description #=> String
resp.memory.strategies[0].configuration.type #=> String, one of "SEMANTIC_OVERRIDE", "SUMMARY_OVERRIDE", "USER_PREFERENCE_OVERRIDE", "SELF_MANAGED", "EPISODIC_OVERRIDE"
resp.memory.strategies[0].configuration.extraction.custom_extraction_configuration.semantic_extraction_override.append_to_prompt #=> String
resp.memory.strategies[0].configuration.extraction.custom_extraction_configuration.semantic_extraction_override.model_id #=> String
resp.memory.strategies[0].configuration.extraction.custom_extraction_configuration.user_preference_extraction_override.append_to_prompt #=> String
resp.memory.strategies[0].configuration.extraction.custom_extraction_configuration.user_preference_extraction_override.model_id #=> String
resp.memory.strategies[0].configuration.extraction.custom_extraction_configuration.episodic_extraction_override.append_to_prompt #=> String
resp.memory.strategies[0].configuration.extraction.custom_extraction_configuration.episodic_extraction_override.model_id #=> String
resp.memory.strategies[0].configuration.consolidation.custom_consolidation_configuration.semantic_consolidation_override.append_to_prompt #=> String
resp.memory.strategies[0].configuration.consolidation.custom_consolidation_configuration.semantic_consolidation_override.model_id #=> String
resp.memory.strategies[0].configuration.consolidation.custom_consolidation_configuration.summary_consolidation_override.append_to_prompt #=> String
resp.memory.strategies[0].configuration.consolidation.custom_consolidation_configuration.summary_consolidation_override.model_id #=> String
resp.memory.strategies[0].configuration.consolidation.custom_consolidation_configuration.user_preference_consolidation_override.append_to_prompt #=> String
resp.memory.strategies[0].configuration.consolidation.custom_consolidation_configuration.user_preference_consolidation_override.model_id #=> String
resp.memory.strategies[0].configuration.consolidation.custom_consolidation_configuration.episodic_consolidation_override.append_to_prompt #=> String
resp.memory.strategies[0].configuration.consolidation.custom_consolidation_configuration.episodic_consolidation_override.model_id #=> String
resp.memory.strategies[0].configuration.reflection.custom_reflection_configuration.episodic_reflection_override.append_to_prompt #=> String
resp.memory.strategies[0].configuration.reflection.custom_reflection_configuration.episodic_reflection_override.model_id #=> String
resp.memory.strategies[0].configuration.reflection.custom_reflection_configuration.episodic_reflection_override.namespaces #=> Array
resp.memory.strategies[0].configuration.reflection.custom_reflection_configuration.episodic_reflection_override.namespaces[0] #=> String
resp.memory.strategies[0].configuration.reflection.episodic_reflection_configuration.namespaces #=> Array
resp.memory.strategies[0].configuration.reflection.episodic_reflection_configuration.namespaces[0] #=> String
resp.memory.strategies[0].configuration.self_managed_configuration.trigger_conditions #=> Array
resp.memory.strategies[0].configuration.self_managed_configuration.trigger_conditions[0].message_based_trigger.message_count #=> Integer
resp.memory.strategies[0].configuration.self_managed_configuration.trigger_conditions[0].token_based_trigger.token_count #=> Integer
resp.memory.strategies[0].configuration.self_managed_configuration.trigger_conditions[0].time_based_trigger.idle_session_timeout #=> Integer
resp.memory.strategies[0].configuration.self_managed_configuration.invocation_configuration.topic_arn #=> String
resp.memory.strategies[0].configuration.self_managed_configuration.invocation_configuration.payload_delivery_bucket_name #=> String
resp.memory.strategies[0].configuration.self_managed_configuration.historical_context_window_size #=> Integer
resp.memory.strategies[0].type #=> String, one of "SEMANTIC", "SUMMARIZATION", "USER_PREFERENCE", "CUSTOM", "EPISODIC"
resp.memory.strategies[0].namespaces #=> Array
resp.memory.strategies[0].namespaces[0] #=> String
resp.memory.strategies[0].created_at #=> Time
resp.memory.strategies[0].updated_at #=> Time
resp.memory.strategies[0].status #=> String, one of "CREATING", "ACTIVE", "DELETING", "FAILED"

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :client_token (String) —

  A client token is used for keeping track of idempotent requests. It can contain a session id which can be around 250 chars, combined with a unique AWS identifier.

  A suitable default value is auto-generated. You should normally not need to pass this option.**

• :memory_id (required, String) —

  The unique identifier of the memory to update.

• :description (String) —

  The updated description of the AgentCore Memory resource.

• :event_expiry_duration (Integer) —

  The number of days after which memory events will expire, between 7 and 365 days.

• :memory_execution_role_arn (String) —

  The ARN of the IAM role that provides permissions for the AgentCore Memory resource.

• :memory_strategies (Types::ModifyMemoryStrategies) —

  The memory strategies to add, modify, or delete.

Returns:

• (Types::UpdateMemoryOutput) —

  Returns a response object which responds to the following methods:

  • #memory => Types::Memory

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 6092

def update_memory(params = {}, options = {})
  req = build_request(:update_memory, params)
  req.send_request(options)
end

#update_oauth_2_credential_provider(params = {}) ⇒ Types::UpdateOauth2CredentialProviderResponse

Updates an existing OAuth2 credential provider.

Examples:

Request syntax with placeholder values

resp = client.update_oauth_2_credential_provider({
  name: "CredentialProviderName", # required
  credential_provider_vendor: "GoogleOauth2", # required, accepts GoogleOauth2, GithubOauth2, SlackOauth2, SalesforceOauth2, MicrosoftOauth2, CustomOauth2, AtlassianOauth2, LinkedinOauth2, XOauth2, OktaOauth2, OneLoginOauth2, PingOneOauth2, FacebookOauth2, YandexOauth2, RedditOauth2, ZoomOauth2, TwitchOauth2, SpotifyOauth2, DropboxOauth2, NotionOauth2, HubspotOauth2, CyberArkOauth2, FusionAuthOauth2, Auth0Oauth2, CognitoOauth2
  oauth2_provider_config_input: { # required
    custom_oauth_2_provider_config: {
      oauth_discovery: { # required
        discovery_url: "DiscoveryUrlType",
        authorization_server_metadata: {
          issuer: "IssuerUrlType", # required
          authorization_endpoint: "AuthorizationEndpointType", # required
          token_endpoint: "TokenEndpointType", # required
          response_types: ["ResponseType"],
          token_endpoint_auth_methods: ["TokenAuthMethod"],
        },
      },
      client_id: "ClientIdType", # required
      client_secret: "ClientSecretType", # required
    },
    google_oauth_2_provider_config: {
      client_id: "ClientIdType", # required
      client_secret: "ClientSecretType", # required
    },
    github_oauth_2_provider_config: {
      client_id: "ClientIdType", # required
      client_secret: "ClientSecretType", # required
    },
    slack_oauth_2_provider_config: {
      client_id: "ClientIdType", # required
      client_secret: "ClientSecretType", # required
    },
    salesforce_oauth_2_provider_config: {
      client_id: "ClientIdType", # required
      client_secret: "ClientSecretType", # required
    },
    microsoft_oauth_2_provider_config: {
      client_id: "ClientIdType", # required
      client_secret: "ClientSecretType", # required
      tenant_id: "TenantIdType",
    },
    atlassian_oauth_2_provider_config: {
      client_id: "ClientIdType", # required
      client_secret: "ClientSecretType", # required
    },
    linkedin_oauth_2_provider_config: {
      client_id: "ClientIdType", # required
      client_secret: "ClientSecretType", # required
    },
    included_oauth_2_provider_config: {
      client_id: "ClientIdType", # required
      client_secret: "ClientSecretType", # required
      issuer: "IssuerUrlType",
      authorization_endpoint: "AuthorizationEndpointType",
      token_endpoint: "TokenEndpointType",
    },
  },
})

Response structure

resp.client_secret_arn.secret_arn #=> String
resp.name #=> String
resp.credential_provider_vendor #=> String, one of "GoogleOauth2", "GithubOauth2", "SlackOauth2", "SalesforceOauth2", "MicrosoftOauth2", "CustomOauth2", "AtlassianOauth2", "LinkedinOauth2", "XOauth2", "OktaOauth2", "OneLoginOauth2", "PingOneOauth2", "FacebookOauth2", "YandexOauth2", "RedditOauth2", "ZoomOauth2", "TwitchOauth2", "SpotifyOauth2", "DropboxOauth2", "NotionOauth2", "HubspotOauth2", "CyberArkOauth2", "FusionAuthOauth2", "Auth0Oauth2", "CognitoOauth2"
resp.credential_provider_arn #=> String
resp.callback_url #=> String
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.custom_oauth_2_provider_config.client_id #=> String
resp.oauth2_provider_config_output.google_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.google_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.google_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.google_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.google_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.google_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.google_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.google_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.google_oauth_2_provider_config.client_id #=> String
resp.oauth2_provider_config_output.github_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.github_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.github_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.github_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.github_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.github_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.github_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.github_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.github_oauth_2_provider_config.client_id #=> String
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.slack_oauth_2_provider_config.client_id #=> String
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.salesforce_oauth_2_provider_config.client_id #=> String
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.microsoft_oauth_2_provider_config.client_id #=> String
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.atlassian_oauth_2_provider_config.client_id #=> String
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.linkedin_oauth_2_provider_config.client_id #=> String
resp.oauth2_provider_config_output.included_oauth_2_provider_config.oauth_discovery.discovery_url #=> String
resp.oauth2_provider_config_output.included_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.issuer #=> String
resp.oauth2_provider_config_output.included_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.authorization_endpoint #=> String
resp.oauth2_provider_config_output.included_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint #=> String
resp.oauth2_provider_config_output.included_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types #=> Array
resp.oauth2_provider_config_output.included_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.response_types[0] #=> String
resp.oauth2_provider_config_output.included_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods #=> Array
resp.oauth2_provider_config_output.included_oauth_2_provider_config.oauth_discovery.authorization_server_metadata.token_endpoint_auth_methods[0] #=> String
resp.oauth2_provider_config_output.included_oauth_2_provider_config.client_id #=> String
resp.created_time #=> Time
resp.last_updated_time #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :name (required, String) —

  The name of the OAuth2 credential provider to update.

• :credential_provider_vendor (required, String) —

  The vendor of the OAuth2 credential provider.

• :oauth2_provider_config_input (required, Types::Oauth2ProviderConfigInput) —

  The configuration input for the OAuth2 provider.

Returns:

• (Types::UpdateOauth2CredentialProviderResponse) —

  Returns a response object which responds to the following methods:

  • #client_secret_arn => Types::Secret
  • #name => String
  • #credential_provider_vendor => String
  • #credential_provider_arn => String
  • #callback_url => String
  • #oauth2_provider_config_output => Types::Oauth2ProviderConfigOutput
  • #created_time => Time
  • #last_updated_time => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 6273

def update_oauth_2_credential_provider(params = {}, options = {})
  req = build_request(:update_oauth_2_credential_provider, params)
  req.send_request(options)
end

#update_online_evaluation_config(params = {}) ⇒ Types::UpdateOnlineEvaluationConfigResponse

Updates an online evaluation configuration's settings, including rules, data sources, evaluators, and execution status. Changes take effect immediately for ongoing evaluations.

Examples:

Request syntax with placeholder values

resp = client.update_online_evaluation_config({
  client_token: "ClientToken",
  online_evaluation_config_id: "OnlineEvaluationConfigId", # required
  description: "EvaluationConfigDescription",
  rule: {
    sampling_config: { # required
      sampling_percentage: 1.0, # required
    },
    filters: [
      {
        key: "FilterKeyString", # required
        operator: "Equals", # required, accepts Equals, NotEquals, GreaterThan, LessThan, GreaterThanOrEqual, LessThanOrEqual, Contains, NotContains
        value: { # required
          string_value: "FilterValueStringValueString",
          double_value: 1.0,
          boolean_value: false,
        },
      },
    ],
    session_config: {
      session_timeout_minutes: 1, # required
    },
  },
  data_source_config: {
    cloud_watch_logs: {
      log_group_names: ["LogGroupName"], # required
      service_names: ["ServiceName"], # required
    },
  },
  evaluators: [
    {
      evaluator_id: "EvaluatorId",
    },
  ],
  evaluation_execution_role_arn: "RoleArn",
  execution_status: "ENABLED", # accepts ENABLED, DISABLED
})

Response structure

resp.online_evaluation_config_arn #=> String
resp.online_evaluation_config_id #=> String
resp.updated_at #=> Time
resp.status #=> String, one of "ACTIVE", "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "DELETING"
resp.execution_status #=> String, one of "ENABLED", "DISABLED"
resp.failure_reason #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :client_token (String) —

  A unique, case-sensitive identifier to ensure that the API request completes no more than one time. If you don't specify this field, a value is randomly generated for you. If this token matches a previous request, the service ignores the request, but doesn't return an error. For more information, see Ensuring idempotency.

  A suitable default value is auto-generated. You should normally not need to pass this option.**

• :online_evaluation_config_id (required, String) —

  The unique identifier of the online evaluation configuration to update.

• :description (String) —

  The updated description of the online evaluation configuration.

• :rule (Types::Rule) —

  The updated evaluation rule containing sampling configuration, filters, and session settings.

• :data_source_config (Types::DataSourceConfig) —

  The updated data source configuration specifying CloudWatch log groups and service names to monitor.

• :evaluators (Array<Types::EvaluatorReference>) —

  The updated list of evaluators to apply during online evaluation.

• :evaluation_execution_role_arn (String) —

  The updated Amazon Resource Name (ARN) of the IAM role used for evaluation execution.

• :execution_status (String) —

  The updated execution status to enable or disable the online evaluation.

Returns:

• (Types::UpdateOnlineEvaluationConfigResponse) —

  Returns a response object which responds to the following methods:

  • #online_evaluation_config_arn => String
  • #online_evaluation_config_id => String
  • #updated_at => Time
  • #status => String
  • #execution_status => String
  • #failure_reason => String

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 6384

def update_online_evaluation_config(params = {}, options = {})
  req = build_request(:update_online_evaluation_config, params)
  req.send_request(options)
end

#update_policy(params = {}) ⇒ Types::UpdatePolicyResponse

Updates an existing policy within the AgentCore Policy system. This operation allows modification of the policy description and definition while maintaining the policy's identity. The updated policy is validated against the Cedar schema before being applied. This is an asynchronous operation. Use the GetPolicy operation to poll the status field to track completion.

Examples:

Request syntax with placeholder values

resp = client.update_policy({
  policy_engine_id: "ResourceId", # required
  policy_id: "ResourceId", # required
  description: "Description",
  definition: { # required
    cedar: {
      statement: "Statement", # required
    },
  },
  validation_mode: "FAIL_ON_ANY_FINDINGS", # accepts FAIL_ON_ANY_FINDINGS, IGNORE_ALL_FINDINGS
})

Response structure

resp.policy_id #=> String
resp.name #=> String
resp.policy_engine_id #=> String
resp.definition.cedar.statement #=> String
resp.description #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.policy_arn #=> String
resp.status #=> String, one of "CREATING", "ACTIVE", "UPDATING", "DELETING", "CREATE_FAILED", "UPDATE_FAILED", "DELETE_FAILED"
resp.status_reasons #=> Array
resp.status_reasons[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :policy_engine_id (required, String) —

  The identifier of the policy engine that manages the policy to be updated. This ensures the policy is updated within the correct policy engine context.

• :policy_id (required, String) —

  The unique identifier of the policy to be updated. This must be a valid policy ID that exists within the specified policy engine.

• :description (String) —

  The new human-readable description for the policy. This optional field allows updating the policy's documentation while keeping the same policy logic.

• :definition (required, Types::PolicyDefinition) —

  The new Cedar policy statement that defines the access control rules. This replaces the existing policy definition with new logic while maintaining the policy's identity.

• :validation_mode (String) —

  The validation mode for the policy update. Determines how Cedar analyzer validation results are handled during policy updates. FAIL_ON_ANY_FINDINGS runs the Cedar analyzer and fails the update if validation issues are detected, ensuring the policy conforms to the Cedar schema and tool context. IGNORE_ALL_FINDINGS runs the Cedar analyzer but allows updates despite validation warnings. Use FAIL_ON_ANY_FINDINGS to ensure policy correctness during updates, especially when modifying policy logic or conditions.

Returns:

• (Types::UpdatePolicyResponse) —

  Returns a response object which responds to the following methods:

  • #policy_id => String
  • #name => String
  • #policy_engine_id => String
  • #definition => Types::PolicyDefinition
  • #description => String
  • #created_at => Time
  • #updated_at => Time
  • #policy_arn => String
  • #status => String
  • #status_reasons => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 6470

def update_policy(params = {}, options = {})
  req = build_request(:update_policy, params)
  req.send_request(options)
end

#update_policy_engine(params = {}) ⇒ Types::UpdatePolicyEngineResponse

Updates an existing policy engine within the AgentCore Policy system. This operation allows modification of the policy engine description while maintaining its identity. This is an asynchronous operation. Use the GetPolicyEngine operation to poll the status field to track completion.

Examples:

Request syntax with placeholder values

resp = client.update_policy_engine({
  policy_engine_id: "ResourceId", # required
  description: "Description",
})

Response structure

resp.policy_engine_id #=> String
resp.name #=> String
resp.description #=> String
resp.created_at #=> Time
resp.updated_at #=> Time
resp.policy_engine_arn #=> String
resp.status #=> String, one of "CREATING", "ACTIVE", "UPDATING", "DELETING", "CREATE_FAILED", "UPDATE_FAILED", "DELETE_FAILED"
resp.status_reasons #=> Array
resp.status_reasons[0] #=> String

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :policy_engine_id (required, String) —

  The unique identifier of the policy engine to be updated.

• :description (String) —

  The new description for the policy engine.

Returns:

• (Types::UpdatePolicyEngineResponse) —

  Returns a response object which responds to the following methods:

  • #policy_engine_id => String
  • #name => String
  • #description => String
  • #created_at => Time
  • #updated_at => Time
  • #policy_engine_arn => String
  • #status => String
  • #status_reasons => Array<String>

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 6521

def update_policy_engine(params = {}, options = {})
  req = build_request(:update_policy_engine, params)
  req.send_request(options)
end

#update_workload_identity(params = {}) ⇒ Types::UpdateWorkloadIdentityResponse

Updates an existing workload identity.

Examples:

Request syntax with placeholder values

resp = client.update_workload_identity({
  name: "WorkloadIdentityNameType", # required
  allowed_resource_oauth_2_return_urls: ["ResourceOauth2ReturnUrlType"],
})

Response structure

resp.name #=> String
resp.workload_identity_arn #=> String
resp.allowed_resource_oauth_2_return_urls #=> Array
resp.allowed_resource_oauth_2_return_urls[0] #=> String
resp.created_time #=> Time
resp.last_updated_time #=> Time

Parameters:

• params (Hash) (defaults to: {}) —

  ({})

Options Hash (params):

• :name (required, String) —

  The name of the workload identity to update.

• :allowed_resource_oauth_2_return_urls (Array<String>) —

  The new list of allowed OAuth2 return URLs for resources associated with this workload identity. This list replaces the existing list.

Returns:

• (Types::UpdateWorkloadIdentityResponse) —

  Returns a response object which responds to the following methods:

  • #name => String
  • #workload_identity_arn => String
  • #allowed_resource_oauth_2_return_urls => Array<String>
  • #created_time => Time
  • #last_updated_time => Time

See Also:

• AWS API Documentation

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 6563

def update_workload_identity(params = {}, options = {})
  req = build_request(:update_workload_identity, params)
  req.send_request(options)
end

#wait_until(waiter_name, params = {}, options = {}) {|w.waiter| ... } ⇒ Boolean

Polls an API operation until a resource enters a desired state.

Basic Usage

A waiter will call an API operation until:

• It is successful
• It enters a terminal state
• It makes the maximum number of attempts

In between attempts, the waiter will sleep.

# polls in a loop, sleeping between attempts
client.wait_until(waiter_name, params)

Configuration

You can configure the maximum number of polling attempts, and the delay (in seconds) between each polling attempt. You can pass configuration as the final arguments hash.

# poll for ~25 seconds
client.wait_until(waiter_name, params, {
  max_attempts: 5,
  delay: 5,
})

Callbacks

You can be notified before each polling attempt and before each delay. If you throw :success or :failure from these callbacks, it will terminate the waiter.

started_at = Time.now
client.wait_until(waiter_name, params, {

  # disable max attempts
  max_attempts: nil,

  # poll for 1 hour, instead of a number of attempts
  before_wait: -> (attempts, response) do
    throw :failure if Time.now - started_at > 3600
  end
})

Handling Errors

When a waiter is unsuccessful, it will raise an error. All of the failure errors extend from Waiters::Errors::WaiterFailed.

begin
  client.wait_until(...)
rescue Aws::Waiters::Errors::WaiterFailed
  # resource did not enter the desired state in time
end

Valid Waiters

The following table lists the valid waiter names, the operations they call, and the default :delay and :max_attempts values.

waiter_name	params	:delay	:max_attempts
memory_created	#get_memory	2	60
policy_active	#get_policy	2	60
policy_deleted	#get_policy	2	60
policy_engine_active	#get_policy_engine	2	60
policy_engine_deleted	#get_policy_engine	2	60
policy_generation_completed	#get_policy_generation	2	60

Parameters:

• waiter_name (Symbol)
• params (Hash) (defaults to: {}) —

  ({})

• options (Hash) (defaults to: {}) —

  ({})

Options Hash (options):

• :max_attempts (Integer)
• :delay (Integer)
• :before_attempt (Proc)
• :before_wait (Proc)

Yields:

• (w.waiter)

Returns:

• (Boolean) —

  Returns true if the waiter was successful.

Raises:

• (Errors::FailureStateError) —

  Raised when the waiter terminates because the waiter has entered a state that it will not transition out of, preventing success.

• (Errors::TooManyAttemptsError) —

  Raised when the configured maximum number of attempts have been made, and the waiter is not yet successful.

• (Errors::UnexpectedError) —

  Raised when an error is encounted while polling for a resource that is not expected.

• (Errors::NoSuchWaiterError) —

  Raised when you request to wait for an unknown state.

# File 'gems/aws-sdk-bedrockagentcorecontrol/lib/aws-sdk-bedrockagentcorecontrol/client.rb', line 6683

def wait_until(waiter_name, params = {}, options = {})
  w = waiter(waiter_name, options)
  yield(w.waiter) if block_given? # deprecated
  w.wait(params)
end