Package-level declarations
Types
The Agent-to-Agent (A2A) protocol descriptor for a registry record. Contains the agent card definition as defined by the A2A protocol specification.
This exception is thrown when a request is denied per access permissions
The agent card definition for an A2A descriptor. Contains the schema version and inline content for the agent card.
Contains information about an agent runtime. An agent runtime is the execution environment for a Amazon Bedrock AgentCore Agent.
The artifact of the agent.
Contains information about an agent runtime endpoint. An endpoint provides a way to connect to and interact with an agent runtime.
The agent skills descriptor for a registry record. Contains an optional skill markdown definition in human-readable format and an optional structured skill definition.
The configuration for an Amazon API Gateway target.
The configuration for defining REST API tool filters and overrides for the gateway target.
Specifies which operations from an API Gateway REST API are exposed as tools. Tool names and descriptions are derived from the operationId and description fields in the API's exported OpenAPI specification.
Settings to override configurations for a tool.
Contains information about an API key credential provider.
Configuration for API schema.
Configuration for the registry record approval workflow. Controls whether records added to the registry require explicit approval before becoming active.
Configuration settings for connecting to Atlassian services using OAuth2 authentication. This includes the client credentials required to authenticate with Atlassian's OAuth2 authorization server.
The configuration details returned for an Atlassian OAuth2 provider, including the client ID and OAuth2 discovery information.
Contains the authorization data that is returned when a gateway target is configured with a credential provider with authorization code grant type and requires user federation.
Represents inbound authorization configuration options used to authenticate incoming requests.
Defines the value or values to match for and the relationship of the match.
Base class for all service related exceptions thrown by the BedrockAgentCoreControl client
The configuration for using Amazon Bedrock models in evaluator assessments, including model selection and inference parameters.
Browser enterprise policy configuration.
The network configuration for a browser. This structure defines how the browser connects to the network.
The status of a browser profile.
Contains summary information about a browser profile. A browser profile stores persistent browser data that can be reused across browser sessions.
Configuration for enabling browser signing capabilities that allow agents to cryptographically identify themselves to websites using HTTP message signatures.
The current browser signing configuration that shows whether cryptographic agent identification is enabled for web bot authentication.
Contains summary information about a browser. A browser enables Amazon Bedrock AgentCore Agent to interact with web content.
The definition of a categorical rating scale option that provides a named category with its description for evaluation scoring.
Represents a Cedar policy statement within the AgentCore Policy system. Cedar is a policy language designed for authorization that provides human-readable, analyzable, and high-performance policy evaluation for controlling agent behavior and access decisions.
A certificate to install in the browser or code interpreter.
The location from which to retrieve a certificate.
The value or values to match for.
The configuration for reading agent traces from CloudWatch logs as input for online evaluation.
The configuration for writing evaluation results to CloudWatch logs with embedded metric format (EMF) for monitoring.
Configuration for a code-based evaluator. Specify the Lambda function to use for evaluation.
The configuration for the source code that defines how the agent runtime code should be executed, including the code location, runtime environment, and entry point.
The network configuration for a code interpreter. This structure defines how the code interpreter connects to the network.
Contains summary information about a code interpreter. A code interpreter enables Amazon Bedrock AgentCore Agent to execute code.
Coinbase CDP configuration — credentials provided by Coinbase Developer Platform.
Coinbase CDP configuration output with secret ARNs.
The configuration for a component within a configuration bundle. The component type is inferred from the component identifier ARN.
Exception thrown when a resource is modified concurrently by multiple requests.
An action that applies a configuration bundle override, either as a static override or a weighted split for A/B testing.
A reference to a specific version of a configuration bundle.
Summary information about a configuration bundle.
Summary information about a configuration bundle version.
This exception is thrown when there is a conflict performing an operation
Contains consolidation configuration information for a memory strategy.
Representation of a container configuration.
Defines what content to stream and at what level of detail.
A credential provider for gateway authentication. This structure contains the configuration for authenticating with the target endpoint.
The configuration for a credential provider. This structure defines how the gateway authenticates with the target endpoint.
The credential provider configuration for a payment connector. Specifies the payment provider type and its associated credential provider.
Defines the name of a custom claim field and rules for finding matches to authenticate its value.
Input for custom configuration of a memory strategy.
Contains custom consolidation configuration information.
Input for a custom consolidation configuration.
A custom descriptor for a registry record. Use this for resources such as APIs, Lambda functions, or servers that do not conform to a standard protocol like MCP or A2A.
Contains custom extraction configuration information.
Input for a custom extraction configuration.
Configuration for inbound JWT-based authorization, specifying how incoming requests should be authenticated.
Input for creating a custom memory strategy.
Input configuration for a custom OAuth2 provider.
Output configuration for a custom OAuth2 provider.
Contains configurations for a custom reflection strategy.
Input for a custom reflection configuration.
Format of a customer-provided source file. JSONL (JSON Lines, one object per line) is the service's native ingestion and storage format — it can be streamed line-by-line without loading the entire file into memory, which is important as the row-count cap is extended. JSON array ([{...},{...}]) is intentionally not supported at launch: it cannot be streamed (requires loading the full file into memory to parse), and all major eval frameworks (LangSmith, Ragas, DeepEval, Arize Phoenix) export as JSONL or CSV — not JSON arrays. Customers with JSON array files can Versioned schema type for dataset examples. Each value identifies both the source format and the version of that format's schema. Schema definitions (required/optional fields) are stored as constants in SchemaRegistry. The schemaType on a Dataset is immutable after creation. When a framework changes its format, a new version is added (e.g., RAGAS_V2) without breaking existing datasets using the old version. Content is always stored as-is.
Dataset lifecycle / operation status. Two-column status model: DatasetStatus tracks lifecycle state independently from DraftStatus which tracks publish synchronization. IN-FLIGHT states (busy — all writes blocked): CREATING — CreateDataset async ingestion in progress. UPDATING — Example mutation (Add/Update/Delete) or CreateDatasetVersion in progress. DELETING — Full or version-specific delete in progress. TERMINAL states (stable — operations allowed per guards below): ACTIVE — Dataset is stable. failureReason cleared. CREATE_FAILED — Initial ingestion failed. DRAFT record exists but has no examples. failureReason populated. UPDATE_FAILED — Last example mutation or CreateDatasetVersion failed. DRAFT may be partially modified. failureReason populated. DELETE_FAILED — Delete failed after retries. Dataset/S3 may be in inconsistent state. Sev-2 ticket filed (full-delete only). failureReason populated. State transitions: CreateDataset → CREATING → ACTIVE (draftStatus=MODIFIED) | CREATE_FAILED Add/Update/DeleteDatasetExamples → UPDATING → ACTIVE (draftStatus=MODIFIED) | UPDATE_FAILED CreateDatasetVersion → UPDATING → ACTIVE (draftStatus=UNMODIFIED) | UPDATE_FAILED DeleteDataset (version-specific) → DELETING → ACTIVE (draftStatus unchanged) | DELETE_FAILED DeleteDataset (full) → DELETING → (record deleted) | DELETE_FAILED [auto Sev-2] Operation guards (ConflictException codes): GetDataset / ListDatasetExamples: — Allowed for all statuses (no guard) UpdateDataset, AddDatasetExamples, DeleteDatasetExamples: — DATASET_NOT_READY if status in {CREATING, UPDATING, DELETING} — DATASET_IN_FAILED_STATE if status == DELETE_FAILED UpdateDatasetExamples: — DATASET_NOT_READY if status in {CREATING, UPDATING, DELETING} — DATASET_IN_FAILED_STATE if status in {CREATE_FAILED, DELETE_FAILED} CreateDatasetVersion: — DATASET_NOT_READY if status in {CREATING, UPDATING, DELETING} — DATASET_IN_FAILED_STATE if status in {CREATE_FAILED, DELETE_FAILED} DeleteDataset: — DATASET_NOT_READY if status in {CREATING, UPDATING, DELETING}
Summary information about a dataset.
Summary information about a published dataset version.
The configuration that specifies where to read agent traces for online evaluation.
Source of examples to add to the dataset.
Exception thrown when decryption of a secret fails.
Input for deleting a memory strategy.
Contains descriptor-type-specific configurations for a registry record. Only the descriptor matching the record's descriptorType should be populated.
Publish synchronization state of the DRAFT working copy. Tracks whether the current DRAFT content has been published as a version. Only authoritative when DatasetStatus == ACTIVE. Not meaningful during in-flight or failed states. Transitions: CreateDataset succeeds → MODIFIED (DRAFT has content with no published version yet) Add/Update/DeleteExamples succeed → MODIFIED (DRAFT differs from last published version) CreateDatasetVersion succeeds → UNMODIFIED (DRAFT matches the version just published)
Configuration for an Amazon EFS access point filesystem mounted into the AgentCore Runtime. EFS access points provide shared file storage accessible from your AgentCore Runtime sessions.
Exception thrown when encryption of a secret fails.
Contains configurations to override the default consolidation step for the episodic memory strategy.
Contains configurations to override the default extraction step for the episodic memory strategy.
Input for creating an episodic memory strategy.
Input for the configuration to override the episodic memory strategy.
Configurations for overriding the consolidation step of the episodic memory strategy.
Configurations for overriding the extraction step of the episodic memory strategy.
Configurations for overriding the reflection step of the episodic memory strategy.
The configuration for the reflections created with the episodic memory strategy.
An episodic reflection configuration input.
Contains configurations to override the default reflection step for the episodic memory strategy.
The configuration that defines how an evaluator assesses agent performance, including the evaluation method and parameters.
The model configuration that specifies which foundation model to use for evaluation and how to configure it.
The reference to an evaluator used in online evaluation configurations, containing the evaluator identifier.
The summary information about an evaluator, including basic metadata and status information.
Configuration for metadata extraction from conversational content.
Contains extraction configuration information for a memory strategy.
Configuration for a filesystem that can be mounted into the AgentCore Runtime.
The value used in filter comparisons, supporting different data types for flexible filtering criteria.
Represents a finding or issue discovered during policy generation or validation. Findings provide insights about potential problems, recommendations, or validation results from policy analysis operations. Finding types include: VALID (policy is ready to use), INVALID (policy has validation errors that must be fixed), NOT_TRANSLATABLE (input couldn't be converted to policy), ALLOW_ALL (policy would allow all actions, potential security risk), ALLOW_NONE (policy would allow no actions, unusable), DENY_ALL (policy would deny all actions, may be too restrictive), and DENY_NONE (policy would deny no actions, ineffective). Review all findings before creating policies from generated assets to ensure they match your security requirements.
Configuration for synchronizing from a URL-based MCP server.
An API key credential provider for gateway authentication. This structure contains the configuration for authenticating with the target endpoint using an API key.
The configuration for an interceptor on a gateway. This structure defines settings for an interceptor that will be invoked during the invocation of the gateway.
The configuration for a policy engine associated with a gateway. A policy engine is a collection of policies that evaluates and authorizes agent tool calls. When associated with a gateway, the policy engine intercepts all agent requests and determines whether to allow or deny each action based on the defined policies.
The configuration for a gateway protocol. This structure defines how the gateway communicates with external services.
Detailed information about a gateway rule.
Contains summary information about a gateway.
The gateway target.
Create response excludes updatedAt (redundant on create). Get/Update responses include it via their own output structures.
Input configuration for a GitHub OAuth2 provider.
Output configuration for a GitHub OAuth2 provider.
Input configuration for a Google OAuth2 provider.
Output configuration for a Google OAuth2 provider.
Configuration for AgentCore Browser.
Configuration for AgentCore Code Interpreter.
Configuration for AgentCore Gateway.
Configuration for AgentCore Memory integration.
Configuration for memory retrieval within a namespace.
The AgentCore Runtime environment for a harness.
The AgentCore Runtime environment request configuration.
Configuration for an Amazon Bedrock model provider.
The environment artifact for a harness, such as a container image containing custom dependencies.
The environment provider for a harness.
The environment provider request configuration.
Authentication method for calling a Gateway.
Configuration for a Google Gemini model provider. Requires an API key stored in AgentCore Identity.
Configuration for an inline function tool. When the agent calls this tool, the tool call is returned to the caller for external execution.
The memory configuration for a harness.
Specification of which model to use.
Configuration for an OpenAI model provider. Requires an API key stored in AgentCore Identity.
Configuration for connecting to a remote MCP server.
A skill available to the agent.
Configuration for sliding window truncation strategy.
Configuration for summarization-based truncation strategy.
Summary information about a harness.
A content block in the system prompt.
A tool available to the agent loop.
Configuration union for different tool types.
Configuration for truncating conversation context when it exceeds model limits.
Strategy-specific truncation configuration.
The HTTP target configuration for a gateway target. Contains the configuration for HTTP-based target endpoints.
An IAM credential provider for gateway authentication. This structure contains the configuration for authenticating with the target endpoint using IAM credentials and SigV4 signing.
An IAM principal specification for rule matching.
Configuration settings for connecting to a supported OAuth2 provider. This includes client credentials and OAuth2 discovery information for providers that have built-in support.
The configuration details returned for a supported OAuth2 provider, including client credentials and OAuth2 discovery information.
A metadata key indexed for filtering.
The configuration parameters that control how the foundation model behaves during evaluation, including response generation settings.
Inline examples provided directly in the request body.
The interceptor configuration.
The input configuration of the interceptor.
This exception is thrown if there was an unexpected error during processing of request
The configuration to invoke a self-managed memory processing pipeline with.
The configuration to invoke a self-managed memory processing pipeline with.
Configuration for Kinesis Data Stream delivery.
Contains the KMS configuration for a resource.
Configuration for a Lambda function used as a code-based evaluator.
The lambda configuration for the interceptor
LifecycleConfiguration lets you manage the lifecycle of runtime sessions and resources in AgentCore Runtime. This configuration helps optimize resource utilization by automatically cleaning up idle sessions and preventing long-running instances from consuming resources indefinitely.
Configuration settings for connecting to LinkedIn services using OAuth2 authentication. This includes the client credentials required to authenticate with LinkedIn's OAuth2 authorization server.
The configuration details returned for a LinkedIn OAuth2 provider, including the client ID and OAuth2 discovery information.
The configuration for LLM-as-a-Judge evaluation that uses a language model to assess agent performance based on custom instructions and rating scales.
Model-based metadata extraction configuration.
Details of a resource created and managed by the gateway for private endpoint connectivity.
Configuration for a managed VPC Lattice resource. The gateway creates and manages the VPC Lattice resource gateway and resource configuration on your behalf using a service-linked role.
A condition that matches requests based on the request path.
Union for principal matching. Currently supports IAM principal ARN glob matching.
A condition that matches requests based on the caller's identity.
The Model Context Protocol (MCP) descriptor for a registry record. Contains the server definition and tools definition for an MCP-compatible server. The schema is validated against the MCP protocol specification.
The configuration for a Model Context Protocol (MCP) gateway. This structure defines how the gateway implements the MCP protocol.
The Lambda configuration for a Model Context Protocol target. This structure defines how the gateway uses a Lambda function to communicate with the target.
The target configuration for the MCP server.
The Model Context Protocol (MCP) configuration for a target. This structure defines how the gateway uses MCP to communicate with the target.
The MCP tool schema configuration for an MCP server target. The tool schema must be aligned with the MCP specification.
Schema for metadata on memory records generated by a strategy.
Contains information about a memory strategy.
Contains input information for creating a memory strategy.
Contains summary information about a memory resource.
The trigger configuration based on a message.
The trigger configuration based on a message.
Configuration for HTTP header and query parameter propagation between the gateway and target servers.
A metadata field definition within a strategy's schema.
Input configuration for a Microsoft OAuth2 provider.
Output configuration for a Microsoft OAuth2 provider.
Contains information for modifying a consolidation configuration.
Contains information for modifying an extraction configuration.
The configuration for updating invocation settings.
Contains information for modifying memory strategies.
Input for modifying a memory strategy.
Contains information for modifying a reflection configuration.
The configuration for updating the self-managed memory strategy.
Contains information for modifying a strategy configuration.
SecurityConfig for the Agent.
Validation for NUMBER fields.
The definition of a numerical rating scale option that provides a numeric value with its description for evaluation scoring.
OAuth2-specific authorization data, including the authorization URL and user identifier for the authorization session.
Contains the authorization server metadata for an OAuth2 provider.
Contains information about an OAuth2 credential provider.
Contains the discovery information for an OAuth2 provider.
Contains the input configuration for an OAuth2 provider.
Contains the output configuration for an OAuth2 provider.
An OAuth credential provider for gateway authentication. This structure contains the configuration for authenticating with the target endpoint using OAuth.
Configuration for on-behalf-of token exchange.
The summary information about an online evaluation configuration, including basic metadata and execution status.
The configuration that specifies where evaluation results should be written for monitoring and analysis.
Contains summary information about a payment connector.
Configuration for a payment credential provider that stores authentication credentials for a payment provider.
Contains summary information about a payment credential provider.
Supported vendor types for payment providers using non-standard auth protocols.
Contains summary information about a payment manager.
Provider configuration input — contains secrets for creation and update. Varies by vendor type.
Provider configuration output — no raw secrets, only ARNs. Varies by vendor type.
Represents a complete policy resource within the AgentCore Policy system. Policies are ARN-able resources that contain Cedar policy statements and associated metadata for controlling agent behavior and access decisions. Each policy belongs to a policy engine and defines fine-grained authorization rules that are evaluated in real-time as agents interact with tools through Gateway. Policies use the Cedar policy language to specify who (principals based on OAuth claims like username, role, or scope) can perform what actions (tool calls) on which resources (Gateways), with optional conditions for attribute-based access control. Multiple policies can apply to a single request, with Cedar's forbid-wins semantics ensuring that security restrictions are never accidentally overridden.
Represents the definition structure for policies within the AgentCore Policy system. This structure encapsulates different policy formats and languages that can be used to define access control rules.
Represents a policy engine resource within the AgentCore Policy system. Policy engines serve as containers for grouping related policies and provide the execution context for policy evaluation and management. Each policy engine can be associated with one Gateway (one engine per Gateway), where it intercepts all agent tool calls and evaluates them against the contained policies before allowing tools to execute. The policy engine maintains the Cedar schema generated from the Gateway's tool manifest, ensuring that policies are validated against the actual tools and parameters available. Policy engines support two enforcement modes that can be configured when associating with a Gateway: log-only mode for testing (evaluates decisions without blocking) and enforce mode for production (actively allows or denies based on policy evaluation).
Represents a metadata-only summary of a policy engine resource. This structure contains resource identifiers, status, and timestamps without customer-encrypted fields such as description or status reasons. Policy engine summaries are returned by operations that do not require access to the customer's KMS key.
Represents a policy generation request within the AgentCore Policy system. Tracks the AI-powered conversion of natural language descriptions into Cedar policy statements, enabling users to author policies by describing authorization requirements in plain English. The generation process analyzes the natural language input along with the Gateway's tool context and Cedar schema to produce one or more validated policy options. Each generation request tracks the status of the conversion process and maintains findings about the generated policies, including validation results and potential issues. Generated policy assets remain available for one week after successful generation, allowing time to review and create policies from the generated options.
Represents a generated policy asset from the AI-powered policy generation process within the AgentCore Policy system. Each asset contains a Cedar policy statement generated from natural language input, along with associated metadata and analysis findings to help users evaluate and select the most appropriate policy option.
Represents the information identifying a generated policy asset from the AI-powered policy generation process within the AgentCore Policy system. Each asset contains a Cedar policy statement generated from natural language input, along with associated metadata and analysis findings to help users evaluate and select the most appropriate policy option.
Represents a metadata-only summary of a policy generation resource. This structure contains resource identifiers, status, timestamps, and findings without customer-encrypted fields such as status reasons. Policy generation summaries are returned by operations that do not require access to the customer's KMS key.
Represents a metadata-only summary of a policy resource. This structure contains resource identifiers, status, and timestamps without customer-encrypted fields such as definition, description, or status reasons. Policy summaries are returned by operations that do not require access to the customer's KMS key.
The private endpoint configuration for a gateway target. Defines how the gateway connects to private resources in your VPC.
A mapping of a specific domain to a private endpoint for secure connectivity through a VPC Lattice resource configuration.
The protocol configuration for an agent runtime. This structure defines how the agent runtime communicates with clients.
The rating scale that defines how evaluators should score agent performance, supporting both numerical and categorical scales.
The recording configuration for a browser. This structure defines how browser sessions are recorded.
Contains reflection configuration information for a memory strategy.
A pairing of a credential provider type with its corresponding provider details for authenticating with external sources.
Union of supported credential provider types for registry record synchronization.
IAM credential provider configuration for authenticating with an external source using SigV4 signing during synchronization.
OAuth credential provider configuration for authenticating with an external source during synchronization.
Contains summary information about a registry record.
Contains summary information about a registry.
Configuration for HTTP request headers that will be passed through to the runtime.
Exception thrown when a resource limit is exceeded.
The location of a resource.
This exception is thrown when a resource referenced by the operation does not exist
An action that routes requests to a gateway target, either statically or with weighted traffic splitting.
Configuration for microVM metadata service settings.
Configuration for an AgentCore Runtime target. Specifies the agent runtime to route requests to via HTTP.
The Amazon S3 configuration for a gateway. This structure defines how the gateway accesses files in Amazon S3.
Configuration for an Amazon S3 Files access point filesystem mounted into the AgentCore Runtime. S3 Files access points provide shared file storage accessible from your AgentCore Runtime sessions.
The Amazon S3 location for storing data. This structure defines where in Amazon S3 data is stored.
Input configuration for a Salesforce OAuth2 provider.
Output configuration for a Salesforce OAuth2 provider.
The configuration that controls what percentage of agent traces are sampled for evaluation to manage evaluation volume and costs.
A schema definition for a gateway target. This structure defines the structure of the API that the target exposes.
The Amazon Web Services Secrets Manager location configuration.
A configuration for a self-managed memory strategy.
Input configuration for a self-managed memory strategy.
Configuration for a self-managed VPC Lattice resource. You create and manage the VPC Lattice resource gateway and resource configuration, then provide the resource configuration identifier.
Contains semantic consolidation override configuration.
Contains semantic extraction override configuration.
Input for creating a semantic memory strategy.
Input for semantic override configuration in a memory strategy.
Input for semantic override consolidation configuration in a memory strategy.
Input for semantic override extraction configuration in a memory strategy.
The server definition for an MCP descriptor. Contains the schema version and inline content for the MCP server configuration.
An internal error occurred.
This exception is thrown when a request is made beyond the service quota
The configuration that defines how agent sessions are detected and when they are considered complete for evaluation.
The session configuration for an MCP gateway. This structure defines settings that control session behavior.
Configuration for a session storage filesystem mounted into the AgentCore Runtime. Session storage provides persistent storage that is preserved across AgentCore Runtime session invocations.
The structured skill definition with schema version and content.
The skill markdown definition for an agent skills descriptor.
Input configuration for a Slack OAuth2 provider.
Output configuration for a Slack OAuth2 provider.
A static configuration bundle override.
A static route to a single gateway target.
Contains configuration information for a memory strategy.
Supported stream delivery resource types.
Configuration for streaming memory record data to external resources.
The streaming configuration for an MCP gateway. This structure defines settings that control response streaming behavior.
Validation for STRINGLIST fields.
Validation for STRING fields.
Stripe Privy configuration — credentials provided by Stripe and Privy.
Stripe Privy configuration output with secret ARNs.
Contains summary consolidation override configuration.
Input for creating a summary memory strategy.
Input for summary override configuration in a memory strategy.
Input for summary override consolidation configuration in a memory strategy.
Configuration for synchronizing registry record metadata from an external source.
System-managed metadata for rules created by automated processes such as A/B tests.
The configuration for a gateway target. This structure defines how the gateway connects to and interacts with the target endpoint.
Contains summary information about a gateway target. A target represents an endpoint that the gateway can connect to.
An entry in a target traffic split configuration.
API rate limit has been exceeded.
This exception is thrown when the number of requests exceeds the limit
Trigger configuration based on time.
Trigger configuration based on time.
Trigger configuration based on tokens.
Trigger configuration based on tokens.
Configuration for RFC 8693 token exchange.
A tool definition for a gateway target. This structure defines a tool that the target exposes through the Model Context Protocol.
A tool schema for a gateway target. This structure defines the schema for a tool that the target exposes through the Model Context Protocol.
The tools definition for an MCP descriptor. Contains the protocol version and inline content describing the available tools.
An entry in a traffic split configuration, defining a named variant with a weight and configuration bundle reference.
Condition that triggers memory processing.
Condition that triggers memory processing.
This exception is thrown when the JWT bearer token is invalid or not found for OAuth bearer token based access
Wrapper for updating an A2A descriptor with PATCH semantics. When present, the A2A descriptor is replaced with the provided value. When absent, the A2A descriptor is left unchanged. To unset, include the wrapper with the value set to null.
Wrapper for updating an agent skills descriptor with PATCH semantics. When present with a value, individual fields can be updated independently. When present with a null value, the entire agent skills descriptor is unset. When absent, the agent skills descriptor is left unchanged.
Individual agent skills descriptor fields that can be updated independently.
Wrapper for updating an optional approval configuration field with PATCH semantics. When present in an update request, the approval configuration is replaced with the provided value. When absent, the approval configuration is left unchanged.
Wrapper for updating an optional AuthorizerConfiguration field with PATCH semantics. When present in an update request, the authorizer configuration is replaced with optionalValue. When absent, the authorizer configuration is left unchanged. To unset, include the wrapper with optionalValue not specified.
Wrapper for updating a custom descriptor with PATCH semantics. When present, the custom descriptor is replaced with the provided value. When absent, the custom descriptor is left unchanged. To unset, include the wrapper with the value set to null.
Wrapper for updating an optional Description field with PATCH semantics. When present in an update request, the description is replaced with optionalValue. When absent, the description is left unchanged. To unset the description, include the wrapper with optionalValue not specified.
Wrapper for updating an optional descriptors field with PATCH semantics. When present with a value, individual descriptors can be updated. When present with a null value, all descriptors are unset. When absent, descriptors are left unchanged.
Contains per-descriptor-type wrappers for updating descriptors. Each descriptor type can be updated independently.
Wrapper for updating the environment artifact configuration.
Wrapper for updating the memory configuration.
Wrapper for updating an MCP descriptor with PATCH semantics. When present with a value, individual MCP fields can be updated independently. When present with a null value, the entire MCP descriptor is unset. When absent, the MCP descriptor is left unchanged.
Individual MCP descriptor fields that can be updated independently.
Wrapper for updating a server definition with PATCH semantics. When present, the server definition is replaced with the provided value. When absent, the server definition is left unchanged. To unset, include the wrapper with the value set to null.
Wrapper for updating a skill definition with PATCH semantics.
Wrapper for updating a skill markdown definition with PATCH semantics.
Wrapper for updating the synchronization configuration with PATCH semantics. Must be matched with UpdatedSynchronizationType.
Wrapper for updating the synchronization type with PATCH semantics. Must be matched with UpdatedSynchronizationConfiguration.
Wrapper for updating a tools definition with PATCH semantics. When present, the tools definition is replaced with the provided value. When absent, the tools definition is left unchanged. To unset, include the wrapper with the value set to null.
Create response excludes updatedAt (redundant on create). Get/Update responses include it via their own output structures.
Contains user preference consolidation override configuration.
Contains user preference extraction override configuration.
Input for creating a user preference memory strategy.
Input for user preference override configuration in a memory strategy.
Input for user preference override consolidation configuration in a memory strategy.
Input for user preference override extraction configuration in a memory strategy.
Validation rules for extracted metadata values. Only one type can be specified, matching the field's data type.
The input fails to satisfy the constraints specified by the service.
Stores information about a field passed inside a request that resulted in an exception.
The source that created a configuration bundle version.
A filter for listing configuration bundle versions.
The version lineage metadata that tracks parent versions and creation source. Supports git-like two-parent merges for branch management.
A weighted configuration bundle override that splits traffic between multiple bundle versions.
A weighted route that splits traffic between multiple gateway targets.
The information about the workload identity.
Contains information about a workload identity.