/AWS1/IF_BDO=>CREATEGATEWAY()¶
About CreateGateway¶
Creates a gateway for Amazon Bedrock Agent. A gateway serves as an integration point between your agent and external services.
If you specify CUSTOM_JWT as the authorizerType, you must provide an authorizerConfiguration.
Method Signature¶
METHODS /AWS1/IF_BDO~CREATEGATEWAY
IMPORTING
!IV_NAME TYPE /AWS1/BDOGATEWAYNAME OPTIONAL
!IV_DESCRIPTION TYPE /AWS1/BDOGATEWAYDESCRIPTION OPTIONAL
!IV_CLIENTTOKEN TYPE /AWS1/BDOCLIENTTOKEN OPTIONAL
!IV_ROLEARN TYPE /AWS1/BDOROLEARN OPTIONAL
!IV_PROTOCOLTYPE TYPE /AWS1/BDOGATEWAYPROTOCOLTYPE OPTIONAL
!IO_PROTOCOLCONFIGURATION TYPE REF TO /AWS1/CL_BDOGATEWAYPROTCONF OPTIONAL
!IV_AUTHORIZERTYPE TYPE /AWS1/BDOAUTHORIZERTYPE OPTIONAL
!IO_AUTHORIZERCONFIGURATION TYPE REF TO /AWS1/CL_BDOAUTHORIZERCONF OPTIONAL
!IV_KMSKEYARN TYPE /AWS1/BDOKMSKEYARN OPTIONAL
!IT_INTERCEPTORCONFIGURATIONS TYPE /AWS1/CL_BDOGWINTERCEPTORCONF=>TT_GATEWAYINTERCEPTORCONFS OPTIONAL
!IO_POLICYENGINECONFIGURATION TYPE REF TO /AWS1/CL_BDOGWPOLICYENGINECONF OPTIONAL
!IV_EXCEPTIONLEVEL TYPE /AWS1/BDOEXCEPTIONLEVEL OPTIONAL
!IT_TAGS TYPE /AWS1/CL_BDOTAGSMAP_W=>TT_TAGSMAP OPTIONAL
RETURNING
VALUE(OO_OUTPUT) TYPE REF TO /aws1/cl_bdocreategatewayrsp
RAISING
/AWS1/CX_BDOACCESSDENIEDEX
/AWS1/CX_BDOCONFLICTEXCEPTION
/AWS1/CX_BDOINTERNALSERVEREX
/AWS1/CX_BDOSERVICEQUOTAEXCDEX
/AWS1/CX_BDOTHROTTLINGEX
/AWS1/CX_BDOVALIDATIONEX
/AWS1/CX_BDOCLIENTEXC
/AWS1/CX_BDOSERVEREXC
/AWS1/CX_RT_TECHNICAL_GENERIC
/AWS1/CX_RT_SERVICE_GENERIC.
IMPORTING¶
Required arguments:¶
iv_name TYPE /AWS1/BDOGATEWAYNAME /AWS1/BDOGATEWAYNAME¶
The name of the gateway. The name must be unique within your account.
iv_rolearn TYPE /AWS1/BDOROLEARN /AWS1/BDOROLEARN¶
The Amazon Resource Name (ARN) of the IAM role that provides permissions for the gateway to access Amazon Web Services services.
iv_protocoltype TYPE /AWS1/BDOGATEWAYPROTOCOLTYPE /AWS1/BDOGATEWAYPROTOCOLTYPE¶
The protocol type for the gateway.
iv_authorizertype TYPE /AWS1/BDOAUTHORIZERTYPE /AWS1/BDOAUTHORIZERTYPE¶
The type of authorizer to use for the gateway.
CUSTOM_JWT- Authorize with a bearer token.
AWS_IAM- Authorize with your Amazon Web Services IAM credentials.
NONE- No authorization
Optional arguments:¶
iv_description TYPE /AWS1/BDOGATEWAYDESCRIPTION /AWS1/BDOGATEWAYDESCRIPTION¶
The description of the gateway.
iv_clienttoken TYPE /AWS1/BDOCLIENTTOKEN /AWS1/BDOCLIENTTOKEN¶
A unique, case-sensitive identifier to ensure that the API request completes no more than one time. If you don't specify this field, a value is randomly generated for you. If this token matches a previous request, the service ignores the request, but doesn't return an error. For more information, see Ensuring idempotency.
io_protocolconfiguration TYPE REF TO /AWS1/CL_BDOGATEWAYPROTCONF /AWS1/CL_BDOGATEWAYPROTCONF¶
The configuration settings for the protocol specified in the
protocolTypeparameter.
io_authorizerconfiguration TYPE REF TO /AWS1/CL_BDOAUTHORIZERCONF /AWS1/CL_BDOAUTHORIZERCONF¶
The authorizer configuration for the gateway. Required if
authorizerTypeisCUSTOM_JWT.
iv_kmskeyarn TYPE /AWS1/BDOKMSKEYARN /AWS1/BDOKMSKEYARN¶
The Amazon Resource Name (ARN) of the KMS key used to encrypt data associated with the gateway.
it_interceptorconfigurations TYPE /AWS1/CL_BDOGWINTERCEPTORCONF=>TT_GATEWAYINTERCEPTORCONFS TT_GATEWAYINTERCEPTORCONFS¶
A list of configuration settings for a gateway interceptor. Gateway interceptors allow custom code to be invoked during gateway invocations.
io_policyengineconfiguration TYPE REF TO /AWS1/CL_BDOGWPOLICYENGINECONF /AWS1/CL_BDOGWPOLICYENGINECONF¶
The policy engine configuration for the gateway. A policy engine is a collection of policies that evaluates and authorizes agent tool calls. When associated with a gateway, the policy engine intercepts all agent requests and determines whether to allow or deny each action based on the defined policies.
iv_exceptionlevel TYPE /AWS1/BDOEXCEPTIONLEVEL /AWS1/BDOEXCEPTIONLEVEL¶
The level of detail in error messages returned when invoking the gateway.
If the value is
DEBUG, granular exception messages are returned to help a user debug the gateway.If the value is omitted, a generic error message is returned to the end user.
it_tags TYPE /AWS1/CL_BDOTAGSMAP_W=>TT_TAGSMAP TT_TAGSMAP¶
A map of key-value pairs to associate with the gateway as metadata tags.
RETURNING¶
oo_output TYPE REF TO /aws1/cl_bdocreategatewayrsp /AWS1/CL_BDOCREATEGATEWAYRSP¶
Domain /AWS1/RT_ACCOUNT_ID Primitive Type NUMC
Examples¶
Syntax Example¶
This is an example of the syntax for calling the method. It includes every possible argument and initializes every possible value. The data provided is not necessarily semantically accurate (for example the value "string" may be provided for something that is intended to be an instance ID, or in some cases two arguments may be mutually exclusive). The syntax shows the ABAP syntax for creating the various data structures.
DATA(lo_result) = lo_client->creategateway(
io_authorizerconfiguration = new /aws1/cl_bdoauthorizerconf(
io_customjwtauthorizer = new /aws1/cl_bdocustomjwtauthrconf(
it_allowedaudience = VALUE /aws1/cl_bdoalwedaudiencelst_w=>tt_allowedaudiencelist(
( new /aws1/cl_bdoalwedaudiencelst_w( |string| ) )
)
it_allowedclients = VALUE /aws1/cl_bdoallowedclislist_w=>tt_allowedclientslist(
( new /aws1/cl_bdoallowedclislist_w( |string| ) )
)
it_allowedscopes = VALUE /aws1/cl_bdoalwdscopestype_w=>tt_allowedscopestype(
( new /aws1/cl_bdoalwdscopestype_w( |string| ) )
)
it_customclaims = VALUE /aws1/cl_bdocustclaimvldtntype=>tt_customclaimvalidationstype(
(
new /aws1/cl_bdocustclaimvldtntype(
io_authorizingclaimmatchval = new /aws1/cl_bdoauthorizingclaim00(
io_claimmatchvalue = new /aws1/cl_bdoclaimmatchvaltype(
it_matchvaluestringlist = VALUE /aws1/cl_bdomatchvalstrlist_w=>tt_matchvaluestringlist(
( new /aws1/cl_bdomatchvalstrlist_w( |string| ) )
)
iv_matchvaluestring = |string|
)
iv_claimmatchoperator = |string|
)
iv_inboundtokenclaimname = |string|
iv_indbtokenclaimvaluetype = |string|
)
)
)
iv_discoveryurl = |string|
)
)
io_policyengineconfiguration = new /aws1/cl_bdogwpolicyengineconf(
iv_arn = |string|
iv_mode = |string|
)
io_protocolconfiguration = new /aws1/cl_bdogatewayprotconf(
io_mcp = new /aws1/cl_bdomcpgatewayconf(
it_supportedversions = VALUE /aws1/cl_bdomcpsupportedvrss_w=>tt_mcpsupportedversions(
( new /aws1/cl_bdomcpsupportedvrss_w( |string| ) )
)
iv_instructions = |string|
iv_searchtype = |string|
)
)
it_interceptorconfigurations = VALUE /aws1/cl_bdogwinterceptorconf=>tt_gatewayinterceptorconfs(
(
new /aws1/cl_bdogwinterceptorconf(
io_inputconfiguration = new /aws1/cl_bdointerceptorinpconf( ABAP_TRUE )
io_interceptor = new /aws1/cl_bdointerceptorconf( new /aws1/cl_bdolmdinterceptorconf( |string| ) )
it_interceptionpoints = VALUE /aws1/cl_bdogwinterceptionpt00=>tt_gatewayinterceptionpoints(
( new /aws1/cl_bdogwinterceptionpt00( |string| ) )
)
)
)
)
it_tags = VALUE /aws1/cl_bdotagsmap_w=>tt_tagsmap(
(
VALUE /aws1/cl_bdotagsmap_w=>ts_tagsmap_maprow(
key = |string|
value = new /aws1/cl_bdotagsmap_w( |string| )
)
)
)
iv_authorizertype = |string|
iv_clienttoken = |string|
iv_description = |string|
iv_exceptionlevel = |string|
iv_kmskeyarn = |string|
iv_name = |string|
iv_protocoltype = |string|
iv_rolearn = |string|
).
This is an example of reading all possible response values
lo_result = lo_result.
IF lo_result IS NOT INITIAL.
lv_gatewayarn = lo_result->get_gatewayarn( ).
lv_gatewayid = lo_result->get_gatewayid( ).
lv_gatewayurl = lo_result->get_gatewayurl( ).
lv_datetimestamp = lo_result->get_createdat( ).
lv_datetimestamp = lo_result->get_updatedat( ).
lv_gatewaystatus = lo_result->get_status( ).
LOOP AT lo_result->get_statusreasons( ) into lo_row.
lo_row_1 = lo_row.
IF lo_row_1 IS NOT INITIAL.
lv_statusreason = lo_row_1->get_value( ).
ENDIF.
ENDLOOP.
lv_gatewayname = lo_result->get_name( ).
lv_gatewaydescription = lo_result->get_description( ).
lv_rolearn = lo_result->get_rolearn( ).
lv_gatewayprotocoltype = lo_result->get_protocoltype( ).
lo_gatewayprotocolconfigur = lo_result->get_protocolconfiguration( ).
IF lo_gatewayprotocolconfigur IS NOT INITIAL.
lo_mcpgatewayconfiguration = lo_gatewayprotocolconfigur->get_mcp( ).
IF lo_mcpgatewayconfiguration IS NOT INITIAL.
LOOP AT lo_mcpgatewayconfiguration->get_supportedversions( ) into lo_row_2.
lo_row_3 = lo_row_2.
IF lo_row_3 IS NOT INITIAL.
lv_mcpversion = lo_row_3->get_value( ).
ENDIF.
ENDLOOP.
lv_mcpinstructions = lo_mcpgatewayconfiguration->get_instructions( ).
lv_searchtype = lo_mcpgatewayconfiguration->get_searchtype( ).
ENDIF.
ENDIF.
lv_authorizertype = lo_result->get_authorizertype( ).
lo_authorizerconfiguration = lo_result->get_authorizerconfiguration( ).
IF lo_authorizerconfiguration IS NOT INITIAL.
lo_customjwtauthorizerconf = lo_authorizerconfiguration->get_customjwtauthorizer( ).
IF lo_customjwtauthorizerconf IS NOT INITIAL.
lv_discoveryurl = lo_customjwtauthorizerconf->get_discoveryurl( ).
LOOP AT lo_customjwtauthorizerconf->get_allowedaudience( ) into lo_row_4.
lo_row_5 = lo_row_4.
IF lo_row_5 IS NOT INITIAL.
lv_allowedaudience = lo_row_5->get_value( ).
ENDIF.
ENDLOOP.
LOOP AT lo_customjwtauthorizerconf->get_allowedclients( ) into lo_row_6.
lo_row_7 = lo_row_6.
IF lo_row_7 IS NOT INITIAL.
lv_allowedclient = lo_row_7->get_value( ).
ENDIF.
ENDLOOP.
LOOP AT lo_customjwtauthorizerconf->get_allowedscopes( ) into lo_row_8.
lo_row_9 = lo_row_8.
IF lo_row_9 IS NOT INITIAL.
lv_allowedscopetype = lo_row_9->get_value( ).
ENDIF.
ENDLOOP.
LOOP AT lo_customjwtauthorizerconf->get_customclaims( ) into lo_row_10.
lo_row_11 = lo_row_10.
IF lo_row_11 IS NOT INITIAL.
lv_inboundtokenclaimnamety = lo_row_11->get_inboundtokenclaimname( ).
lv_inboundtokenclaimvaluet = lo_row_11->get_indbtokenclaimvaluetype( ).
lo_authorizingclaimmatchva = lo_row_11->get_authorizingclaimmatchval( ).
IF lo_authorizingclaimmatchva IS NOT INITIAL.
lo_claimmatchvaluetype = lo_authorizingclaimmatchva->get_claimmatchvalue( ).
IF lo_claimmatchvaluetype IS NOT INITIAL.
lv_matchvaluestring = lo_claimmatchvaluetype->get_matchvaluestring( ).
LOOP AT lo_claimmatchvaluetype->get_matchvaluestringlist( ) into lo_row_12.
lo_row_13 = lo_row_12.
IF lo_row_13 IS NOT INITIAL.
lv_matchvaluestring = lo_row_13->get_value( ).
ENDIF.
ENDLOOP.
ENDIF.
lv_claimmatchoperatortype = lo_authorizingclaimmatchva->get_claimmatchoperator( ).
ENDIF.
ENDIF.
ENDLOOP.
ENDIF.
ENDIF.
lv_kmskeyarn = lo_result->get_kmskeyarn( ).
LOOP AT lo_result->get_interceptorconfs( ) into lo_row_14.
lo_row_15 = lo_row_14.
IF lo_row_15 IS NOT INITIAL.
lo_interceptorconfiguratio = lo_row_15->get_interceptor( ).
IF lo_interceptorconfiguratio IS NOT INITIAL.
lo_lambdainterceptorconfig = lo_interceptorconfiguratio->get_lambda( ).
IF lo_lambdainterceptorconfig IS NOT INITIAL.
lv_lambdafunctionarn = lo_lambdainterceptorconfig->get_arn( ).
ENDIF.
ENDIF.
LOOP AT lo_row_15->get_interceptionpoints( ) into lo_row_16.
lo_row_17 = lo_row_16.
IF lo_row_17 IS NOT INITIAL.
lv_gatewayinterceptionpoin = lo_row_17->get_value( ).
ENDIF.
ENDLOOP.
lo_interceptorinputconfigu = lo_row_15->get_inputconfiguration( ).
IF lo_interceptorinputconfigu IS NOT INITIAL.
lv_boolean = lo_interceptorinputconfigu->get_passrequestheaders( ).
ENDIF.
ENDIF.
ENDLOOP.
lo_gatewaypolicyengineconf = lo_result->get_policyengineconf( ).
IF lo_gatewaypolicyengineconf IS NOT INITIAL.
lv_gatewaypolicyenginearn = lo_gatewaypolicyengineconf->get_arn( ).
lv_gatewaypolicyenginemode = lo_gatewaypolicyengineconf->get_mode( ).
ENDIF.
lo_workloadidentitydetails = lo_result->get_workloadidentitydetails( ).
IF lo_workloadidentitydetails IS NOT INITIAL.
lv_workloadidentityarn = lo_workloadidentitydetails->get_workloadidentityarn( ).
ENDIF.
lv_exceptionlevel = lo_result->get_exceptionlevel( ).
ENDIF.