870 lines
32 KiB
TypeScript
870 lines
32 KiB
TypeScript
import * as cdk from "aws-cdk-lib";
|
|
import * as cognito from "aws-cdk-lib/aws-cognito";
|
|
import * as ec2 from "aws-cdk-lib/aws-ec2";
|
|
import * as iam from "aws-cdk-lib/aws-iam";
|
|
import * as ssm from "aws-cdk-lib/aws-ssm";
|
|
import * as secretsmanager from "aws-cdk-lib/aws-secretsmanager";
|
|
import * as apigateway from "aws-cdk-lib/aws-apigateway";
|
|
import * as logs from "aws-cdk-lib/aws-logs";
|
|
import * as agentcore from "@aws-cdk/aws-bedrock-agentcore-alpha";
|
|
import * as bedrockagentcore from "aws-cdk-lib/aws-bedrockagentcore";
|
|
import * as lambda from "aws-cdk-lib/aws-lambda";
|
|
import * as ecr_assets from "aws-cdk-lib/aws-ecr-assets";
|
|
import * as cr from "aws-cdk-lib/custom-resources";
|
|
import { Construct } from "constructs";
|
|
import { AppConfig } from "./utils/config-manager";
|
|
import { AgentCoreRole } from "./utils/agentcore-role";
|
|
import * as path from "path";
|
|
import * as fs from "fs";
|
|
import { execSync } from "child_process";
|
|
|
|
export interface BackendStackProps extends cdk.NestedStackProps {
|
|
config: AppConfig;
|
|
userPoolId: string;
|
|
userPoolClientId: string;
|
|
userPoolDomain: cognito.UserPoolDomain;
|
|
frontendUrl: string;
|
|
}
|
|
|
|
export class BackendStack extends cdk.NestedStack {
|
|
public readonly userPoolId: string;
|
|
public readonly userPoolClientId: string;
|
|
public readonly userPoolDomain: cognito.UserPoolDomain;
|
|
public copilotKitRuntimeUrl: string;
|
|
public runtimeArn: string;
|
|
public memoryArn: string;
|
|
private agentName: cdk.CfnParameter;
|
|
private userPool: cognito.IUserPool;
|
|
private machineClient: cognito.UserPoolClient;
|
|
private machineClientSecret: secretsmanager.Secret;
|
|
private runtimeCredentialProvider: cdk.CustomResource;
|
|
private agentRuntime: agentcore.Runtime;
|
|
|
|
constructor(scope: Construct, id: string, props: BackendStackProps) {
|
|
super(scope, id, props);
|
|
|
|
// Store the Cognito values
|
|
this.userPoolId = props.userPoolId;
|
|
this.userPoolClientId = props.userPoolClientId;
|
|
this.userPoolDomain = props.userPoolDomain;
|
|
|
|
// Import the Cognito resources from the other stack
|
|
this.userPool = cognito.UserPool.fromUserPoolId(
|
|
this,
|
|
"ImportedUserPoolForBackend",
|
|
props.userPoolId,
|
|
);
|
|
// then create the user pool client
|
|
cognito.UserPoolClient.fromUserPoolClientId(
|
|
this,
|
|
"ImportedUserPoolClient",
|
|
props.userPoolClientId,
|
|
);
|
|
|
|
// Create Machine-to-Machine authentication components
|
|
this.createMachineAuthentication(props.config);
|
|
|
|
// DEPLOYMENT ORDER EXPLANATION:
|
|
// 1. Cognito User Pool & Client (created in separate CognitoStack)
|
|
// 2. Machine Client & Resource Server (created above for M2M auth)
|
|
// 3. AgentCore Gateway (created next - uses machine client for auth)
|
|
// 4. AgentCore Runtime (created last - independent of gateway)
|
|
//
|
|
// This order ensures that authentication components are available before
|
|
// the gateway that depends on them, while keeping the runtime separate
|
|
// since it doesn't directly depend on the gateway.
|
|
|
|
// Create AgentCore Gateway (before Runtime)
|
|
this.createAgentCoreGateway(props.config);
|
|
|
|
// Create AgentCore Runtime resources
|
|
this.createAgentCoreRuntime(props.config);
|
|
|
|
// Store runtime ARN in SSM for frontend stack
|
|
this.createRuntimeSSMParameters(props.config);
|
|
|
|
// Store Cognito configuration in SSM for testing and frontend
|
|
this.createCognitoSSMParameters(props.config);
|
|
|
|
// Create standalone CopilotKit runtime API.
|
|
this.createCopilotKitRuntimeApi(props.config, props.frontendUrl);
|
|
}
|
|
|
|
private createAgentCoreRuntime(config: AppConfig): void {
|
|
const pattern = config.backend?.pattern || "strands-single-agent";
|
|
|
|
// Parameters
|
|
this.agentName = new cdk.CfnParameter(this, "AgentName", {
|
|
type: "String",
|
|
default: "FASTAgent",
|
|
description: "Name for the agent runtime",
|
|
});
|
|
|
|
const stack = cdk.Stack.of(this);
|
|
|
|
// Create the agent runtime artifact based on deployment type
|
|
let agentRuntimeArtifact: agentcore.AgentRuntimeArtifact;
|
|
|
|
// DOCKER DEPLOYMENT: Use container-based deployment
|
|
agentRuntimeArtifact = agentcore.AgentRuntimeArtifact.fromAsset(
|
|
path.resolve(__dirname, "..", ".."),
|
|
{
|
|
platform: ecr_assets.Platform.LINUX_ARM64,
|
|
file: `agents/${pattern}/Dockerfile`,
|
|
},
|
|
);
|
|
|
|
// Configure network mode based on config.yaml settings.
|
|
// PUBLIC: Runtime is accessible over the public internet (default).
|
|
// VPC: Runtime is deployed into a user-provided VPC for private network isolation.
|
|
// The user must ensure their VPC has the necessary VPC endpoints for AWS services.
|
|
// See docs/DEPLOYMENT.md for the full list of required VPC endpoints.
|
|
const networkConfiguration = this.buildNetworkConfiguration(config);
|
|
|
|
// Configure JWT authorizer with Cognito
|
|
const authorizerConfiguration =
|
|
agentcore.RuntimeAuthorizerConfiguration.usingJWT(
|
|
`https://cognito-idp.${stack.region}.amazonaws.com/${this.userPoolId}/.well-known/openid-configuration`,
|
|
[this.userPoolClientId],
|
|
);
|
|
|
|
// Create AgentCore execution role
|
|
const agentRole = new AgentCoreRole(this, "AgentCoreRole");
|
|
|
|
// Create memory resource with short-term memory (conversation history) as default
|
|
// To enable long-term strategies (summaries, preferences, facts), see docs/MEMORY_INTEGRATION.md
|
|
const memory = new cdk.CfnResource(this, "AgentMemory", {
|
|
type: "AWS::BedrockAgentCore::Memory",
|
|
properties: {
|
|
Name: cdk.Names.uniqueResourceName(this, { maxLength: 48 }),
|
|
EventExpiryDuration: 30,
|
|
Description: `Short-term memory for ${config.stack_name_base} agent`,
|
|
MemoryStrategies: [], // Empty array = short-term only (conversation history)
|
|
MemoryExecutionRoleArn: agentRole.roleArn,
|
|
Tags: {
|
|
Name: `${config.stack_name_base}_Memory`,
|
|
ManagedBy: "CDK",
|
|
},
|
|
},
|
|
});
|
|
const memoryId = memory.getAtt("MemoryId").toString();
|
|
const memoryArn = memory.getAtt("MemoryArn").toString();
|
|
|
|
// Store the memory ARN for access from main stack
|
|
this.memoryArn = memoryArn;
|
|
|
|
// Add memory-specific permissions to agent role
|
|
agentRole.addToPolicy(
|
|
new iam.PolicyStatement({
|
|
sid: "MemoryResourceAccess",
|
|
effect: iam.Effect.ALLOW,
|
|
actions: [
|
|
"bedrock-agentcore:CreateEvent",
|
|
"bedrock-agentcore:GetEvent",
|
|
"bedrock-agentcore:ListEvents",
|
|
"bedrock-agentcore:RetrieveMemoryRecords", // Only needed for long-term strategies
|
|
],
|
|
resources: [memoryArn],
|
|
}),
|
|
);
|
|
|
|
// Add SSM permissions for AgentCore Gateway URL lookup
|
|
agentRole.addToPolicy(
|
|
new iam.PolicyStatement({
|
|
sid: "SSMParameterAccess",
|
|
effect: iam.Effect.ALLOW,
|
|
actions: ["ssm:GetParameter", "ssm:GetParameters"],
|
|
resources: [
|
|
`arn:aws:ssm:${this.region}:${this.account}:parameter/${config.stack_name_base}/*`,
|
|
],
|
|
}),
|
|
);
|
|
|
|
// Add Code Interpreter permissions
|
|
agentRole.addToPolicy(
|
|
new iam.PolicyStatement({
|
|
sid: "CodeInterpreterAccess",
|
|
effect: iam.Effect.ALLOW,
|
|
actions: [
|
|
"bedrock-agentcore:StartCodeInterpreterSession",
|
|
"bedrock-agentcore:StopCodeInterpreterSession",
|
|
"bedrock-agentcore:InvokeCodeInterpreter",
|
|
],
|
|
resources: [
|
|
`arn:aws:bedrock-agentcore:${this.region}:aws:code-interpreter/*`,
|
|
],
|
|
}),
|
|
);
|
|
|
|
// Add OAuth2 Credential Provider access for AgentCore Runtime
|
|
// The @requires_access_token decorator performs a two-stage process:
|
|
// 1. GetOauth2CredentialProvider - Looks up provider metadata (ARN, vendor config, grant types)
|
|
// 2. GetResourceOauth2Token - Uses metadata to fetch the actual access token from Token Vault
|
|
agentRole.addToPolicy(
|
|
new iam.PolicyStatement({
|
|
sid: "OAuth2CredentialProviderAccess",
|
|
effect: iam.Effect.ALLOW,
|
|
actions: [
|
|
"bedrock-agentcore:GetOauth2CredentialProvider",
|
|
"bedrock-agentcore:GetResourceOauth2Token",
|
|
],
|
|
resources: [
|
|
`arn:aws:bedrock-agentcore:${this.region}:${this.account}:oauth2-credential-provider/*`,
|
|
`arn:aws:bedrock-agentcore:${this.region}:${this.account}:token-vault/*`,
|
|
`arn:aws:bedrock-agentcore:${this.region}:${this.account}:workload-identity-directory/*`,
|
|
],
|
|
}),
|
|
);
|
|
|
|
// Add Secrets Manager access for OAuth2
|
|
// AgentCore Runtime needs to read two secrets:
|
|
// 1. Machine client secret (created by CDK)
|
|
// 2. Token Vault OAuth2 secret (created by AgentCore Identity)
|
|
agentRole.addToPolicy(
|
|
new iam.PolicyStatement({
|
|
sid: "SecretsManagerOAuth2Access",
|
|
effect: iam.Effect.ALLOW,
|
|
actions: ["secretsmanager:GetSecretValue"],
|
|
resources: [
|
|
`arn:aws:secretsmanager:${this.region}:${this.account}:secret:/${config.stack_name_base}/machine_client_secret*`,
|
|
`arn:aws:secretsmanager:${this.region}:${this.account}:secret:bedrock-agentcore-identity!default/oauth2/${config.stack_name_base}-runtime-gateway-auth*`,
|
|
],
|
|
}),
|
|
);
|
|
|
|
// Environment variables for the runtime
|
|
const envVars: { [key: string]: string } = {
|
|
AWS_REGION: stack.region,
|
|
AWS_DEFAULT_REGION: stack.region,
|
|
MEMORY_ID: memoryId,
|
|
STACK_NAME: config.stack_name_base,
|
|
GATEWAY_CREDENTIAL_PROVIDER_NAME: `${config.stack_name_base}-runtime-gateway-auth`, // Used by @requires_access_token decorator to look up the correct provider
|
|
};
|
|
|
|
// Add claude-agent-sdk specific environment variable
|
|
if (
|
|
pattern === "claude-agent-sdk-single-agent" ||
|
|
pattern === "claude-agent-sdk-multi-agent"
|
|
) {
|
|
envVars["CLAUDE_CODE_USE_BEDROCK"] = "1";
|
|
}
|
|
|
|
// Enable AG-UI / CopilotKit protocol for LangGraph and Strands agents
|
|
if (
|
|
pattern === "langgraph-single-agent" ||
|
|
pattern === "strands-single-agent"
|
|
) {
|
|
envVars["AGUI_ENABLED"] = "true";
|
|
}
|
|
|
|
// Create the runtime using L2 construct
|
|
// requestHeaderConfiguration allows the agent to read the Authorization header
|
|
// from RequestContext.request_headers, which is needed to securely extract the
|
|
// user ID from the validated JWT token (sub claim) instead of trusting the payload body.
|
|
this.agentRuntime = new agentcore.Runtime(this, "Runtime", {
|
|
runtimeName: `${config.stack_name_base.replace(/-/g, "_")}_${this.agentName.valueAsString}`,
|
|
agentRuntimeArtifact: agentRuntimeArtifact,
|
|
executionRole: agentRole,
|
|
networkConfiguration: networkConfiguration,
|
|
protocolConfiguration: agentcore.ProtocolType.HTTP,
|
|
environmentVariables: envVars,
|
|
authorizerConfiguration: authorizerConfiguration,
|
|
requestHeaderConfiguration: {
|
|
allowlistedHeaders: ["Authorization"],
|
|
},
|
|
description: `${pattern} agent runtime for ${config.stack_name_base}`,
|
|
});
|
|
|
|
// Store the runtime ARN
|
|
this.runtimeArn = this.agentRuntime.agentRuntimeArn;
|
|
|
|
// Outputs
|
|
new cdk.CfnOutput(this, "AgentRuntimeId", {
|
|
description: "ID of the created agent runtime",
|
|
value: this.agentRuntime.agentRuntimeId,
|
|
});
|
|
|
|
new cdk.CfnOutput(this, "AgentRuntimeArn", {
|
|
description: "ARN of the created agent runtime",
|
|
value: this.agentRuntime.agentRuntimeArn,
|
|
exportName: `${config.stack_name_base}-AgentRuntimeArn`,
|
|
});
|
|
|
|
new cdk.CfnOutput(this, "AgentRoleArn", {
|
|
description: "ARN of the agent execution role",
|
|
value: agentRole.roleArn,
|
|
});
|
|
|
|
// Memory ARN output
|
|
new cdk.CfnOutput(this, "MemoryArn", {
|
|
description: "ARN of the agent memory resource",
|
|
value: memoryArn,
|
|
});
|
|
}
|
|
|
|
private createRuntimeSSMParameters(config: AppConfig): void {
|
|
// Store runtime ARN in SSM for frontend stack
|
|
new ssm.StringParameter(this, "RuntimeArnParam", {
|
|
parameterName: `/${config.stack_name_base}/runtime-arn`,
|
|
stringValue: this.runtimeArn,
|
|
});
|
|
}
|
|
|
|
private createCognitoSSMParameters(config: AppConfig): void {
|
|
// Store Cognito configuration in SSM for testing and frontend access
|
|
new ssm.StringParameter(this, "CognitoUserPoolIdParam", {
|
|
parameterName: `/${config.stack_name_base}/cognito-user-pool-id`,
|
|
stringValue: this.userPoolId,
|
|
description: "Cognito User Pool ID",
|
|
});
|
|
|
|
new ssm.StringParameter(this, "CognitoUserPoolClientIdParam", {
|
|
parameterName: `/${config.stack_name_base}/cognito-user-pool-client-id`,
|
|
stringValue: this.userPoolClientId,
|
|
description: "Cognito User Pool Client ID",
|
|
});
|
|
|
|
new ssm.StringParameter(this, "MachineClientIdParam", {
|
|
parameterName: `/${config.stack_name_base}/machine_client_id`,
|
|
stringValue: this.machineClient.userPoolClientId,
|
|
description: "Machine Client ID for M2M authentication",
|
|
});
|
|
|
|
// Use the correct Cognito domain format from the passed domain
|
|
new ssm.StringParameter(this, "CognitoDomainParam", {
|
|
parameterName: `/${config.stack_name_base}/cognito_provider`,
|
|
stringValue: `${this.userPoolDomain.domainName}.auth.${cdk.Aws.REGION}.amazoncognito.com`,
|
|
description: "Cognito domain URL for token endpoint",
|
|
});
|
|
}
|
|
|
|
private createCopilotKitRuntimeApi(
|
|
config: AppConfig,
|
|
frontendUrl: string,
|
|
): void {
|
|
const buildAgentCoreAgUiUrl = (runtimeArn: string): string => {
|
|
const encodedRuntimeArn = cdk.Fn.join(
|
|
"%2F",
|
|
cdk.Fn.split("/", cdk.Fn.join("%3A", cdk.Fn.split(":", runtimeArn))),
|
|
);
|
|
|
|
return cdk.Fn.join("", [
|
|
"https://bedrock-agentcore.",
|
|
cdk.Stack.of(this).region,
|
|
".amazonaws.com/runtimes/",
|
|
encodedRuntimeArn,
|
|
"/invocations?qualifier=DEFAULT",
|
|
]);
|
|
};
|
|
|
|
const agentCoreAgUiUrl = buildAgentCoreAgUiUrl(this.runtimeArn);
|
|
|
|
const copilotKitRuntimeLambda = new lambda.Function(
|
|
this,
|
|
"CopilotKitRuntimeLambda",
|
|
{
|
|
functionName: `${config.stack_name_base}-copilotkit-runtime`,
|
|
runtime: lambda.Runtime.NODEJS_20_X,
|
|
architecture: lambda.Architecture.ARM_64,
|
|
handler: "dist/index.handler",
|
|
code: lambda.Code.fromAsset(
|
|
path.join(__dirname, "..", "lambdas", "copilotkit-runtime"),
|
|
{
|
|
assetHashType: cdk.AssetHashType.OUTPUT,
|
|
bundling: {
|
|
local: {
|
|
tryBundle(outputDir: string) {
|
|
const runtimeDir = path.join(
|
|
__dirname,
|
|
"..",
|
|
"lambdas",
|
|
"copilotkit-runtime",
|
|
);
|
|
execSync("npm ci --no-audit --no-fund", {
|
|
cwd: runtimeDir,
|
|
stdio: "inherit",
|
|
});
|
|
execSync("npm run build", {
|
|
cwd: runtimeDir,
|
|
stdio: "inherit",
|
|
});
|
|
execSync("npm prune --omit=dev", {
|
|
cwd: runtimeDir,
|
|
stdio: "inherit",
|
|
});
|
|
execSync(
|
|
`cp -R dist node_modules package.json package-lock.json ${outputDir}/`,
|
|
{
|
|
cwd: runtimeDir,
|
|
stdio: "inherit",
|
|
},
|
|
);
|
|
return true;
|
|
},
|
|
},
|
|
image: lambda.Runtime.NODEJS_20_X.bundlingImage,
|
|
environment: {
|
|
NPM_CONFIG_CACHE: "/tmp/.npm",
|
|
NPM_CONFIG_FETCH_RETRIES: "5",
|
|
NPM_CONFIG_FETCH_RETRY_MAXTIMEOUT: "120000",
|
|
},
|
|
command: [
|
|
"bash",
|
|
"-c",
|
|
[
|
|
"mkdir -p /tmp/.npm",
|
|
"npm ci --no-audit --no-fund",
|
|
"npm run build",
|
|
"npm prune --omit=dev",
|
|
"cp -R dist node_modules package.json package-lock.json /asset-output/",
|
|
].join(" && "),
|
|
],
|
|
},
|
|
},
|
|
),
|
|
environment: {
|
|
AGENTCORE_AG_UI_URL: agentCoreAgUiUrl,
|
|
COPILOTKIT_AGENT_NAME:
|
|
config.backend?.pattern || "langgraph-single-agent",
|
|
},
|
|
timeout: cdk.Duration.seconds(30),
|
|
memorySize: 1024,
|
|
logGroup: new logs.LogGroup(this, "CopilotKitRuntimeLambdaLogGroup", {
|
|
logGroupName: `/aws/lambda/${config.stack_name_base}-copilotkit-runtime`,
|
|
retention: logs.RetentionDays.ONE_WEEK,
|
|
removalPolicy: cdk.RemovalPolicy.DESTROY,
|
|
}),
|
|
},
|
|
);
|
|
|
|
const copilotKitApi = new apigateway.RestApi(this, "CopilotKitRuntimeApi", {
|
|
restApiName: `${config.stack_name_base}-copilotkit-runtime-api`,
|
|
description: "Standalone CopilotKit runtime API backed by Lambda",
|
|
defaultCorsPreflightOptions: {
|
|
allowOrigins: [frontendUrl, "http://localhost:3000"],
|
|
allowMethods: ["GET", "POST", "OPTIONS"],
|
|
allowHeaders: ["Content-Type", "Authorization"],
|
|
},
|
|
deployOptions: {
|
|
stageName: "prod",
|
|
},
|
|
});
|
|
|
|
const runtimeIntegration = new apigateway.LambdaIntegration(
|
|
copilotKitRuntimeLambda,
|
|
{
|
|
responseTransferMode: apigateway.ResponseTransferMode.STREAM,
|
|
},
|
|
);
|
|
|
|
const runtimeResource = copilotKitApi.root.addResource("copilotkit");
|
|
runtimeResource.addMethod("GET", runtimeIntegration, {
|
|
authorizationType: apigateway.AuthorizationType.NONE,
|
|
});
|
|
runtimeResource.addMethod("POST", runtimeIntegration, {
|
|
authorizationType: apigateway.AuthorizationType.NONE,
|
|
});
|
|
|
|
const runtimeProxy = runtimeResource.addResource("{proxy+}");
|
|
runtimeProxy.addMethod("GET", runtimeIntegration, {
|
|
authorizationType: apigateway.AuthorizationType.NONE,
|
|
});
|
|
runtimeProxy.addMethod("POST", runtimeIntegration, {
|
|
authorizationType: apigateway.AuthorizationType.NONE,
|
|
});
|
|
|
|
this.copilotKitRuntimeUrl = copilotKitApi.urlForPath("/copilotkit");
|
|
|
|
new ssm.StringParameter(this, "CopilotKitRuntimeUrlParam", {
|
|
parameterName: `/${config.stack_name_base}/copilotkit-runtime-url`,
|
|
stringValue: this.copilotKitRuntimeUrl,
|
|
description: "CopilotKit runtime API URL",
|
|
});
|
|
|
|
new cdk.CfnOutput(this, "CopilotKitRuntimeUrl", {
|
|
description: "CopilotKit runtime API URL",
|
|
value: this.copilotKitRuntimeUrl,
|
|
});
|
|
}
|
|
|
|
private createAgentCoreGateway(config: AppConfig): void {
|
|
// Create comprehensive IAM role for gateway
|
|
const gatewayRole = new iam.Role(this, "GatewayRole", {
|
|
assumedBy: new iam.ServicePrincipal("bedrock-agentcore.amazonaws.com"),
|
|
description: "Role for AgentCore Gateway with comprehensive permissions",
|
|
});
|
|
|
|
// Bedrock permissions (region-agnostic)
|
|
gatewayRole.addToPolicy(
|
|
new iam.PolicyStatement({
|
|
effect: iam.Effect.ALLOW,
|
|
actions: [
|
|
"bedrock:InvokeModel",
|
|
"bedrock:InvokeModelWithResponseStream",
|
|
],
|
|
resources: [
|
|
"arn:aws:bedrock:*::foundation-model/*",
|
|
`arn:aws:bedrock:*:${this.account}:inference-profile/*`,
|
|
],
|
|
}),
|
|
);
|
|
|
|
// SSM parameter access
|
|
gatewayRole.addToPolicy(
|
|
new iam.PolicyStatement({
|
|
effect: iam.Effect.ALLOW,
|
|
actions: ["ssm:GetParameter", "ssm:GetParameters"],
|
|
resources: [
|
|
`arn:aws:ssm:${this.region}:${this.account}:parameter/${config.stack_name_base}/*`,
|
|
],
|
|
}),
|
|
);
|
|
|
|
// Cognito permissions
|
|
gatewayRole.addToPolicy(
|
|
new iam.PolicyStatement({
|
|
effect: iam.Effect.ALLOW,
|
|
actions: [
|
|
"cognito-idp:DescribeUserPoolClient",
|
|
"cognito-idp:InitiateAuth",
|
|
],
|
|
resources: [this.userPool.userPoolArn],
|
|
}),
|
|
);
|
|
|
|
// CloudWatch Logs
|
|
gatewayRole.addToPolicy(
|
|
new iam.PolicyStatement({
|
|
effect: iam.Effect.ALLOW,
|
|
actions: [
|
|
"logs:CreateLogGroup",
|
|
"logs:CreateLogStream",
|
|
"logs:PutLogEvents",
|
|
],
|
|
resources: [
|
|
`arn:aws:logs:${this.region}:${this.account}:log-group:/aws/bedrock-agentcore/*`,
|
|
],
|
|
}),
|
|
);
|
|
|
|
// Cognito OAuth2 configuration for gateway
|
|
const cognitoIssuer = `https://cognito-idp.${this.region}.amazonaws.com/${this.userPool.userPoolId}`;
|
|
const cognitoDiscoveryUrl = `${cognitoIssuer}/.well-known/openid-configuration`;
|
|
|
|
// Create OAuth2 Credential Provider for AgentCore Runtime to authenticate with AgentCore Gateway
|
|
// Uses cr.Provider pattern with explicit Lambda to avoid logging secrets in CloudWatch
|
|
const providerName = `${config.stack_name_base}-runtime-gateway-auth`;
|
|
|
|
// Lambda to create/delete OAuth2 provider
|
|
const oauth2ProviderLambda = new lambda.Function(
|
|
this,
|
|
"OAuth2ProviderLambda",
|
|
{
|
|
runtime: lambda.Runtime.PYTHON_3_13,
|
|
handler: "index.handler",
|
|
code: lambda.Code.fromAsset(
|
|
path.join(__dirname, "..", "lambdas", "oauth2-provider"),
|
|
),
|
|
timeout: cdk.Duration.minutes(5),
|
|
logGroup: new logs.LogGroup(this, "OAuth2ProviderLambdaLogGroup", {
|
|
logGroupName: `/aws/lambda/${config.stack_name_base}-oauth2-provider`,
|
|
retention: logs.RetentionDays.ONE_WEEK,
|
|
removalPolicy: cdk.RemovalPolicy.DESTROY,
|
|
}),
|
|
},
|
|
);
|
|
|
|
// Grant Lambda permissions to read machine client secret
|
|
this.machineClientSecret.grantRead(oauth2ProviderLambda);
|
|
|
|
// Grant Lambda permissions for Bedrock AgentCore operations
|
|
// OAuth2 Credential Provider operations - scoped to all providers in default Token Vault
|
|
// Note: Need both vault-level and nested resource permissions because:
|
|
// - CreateOauth2CredentialProvider checks permission on vault itself (token-vault/default)
|
|
// - Also checks permission on the nested resource path (token-vault/default/oauth2credentialprovider/*)
|
|
oauth2ProviderLambda.addToRolePolicy(
|
|
new iam.PolicyStatement({
|
|
actions: [
|
|
"bedrock-agentcore:CreateOauth2CredentialProvider",
|
|
"bedrock-agentcore:DeleteOauth2CredentialProvider",
|
|
"bedrock-agentcore:GetOauth2CredentialProvider",
|
|
],
|
|
resources: [
|
|
`arn:aws:bedrock-agentcore:${this.region}:${this.account}:token-vault/default`,
|
|
`arn:aws:bedrock-agentcore:${this.region}:${this.account}:token-vault/default/oauth2credentialprovider/*`,
|
|
],
|
|
}),
|
|
);
|
|
|
|
// Token Vault operations - scoped to default vault
|
|
// Note: Need both exact match (default) and wildcard (default/*) because:
|
|
// - AWS checks permission on the vault container itself (token-vault/default)
|
|
// - AWS also checks permission on resources inside (token-vault/default/*)
|
|
oauth2ProviderLambda.addToRolePolicy(
|
|
new iam.PolicyStatement({
|
|
actions: [
|
|
"bedrock-agentcore:CreateTokenVault",
|
|
"bedrock-agentcore:GetTokenVault",
|
|
"bedrock-agentcore:DeleteTokenVault",
|
|
],
|
|
resources: [
|
|
`arn:aws:bedrock-agentcore:${this.region}:${this.account}:token-vault/default`,
|
|
`arn:aws:bedrock-agentcore:${this.region}:${this.account}:token-vault/default/*`,
|
|
],
|
|
}),
|
|
);
|
|
|
|
// Grant Lambda permissions for Token Vault secret management
|
|
// Scoped to OAuth2 secrets in AgentCore Identity default namespace
|
|
oauth2ProviderLambda.addToRolePolicy(
|
|
new iam.PolicyStatement({
|
|
actions: [
|
|
"secretsmanager:CreateSecret",
|
|
"secretsmanager:DeleteSecret",
|
|
"secretsmanager:DescribeSecret",
|
|
"secretsmanager:PutSecretValue",
|
|
],
|
|
resources: [
|
|
`arn:aws:secretsmanager:${this.region}:${this.account}:secret:bedrock-agentcore-identity!default/oauth2/*`,
|
|
],
|
|
}),
|
|
);
|
|
|
|
// Create Custom Resource Provider
|
|
const oauth2Provider = new cr.Provider(this, "OAuth2ProviderProvider", {
|
|
onEventHandler: oauth2ProviderLambda,
|
|
});
|
|
|
|
// Create Custom Resource
|
|
const runtimeCredentialProvider = new cdk.CustomResource(
|
|
this,
|
|
"RuntimeCredentialProvider",
|
|
{
|
|
serviceToken: oauth2Provider.serviceToken,
|
|
properties: {
|
|
ProviderName: providerName,
|
|
ClientSecretArn: this.machineClientSecret.secretArn,
|
|
DiscoveryUrl: cognitoDiscoveryUrl,
|
|
ClientId: this.machineClient.userPoolClientId,
|
|
},
|
|
},
|
|
);
|
|
|
|
// Store for use in createAgentCoreRuntime()
|
|
this.runtimeCredentialProvider = runtimeCredentialProvider;
|
|
|
|
// Create Gateway using L1 construct (CfnGateway)
|
|
// This replaces the Custom Resource approach with native CloudFormation support
|
|
const gateway = new bedrockagentcore.CfnGateway(this, "AgentCoreGateway", {
|
|
name: `${config.stack_name_base}-gateway`,
|
|
roleArn: gatewayRole.roleArn,
|
|
protocolType: "MCP",
|
|
protocolConfiguration: {
|
|
mcp: {
|
|
supportedVersions: ["2025-03-26"],
|
|
// Optional: Enable semantic search for tools
|
|
// searchType: "SEMANTIC",
|
|
},
|
|
},
|
|
authorizerType: "CUSTOM_JWT",
|
|
authorizerConfiguration: {
|
|
customJwtAuthorizer: {
|
|
allowedClients: [this.machineClient.userPoolClientId],
|
|
discoveryUrl: cognitoDiscoveryUrl,
|
|
},
|
|
},
|
|
description: "AgentCore Gateway with MCP protocol and JWT authentication",
|
|
});
|
|
|
|
// Ensure proper creation order
|
|
gateway.node.addDependency(this.machineClient);
|
|
gateway.node.addDependency(gatewayRole);
|
|
|
|
// Store AgentCore Gateway URL in SSM for AgentCore Runtime access
|
|
new ssm.StringParameter(this, "GatewayUrlParam", {
|
|
parameterName: `/${config.stack_name_base}/gateway_url`,
|
|
stringValue: gateway.attrGatewayUrl,
|
|
description: "AgentCore Gateway URL",
|
|
});
|
|
|
|
// Output gateway information
|
|
new cdk.CfnOutput(this, "GatewayId", {
|
|
value: gateway.attrGatewayIdentifier,
|
|
description: "AgentCore Gateway ID",
|
|
});
|
|
|
|
new cdk.CfnOutput(this, "GatewayUrl", {
|
|
value: gateway.attrGatewayUrl,
|
|
description: "AgentCore Gateway URL",
|
|
});
|
|
|
|
new cdk.CfnOutput(this, "GatewayArn", {
|
|
value: gateway.attrGatewayArn,
|
|
description: "AgentCore Gateway ARN",
|
|
});
|
|
|
|
new cdk.CfnOutput(this, "GatewayTargetId", {
|
|
value: gatewayTarget.ref,
|
|
description: "AgentCore Gateway Target ID",
|
|
});
|
|
|
|
new cdk.CfnOutput(this, "ToolLambdaArn", {
|
|
description: "ARN of the sample tool Lambda",
|
|
value: toolLambda.functionArn,
|
|
});
|
|
}
|
|
|
|
private createMachineAuthentication(config: AppConfig): void {
|
|
// Create Resource Server for Machine-to-Machine (M2M) authentication
|
|
// This defines the API scopes that machine clients can request access to
|
|
const resourceServer = new cognito.UserPoolResourceServer(
|
|
this,
|
|
"ResourceServer",
|
|
{
|
|
userPool: this.userPool,
|
|
identifier: `${config.stack_name_base}-gateway`,
|
|
userPoolResourceServerName: `${config.stack_name_base}-gateway-resource-server`,
|
|
scopes: [
|
|
new cognito.ResourceServerScope({
|
|
scopeName: "read",
|
|
scopeDescription: "Read access to gateway",
|
|
}),
|
|
new cognito.ResourceServerScope({
|
|
scopeName: "write",
|
|
scopeDescription: "Write access to gateway",
|
|
}),
|
|
],
|
|
},
|
|
);
|
|
|
|
// Create Machine Client for AgentCore Gateway authentication
|
|
//
|
|
// WHAT IS A MACHINE CLIENT?
|
|
// A machine client is a Cognito User Pool Client configured for server-to-server authentication
|
|
// using the OAuth2 Client Credentials flow. Unlike user-facing clients, it doesn't require
|
|
// human interaction or user credentials.
|
|
//
|
|
// HOW IS IT DIFFERENT FROM THE REGULAR USER POOL CLIENT?
|
|
// - Regular client: Uses Authorization Code flow for human users (frontend login)
|
|
// - Machine client: Uses Client Credentials flow for service-to-service authentication
|
|
// - Regular client: No client secret (public client for frontend security)
|
|
// - Machine client: Has client secret (confidential client for backend security)
|
|
// - Regular client: Scopes are openid, email, profile (user identity)
|
|
// - Machine client: Scopes are custom resource server scopes (API permissions)
|
|
//
|
|
// WHY IS IT NEEDED?
|
|
// The AgentCore Gateway needs to authenticate with Cognito to validate tokens and make
|
|
// API calls on behalf of the system. The machine client provides the credentials for
|
|
// this service-to-service authentication without requiring user interaction.
|
|
this.machineClient = new cognito.UserPoolClient(this, "MachineClient", {
|
|
userPool: this.userPool,
|
|
userPoolClientName: `${config.stack_name_base}-machine-client`,
|
|
generateSecret: true, // Required for client credentials flow
|
|
oAuth: {
|
|
flows: {
|
|
clientCredentials: true, // Enable OAuth2 Client Credentials flow
|
|
},
|
|
scopes: [
|
|
// Grant access to the resource server scopes defined above
|
|
cognito.OAuthScope.resourceServer(
|
|
resourceServer,
|
|
new cognito.ResourceServerScope({
|
|
scopeName: "read",
|
|
scopeDescription: "Read access to gateway",
|
|
}),
|
|
),
|
|
cognito.OAuthScope.resourceServer(
|
|
resourceServer,
|
|
new cognito.ResourceServerScope({
|
|
scopeName: "write",
|
|
scopeDescription: "Write access to gateway",
|
|
}),
|
|
),
|
|
],
|
|
},
|
|
});
|
|
|
|
// Machine client must be created after resource server
|
|
this.machineClient.node.addDependency(resourceServer);
|
|
|
|
// Store machine client secret in Secrets Manager for testing and external access.
|
|
// This secret is used by test scripts and potentially other external tools.
|
|
this.machineClientSecret = new secretsmanager.Secret(
|
|
this,
|
|
"MachineClientSecret",
|
|
{
|
|
secretName: `/${config.stack_name_base}/machine_client_secret`,
|
|
secretStringValue: cdk.SecretValue.unsafePlainText(
|
|
this.machineClient.userPoolClientSecret.unsafeUnwrap(),
|
|
),
|
|
description: "Machine Client Secret for M2M authentication",
|
|
},
|
|
);
|
|
}
|
|
|
|
/**
|
|
* Builds the RuntimeNetworkConfiguration based on the config.yaml settings.
|
|
* When network_mode is "VPC", imports the user's existing VPC, subnets, and
|
|
* optionally security groups, then returns a VPC-based network configuration.
|
|
* When network_mode is "PUBLIC" (default), returns a public network configuration.
|
|
*
|
|
* @param config - The application configuration from config.yaml.
|
|
* @returns A RuntimeNetworkConfiguration for the AgentCore Runtime.
|
|
*/
|
|
private buildNetworkConfiguration(
|
|
config: AppConfig,
|
|
): agentcore.RuntimeNetworkConfiguration {
|
|
if (config.backend.network_mode === "VPC") {
|
|
const vpcConfig = config.backend.vpc;
|
|
// vpc config is validated in ConfigManager, but guard here for type safety
|
|
if (!vpcConfig) {
|
|
throw new Error(
|
|
"backend.vpc configuration is required when network_mode is 'VPC'.",
|
|
);
|
|
}
|
|
|
|
// Import the user's existing VPC by ID.
|
|
// This performs a context lookup at synth time to resolve VPC attributes.
|
|
const vpc = ec2.Vpc.fromLookup(this, "ImportedVpc", {
|
|
vpcId: vpcConfig.vpc_id,
|
|
});
|
|
|
|
// Import the user-specified subnets by their IDs.
|
|
// These subnets must exist within the VPC specified above.
|
|
const subnets: ec2.ISubnet[] = vpcConfig.subnet_ids.map(
|
|
(subnetId: string, index: number) =>
|
|
ec2.Subnet.fromSubnetId(this, `ImportedSubnet${index}`, subnetId),
|
|
);
|
|
|
|
// Build the VPC config props for the AgentCore L2 construct.
|
|
// Security groups are optional — if not provided, the construct creates a default one.
|
|
const securityGroups =
|
|
vpcConfig.security_group_ids && vpcConfig.security_group_ids.length > 0
|
|
? vpcConfig.security_group_ids.map((sgId: string, index: number) =>
|
|
ec2.SecurityGroup.fromSecurityGroupId(
|
|
this,
|
|
`ImportedSG${index}`,
|
|
sgId,
|
|
),
|
|
)
|
|
: undefined;
|
|
|
|
const vpcConfigProps: agentcore.VpcConfigProps = {
|
|
vpc: vpc,
|
|
vpcSubnets: {
|
|
subnets: subnets,
|
|
},
|
|
securityGroups: securityGroups,
|
|
};
|
|
|
|
return agentcore.RuntimeNetworkConfiguration.usingVpc(
|
|
this,
|
|
vpcConfigProps,
|
|
);
|
|
}
|
|
|
|
// Default: public network mode
|
|
return agentcore.RuntimeNetworkConfiguration.usingPublicNetwork();
|
|
}
|
|
}
|