@aws-cdk/aws-bedrock-agentcore-alpha
Version:
The CDK Construct Library for Amazon Bedrock
112 lines • 10.5 kB
JavaScript
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.GatewayPerms = void 0;
var GatewayPerms;
(function (GatewayPerms) {
/******************************************************************************
* Data Plane Permissions
*****************************************************************************/
/**
* Permissions to invoke the gateway
* Used by agents or other services that need to call the gateway
*/
GatewayPerms.INVOKE_PERMS = ['bedrock-agentcore:InvokeGateway'];
/******************************************************************************
* Execution Role Permissions
*****************************************************************************/
/**
* KMS permissions for encryption
* Required when using KMS keys for encryption
*/
GatewayPerms.KMS_KEY_PERMS = [
'kms:GenerateDataKey',
'kms:GenerateDataKeyWithoutPlaintext',
'kms:GenerateDataKeyPair',
'kms:GenerateDataKeyPairWithoutPlaintext',
'kms:Decrypt',
'kms:Encrypt',
'kms:ReEncryptFrom',
'kms:ReEncryptTo',
'kms:CreateGrant',
'kms:DescribeKey',
];
/**
* Assume role permission
* Required for the gateway service to assume the execution role
*/
GatewayPerms.ASSUME_ROLE = ['sts:AssumeRole'];
/**
* Outbound auth - Workload identity permissions
* Used to obtain access tokens for workload identity
*/
GatewayPerms.GATEWAY_WORKLOAD_IDENTITY_PERMS = [
'bedrock-agentcore:GetWorkloadAccessToken',
];
/**
* Outbound auth - OAuth permissions
* Used to obtain OAuth tokens for target authentication
*/
GatewayPerms.GATEWAY_OAUTH_PERMS = [
'bedrock-agentcore:GetResourceOauth2Token',
];
/**
* Outbound auth - API Key permissions
* Used to retrieve API keys for target authentication
*/
GatewayPerms.GATEWAY_API_KEY_PERMS = [
'bedrock-agentcore:GetResourceApiKey',
];
/**
* Secrets Manager permissions
* Required for storing and retrieving API keys and OAuth credentials
*/
GatewayPerms.SECRETS_PERMS = [
'secretsmanager:GetSecretValue',
'secretsmanager:DescribeSecret',
];
/******************************************************************************
* Control Plane Permissions
*****************************************************************************/
/**
* Get permissions for gateway resources
*/
GatewayPerms.GET_PERMS = ['bedrock-agentcore:GetGatewayTarget', 'bedrock-agentcore:GetGateway'];
/**
* List permissions for gateway resources
*/
GatewayPerms.LIST_PERMS = [
'bedrock-agentcore:ListGateways',
'bedrock-agentcore:ListGatewayTargets',
];
/**
* Create permissions for gateway resources
*/
GatewayPerms.CREATE_PERMS = [
'bedrock-agentcore:CreateGateway',
'bedrock-agentcore:CreateGatewayTarget',
];
/**
* Update permissions for gateway resources
*/
GatewayPerms.UPDATE_PERMS = [
'bedrock-agentcore:UpdateGateway',
'bedrock-agentcore:UpdateGatewayTarget',
];
/**
* Delete permissions for gateway resources
*/
GatewayPerms.DELETE_PERMS = [
'bedrock-agentcore:DeleteGateway',
'bedrock-agentcore:DeleteGatewayTarget',
];
/**
* Combined manage permissions (create, update, delete)
*/
GatewayPerms.MANAGE_PERMS = [...new Set([...GatewayPerms.CREATE_PERMS, ...GatewayPerms.UPDATE_PERMS, ...GatewayPerms.DELETE_PERMS])];
/**
* Synchronization permissions for MCP server targets
* Used to refresh tool catalogs when MCP server tools change
*/
GatewayPerms.SYNC_PERMS = ['bedrock-agentcore:SynchronizeGatewayTargets'];
})(GatewayPerms || (exports.GatewayPerms = GatewayPerms = {}));
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGVybXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJwZXJtcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSxJQUFpQixZQUFZLENBMkg1QjtBQTNIRCxXQUFpQixZQUFZO0lBRTNCOzttRkFFK0U7SUFFL0U7OztPQUdHO0lBQ1UseUJBQVksR0FBRyxDQUFDLGlDQUFpQyxDQUFDLENBQUM7SUFFaEU7O21GQUUrRTtJQUUvRTs7O09BR0c7SUFDVSwwQkFBYSxHQUFHO1FBQzNCLHFCQUFxQjtRQUNyQixxQ0FBcUM7UUFDckMseUJBQXlCO1FBQ3pCLHlDQUF5QztRQUN6QyxhQUFhO1FBQ2IsYUFBYTtRQUNiLG1CQUFtQjtRQUNuQixpQkFBaUI7UUFDakIsaUJBQWlCO1FBQ2pCLGlCQUFpQjtLQUNsQixDQUFDO0lBRUY7OztPQUdHO0lBQ1Usd0JBQVcsR0FBRyxDQUFDLGdCQUFnQixDQUFDLENBQUM7SUFFOUM7OztPQUdHO0lBQ1UsNENBQStCLEdBQUc7UUFDN0MsMENBQTBDO0tBQzNDLENBQUM7SUFFRjs7O09BR0c7SUFDVSxnQ0FBbUIsR0FBRztRQUNqQywwQ0FBMEM7S0FDM0MsQ0FBQztJQUVGOzs7T0FHRztJQUNVLGtDQUFxQixHQUFHO1FBQ25DLHFDQUFxQztLQUN0QyxDQUFDO0lBRUY7OztPQUdHO0lBQ1UsMEJBQWEsR0FBRztRQUMzQiwrQkFBK0I7UUFDL0IsK0JBQStCO0tBQ2hDLENBQUM7SUFFRjs7bUZBRStFO0lBRS9FOztPQUVHO0lBQ1Usc0JBQVMsR0FBRyxDQUFDLG9DQUFvQyxFQUFFLDhCQUE4QixDQUFDLENBQUM7SUFFaEc7O09BRUc7SUFDVSx1QkFBVSxHQUFHO1FBQ3hCLGdDQUFnQztRQUNoQyxzQ0FBc0M7S0FDdkMsQ0FBQztJQUVGOztPQUVHO0lBQ1UseUJBQVksR0FBRztRQUMxQixpQ0FBaUM7UUFDakMsdUNBQXVDO0tBQ3hDLENBQUM7SUFFRjs7T0FFRztJQUNVLHlCQUFZLEdBQUc7UUFDMUIsaUNBQWlDO1FBQ2pDLHVDQUF1QztLQUN4QyxDQUFDO0lBRUY7O09BRUc7SUFDVSx5QkFBWSxHQUFHO1FBQzFCLGlDQUFpQztRQUNqQyx1Q0FBdUM7S0FDeEMsQ0FBQztJQUVGOztPQUVHO0lBQ1UseUJBQVksR0FBRyxDQUFDLEdBQUcsSUFBSSxHQUFHLENBQUMsQ0FBQyxHQUFHLGFBQUEsWUFBWSxFQUFFLEdBQUcsYUFBQSxZQUFZLEVBQUUsR0FBRyxhQUFBLFlBQVksQ0FBQyxDQUFDLENBQUMsQ0FBQztJQUU5Rjs7O09BR0c7SUFDVSx1QkFBVSxHQUFHLENBQUMsNkNBQTZDLENBQUMsQ0FBQztBQUM1RSxDQUFDLEVBM0hnQixZQUFZLDRCQUFaLFlBQVksUUEySDVCIiwic291cmNlc0NvbnRlbnQiOlsiZXhwb3J0IG5hbWVzcGFjZSBHYXRld2F5UGVybXMge1xuXG4gIC8qKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKipcbiAgICogRGF0YSBQbGFuZSBQZXJtaXNzaW9uc1xuICAgKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKiovXG5cbiAgLyoqXG4gICAqIFBlcm1pc3Npb25zIHRvIGludm9rZSB0aGUgZ2F0ZXdheVxuICAgKiBVc2VkIGJ5IGFnZW50cyBvciBvdGhlciBzZXJ2aWNlcyB0aGF0IG5lZWQgdG8gY2FsbCB0aGUgZ2F0ZXdheVxuICAgKi9cbiAgZXhwb3J0IGNvbnN0IElOVk9LRV9QRVJNUyA9IFsnYmVkcm9jay1hZ2VudGNvcmU6SW52b2tlR2F0ZXdheSddO1xuXG4gIC8qKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKipcbiAgICogRXhlY3V0aW9uIFJvbGUgUGVybWlzc2lvbnNcbiAgICoqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqL1xuXG4gIC8qKlxuICAgKiBLTVMgcGVybWlzc2lvbnMgZm9yIGVuY3J5cHRpb25cbiAgICogUmVxdWlyZWQgd2hlbiB1c2luZyBLTVMga2V5cyBmb3IgZW5jcnlwdGlvblxuICAgKi9cbiAgZXhwb3J0IGNvbnN0IEtNU19LRVlfUEVSTVMgPSBbXG4gICAgJ2ttczpHZW5lcmF0ZURhdGFLZXknLFxuICAgICdrbXM6R2VuZXJhdGVEYXRhS2V5V2l0aG91dFBsYWludGV4dCcsXG4gICAgJ2ttczpHZW5lcmF0ZURhdGFLZXlQYWlyJyxcbiAgICAna21zOkdlbmVyYXRlRGF0YUtleVBhaXJXaXRob3V0UGxhaW50ZXh0JyxcbiAgICAna21zOkRlY3J5cHQnLFxuICAgICdrbXM6RW5jcnlwdCcsXG4gICAgJ2ttczpSZUVuY3J5cHRGcm9tJyxcbiAgICAna21zOlJlRW5jcnlwdFRvJyxcbiAgICAna21zOkNyZWF0ZUdyYW50JyxcbiAgICAna21zOkRlc2NyaWJlS2V5JyxcbiAgXTtcblxuICAvKipcbiAgICogQXNzdW1lIHJvbGUgcGVybWlzc2lvblxuICAgKiBSZXF1aXJlZCBmb3IgdGhlIGdhdGV3YXkgc2VydmljZSB0byBhc3N1bWUgdGhlIGV4ZWN1dGlvbiByb2xlXG4gICAqL1xuICBleHBvcnQgY29uc3QgQVNTVU1FX1JPTEUgPSBbJ3N0czpBc3N1bWVSb2xlJ107XG5cbiAgLyoqXG4gICAqIE91dGJvdW5kIGF1dGggLSBXb3JrbG9hZCBpZGVudGl0eSBwZXJtaXNzaW9uc1xuICAgKiBVc2VkIHRvIG9idGFpbiBhY2Nlc3MgdG9rZW5zIGZvciB3b3JrbG9hZCBpZGVudGl0eVxuICAgKi9cbiAgZXhwb3J0IGNvbnN0IEdBVEVXQVlfV09SS0xPQURfSURFTlRJVFlfUEVSTVMgPSBbXG4gICAgJ2JlZHJvY2stYWdlbnRjb3JlOkdldFdvcmtsb2FkQWNjZXNzVG9rZW4nLFxuICBdO1xuXG4gIC8qKlxuICAgKiBPdXRib3VuZCBhdXRoIC0gT0F1dGggcGVybWlzc2lvbnNcbiAgICogVXNlZCB0byBvYnRhaW4gT0F1dGggdG9rZW5zIGZvciB0YXJnZXQgYXV0aGVudGljYXRpb25cbiAgICovXG4gIGV4cG9ydCBjb25zdCBHQVRFV0FZX09BVVRIX1BFUk1TID0gW1xuICAgICdiZWRyb2NrLWFnZW50Y29yZTpHZXRSZXNvdXJjZU9hdXRoMlRva2VuJyxcbiAgXTtcblxuICAvKipcbiAgICogT3V0Ym91bmQgYXV0aCAtIEFQSSBLZXkgcGVybWlzc2lvbnNcbiAgICogVXNlZCB0byByZXRyaWV2ZSBBUEkga2V5cyBmb3IgdGFyZ2V0IGF1dGhlbnRpY2F0aW9uXG4gICAqL1xuICBleHBvcnQgY29uc3QgR0FURVdBWV9BUElfS0VZX1BFUk1TID0gW1xuICAgICdiZWRyb2NrLWFnZW50Y29yZTpHZXRSZXNvdXJjZUFwaUtleScsXG4gIF07XG5cbiAgLyoqXG4gICAqIFNlY3JldHMgTWFuYWdlciBwZXJtaXNzaW9uc1xuICAgKiBSZXF1aXJlZCBmb3Igc3RvcmluZyBhbmQgcmV0cmlldmluZyBBUEkga2V5cyBhbmQgT0F1dGggY3JlZGVudGlhbHNcbiAgICovXG4gIGV4cG9ydCBjb25zdCBTRUNSRVRTX1BFUk1TID0gW1xuICAgICdzZWNyZXRzbWFuYWdlcjpHZXRTZWNyZXRWYWx1ZScsXG4gICAgJ3NlY3JldHNtYW5hZ2VyOkRlc2NyaWJlU2VjcmV0JyxcbiAgXTtcblxuICAvKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqXG4gICAqIENvbnRyb2wgUGxhbmUgUGVybWlzc2lvbnNcbiAgICoqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqL1xuXG4gIC8qKlxuICAgKiBHZXQgcGVybWlzc2lvbnMgZm9yIGdhdGV3YXkgcmVzb3VyY2VzXG4gICAqL1xuICBleHBvcnQgY29uc3QgR0VUX1BFUk1TID0gWydiZWRyb2NrLWFnZW50Y29yZTpHZXRHYXRld2F5VGFyZ2V0JywgJ2JlZHJvY2stYWdlbnRjb3JlOkdldEdhdGV3YXknXTtcblxuICAvKipcbiAgICogTGlzdCBwZXJtaXNzaW9ucyBmb3IgZ2F0ZXdheSByZXNvdXJjZXNcbiAgICovXG4gIGV4cG9ydCBjb25zdCBMSVNUX1BFUk1TID0gW1xuICAgICdiZWRyb2NrLWFnZW50Y29yZTpMaXN0R2F0ZXdheXMnLFxuICAgICdiZWRyb2NrLWFnZW50Y29yZTpMaXN0R2F0ZXdheVRhcmdldHMnLFxuICBdO1xuXG4gIC8qKlxuICAgKiBDcmVhdGUgcGVybWlzc2lvbnMgZm9yIGdhdGV3YXkgcmVzb3VyY2VzXG4gICAqL1xuICBleHBvcnQgY29uc3QgQ1JFQVRFX1BFUk1TID0gW1xuICAgICdiZWRyb2NrLWFnZW50Y29yZTpDcmVhdGVHYXRld2F5JyxcbiAgICAnYmVkcm9jay1hZ2VudGNvcmU6Q3JlYXRlR2F0ZXdheVRhcmdldCcsXG4gIF07XG5cbiAgLyoqXG4gICAqIFVwZGF0ZSBwZXJtaXNzaW9ucyBmb3IgZ2F0ZXdheSByZXNvdXJjZXNcbiAgICovXG4gIGV4cG9ydCBjb25zdCBVUERBVEVfUEVSTVMgPSBbXG4gICAgJ2JlZHJvY2stYWdlbnRjb3JlOlVwZGF0ZUdhdGV3YXknLFxuICAgICdiZWRyb2NrLWFnZW50Y29yZTpVcGRhdGVHYXRld2F5VGFyZ2V0JyxcbiAgXTtcblxuICAvKipcbiAgICogRGVsZXRlIHBlcm1pc3Npb25zIGZvciBnYXRld2F5IHJlc291cmNlc1xuICAgKi9cbiAgZXhwb3J0IGNvbnN0IERFTEVURV9QRVJNUyA9IFtcbiAgICAnYmVkcm9jay1hZ2VudGNvcmU6RGVsZXRlR2F0ZXdheScsXG4gICAgJ2JlZHJvY2stYWdlbnRjb3JlOkRlbGV0ZUdhdGV3YXlUYXJnZXQnLFxuICBdO1xuXG4gIC8qKlxuICAgKiBDb21iaW5lZCBtYW5hZ2UgcGVybWlzc2lvbnMgKGNyZWF0ZSwgdXBkYXRlLCBkZWxldGUpXG4gICAqL1xuICBleHBvcnQgY29uc3QgTUFOQUdFX1BFUk1TID0gWy4uLm5ldyBTZXQoWy4uLkNSRUFURV9QRVJNUywgLi4uVVBEQVRFX1BFUk1TLCAuLi5ERUxFVEVfUEVSTVNdKV07XG5cbiAgLyoqXG4gICAqIFN5bmNocm9uaXphdGlvbiBwZXJtaXNzaW9ucyBmb3IgTUNQIHNlcnZlciB0YXJnZXRzXG4gICAqIFVzZWQgdG8gcmVmcmVzaCB0b29sIGNhdGFsb2dzIHdoZW4gTUNQIHNlcnZlciB0b29scyBjaGFuZ2VcbiAgICovXG4gIGV4cG9ydCBjb25zdCBTWU5DX1BFUk1TID0gWydiZWRyb2NrLWFnZW50Y29yZTpTeW5jaHJvbml6ZUdhdGV3YXlUYXJnZXRzJ107XG59XG4iXX0=