AgentRuntime
bedrockagentcorecontrol.services.k8s.aws/v1alpha1
| Type | Link |
|---|---|
| GoDoc | bedrockagentcorecontrol-controller/apis/v1alpha1#AgentRuntime |
Metadata
| Property | Value |
|---|---|
| Scope | Namespaced |
| Kind | AgentRuntime |
| ListKind | AgentRuntimeList |
| Plural | agentruntimes |
| Singular | agentruntime |
Contains information about an agent runtime. An agent runtime is the execution environment for a Amazon Bedrock AgentCore Agent.
Spec
agentRuntimeArtifact:
codeConfiguration:
code:
s3:
bucket: string
prefix: string
versionID: string
entryPoint:
- string
runtime: string
containerConfiguration:
containerURI: string
agentRuntimeName: string
authorizerConfiguration:
customJWTAuthorizer:
allowedAudience:
- string
allowedClients:
- string
allowedScopes:
- string
customClaims:
authorizingClaimMatchValue:
claimMatchOperator: string
claimMatchValue:
matchValueString: string
matchValueStringList:
- string
inboundTokenClaimName: string
inboundTokenClaimValueType: string
discoveryURL: string
description: string
environmentVariables: {}
filesystemConfigurations:
sessionStorage:
mountPath: string
lifecycleConfiguration:
idleRuntimeSessionTimeout: integer
maxLifetime: integer
networkConfiguration:
networkMode: string
networkModeConfig:
securityGroupRefs:
from:
name: string
namespace: string
securityGroups:
- string
subnetRefs:
from:
name: string
namespace: string
subnets:
- string
protocolConfiguration:
serverProtocol: string
requestHeaderConfiguration:
requestHeaderAllowlist:
- string
roleARN: string
tags: {}
| Field | Description |
|---|---|
| agentRuntimeArtifact Required | object The artifact of the AgentCore Runtime. |
| agentRuntimeArtifact.codeConfiguration Optional | object The configuration for the source code that defines how the agent runtime code should be executed, including the code location, runtime environment, and entry point. |
| agentRuntimeArtifact.codeConfiguration.code Optional | object The source code configuration that specifies the location and details of the code to be executed. |
| agentRuntimeArtifact.codeConfiguration.code.s3 Optional | object The Amazon S3 location for storing data. This structure defines where in Amazon S3 data is stored. |
| agentRuntimeArtifact.codeConfiguration.code.s3.bucket Optional | string |
| agentRuntimeArtifact.codeConfiguration.code.s3.prefix Optional | string |
| agentRuntimeArtifact.codeConfiguration.code.s3.versionID Optional | string |
| agentRuntimeArtifact.codeConfiguration.entryPoint Optional | array |
| agentRuntimeArtifact.codeConfiguration.entryPoint.[] Required | string |
| agentRuntimeArtifact.containerConfiguration Optional | object Representation of a container configuration. |
| agentRuntimeArtifact.containerConfiguration.containerURI Optional | string |
| agentRuntimeName Required | string The name of the AgentCore Runtime. Regex Pattern: ^[a-zA-Z][a-zA-Z0-9_]{0,47}$ |
| authorizerConfiguration Optional | object The authorizer configuration for the AgentCore Runtime. |
| authorizerConfiguration.customJWTAuthorizer Optional | object Configuration for inbound JWT-based authorization, specifying how incoming requests should be authenticated. |
| authorizerConfiguration.customJWTAuthorizer.allowedAudience Optional | array |
| authorizerConfiguration.customJWTAuthorizer.allowedAudience.[] Required | string |
| authorizerConfiguration.customJWTAuthorizer.allowedClients.[] Required | string |
| authorizerConfiguration.customJWTAuthorizer.allowedScopes.[] Required | string |
| authorizerConfiguration.customJWTAuthorizer.customClaims.[] Required | object Defines the name of a custom claim field and rules for finding matches to |
| authenticate its value. | |
| authorizerConfiguration.customJWTAuthorizer.customClaims.[].authorizingClaimMatchValue.claimMatchOperator Optional | string |
| authorizerConfiguration.customJWTAuthorizer.customClaims.[].authorizingClaimMatchValue.claimMatchValue Optional | object The value or values to match for. * Include a matchValueString with the EQUALS operator to specify a string that matches the claim field value. * Include a matchValueArray to specify an array of string values. You can use the following operators: Use CONTAINS to yield a match if the claim field value is in the array. Use CONTAINS_ANY to yield a match if the claim field value contains any of the strings in the array. |
| authorizerConfiguration.customJWTAuthorizer.customClaims.[].authorizingClaimMatchValue.claimMatchValue.matchValueString Optional | string |
| authorizerConfiguration.customJWTAuthorizer.customClaims.[].authorizingClaimMatchValue.claimMatchValue.matchValueStringList Optional | array |
| authorizerConfiguration.customJWTAuthorizer.customClaims.[].authorizingClaimMatchValue.claimMatchValue.matchValueStringList.[] Required | string |
| authorizerConfiguration.customJWTAuthorizer.customClaims.[].inboundTokenClaimValueType Optional | string |
| authorizerConfiguration.customJWTAuthorizer.discoveryURL Optional | string |
| description Optional | string The description of the AgentCore Runtime. |
| environmentVariables Optional | object Environment variables to set in the AgentCore Runtime environment. |
| filesystemConfigurations Optional | array The filesystem configurations to mount into the AgentCore Runtime. Use filesystem configurations to provide persistent storage to your AgentCore Runtime sessions. |
| filesystemConfigurations.[] Required | object Configuration for a filesystem that can be mounted into the AgentCore Runtime. |
| filesystemConfigurations.[].sessionStorage.mountPath Optional | string |
| lifecycleConfiguration Optional | object The life cycle configuration for the AgentCore Runtime. |
| lifecycleConfiguration.idleRuntimeSessionTimeout Optional | integer |
| lifecycleConfiguration.maxLifetime Optional | integer |
| networkConfiguration Required | object The network configuration for the AgentCore Runtime. |
| networkConfiguration.networkMode Optional | string |
| networkConfiguration.networkModeConfig Optional | object VpcConfig for the Agent. |
| networkConfiguration.networkModeConfig.securityGroupRefs Optional | array Reference field for SecurityGroups |
| networkConfiguration.networkModeConfig.securityGroupRefs.[] Required | object AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference |
| type to provide more user friendly syntax for references using ‘from’ field | |
| Ex: | |
| APIIDRef: |
from:
name: my-api || **networkConfiguration.networkModeConfig.securityGroupRefs.[].from**<br/>Optional | **object**<br/>AWSResourceReference provides all the values necessary to reference another<br/>k8s resource for finding the identifier(Id/ARN/Name) |
| networkConfiguration.networkModeConfig.securityGroupRefs.[].from.name
Optional | string
|
| networkConfiguration.networkModeConfig.securityGroupRefs.[].from.namespace
Optional | string
|
| networkConfiguration.networkModeConfig.securityGroups
Optional | array
|
| networkConfiguration.networkModeConfig.securityGroups.[]
Required | string
|| networkConfiguration.networkModeConfig.subnetRefs
Optional | array
Reference field for Subnets |
| networkConfiguration.networkModeConfig.subnetRefs.[]
Required | object
AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference
type to provide more user friendly syntax for references using ‘from’ field
Ex:
APIIDRef:
from:
name: my-api || **networkConfiguration.networkModeConfig.subnetRefs.[].from**<br/>Optional | **object**<br/>AWSResourceReference provides all the values necessary to reference another<br/>k8s resource for finding the identifier(Id/ARN/Name) |
| networkConfiguration.networkModeConfig.subnetRefs.[].from.name
Optional | string
|
| networkConfiguration.networkModeConfig.subnetRefs.[].from.namespace
Optional | string
|
| networkConfiguration.networkModeConfig.subnets
Optional | array
|
| networkConfiguration.networkModeConfig.subnets.[]
Required | string
|| protocolConfiguration
Optional | object
The protocol configuration for an agent runtime. This structure defines how
the agent runtime communicates with clients. |
| protocolConfiguration.serverProtocol
Optional | string
|
| requestHeaderConfiguration
Optional | object
Configuration for HTTP request headers that will be passed through to the
runtime. |
| requestHeaderConfiguration.requestHeaderAllowlist
Optional | array
|
| requestHeaderConfiguration.requestHeaderAllowlist.[]
Required | string
|| roleARN
Required | string
The IAM role ARN that provides permissions for the AgentCore Runtime.
Regex Pattern: ^arn:aws(-[^:]+)?:iam::([0-9]{12})?:role/.+$ |
| tags
Optional | object
A map of tag keys and values to assign to the agent runtime. Tags enable
you to categorize your resources in different ways, for example, by purpose,
owner, or environment. |
Status
ackResourceMetadata:
arn: string
ownerAccountID: string
partition: string
region: string
agentRuntimeID: string
agentRuntimeVersion: string
conditions:
- lastTransitionTime: string
message: string
reason: string
status: string
type: string
createdAt: string
status: string
workloadIdentityDetails:
workloadIdentityARN: string
| Field | Description |
|---|---|
| ackResourceMetadata Optional | object All CRs managed by ACK have a common Status.ACKResourceMetadata memberthat is used to contain resource sync state, account ownership, constructed ARN for the resource |
| ackResourceMetadata.arn Optional | string ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an “adopted” resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR’s Spec field values. https://github.com/aws/aws-controllers-k8s/issues/270 |
| ackResourceMetadata.ownerAccountID Required | string OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource. |
| ackResourceMetadata.partition Optional | string Partition is the AWS partition in which the resource exists or will exist |
| ackResourceMetadata.region Required | string Region is the AWS region in which the resource exists or will exist. |
| agentRuntimeID Optional | string The unique identifier of the AgentCore Runtime. Regex Pattern: ^[a-zA-Z][a-zA-Z0-9_]{0,99}-[a-zA-Z0-9]{10}$ |
| agentRuntimeVersion Optional | string The version of the AgentCore Runtime. Regex Pattern: ^([1-9][0-9]{0,4})$ |
| conditions Optional | array All CRs managed by ACK have a common Status.Conditions member thatcontains a collection of ackv1alpha1.Condition objects that describethe various terminal states of the CR and its backend AWS service API resource |
| conditions.[] Required | object Condition is the common struct used by all CRDs managed by ACK service |
| controllers to indicate terminal states of the CR and its backend AWS | |
| service API resource | |
| conditions.[].message Optional | string A human readable message indicating details about the transition. |
| conditions.[].reason Optional | string The reason for the condition’s last transition. |
| conditions.[].status Optional | string Status of the condition, one of True, False, Unknown. |
| conditions.[].type Optional | string Type is the type of the Condition |
| createdAt Optional | string The timestamp when the AgentCore Runtime was created. |
| status Optional | string The current status of the AgentCore Runtime. |
| workloadIdentityDetails Optional | object The workload identity details for the AgentCore Runtime. |
| workloadIdentityDetails.workloadIdentityARN Optional | string |