aws-sdk-bedrockagentcorecontrol 1.53.0 → 1.55.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -643,6 +643,9 @@ module Aws::BedrockAgentCoreControl
643
643
  # allowed_audience: ["AllowedAudience"],
644
644
  # allowed_clients: ["AllowedClient"],
645
645
  # allowed_scopes: ["AllowedScopeType"],
646
+ # advertised_scope_mapping: {
647
+ # "AllowedScopeType" => "AllowedScopeType",
648
+ # },
646
649
  # custom_claims: [
647
650
  # {
648
651
  # inbound_token_claim_name: "InboundTokenClaimNameType", # required
@@ -691,6 +694,14 @@ module Aws::BedrockAgentCoreControl
691
694
  # },
692
695
  # },
693
696
  # ],
697
+ # allowed_workload_configuration: {
698
+ # hosting_environments: [
699
+ # {
700
+ # arn: "BedrockAgentcoreResourceArn", # required
701
+ # },
702
+ # ],
703
+ # workload_identities: ["WorkloadIdentityNameType"],
704
+ # },
694
705
  # },
695
706
  # },
696
707
  # request_header_configuration: {
@@ -824,15 +835,15 @@ module Aws::BedrockAgentCoreControl
824
835
  # stored securely.
825
836
  #
826
837
  # @option params [Types::SecretReference] :api_key_secret_config
827
- # A reference to the AWS Secrets Manager secret that stores the API key.
828
- # This includes the secret ID and the JSON key used to extract the API
829
- # key value from the secret. Required when `apiKeySecretSource` is set
830
- # to `EXTERNAL`.
838
+ # A reference to the Amazon Web Services Secrets Manager secret that
839
+ # stores the API key. This includes the secret ID and the JSON key used
840
+ # to extract the API key value from the secret. Required when
841
+ # `apiKeySecretSource` is set to `EXTERNAL`.
831
842
  #
832
843
  # @option params [String] :api_key_secret_source
833
844
  # The source type of the API key secret. Use `MANAGED` if the secret is
834
845
  # managed by the service, or `EXTERNAL` if you manage the secret
835
- # yourself in AWS Secrets Manager.
846
+ # yourself in Amazon Web Services Secrets Manager.
836
847
  #
837
848
  # @option params [Hash<String,String>] :tags
838
849
  # A map of tag keys and values to assign to the API key credential
@@ -1611,10 +1622,13 @@ module Aws::BedrockAgentCoreControl
1611
1622
  # * {Types::CreateGatewayResponse#authorizer_type #authorizer_type} => String
1612
1623
  # * {Types::CreateGatewayResponse#authorizer_configuration #authorizer_configuration} => Types::AuthorizerConfiguration
1613
1624
  # * {Types::CreateGatewayResponse#kms_key_arn #kms_key_arn} => String
1625
+ # * {Types::CreateGatewayResponse#custom_transform_configuration #custom_transform_configuration} => Types::CustomTransformConfiguration
1614
1626
  # * {Types::CreateGatewayResponse#interceptor_configurations #interceptor_configurations} => Array&lt;Types::GatewayInterceptorConfiguration&gt;
1615
1627
  # * {Types::CreateGatewayResponse#policy_engine_configuration #policy_engine_configuration} => Types::GatewayPolicyEngineConfiguration
1616
1628
  # * {Types::CreateGatewayResponse#workload_identity_details #workload_identity_details} => Types::WorkloadIdentityDetails
1617
1629
  # * {Types::CreateGatewayResponse#exception_level #exception_level} => String
1630
+ # * {Types::CreateGatewayResponse#web_acl_arn #web_acl_arn} => String
1631
+ # * {Types::CreateGatewayResponse#waf_configuration #waf_configuration} => Types::WafConfiguration
1618
1632
  #
1619
1633
  # @example Request syntax with placeholder values
1620
1634
  #
@@ -1644,6 +1658,9 @@ module Aws::BedrockAgentCoreControl
1644
1658
  # allowed_audience: ["AllowedAudience"],
1645
1659
  # allowed_clients: ["AllowedClient"],
1646
1660
  # allowed_scopes: ["AllowedScopeType"],
1661
+ # advertised_scope_mapping: {
1662
+ # "AllowedScopeType" => "AllowedScopeType",
1663
+ # },
1647
1664
  # custom_claims: [
1648
1665
  # {
1649
1666
  # inbound_token_claim_name: "InboundTokenClaimNameType", # required
@@ -1692,6 +1709,14 @@ module Aws::BedrockAgentCoreControl
1692
1709
  # },
1693
1710
  # },
1694
1711
  # ],
1712
+ # allowed_workload_configuration: {
1713
+ # hosting_environments: [
1714
+ # {
1715
+ # arn: "BedrockAgentcoreResourceArn", # required
1716
+ # },
1717
+ # ],
1718
+ # workload_identities: ["WorkloadIdentityNameType"],
1719
+ # },
1695
1720
  # },
1696
1721
  # },
1697
1722
  # kms_key_arn: "KmsKeyArn",
@@ -1705,6 +1730,13 @@ module Aws::BedrockAgentCoreControl
1705
1730
  # interception_points: ["REQUEST"], # required, accepts REQUEST, RESPONSE
1706
1731
  # input_configuration: {
1707
1732
  # pass_request_headers: false, # required
1733
+ # payload_filter: {
1734
+ # exclude: [ # required
1735
+ # {
1736
+ # field: "RESPONSE_BODY", # accepts RESPONSE_BODY
1737
+ # },
1738
+ # ],
1739
+ # },
1708
1740
  # },
1709
1741
  # },
1710
1742
  # ],
@@ -1746,6 +1778,8 @@ module Aws::BedrockAgentCoreControl
1746
1778
  # resp.authorizer_configuration.custom_jwt_authorizer.allowed_clients[0] #=> String
1747
1779
  # resp.authorizer_configuration.custom_jwt_authorizer.allowed_scopes #=> Array
1748
1780
  # resp.authorizer_configuration.custom_jwt_authorizer.allowed_scopes[0] #=> String
1781
+ # resp.authorizer_configuration.custom_jwt_authorizer.advertised_scope_mapping #=> Hash
1782
+ # resp.authorizer_configuration.custom_jwt_authorizer.advertised_scope_mapping["AllowedScopeType"] #=> String
1749
1783
  # resp.authorizer_configuration.custom_jwt_authorizer.custom_claims #=> Array
1750
1784
  # resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_name #=> String
1751
1785
  # resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_value_type #=> String, one of "STRING", "STRING_ARRAY"
@@ -1775,16 +1809,25 @@ module Aws::BedrockAgentCoreControl
1775
1809
  # resp.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.tags #=> Hash
1776
1810
  # resp.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.tags["TagKey"] #=> String
1777
1811
  # resp.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.routing_domain #=> String
1812
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.hosting_environments #=> Array
1813
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.hosting_environments[0].arn #=> String
1814
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.workload_identities #=> Array
1815
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.workload_identities[0] #=> String
1778
1816
  # resp.kms_key_arn #=> String
1817
+ # resp.custom_transform_configuration.lambda.arn #=> String
1779
1818
  # resp.interceptor_configurations #=> Array
1780
1819
  # resp.interceptor_configurations[0].interceptor.lambda.arn #=> String
1781
1820
  # resp.interceptor_configurations[0].interception_points #=> Array
1782
1821
  # resp.interceptor_configurations[0].interception_points[0] #=> String, one of "REQUEST", "RESPONSE"
1783
1822
  # resp.interceptor_configurations[0].input_configuration.pass_request_headers #=> Boolean
1823
+ # resp.interceptor_configurations[0].input_configuration.payload_filter.exclude #=> Array
1824
+ # resp.interceptor_configurations[0].input_configuration.payload_filter.exclude[0].field #=> String, one of "RESPONSE_BODY"
1784
1825
  # resp.policy_engine_configuration.arn #=> String
1785
1826
  # resp.policy_engine_configuration.mode #=> String, one of "LOG_ONLY", "ENFORCE"
1786
1827
  # resp.workload_identity_details.workload_identity_arn #=> String
1787
1828
  # resp.exception_level #=> String, one of "DEBUG"
1829
+ # resp.web_acl_arn #=> String
1830
+ # resp.waf_configuration.failure_mode #=> String, one of "FAIL_CLOSE", "FAIL_OPEN"
1788
1831
  #
1789
1832
  # @see http://docs.aws.amazon.com/goto/WebAPI/bedrock-agentcore-control-2023-06-05/CreateGateway AWS API Documentation
1790
1833
  #
@@ -1963,7 +2006,7 @@ module Aws::BedrockAgentCoreControl
1963
2006
  # @option params [required, String] :gateway_identifier
1964
2007
  # The identifier of the gateway to create a target for.
1965
2008
  #
1966
- # @option params [required, String] :name
2009
+ # @option params [String] :name
1967
2010
  # The name of the gateway target. The name must be unique within the
1968
2011
  # gateway.
1969
2012
  #
@@ -2024,7 +2067,7 @@ module Aws::BedrockAgentCoreControl
2024
2067
  #
2025
2068
  # resp = client.create_gateway_target({
2026
2069
  # gateway_identifier: "GatewayIdentifier", # required
2027
- # name: "TargetName", # required
2070
+ # name: "TargetName",
2028
2071
  # description: "TargetDescription",
2029
2072
  # client_token: "ClientToken",
2030
2073
  # target_configuration: { # required
@@ -2116,11 +2159,85 @@ module Aws::BedrockAgentCoreControl
2116
2159
  # ],
2117
2160
  # },
2118
2161
  # },
2162
+ # connector: {
2163
+ # source: { # required
2164
+ # connector_id: "ConnectorId", # required
2165
+ # },
2166
+ # enabled: ["String"],
2167
+ # configurations: [
2168
+ # {
2169
+ # name: "ConnectorConfigurationNameString", # required
2170
+ # description: "ConnectorConfigurationDescriptionString",
2171
+ # parameter_values: {
2172
+ # },
2173
+ # parameter_overrides: [
2174
+ # {
2175
+ # path: "String", # required
2176
+ # description: "String",
2177
+ # visible: false,
2178
+ # },
2179
+ # ],
2180
+ # },
2181
+ # ],
2182
+ # },
2119
2183
  # },
2120
2184
  # http: {
2121
2185
  # agentcore_runtime: {
2122
2186
  # arn: "RuntimeArn", # required
2123
2187
  # qualifier: "RuntimeQualifier",
2188
+ # schema: {
2189
+ # source: { # required
2190
+ # s3: {
2191
+ # uri: "S3BucketUri",
2192
+ # bucket_owner_account_id: "AwsAccountId",
2193
+ # },
2194
+ # inline_payload: "InlinePayload",
2195
+ # },
2196
+ # },
2197
+ # },
2198
+ # passthrough: {
2199
+ # endpoint: "PassthroughEndpoint", # required
2200
+ # protocol_type: "MCP", # required, accepts MCP, A2A, INFERENCE, CUSTOM
2201
+ # schema: {
2202
+ # source: { # required
2203
+ # s3: {
2204
+ # uri: "S3BucketUri",
2205
+ # bucket_owner_account_id: "AwsAccountId",
2206
+ # },
2207
+ # inline_payload: "InlinePayload",
2208
+ # },
2209
+ # },
2210
+ # stickiness_configuration: {
2211
+ # identifier: "StickinessConfigurationIdentifierString", # required
2212
+ # timeout: 1,
2213
+ # },
2214
+ # },
2215
+ # },
2216
+ # inference: {
2217
+ # connector: {
2218
+ # source: { # required
2219
+ # connector_id: "InferenceConnectorId", # required
2220
+ # },
2221
+ # },
2222
+ # provider: {
2223
+ # endpoint: "PassthroughEndpoint", # required
2224
+ # model_mapping: {
2225
+ # provider_prefix: {
2226
+ # strip: false,
2227
+ # separator: "ProviderPrefixSeparatorString",
2228
+ # },
2229
+ # },
2230
+ # operations: [
2231
+ # {
2232
+ # path: "InferenceOperationPath", # required
2233
+ # provider_path: "InferenceOperationPath",
2234
+ # models: [
2235
+ # {
2236
+ # model: "ModelPattern", # required
2237
+ # },
2238
+ # ],
2239
+ # },
2240
+ # ],
2124
2241
  # },
2125
2242
  # },
2126
2243
  # },
@@ -2226,8 +2343,37 @@ module Aws::BedrockAgentCoreControl
2226
2343
  # resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters[0].filter_path #=> String
2227
2344
  # resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters[0].methods #=> Array
2228
2345
  # resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters[0].methods[0] #=> String, one of "GET", "DELETE", "HEAD", "OPTIONS", "PATCH", "PUT", "POST"
2346
+ # resp.target_configuration.mcp.connector.source.connector_id #=> String
2347
+ # resp.target_configuration.mcp.connector.enabled #=> Array
2348
+ # resp.target_configuration.mcp.connector.enabled[0] #=> String
2349
+ # resp.target_configuration.mcp.connector.configurations #=> Array
2350
+ # resp.target_configuration.mcp.connector.configurations[0].name #=> String
2351
+ # resp.target_configuration.mcp.connector.configurations[0].description #=> String
2352
+ # resp.target_configuration.mcp.connector.configurations[0].parameter_overrides #=> Array
2353
+ # resp.target_configuration.mcp.connector.configurations[0].parameter_overrides[0].path #=> String
2354
+ # resp.target_configuration.mcp.connector.configurations[0].parameter_overrides[0].description #=> String
2355
+ # resp.target_configuration.mcp.connector.configurations[0].parameter_overrides[0].visible #=> Boolean
2229
2356
  # resp.target_configuration.http.agentcore_runtime.arn #=> String
2230
2357
  # resp.target_configuration.http.agentcore_runtime.qualifier #=> String
2358
+ # resp.target_configuration.http.agentcore_runtime.schema.source.s3.uri #=> String
2359
+ # resp.target_configuration.http.agentcore_runtime.schema.source.s3.bucket_owner_account_id #=> String
2360
+ # resp.target_configuration.http.agentcore_runtime.schema.source.inline_payload #=> String
2361
+ # resp.target_configuration.http.passthrough.endpoint #=> String
2362
+ # resp.target_configuration.http.passthrough.protocol_type #=> String, one of "MCP", "A2A", "INFERENCE", "CUSTOM"
2363
+ # resp.target_configuration.http.passthrough.schema.source.s3.uri #=> String
2364
+ # resp.target_configuration.http.passthrough.schema.source.s3.bucket_owner_account_id #=> String
2365
+ # resp.target_configuration.http.passthrough.schema.source.inline_payload #=> String
2366
+ # resp.target_configuration.http.passthrough.stickiness_configuration.identifier #=> String
2367
+ # resp.target_configuration.http.passthrough.stickiness_configuration.timeout #=> Integer
2368
+ # resp.target_configuration.inference.connector.source.connector_id #=> String
2369
+ # resp.target_configuration.inference.provider.endpoint #=> String
2370
+ # resp.target_configuration.inference.provider.model_mapping.provider_prefix.strip #=> Boolean
2371
+ # resp.target_configuration.inference.provider.model_mapping.provider_prefix.separator #=> String
2372
+ # resp.target_configuration.inference.provider.operations #=> Array
2373
+ # resp.target_configuration.inference.provider.operations[0].path #=> String
2374
+ # resp.target_configuration.inference.provider.operations[0].provider_path #=> String
2375
+ # resp.target_configuration.inference.provider.operations[0].models #=> Array
2376
+ # resp.target_configuration.inference.provider.operations[0].models[0].model #=> String
2231
2377
  # resp.credential_provider_configurations #=> Array
2232
2378
  # resp.credential_provider_configurations[0].credential_provider_type #=> String, one of "GATEWAY_IAM_ROLE", "OAUTH", "API_KEY", "CALLER_IAM_CREDENTIALS", "JWT_PASSTHROUGH"
2233
2379
  # resp.credential_provider_configurations[0].credential_provider.oauth_credential_provider.provider_arn #=> String
@@ -2277,7 +2423,7 @@ module Aws::BedrockAgentCoreControl
2277
2423
  req.send_request(options)
2278
2424
  end
2279
2425
 
2280
- # Operation to create a Harness.
2426
+ # Operation to create a harness.
2281
2427
  #
2282
2428
  # @option params [required, String] :harness_name
2283
2429
  # The name of the harness. Must start with a letter and contain only
@@ -2409,6 +2555,9 @@ module Aws::BedrockAgentCoreControl
2409
2555
  # allowed_audience: ["AllowedAudience"],
2410
2556
  # allowed_clients: ["AllowedClient"],
2411
2557
  # allowed_scopes: ["AllowedScopeType"],
2558
+ # advertised_scope_mapping: {
2559
+ # "AllowedScopeType" => "AllowedScopeType",
2560
+ # },
2412
2561
  # custom_claims: [
2413
2562
  # {
2414
2563
  # inbound_token_claim_name: "InboundTokenClaimNameType", # required
@@ -2457,6 +2606,14 @@ module Aws::BedrockAgentCoreControl
2457
2606
  # },
2458
2607
  # },
2459
2608
  # ],
2609
+ # allowed_workload_configuration: {
2610
+ # hosting_environments: [
2611
+ # {
2612
+ # arn: "BedrockAgentcoreResourceArn", # required
2613
+ # },
2614
+ # ],
2615
+ # workload_identities: ["WorkloadIdentityNameType"],
2616
+ # },
2460
2617
  # },
2461
2618
  # },
2462
2619
  # model: {
@@ -2560,6 +2717,9 @@ module Aws::BedrockAgentCoreControl
2560
2717
  # username: "String",
2561
2718
  # },
2562
2719
  # },
2720
+ # aws_skills: {
2721
+ # paths: ["HarnessAwsSkillPath"],
2722
+ # },
2563
2723
  # },
2564
2724
  # ],
2565
2725
  # allowed_tools: ["HarnessAllowedTool"],
@@ -2576,6 +2736,14 @@ module Aws::BedrockAgentCoreControl
2576
2736
  # },
2577
2737
  # },
2578
2738
  # },
2739
+ # managed_memory_configuration: {
2740
+ # arn: "MemoryArn",
2741
+ # strategies: ["SEMANTIC"], # accepts SEMANTIC, SUMMARIZATION, USER_PREFERENCE, EPISODIC
2742
+ # event_expiry_duration: 1,
2743
+ # encryption_key_arn: "KmsKeyArn",
2744
+ # },
2745
+ # disabled: {
2746
+ # },
2579
2747
  # },
2580
2748
  # truncation: {
2581
2749
  # strategy: "sliding_window", # required, accepts sliding_window, summarization, none
@@ -2604,6 +2772,7 @@ module Aws::BedrockAgentCoreControl
2604
2772
  # resp.harness.harness_name #=> String
2605
2773
  # resp.harness.arn #=> String
2606
2774
  # resp.harness.status #=> String, one of "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "READY", "DELETING", "DELETE_FAILED"
2775
+ # resp.harness.harness_version #=> String
2607
2776
  # resp.harness.execution_role_arn #=> String
2608
2777
  # resp.harness.created_at #=> Time
2609
2778
  # resp.harness.updated_at #=> Time
@@ -2656,6 +2825,8 @@ module Aws::BedrockAgentCoreControl
2656
2825
  # resp.harness.skills[0].git.path #=> String
2657
2826
  # resp.harness.skills[0].git.auth.credential_arn #=> String
2658
2827
  # resp.harness.skills[0].git.auth.username #=> String
2828
+ # resp.harness.skills[0].aws_skills.paths #=> Array
2829
+ # resp.harness.skills[0].aws_skills.paths[0] #=> String
2659
2830
  # resp.harness.allowed_tools #=> Array
2660
2831
  # resp.harness.allowed_tools[0] #=> String
2661
2832
  # resp.harness.truncation.strategy #=> String, one of "sliding_window", "summarization", "none"
@@ -2690,6 +2861,8 @@ module Aws::BedrockAgentCoreControl
2690
2861
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_clients[0] #=> String
2691
2862
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_scopes #=> Array
2692
2863
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_scopes[0] #=> String
2864
+ # resp.harness.authorizer_configuration.custom_jwt_authorizer.advertised_scope_mapping #=> Hash
2865
+ # resp.harness.authorizer_configuration.custom_jwt_authorizer.advertised_scope_mapping["AllowedScopeType"] #=> String
2693
2866
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.custom_claims #=> Array
2694
2867
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_name #=> String
2695
2868
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_value_type #=> String, one of "STRING", "STRING_ARRAY"
@@ -2719,6 +2892,10 @@ module Aws::BedrockAgentCoreControl
2719
2892
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.tags #=> Hash
2720
2893
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.tags["TagKey"] #=> String
2721
2894
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.routing_domain #=> String
2895
+ # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.hosting_environments #=> Array
2896
+ # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.hosting_environments[0].arn #=> String
2897
+ # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.workload_identities #=> Array
2898
+ # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.workload_identities[0] #=> String
2722
2899
  # resp.harness.memory.agent_core_memory_configuration.arn #=> String
2723
2900
  # resp.harness.memory.agent_core_memory_configuration.actor_id #=> String
2724
2901
  # resp.harness.memory.agent_core_memory_configuration.messages_count #=> Integer
@@ -2726,6 +2903,11 @@ module Aws::BedrockAgentCoreControl
2726
2903
  # resp.harness.memory.agent_core_memory_configuration.retrieval_config["String"].top_k #=> Integer
2727
2904
  # resp.harness.memory.agent_core_memory_configuration.retrieval_config["String"].relevance_score #=> Float
2728
2905
  # resp.harness.memory.agent_core_memory_configuration.retrieval_config["String"].strategy_id #=> String
2906
+ # resp.harness.memory.managed_memory_configuration.arn #=> String
2907
+ # resp.harness.memory.managed_memory_configuration.strategies #=> Array
2908
+ # resp.harness.memory.managed_memory_configuration.strategies[0] #=> String, one of "SEMANTIC", "SUMMARIZATION", "USER_PREFERENCE", "EPISODIC"
2909
+ # resp.harness.memory.managed_memory_configuration.event_expiry_duration #=> Integer
2910
+ # resp.harness.memory.managed_memory_configuration.encryption_key_arn #=> String
2729
2911
  # resp.harness.max_iterations #=> Integer
2730
2912
  # resp.harness.max_tokens #=> Integer
2731
2913
  # resp.harness.timeout_seconds #=> Integer
@@ -2740,6 +2922,72 @@ module Aws::BedrockAgentCoreControl
2740
2922
  req.send_request(options)
2741
2923
  end
2742
2924
 
2925
+ # Operation to create a harness endpoint.
2926
+ #
2927
+ # @option params [required, String] :harness_id
2928
+ # The ID of the harness to create an endpoint for.
2929
+ #
2930
+ # @option params [required, String] :endpoint_name
2931
+ # The name of the endpoint. Must start with a letter and contain only
2932
+ # alphanumeric characters and underscores.
2933
+ #
2934
+ # @option params [String] :target_version
2935
+ # The harness version that the endpoint points to and serves invocations
2936
+ # from.
2937
+ #
2938
+ # @option params [String] :description
2939
+ # A description of the endpoint.
2940
+ #
2941
+ # @option params [String] :client_token
2942
+ # A unique, case-sensitive identifier to ensure idempotency of the
2943
+ # request.
2944
+ #
2945
+ # **A suitable default value is auto-generated.** You should normally
2946
+ # not need to pass this option.**
2947
+ #
2948
+ # @option params [Hash<String,String>] :tags
2949
+ # Tags to apply to the endpoint resource.
2950
+ #
2951
+ # @return [Types::CreateHarnessEndpointResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
2952
+ #
2953
+ # * {Types::CreateHarnessEndpointResponse#endpoint #endpoint} => Types::HarnessEndpoint
2954
+ #
2955
+ # @example Request syntax with placeholder values
2956
+ #
2957
+ # resp = client.create_harness_endpoint({
2958
+ # harness_id: "HarnessId", # required
2959
+ # endpoint_name: "HarnessEndpointName", # required
2960
+ # target_version: "HarnessVersion",
2961
+ # description: "HarnessEndpointDescription",
2962
+ # client_token: "ClientToken",
2963
+ # tags: {
2964
+ # "TagKey" => "TagValue",
2965
+ # },
2966
+ # })
2967
+ #
2968
+ # @example Response structure
2969
+ #
2970
+ # resp.endpoint.harness_id #=> String
2971
+ # resp.endpoint.harness_name #=> String
2972
+ # resp.endpoint.endpoint_name #=> String
2973
+ # resp.endpoint.arn #=> String
2974
+ # resp.endpoint.status #=> String, one of "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "READY", "DELETING", "DELETE_FAILED"
2975
+ # resp.endpoint.created_at #=> Time
2976
+ # resp.endpoint.updated_at #=> Time
2977
+ # resp.endpoint.live_version #=> String
2978
+ # resp.endpoint.target_version #=> String
2979
+ # resp.endpoint.description #=> String
2980
+ # resp.endpoint.failure_reason #=> String
2981
+ #
2982
+ # @see http://docs.aws.amazon.com/goto/WebAPI/bedrock-agentcore-control-2023-06-05/CreateHarnessEndpoint AWS API Documentation
2983
+ #
2984
+ # @overload create_harness_endpoint(params = {})
2985
+ # @param [Hash] params ({})
2986
+ def create_harness_endpoint(params = {}, options = {})
2987
+ req = build_request(:create_harness_endpoint, params)
2988
+ req.send_request(options)
2989
+ end
2990
+
2743
2991
  # Creates a new Amazon Bedrock AgentCore Memory resource.
2744
2992
  #
2745
2993
  # @option params [String] :client_token
@@ -3226,6 +3474,7 @@ module Aws::BedrockAgentCoreControl
3226
3474
  # resp.memory.stream_delivery_resources.resources[0].kinesis.content_configurations #=> Array
3227
3475
  # resp.memory.stream_delivery_resources.resources[0].kinesis.content_configurations[0].type #=> String, one of "MEMORY_RECORDS"
3228
3476
  # resp.memory.stream_delivery_resources.resources[0].kinesis.content_configurations[0].level #=> String, one of "METADATA_ONLY", "FULL_CONTENT"
3477
+ # resp.memory.managed_by_resource_arn #=> String
3229
3478
  #
3230
3479
  # @see http://docs.aws.amazon.com/goto/WebAPI/bedrock-agentcore-control-2023-06-05/CreateMemory AWS API Documentation
3231
3480
  #
@@ -3947,6 +4196,9 @@ module Aws::BedrockAgentCoreControl
3947
4196
  # allowed_audience: ["AllowedAudience"],
3948
4197
  # allowed_clients: ["AllowedClient"],
3949
4198
  # allowed_scopes: ["AllowedScopeType"],
4199
+ # advertised_scope_mapping: {
4200
+ # "AllowedScopeType" => "AllowedScopeType",
4201
+ # },
3950
4202
  # custom_claims: [
3951
4203
  # {
3952
4204
  # inbound_token_claim_name: "InboundTokenClaimNameType", # required
@@ -3995,6 +4247,14 @@ module Aws::BedrockAgentCoreControl
3995
4247
  # },
3996
4248
  # },
3997
4249
  # ],
4250
+ # allowed_workload_configuration: {
4251
+ # hosting_environments: [
4252
+ # {
4253
+ # arn: "BedrockAgentcoreResourceArn", # required
4254
+ # },
4255
+ # ],
4256
+ # workload_identities: ["WorkloadIdentityNameType"],
4257
+ # },
3998
4258
  # },
3999
4259
  # },
4000
4260
  # role_arn: "RoleArn", # required
@@ -4017,6 +4277,8 @@ module Aws::BedrockAgentCoreControl
4017
4277
  # resp.authorizer_configuration.custom_jwt_authorizer.allowed_clients[0] #=> String
4018
4278
  # resp.authorizer_configuration.custom_jwt_authorizer.allowed_scopes #=> Array
4019
4279
  # resp.authorizer_configuration.custom_jwt_authorizer.allowed_scopes[0] #=> String
4280
+ # resp.authorizer_configuration.custom_jwt_authorizer.advertised_scope_mapping #=> Hash
4281
+ # resp.authorizer_configuration.custom_jwt_authorizer.advertised_scope_mapping["AllowedScopeType"] #=> String
4020
4282
  # resp.authorizer_configuration.custom_jwt_authorizer.custom_claims #=> Array
4021
4283
  # resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_name #=> String
4022
4284
  # resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_value_type #=> String, one of "STRING", "STRING_ARRAY"
@@ -4046,6 +4308,10 @@ module Aws::BedrockAgentCoreControl
4046
4308
  # resp.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.tags #=> Hash
4047
4309
  # resp.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.tags["TagKey"] #=> String
4048
4310
  # resp.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.routing_domain #=> String
4311
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.hosting_environments #=> Array
4312
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.hosting_environments[0].arn #=> String
4313
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.workload_identities #=> Array
4314
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.workload_identities[0] #=> String
4049
4315
  # resp.role_arn #=> String
4050
4316
  # resp.workload_identity_details.workload_identity_arn #=> String
4051
4317
  # resp.created_at #=> Time
@@ -4111,6 +4377,12 @@ module Aws::BedrockAgentCoreControl
4111
4377
  # and IGNORE\_ALL\_FINDINGS only when you understand and accept the
4112
4378
  # analyzer findings.
4113
4379
  #
4380
+ # @option params [String] :enforcement_mode
4381
+ # The enforcement mode for the policy. Run this policy in `LOG_ONLY`
4382
+ # mode to collect data on how it affects your application. Once you are
4383
+ # satisfied with the data gathered, switch the policy to `ACTIVE`.
4384
+ # Defaults to `ACTIVE`.
4385
+ #
4114
4386
  # @option params [required, String] :policy_engine_id
4115
4387
  # The identifier of the policy engine which contains this policy. Policy
4116
4388
  # engines group related policies and provide the execution context for
@@ -4135,6 +4407,7 @@ module Aws::BedrockAgentCoreControl
4135
4407
  # * {Types::CreatePolicyResponse#updated_at #updated_at} => Time
4136
4408
  # * {Types::CreatePolicyResponse#policy_arn #policy_arn} => String
4137
4409
  # * {Types::CreatePolicyResponse#status #status} => String
4410
+ # * {Types::CreatePolicyResponse#enforcement_mode #enforcement_mode} => String
4138
4411
  # * {Types::CreatePolicyResponse#definition #definition} => Types::PolicyDefinition
4139
4412
  # * {Types::CreatePolicyResponse#description #description} => String
4140
4413
  # * {Types::CreatePolicyResponse#status_reasons #status_reasons} => Array&lt;String&gt;
@@ -4151,9 +4424,13 @@ module Aws::BedrockAgentCoreControl
4151
4424
  # policy_generation_id: "ResourceId", # required
4152
4425
  # policy_generation_asset_id: "ResourceId", # required
4153
4426
  # },
4427
+ # policy: {
4428
+ # statement: "Statement", # required
4429
+ # },
4154
4430
  # },
4155
4431
  # description: "Description",
4156
4432
  # validation_mode: "FAIL_ON_ANY_FINDINGS", # accepts FAIL_ON_ANY_FINDINGS, IGNORE_ALL_FINDINGS
4433
+ # enforcement_mode: "ACTIVE", # accepts ACTIVE, LOG_ONLY
4157
4434
  # policy_engine_id: "ResourceId", # required
4158
4435
  # client_token: "ClientToken",
4159
4436
  # })
@@ -4167,9 +4444,11 @@ module Aws::BedrockAgentCoreControl
4167
4444
  # resp.updated_at #=> Time
4168
4445
  # resp.policy_arn #=> String
4169
4446
  # resp.status #=> String, one of "CREATING", "ACTIVE", "UPDATING", "DELETING", "CREATE_FAILED", "UPDATE_FAILED", "DELETE_FAILED"
4447
+ # resp.enforcement_mode #=> String, one of "ACTIVE", "LOG_ONLY"
4170
4448
  # resp.definition.cedar.statement #=> String
4171
4449
  # resp.definition.policy_generation.policy_generation_id #=> String
4172
4450
  # resp.definition.policy_generation.policy_generation_asset_id #=> String
4451
+ # resp.definition.policy.statement #=> String
4173
4452
  # resp.description #=> String
4174
4453
  # resp.status_reasons #=> Array
4175
4454
  # resp.status_reasons[0] #=> String
@@ -4339,6 +4618,9 @@ module Aws::BedrockAgentCoreControl
4339
4618
  # allowed_audience: ["AllowedAudience"],
4340
4619
  # allowed_clients: ["AllowedClient"],
4341
4620
  # allowed_scopes: ["AllowedScopeType"],
4621
+ # advertised_scope_mapping: {
4622
+ # "AllowedScopeType" => "AllowedScopeType",
4623
+ # },
4342
4624
  # custom_claims: [
4343
4625
  # {
4344
4626
  # inbound_token_claim_name: "InboundTokenClaimNameType", # required
@@ -4387,6 +4669,14 @@ module Aws::BedrockAgentCoreControl
4387
4669
  # },
4388
4670
  # },
4389
4671
  # ],
4672
+ # allowed_workload_configuration: {
4673
+ # hosting_environments: [
4674
+ # {
4675
+ # arn: "BedrockAgentcoreResourceArn", # required
4676
+ # },
4677
+ # ],
4678
+ # workload_identities: ["WorkloadIdentityNameType"],
4679
+ # },
4390
4680
  # },
4391
4681
  # },
4392
4682
  # client_token: "ClientToken",
@@ -5122,6 +5412,11 @@ module Aws::BedrockAgentCoreControl
5122
5412
  # **A suitable default value is auto-generated.** You should normally
5123
5413
  # not need to pass this option.**
5124
5414
  #
5415
+ # @option params [Boolean] :delete_managed_memory
5416
+ # Whether to delete the managed memory on harness deletion. Default:
5417
+ # true. If false, the memory is disassociated and becomes a regular
5418
+ # customer-owned resource.
5419
+ #
5125
5420
  # @return [Types::DeleteHarnessResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
5126
5421
  #
5127
5422
  # * {Types::DeleteHarnessResponse#harness #harness} => Types::Harness
@@ -5131,6 +5426,7 @@ module Aws::BedrockAgentCoreControl
5131
5426
  # resp = client.delete_harness({
5132
5427
  # harness_id: "HarnessId", # required
5133
5428
  # client_token: "ClientToken",
5429
+ # delete_managed_memory: false,
5134
5430
  # })
5135
5431
  #
5136
5432
  # @example Response structure
@@ -5139,6 +5435,7 @@ module Aws::BedrockAgentCoreControl
5139
5435
  # resp.harness.harness_name #=> String
5140
5436
  # resp.harness.arn #=> String
5141
5437
  # resp.harness.status #=> String, one of "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "READY", "DELETING", "DELETE_FAILED"
5438
+ # resp.harness.harness_version #=> String
5142
5439
  # resp.harness.execution_role_arn #=> String
5143
5440
  # resp.harness.created_at #=> Time
5144
5441
  # resp.harness.updated_at #=> Time
@@ -5191,6 +5488,8 @@ module Aws::BedrockAgentCoreControl
5191
5488
  # resp.harness.skills[0].git.path #=> String
5192
5489
  # resp.harness.skills[0].git.auth.credential_arn #=> String
5193
5490
  # resp.harness.skills[0].git.auth.username #=> String
5491
+ # resp.harness.skills[0].aws_skills.paths #=> Array
5492
+ # resp.harness.skills[0].aws_skills.paths[0] #=> String
5194
5493
  # resp.harness.allowed_tools #=> Array
5195
5494
  # resp.harness.allowed_tools[0] #=> String
5196
5495
  # resp.harness.truncation.strategy #=> String, one of "sliding_window", "summarization", "none"
@@ -5225,6 +5524,8 @@ module Aws::BedrockAgentCoreControl
5225
5524
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_clients[0] #=> String
5226
5525
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_scopes #=> Array
5227
5526
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_scopes[0] #=> String
5527
+ # resp.harness.authorizer_configuration.custom_jwt_authorizer.advertised_scope_mapping #=> Hash
5528
+ # resp.harness.authorizer_configuration.custom_jwt_authorizer.advertised_scope_mapping["AllowedScopeType"] #=> String
5228
5529
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.custom_claims #=> Array
5229
5530
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_name #=> String
5230
5531
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_value_type #=> String, one of "STRING", "STRING_ARRAY"
@@ -5254,6 +5555,10 @@ module Aws::BedrockAgentCoreControl
5254
5555
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.tags #=> Hash
5255
5556
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.tags["TagKey"] #=> String
5256
5557
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.routing_domain #=> String
5558
+ # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.hosting_environments #=> Array
5559
+ # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.hosting_environments[0].arn #=> String
5560
+ # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.workload_identities #=> Array
5561
+ # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.workload_identities[0] #=> String
5257
5562
  # resp.harness.memory.agent_core_memory_configuration.arn #=> String
5258
5563
  # resp.harness.memory.agent_core_memory_configuration.actor_id #=> String
5259
5564
  # resp.harness.memory.agent_core_memory_configuration.messages_count #=> Integer
@@ -5261,6 +5566,11 @@ module Aws::BedrockAgentCoreControl
5261
5566
  # resp.harness.memory.agent_core_memory_configuration.retrieval_config["String"].top_k #=> Integer
5262
5567
  # resp.harness.memory.agent_core_memory_configuration.retrieval_config["String"].relevance_score #=> Float
5263
5568
  # resp.harness.memory.agent_core_memory_configuration.retrieval_config["String"].strategy_id #=> String
5569
+ # resp.harness.memory.managed_memory_configuration.arn #=> String
5570
+ # resp.harness.memory.managed_memory_configuration.strategies #=> Array
5571
+ # resp.harness.memory.managed_memory_configuration.strategies[0] #=> String, one of "SEMANTIC", "SUMMARIZATION", "USER_PREFERENCE", "EPISODIC"
5572
+ # resp.harness.memory.managed_memory_configuration.event_expiry_duration #=> Integer
5573
+ # resp.harness.memory.managed_memory_configuration.encryption_key_arn #=> String
5264
5574
  # resp.harness.max_iterations #=> Integer
5265
5575
  # resp.harness.max_tokens #=> Integer
5266
5576
  # resp.harness.timeout_seconds #=> Integer
@@ -5275,6 +5585,56 @@ module Aws::BedrockAgentCoreControl
5275
5585
  req.send_request(options)
5276
5586
  end
5277
5587
 
5588
+ # Operation to delete a harness endpoint.
5589
+ #
5590
+ # @option params [required, String] :harness_id
5591
+ # The ID of the harness that the endpoint belongs to.
5592
+ #
5593
+ # @option params [required, String] :endpoint_name
5594
+ # The name of the endpoint to delete.
5595
+ #
5596
+ # @option params [String] :client_token
5597
+ # A unique, case-sensitive identifier to ensure idempotency of the
5598
+ # request.
5599
+ #
5600
+ # **A suitable default value is auto-generated.** You should normally
5601
+ # not need to pass this option.**
5602
+ #
5603
+ # @return [Types::DeleteHarnessEndpointResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
5604
+ #
5605
+ # * {Types::DeleteHarnessEndpointResponse#endpoint #endpoint} => Types::HarnessEndpoint
5606
+ #
5607
+ # @example Request syntax with placeholder values
5608
+ #
5609
+ # resp = client.delete_harness_endpoint({
5610
+ # harness_id: "HarnessId", # required
5611
+ # endpoint_name: "HarnessEndpointName", # required
5612
+ # client_token: "ClientToken",
5613
+ # })
5614
+ #
5615
+ # @example Response structure
5616
+ #
5617
+ # resp.endpoint.harness_id #=> String
5618
+ # resp.endpoint.harness_name #=> String
5619
+ # resp.endpoint.endpoint_name #=> String
5620
+ # resp.endpoint.arn #=> String
5621
+ # resp.endpoint.status #=> String, one of "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "READY", "DELETING", "DELETE_FAILED"
5622
+ # resp.endpoint.created_at #=> Time
5623
+ # resp.endpoint.updated_at #=> Time
5624
+ # resp.endpoint.live_version #=> String
5625
+ # resp.endpoint.target_version #=> String
5626
+ # resp.endpoint.description #=> String
5627
+ # resp.endpoint.failure_reason #=> String
5628
+ #
5629
+ # @see http://docs.aws.amazon.com/goto/WebAPI/bedrock-agentcore-control-2023-06-05/DeleteHarnessEndpoint AWS API Documentation
5630
+ #
5631
+ # @overload delete_harness_endpoint(params = {})
5632
+ # @param [Hash] params ({})
5633
+ def delete_harness_endpoint(params = {}, options = {})
5634
+ req = build_request(:delete_harness_endpoint, params)
5635
+ req.send_request(options)
5636
+ end
5637
+
5278
5638
  # Deletes an Amazon Bedrock AgentCore Memory resource.
5279
5639
  #
5280
5640
  # @option params [String] :client_token
@@ -5513,6 +5873,7 @@ module Aws::BedrockAgentCoreControl
5513
5873
  # * {Types::DeletePolicyResponse#updated_at #updated_at} => Time
5514
5874
  # * {Types::DeletePolicyResponse#policy_arn #policy_arn} => String
5515
5875
  # * {Types::DeletePolicyResponse#status #status} => String
5876
+ # * {Types::DeletePolicyResponse#enforcement_mode #enforcement_mode} => String
5516
5877
  # * {Types::DeletePolicyResponse#definition #definition} => Types::PolicyDefinition
5517
5878
  # * {Types::DeletePolicyResponse#description #description} => String
5518
5879
  # * {Types::DeletePolicyResponse#status_reasons #status_reasons} => Array&lt;String&gt;
@@ -5533,9 +5894,11 @@ module Aws::BedrockAgentCoreControl
5533
5894
  # resp.updated_at #=> Time
5534
5895
  # resp.policy_arn #=> String
5535
5896
  # resp.status #=> String, one of "CREATING", "ACTIVE", "UPDATING", "DELETING", "CREATE_FAILED", "UPDATE_FAILED", "DELETE_FAILED"
5897
+ # resp.enforcement_mode #=> String, one of "ACTIVE", "LOG_ONLY"
5536
5898
  # resp.definition.cedar.statement #=> String
5537
5899
  # resp.definition.policy_generation.policy_generation_id #=> String
5538
5900
  # resp.definition.policy_generation.policy_generation_asset_id #=> String
5901
+ # resp.definition.policy.statement #=> String
5539
5902
  # resp.description #=> String
5540
5903
  # resp.status_reasons #=> Array
5541
5904
  # resp.status_reasons[0] #=> String
@@ -5786,6 +6149,8 @@ module Aws::BedrockAgentCoreControl
5786
6149
  # resp.authorizer_configuration.custom_jwt_authorizer.allowed_clients[0] #=> String
5787
6150
  # resp.authorizer_configuration.custom_jwt_authorizer.allowed_scopes #=> Array
5788
6151
  # resp.authorizer_configuration.custom_jwt_authorizer.allowed_scopes[0] #=> String
6152
+ # resp.authorizer_configuration.custom_jwt_authorizer.advertised_scope_mapping #=> Hash
6153
+ # resp.authorizer_configuration.custom_jwt_authorizer.advertised_scope_mapping["AllowedScopeType"] #=> String
5789
6154
  # resp.authorizer_configuration.custom_jwt_authorizer.custom_claims #=> Array
5790
6155
  # resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_name #=> String
5791
6156
  # resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_value_type #=> String, one of "STRING", "STRING_ARRAY"
@@ -5815,6 +6180,10 @@ module Aws::BedrockAgentCoreControl
5815
6180
  # resp.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.tags #=> Hash
5816
6181
  # resp.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.tags["TagKey"] #=> String
5817
6182
  # resp.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.routing_domain #=> String
6183
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.hosting_environments #=> Array
6184
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.hosting_environments[0].arn #=> String
6185
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.workload_identities #=> Array
6186
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.workload_identities[0] #=> String
5818
6187
  # resp.request_header_configuration.request_header_allowlist #=> Array
5819
6188
  # resp.request_header_configuration.request_header_allowlist[0] #=> String
5820
6189
  # resp.metadata_configuration.require_mmdsv2 #=> Boolean
@@ -6373,10 +6742,13 @@ module Aws::BedrockAgentCoreControl
6373
6742
  # * {Types::GetGatewayResponse#authorizer_type #authorizer_type} => String
6374
6743
  # * {Types::GetGatewayResponse#authorizer_configuration #authorizer_configuration} => Types::AuthorizerConfiguration
6375
6744
  # * {Types::GetGatewayResponse#kms_key_arn #kms_key_arn} => String
6745
+ # * {Types::GetGatewayResponse#custom_transform_configuration #custom_transform_configuration} => Types::CustomTransformConfiguration
6376
6746
  # * {Types::GetGatewayResponse#interceptor_configurations #interceptor_configurations} => Array&lt;Types::GatewayInterceptorConfiguration&gt;
6377
6747
  # * {Types::GetGatewayResponse#policy_engine_configuration #policy_engine_configuration} => Types::GatewayPolicyEngineConfiguration
6378
6748
  # * {Types::GetGatewayResponse#workload_identity_details #workload_identity_details} => Types::WorkloadIdentityDetails
6379
6749
  # * {Types::GetGatewayResponse#exception_level #exception_level} => String
6750
+ # * {Types::GetGatewayResponse#web_acl_arn #web_acl_arn} => String
6751
+ # * {Types::GetGatewayResponse#waf_configuration #waf_configuration} => Types::WafConfiguration
6380
6752
  #
6381
6753
  # @example Request syntax with placeholder values
6382
6754
  #
@@ -6412,6 +6784,8 @@ module Aws::BedrockAgentCoreControl
6412
6784
  # resp.authorizer_configuration.custom_jwt_authorizer.allowed_clients[0] #=> String
6413
6785
  # resp.authorizer_configuration.custom_jwt_authorizer.allowed_scopes #=> Array
6414
6786
  # resp.authorizer_configuration.custom_jwt_authorizer.allowed_scopes[0] #=> String
6787
+ # resp.authorizer_configuration.custom_jwt_authorizer.advertised_scope_mapping #=> Hash
6788
+ # resp.authorizer_configuration.custom_jwt_authorizer.advertised_scope_mapping["AllowedScopeType"] #=> String
6415
6789
  # resp.authorizer_configuration.custom_jwt_authorizer.custom_claims #=> Array
6416
6790
  # resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_name #=> String
6417
6791
  # resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_value_type #=> String, one of "STRING", "STRING_ARRAY"
@@ -6441,16 +6815,25 @@ module Aws::BedrockAgentCoreControl
6441
6815
  # resp.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.tags #=> Hash
6442
6816
  # resp.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.tags["TagKey"] #=> String
6443
6817
  # resp.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.routing_domain #=> String
6818
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.hosting_environments #=> Array
6819
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.hosting_environments[0].arn #=> String
6820
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.workload_identities #=> Array
6821
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.workload_identities[0] #=> String
6444
6822
  # resp.kms_key_arn #=> String
6823
+ # resp.custom_transform_configuration.lambda.arn #=> String
6445
6824
  # resp.interceptor_configurations #=> Array
6446
6825
  # resp.interceptor_configurations[0].interceptor.lambda.arn #=> String
6447
6826
  # resp.interceptor_configurations[0].interception_points #=> Array
6448
6827
  # resp.interceptor_configurations[0].interception_points[0] #=> String, one of "REQUEST", "RESPONSE"
6449
6828
  # resp.interceptor_configurations[0].input_configuration.pass_request_headers #=> Boolean
6829
+ # resp.interceptor_configurations[0].input_configuration.payload_filter.exclude #=> Array
6830
+ # resp.interceptor_configurations[0].input_configuration.payload_filter.exclude[0].field #=> String, one of "RESPONSE_BODY"
6450
6831
  # resp.policy_engine_configuration.arn #=> String
6451
6832
  # resp.policy_engine_configuration.mode #=> String, one of "LOG_ONLY", "ENFORCE"
6452
6833
  # resp.workload_identity_details.workload_identity_arn #=> String
6453
6834
  # resp.exception_level #=> String, one of "DEBUG"
6835
+ # resp.web_acl_arn #=> String
6836
+ # resp.waf_configuration.failure_mode #=> String, one of "FAIL_CLOSE", "FAIL_OPEN"
6454
6837
  #
6455
6838
  # @see http://docs.aws.amazon.com/goto/WebAPI/bedrock-agentcore-control-2023-06-05/GetGateway AWS API Documentation
6456
6839
  #
@@ -6622,8 +7005,37 @@ module Aws::BedrockAgentCoreControl
6622
7005
  # resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters[0].filter_path #=> String
6623
7006
  # resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters[0].methods #=> Array
6624
7007
  # resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters[0].methods[0] #=> String, one of "GET", "DELETE", "HEAD", "OPTIONS", "PATCH", "PUT", "POST"
7008
+ # resp.target_configuration.mcp.connector.source.connector_id #=> String
7009
+ # resp.target_configuration.mcp.connector.enabled #=> Array
7010
+ # resp.target_configuration.mcp.connector.enabled[0] #=> String
7011
+ # resp.target_configuration.mcp.connector.configurations #=> Array
7012
+ # resp.target_configuration.mcp.connector.configurations[0].name #=> String
7013
+ # resp.target_configuration.mcp.connector.configurations[0].description #=> String
7014
+ # resp.target_configuration.mcp.connector.configurations[0].parameter_overrides #=> Array
7015
+ # resp.target_configuration.mcp.connector.configurations[0].parameter_overrides[0].path #=> String
7016
+ # resp.target_configuration.mcp.connector.configurations[0].parameter_overrides[0].description #=> String
7017
+ # resp.target_configuration.mcp.connector.configurations[0].parameter_overrides[0].visible #=> Boolean
6625
7018
  # resp.target_configuration.http.agentcore_runtime.arn #=> String
6626
7019
  # resp.target_configuration.http.agentcore_runtime.qualifier #=> String
7020
+ # resp.target_configuration.http.agentcore_runtime.schema.source.s3.uri #=> String
7021
+ # resp.target_configuration.http.agentcore_runtime.schema.source.s3.bucket_owner_account_id #=> String
7022
+ # resp.target_configuration.http.agentcore_runtime.schema.source.inline_payload #=> String
7023
+ # resp.target_configuration.http.passthrough.endpoint #=> String
7024
+ # resp.target_configuration.http.passthrough.protocol_type #=> String, one of "MCP", "A2A", "INFERENCE", "CUSTOM"
7025
+ # resp.target_configuration.http.passthrough.schema.source.s3.uri #=> String
7026
+ # resp.target_configuration.http.passthrough.schema.source.s3.bucket_owner_account_id #=> String
7027
+ # resp.target_configuration.http.passthrough.schema.source.inline_payload #=> String
7028
+ # resp.target_configuration.http.passthrough.stickiness_configuration.identifier #=> String
7029
+ # resp.target_configuration.http.passthrough.stickiness_configuration.timeout #=> Integer
7030
+ # resp.target_configuration.inference.connector.source.connector_id #=> String
7031
+ # resp.target_configuration.inference.provider.endpoint #=> String
7032
+ # resp.target_configuration.inference.provider.model_mapping.provider_prefix.strip #=> Boolean
7033
+ # resp.target_configuration.inference.provider.model_mapping.provider_prefix.separator #=> String
7034
+ # resp.target_configuration.inference.provider.operations #=> Array
7035
+ # resp.target_configuration.inference.provider.operations[0].path #=> String
7036
+ # resp.target_configuration.inference.provider.operations[0].provider_path #=> String
7037
+ # resp.target_configuration.inference.provider.operations[0].models #=> Array
7038
+ # resp.target_configuration.inference.provider.operations[0].models[0].model #=> String
6627
7039
  # resp.credential_provider_configurations #=> Array
6628
7040
  # resp.credential_provider_configurations[0].credential_provider_type #=> String, one of "GATEWAY_IAM_ROLE", "OAUTH", "API_KEY", "CALLER_IAM_CREDENTIALS", "JWT_PASSTHROUGH"
6629
7041
  # resp.credential_provider_configurations[0].credential_provider.oauth_credential_provider.provider_arn #=> String
@@ -6673,11 +7085,15 @@ module Aws::BedrockAgentCoreControl
6673
7085
  req.send_request(options)
6674
7086
  end
6675
7087
 
6676
- # Operation to get a single Harness.
7088
+ # Operation to get a single harness.
6677
7089
  #
6678
7090
  # @option params [required, String] :harness_id
6679
7091
  # The ID of the harness to retrieve.
6680
7092
  #
7093
+ # @option params [String] :harness_version
7094
+ # Specific version of the harness to retrieve. If omitted, returns the
7095
+ # current Harness configuration, including its status.
7096
+ #
6681
7097
  # @return [Types::GetHarnessResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
6682
7098
  #
6683
7099
  # * {Types::GetHarnessResponse#harness #harness} => Types::Harness
@@ -6686,6 +7102,7 @@ module Aws::BedrockAgentCoreControl
6686
7102
  #
6687
7103
  # resp = client.get_harness({
6688
7104
  # harness_id: "HarnessId", # required
7105
+ # harness_version: "HarnessVersion",
6689
7106
  # })
6690
7107
  #
6691
7108
  # @example Response structure
@@ -6694,6 +7111,7 @@ module Aws::BedrockAgentCoreControl
6694
7111
  # resp.harness.harness_name #=> String
6695
7112
  # resp.harness.arn #=> String
6696
7113
  # resp.harness.status #=> String, one of "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "READY", "DELETING", "DELETE_FAILED"
7114
+ # resp.harness.harness_version #=> String
6697
7115
  # resp.harness.execution_role_arn #=> String
6698
7116
  # resp.harness.created_at #=> Time
6699
7117
  # resp.harness.updated_at #=> Time
@@ -6746,6 +7164,8 @@ module Aws::BedrockAgentCoreControl
6746
7164
  # resp.harness.skills[0].git.path #=> String
6747
7165
  # resp.harness.skills[0].git.auth.credential_arn #=> String
6748
7166
  # resp.harness.skills[0].git.auth.username #=> String
7167
+ # resp.harness.skills[0].aws_skills.paths #=> Array
7168
+ # resp.harness.skills[0].aws_skills.paths[0] #=> String
6749
7169
  # resp.harness.allowed_tools #=> Array
6750
7170
  # resp.harness.allowed_tools[0] #=> String
6751
7171
  # resp.harness.truncation.strategy #=> String, one of "sliding_window", "summarization", "none"
@@ -6780,6 +7200,8 @@ module Aws::BedrockAgentCoreControl
6780
7200
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_clients[0] #=> String
6781
7201
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_scopes #=> Array
6782
7202
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_scopes[0] #=> String
7203
+ # resp.harness.authorizer_configuration.custom_jwt_authorizer.advertised_scope_mapping #=> Hash
7204
+ # resp.harness.authorizer_configuration.custom_jwt_authorizer.advertised_scope_mapping["AllowedScopeType"] #=> String
6783
7205
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.custom_claims #=> Array
6784
7206
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_name #=> String
6785
7207
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_value_type #=> String, one of "STRING", "STRING_ARRAY"
@@ -6809,6 +7231,10 @@ module Aws::BedrockAgentCoreControl
6809
7231
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.tags #=> Hash
6810
7232
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.tags["TagKey"] #=> String
6811
7233
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.routing_domain #=> String
7234
+ # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.hosting_environments #=> Array
7235
+ # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.hosting_environments[0].arn #=> String
7236
+ # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.workload_identities #=> Array
7237
+ # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.workload_identities[0] #=> String
6812
7238
  # resp.harness.memory.agent_core_memory_configuration.arn #=> String
6813
7239
  # resp.harness.memory.agent_core_memory_configuration.actor_id #=> String
6814
7240
  # resp.harness.memory.agent_core_memory_configuration.messages_count #=> Integer
@@ -6816,6 +7242,11 @@ module Aws::BedrockAgentCoreControl
6816
7242
  # resp.harness.memory.agent_core_memory_configuration.retrieval_config["String"].top_k #=> Integer
6817
7243
  # resp.harness.memory.agent_core_memory_configuration.retrieval_config["String"].relevance_score #=> Float
6818
7244
  # resp.harness.memory.agent_core_memory_configuration.retrieval_config["String"].strategy_id #=> String
7245
+ # resp.harness.memory.managed_memory_configuration.arn #=> String
7246
+ # resp.harness.memory.managed_memory_configuration.strategies #=> Array
7247
+ # resp.harness.memory.managed_memory_configuration.strategies[0] #=> String, one of "SEMANTIC", "SUMMARIZATION", "USER_PREFERENCE", "EPISODIC"
7248
+ # resp.harness.memory.managed_memory_configuration.event_expiry_duration #=> Integer
7249
+ # resp.harness.memory.managed_memory_configuration.encryption_key_arn #=> String
6819
7250
  # resp.harness.max_iterations #=> Integer
6820
7251
  # resp.harness.max_tokens #=> Integer
6821
7252
  # resp.harness.timeout_seconds #=> Integer
@@ -6830,6 +7261,48 @@ module Aws::BedrockAgentCoreControl
6830
7261
  req.send_request(options)
6831
7262
  end
6832
7263
 
7264
+ # Operation to get a single harness endpoint.
7265
+ #
7266
+ # @option params [required, String] :harness_id
7267
+ # The ID of the harness that the endpoint belongs to.
7268
+ #
7269
+ # @option params [required, String] :endpoint_name
7270
+ # The name of the endpoint to retrieve.
7271
+ #
7272
+ # @return [Types::GetHarnessEndpointResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
7273
+ #
7274
+ # * {Types::GetHarnessEndpointResponse#endpoint #endpoint} => Types::HarnessEndpoint
7275
+ #
7276
+ # @example Request syntax with placeholder values
7277
+ #
7278
+ # resp = client.get_harness_endpoint({
7279
+ # harness_id: "HarnessId", # required
7280
+ # endpoint_name: "HarnessEndpointName", # required
7281
+ # })
7282
+ #
7283
+ # @example Response structure
7284
+ #
7285
+ # resp.endpoint.harness_id #=> String
7286
+ # resp.endpoint.harness_name #=> String
7287
+ # resp.endpoint.endpoint_name #=> String
7288
+ # resp.endpoint.arn #=> String
7289
+ # resp.endpoint.status #=> String, one of "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "READY", "DELETING", "DELETE_FAILED"
7290
+ # resp.endpoint.created_at #=> Time
7291
+ # resp.endpoint.updated_at #=> Time
7292
+ # resp.endpoint.live_version #=> String
7293
+ # resp.endpoint.target_version #=> String
7294
+ # resp.endpoint.description #=> String
7295
+ # resp.endpoint.failure_reason #=> String
7296
+ #
7297
+ # @see http://docs.aws.amazon.com/goto/WebAPI/bedrock-agentcore-control-2023-06-05/GetHarnessEndpoint AWS API Documentation
7298
+ #
7299
+ # @overload get_harness_endpoint(params = {})
7300
+ # @param [Hash] params ({})
7301
+ def get_harness_endpoint(params = {}, options = {})
7302
+ req = build_request(:get_harness_endpoint, params)
7303
+ req.send_request(options)
7304
+ end
7305
+
6833
7306
  # Retrieve an existing Amazon Bedrock AgentCore Memory resource.
6834
7307
  #
6835
7308
  # @option params [required, String] :memory_id
@@ -6953,6 +7426,7 @@ module Aws::BedrockAgentCoreControl
6953
7426
  # resp.memory.stream_delivery_resources.resources[0].kinesis.content_configurations #=> Array
6954
7427
  # resp.memory.stream_delivery_resources.resources[0].kinesis.content_configurations[0].type #=> String, one of "MEMORY_RECORDS"
6955
7428
  # resp.memory.stream_delivery_resources.resources[0].kinesis.content_configurations[0].level #=> String, one of "METADATA_ONLY", "FULL_CONTENT"
7429
+ # resp.memory.managed_by_resource_arn #=> String
6956
7430
  #
6957
7431
  #
6958
7432
  # The following waiters are defined for this operation (see {Client#wait_until} for detailed usage):
@@ -7342,6 +7816,8 @@ module Aws::BedrockAgentCoreControl
7342
7816
  # resp.authorizer_configuration.custom_jwt_authorizer.allowed_clients[0] #=> String
7343
7817
  # resp.authorizer_configuration.custom_jwt_authorizer.allowed_scopes #=> Array
7344
7818
  # resp.authorizer_configuration.custom_jwt_authorizer.allowed_scopes[0] #=> String
7819
+ # resp.authorizer_configuration.custom_jwt_authorizer.advertised_scope_mapping #=> Hash
7820
+ # resp.authorizer_configuration.custom_jwt_authorizer.advertised_scope_mapping["AllowedScopeType"] #=> String
7345
7821
  # resp.authorizer_configuration.custom_jwt_authorizer.custom_claims #=> Array
7346
7822
  # resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_name #=> String
7347
7823
  # resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_value_type #=> String, one of "STRING", "STRING_ARRAY"
@@ -7371,6 +7847,10 @@ module Aws::BedrockAgentCoreControl
7371
7847
  # resp.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.tags #=> Hash
7372
7848
  # resp.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.tags["TagKey"] #=> String
7373
7849
  # resp.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.routing_domain #=> String
7850
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.hosting_environments #=> Array
7851
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.hosting_environments[0].arn #=> String
7852
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.workload_identities #=> Array
7853
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.workload_identities[0] #=> String
7374
7854
  # resp.role_arn #=> String
7375
7855
  # resp.workload_identity_details.workload_identity_arn #=> String
7376
7856
  # resp.created_at #=> Time
@@ -7410,6 +7890,7 @@ module Aws::BedrockAgentCoreControl
7410
7890
  # * {Types::GetPolicyResponse#updated_at #updated_at} => Time
7411
7891
  # * {Types::GetPolicyResponse#policy_arn #policy_arn} => String
7412
7892
  # * {Types::GetPolicyResponse#status #status} => String
7893
+ # * {Types::GetPolicyResponse#enforcement_mode #enforcement_mode} => String
7413
7894
  # * {Types::GetPolicyResponse#definition #definition} => Types::PolicyDefinition
7414
7895
  # * {Types::GetPolicyResponse#description #description} => String
7415
7896
  # * {Types::GetPolicyResponse#status_reasons #status_reasons} => Array&lt;String&gt;
@@ -7430,9 +7911,11 @@ module Aws::BedrockAgentCoreControl
7430
7911
  # resp.updated_at #=> Time
7431
7912
  # resp.policy_arn #=> String
7432
7913
  # resp.status #=> String, one of "CREATING", "ACTIVE", "UPDATING", "DELETING", "CREATE_FAILED", "UPDATE_FAILED", "DELETE_FAILED"
7914
+ # resp.enforcement_mode #=> String, one of "ACTIVE", "LOG_ONLY"
7433
7915
  # resp.definition.cedar.statement #=> String
7434
7916
  # resp.definition.policy_generation.policy_generation_id #=> String
7435
7917
  # resp.definition.policy_generation.policy_generation_asset_id #=> String
7918
+ # resp.definition.policy.statement #=> String
7436
7919
  # resp.description #=> String
7437
7920
  # resp.status_reasons #=> Array
7438
7921
  # resp.status_reasons[0] #=> String
@@ -7704,6 +8187,7 @@ module Aws::BedrockAgentCoreControl
7704
8187
  # * {Types::GetPolicySummaryResponse#updated_at #updated_at} => Time
7705
8188
  # * {Types::GetPolicySummaryResponse#policy_arn #policy_arn} => String
7706
8189
  # * {Types::GetPolicySummaryResponse#status #status} => String
8190
+ # * {Types::GetPolicySummaryResponse#enforcement_mode #enforcement_mode} => String
7707
8191
  #
7708
8192
  # @example Request syntax with placeholder values
7709
8193
  #
@@ -7721,6 +8205,7 @@ module Aws::BedrockAgentCoreControl
7721
8205
  # resp.updated_at #=> Time
7722
8206
  # resp.policy_arn #=> String
7723
8207
  # resp.status #=> String, one of "CREATING", "ACTIVE", "UPDATING", "DELETING", "CREATE_FAILED", "UPDATE_FAILED", "DELETE_FAILED"
8208
+ # resp.enforcement_mode #=> String, one of "ACTIVE", "LOG_ONLY"
7724
8209
  #
7725
8210
  # @see http://docs.aws.amazon.com/goto/WebAPI/bedrock-agentcore-control-2023-06-05/GetPolicySummary AWS API Documentation
7726
8211
  #
@@ -7771,6 +8256,8 @@ module Aws::BedrockAgentCoreControl
7771
8256
  # resp.authorizer_configuration.custom_jwt_authorizer.allowed_clients[0] #=> String
7772
8257
  # resp.authorizer_configuration.custom_jwt_authorizer.allowed_scopes #=> Array
7773
8258
  # resp.authorizer_configuration.custom_jwt_authorizer.allowed_scopes[0] #=> String
8259
+ # resp.authorizer_configuration.custom_jwt_authorizer.advertised_scope_mapping #=> Hash
8260
+ # resp.authorizer_configuration.custom_jwt_authorizer.advertised_scope_mapping["AllowedScopeType"] #=> String
7774
8261
  # resp.authorizer_configuration.custom_jwt_authorizer.custom_claims #=> Array
7775
8262
  # resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_name #=> String
7776
8263
  # resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_value_type #=> String, one of "STRING", "STRING_ARRAY"
@@ -7800,6 +8287,10 @@ module Aws::BedrockAgentCoreControl
7800
8287
  # resp.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.tags #=> Hash
7801
8288
  # resp.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.tags["TagKey"] #=> String
7802
8289
  # resp.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.routing_domain #=> String
8290
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.hosting_environments #=> Array
8291
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.hosting_environments[0].arn #=> String
8292
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.workload_identities #=> Array
8293
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.workload_identities[0] #=> String
7803
8294
  # resp.approval_configuration.auto_approval #=> Boolean
7804
8295
  # resp.status #=> String, one of "CREATING", "READY", "UPDATING", "CREATE_FAILED", "UPDATE_FAILED", "DELETING", "DELETE_FAILED"
7805
8296
  # resp.status_reason #=> String
@@ -8754,6 +9245,11 @@ module Aws::BedrockAgentCoreControl
8754
9245
  # resp.items[0].created_at #=> Time
8755
9246
  # resp.items[0].updated_at #=> Time
8756
9247
  # resp.items[0].resource_priority #=> Integer
9248
+ # resp.items[0].last_synchronized_at #=> Time
9249
+ # resp.items[0].authorization_data.oauth2.authorization_url #=> String
9250
+ # resp.items[0].authorization_data.oauth2.user_id #=> String
9251
+ # resp.items[0].target_type #=> String, one of "OPEN_API_SCHEMA", "SMITHY_MODEL", "MCP_SERVER", "LAMBDA", "API_GATEWAY", "CONNECTOR", "AGENTCORE_RUNTIME", "PASSTHROUGH", "PROVIDER"
9252
+ # resp.items[0].listing_mode #=> String, one of "DEFAULT", "DYNAMIC"
8757
9253
  # resp.next_token #=> String
8758
9254
  #
8759
9255
  # @see http://docs.aws.amazon.com/goto/WebAPI/bedrock-agentcore-control-2023-06-05/ListGatewayTargets AWS API Documentation
@@ -8815,7 +9311,106 @@ module Aws::BedrockAgentCoreControl
8815
9311
  req.send_request(options)
8816
9312
  end
8817
9313
 
8818
- # Operation to list Harnesses.
9314
+ # Operation to list the endpoints of a harness.
9315
+ #
9316
+ # @option params [required, String] :harness_id
9317
+ # The ID of the harness whose endpoints are listed.
9318
+ #
9319
+ # @option params [Integer] :max_results
9320
+ # The maximum number of results to return in a single call.
9321
+ #
9322
+ # @option params [String] :next_token
9323
+ # The token for the next set of results.
9324
+ #
9325
+ # @return [Types::ListHarnessEndpointsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
9326
+ #
9327
+ # * {Types::ListHarnessEndpointsResponse#endpoints #endpoints} => Array&lt;Types::HarnessEndpoint&gt;
9328
+ # * {Types::ListHarnessEndpointsResponse#next_token #next_token} => String
9329
+ #
9330
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
9331
+ #
9332
+ # @example Request syntax with placeholder values
9333
+ #
9334
+ # resp = client.list_harness_endpoints({
9335
+ # harness_id: "HarnessId", # required
9336
+ # max_results: 1,
9337
+ # next_token: "NextToken",
9338
+ # })
9339
+ #
9340
+ # @example Response structure
9341
+ #
9342
+ # resp.endpoints #=> Array
9343
+ # resp.endpoints[0].harness_id #=> String
9344
+ # resp.endpoints[0].harness_name #=> String
9345
+ # resp.endpoints[0].endpoint_name #=> String
9346
+ # resp.endpoints[0].arn #=> String
9347
+ # resp.endpoints[0].status #=> String, one of "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "READY", "DELETING", "DELETE_FAILED"
9348
+ # resp.endpoints[0].created_at #=> Time
9349
+ # resp.endpoints[0].updated_at #=> Time
9350
+ # resp.endpoints[0].live_version #=> String
9351
+ # resp.endpoints[0].target_version #=> String
9352
+ # resp.endpoints[0].description #=> String
9353
+ # resp.endpoints[0].failure_reason #=> String
9354
+ # resp.next_token #=> String
9355
+ #
9356
+ # @see http://docs.aws.amazon.com/goto/WebAPI/bedrock-agentcore-control-2023-06-05/ListHarnessEndpoints AWS API Documentation
9357
+ #
9358
+ # @overload list_harness_endpoints(params = {})
9359
+ # @param [Hash] params ({})
9360
+ def list_harness_endpoints(params = {}, options = {})
9361
+ req = build_request(:list_harness_endpoints, params)
9362
+ req.send_request(options)
9363
+ end
9364
+
9365
+ # Operation to list the versions of a Harness.
9366
+ #
9367
+ # @option params [required, String] :harness_id
9368
+ # The ID of the harness whose versions are listed.
9369
+ #
9370
+ # @option params [Integer] :max_results
9371
+ # The maximum number of results to return in a single call.
9372
+ #
9373
+ # @option params [String] :next_token
9374
+ # The token for the next set of results.
9375
+ #
9376
+ # @return [Types::ListHarnessVersionsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
9377
+ #
9378
+ # * {Types::ListHarnessVersionsResponse#harness_versions #harness_versions} => Array&lt;Types::HarnessVersionSummary&gt;
9379
+ # * {Types::ListHarnessVersionsResponse#next_token #next_token} => String
9380
+ #
9381
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
9382
+ #
9383
+ # @example Request syntax with placeholder values
9384
+ #
9385
+ # resp = client.list_harness_versions({
9386
+ # harness_id: "HarnessId", # required
9387
+ # max_results: 1,
9388
+ # next_token: "NextToken",
9389
+ # })
9390
+ #
9391
+ # @example Response structure
9392
+ #
9393
+ # resp.harness_versions #=> Array
9394
+ # resp.harness_versions[0].harness_id #=> String
9395
+ # resp.harness_versions[0].harness_name #=> String
9396
+ # resp.harness_versions[0].arn #=> String
9397
+ # resp.harness_versions[0].harness_version #=> String
9398
+ # resp.harness_versions[0].status #=> String, one of "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "READY", "DELETING", "DELETE_FAILED"
9399
+ # resp.harness_versions[0].created_at #=> Time
9400
+ # resp.harness_versions[0].updated_at #=> Time
9401
+ # resp.harness_versions[0].failure_reason #=> String
9402
+ # resp.next_token #=> String
9403
+ #
9404
+ # @see http://docs.aws.amazon.com/goto/WebAPI/bedrock-agentcore-control-2023-06-05/ListHarnessVersions AWS API Documentation
9405
+ #
9406
+ # @overload list_harness_versions(params = {})
9407
+ # @param [Hash] params ({})
9408
+ def list_harness_versions(params = {}, options = {})
9409
+ req = build_request(:list_harness_versions, params)
9410
+ req.send_request(options)
9411
+ end
9412
+
9413
+ # Operation to list harnesses.
8819
9414
  #
8820
9415
  # @option params [Integer] :max_results
8821
9416
  # The maximum number of results to return in a single call.
@@ -8846,6 +9441,7 @@ module Aws::BedrockAgentCoreControl
8846
9441
  # resp.harnesses[0].status #=> String, one of "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "READY", "DELETING", "DELETE_FAILED"
8847
9442
  # resp.harnesses[0].created_at #=> Time
8848
9443
  # resp.harnesses[0].updated_at #=> Time
9444
+ # resp.harnesses[0].harness_version #=> String
8849
9445
  # resp.next_token #=> String
8850
9446
  #
8851
9447
  # @see http://docs.aws.amazon.com/goto/WebAPI/bedrock-agentcore-control-2023-06-05/ListHarnesses AWS API Documentation
@@ -8891,6 +9487,7 @@ module Aws::BedrockAgentCoreControl
8891
9487
  # resp.memories[0].status #=> String, one of "CREATING", "ACTIVE", "FAILED", "DELETING", "UPDATING"
8892
9488
  # resp.memories[0].created_at #=> Time
8893
9489
  # resp.memories[0].updated_at #=> Time
9490
+ # resp.memories[0].managed_by_resource_arn #=> String
8894
9491
  # resp.next_token #=> String
8895
9492
  #
8896
9493
  # @see http://docs.aws.amazon.com/goto/WebAPI/bedrock-agentcore-control-2023-06-05/ListMemories AWS API Documentation
@@ -9192,9 +9789,11 @@ module Aws::BedrockAgentCoreControl
9192
9789
  # resp.policies[0].updated_at #=> Time
9193
9790
  # resp.policies[0].policy_arn #=> String
9194
9791
  # resp.policies[0].status #=> String, one of "CREATING", "ACTIVE", "UPDATING", "DELETING", "CREATE_FAILED", "UPDATE_FAILED", "DELETE_FAILED"
9792
+ # resp.policies[0].enforcement_mode #=> String, one of "ACTIVE", "LOG_ONLY"
9195
9793
  # resp.policies[0].definition.cedar.statement #=> String
9196
9794
  # resp.policies[0].definition.policy_generation.policy_generation_id #=> String
9197
9795
  # resp.policies[0].definition.policy_generation.policy_generation_asset_id #=> String
9796
+ # resp.policies[0].definition.policy.statement #=> String
9198
9797
  # resp.policies[0].description #=> String
9199
9798
  # resp.policies[0].status_reasons #=> Array
9200
9799
  # resp.policies[0].status_reasons[0] #=> String
@@ -9383,6 +9982,7 @@ module Aws::BedrockAgentCoreControl
9383
9982
  # resp.policy_generation_assets[0].definition.cedar.statement #=> String
9384
9983
  # resp.policy_generation_assets[0].definition.policy_generation.policy_generation_id #=> String
9385
9984
  # resp.policy_generation_assets[0].definition.policy_generation.policy_generation_asset_id #=> String
9985
+ # resp.policy_generation_assets[0].definition.policy.statement #=> String
9386
9986
  # resp.policy_generation_assets[0].raw_text_fragment #=> String
9387
9987
  # resp.policy_generation_assets[0].findings #=> Array
9388
9988
  # resp.policy_generation_assets[0].findings[0].type #=> String, one of "VALID", "INVALID", "NOT_TRANSLATABLE", "ALLOW_ALL", "ALLOW_NONE", "DENY_ALL", "DENY_NONE"
@@ -9574,6 +10174,7 @@ module Aws::BedrockAgentCoreControl
9574
10174
  # resp.policies[0].updated_at #=> Time
9575
10175
  # resp.policies[0].policy_arn #=> String
9576
10176
  # resp.policies[0].status #=> String, one of "CREATING", "ACTIVE", "UPDATING", "DELETING", "CREATE_FAILED", "UPDATE_FAILED", "DELETE_FAILED"
10177
+ # resp.policies[0].enforcement_mode #=> String, one of "ACTIVE", "LOG_ONLY"
9577
10178
  # resp.next_token #=> String
9578
10179
  #
9579
10180
  # @see http://docs.aws.amazon.com/goto/WebAPI/bedrock-agentcore-control-2023-06-05/ListPolicySummaries AWS API Documentation
@@ -10103,8 +10704,37 @@ module Aws::BedrockAgentCoreControl
10103
10704
  # resp.targets[0].target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters[0].filter_path #=> String
10104
10705
  # resp.targets[0].target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters[0].methods #=> Array
10105
10706
  # resp.targets[0].target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters[0].methods[0] #=> String, one of "GET", "DELETE", "HEAD", "OPTIONS", "PATCH", "PUT", "POST"
10707
+ # resp.targets[0].target_configuration.mcp.connector.source.connector_id #=> String
10708
+ # resp.targets[0].target_configuration.mcp.connector.enabled #=> Array
10709
+ # resp.targets[0].target_configuration.mcp.connector.enabled[0] #=> String
10710
+ # resp.targets[0].target_configuration.mcp.connector.configurations #=> Array
10711
+ # resp.targets[0].target_configuration.mcp.connector.configurations[0].name #=> String
10712
+ # resp.targets[0].target_configuration.mcp.connector.configurations[0].description #=> String
10713
+ # resp.targets[0].target_configuration.mcp.connector.configurations[0].parameter_overrides #=> Array
10714
+ # resp.targets[0].target_configuration.mcp.connector.configurations[0].parameter_overrides[0].path #=> String
10715
+ # resp.targets[0].target_configuration.mcp.connector.configurations[0].parameter_overrides[0].description #=> String
10716
+ # resp.targets[0].target_configuration.mcp.connector.configurations[0].parameter_overrides[0].visible #=> Boolean
10106
10717
  # resp.targets[0].target_configuration.http.agentcore_runtime.arn #=> String
10107
10718
  # resp.targets[0].target_configuration.http.agentcore_runtime.qualifier #=> String
10719
+ # resp.targets[0].target_configuration.http.agentcore_runtime.schema.source.s3.uri #=> String
10720
+ # resp.targets[0].target_configuration.http.agentcore_runtime.schema.source.s3.bucket_owner_account_id #=> String
10721
+ # resp.targets[0].target_configuration.http.agentcore_runtime.schema.source.inline_payload #=> String
10722
+ # resp.targets[0].target_configuration.http.passthrough.endpoint #=> String
10723
+ # resp.targets[0].target_configuration.http.passthrough.protocol_type #=> String, one of "MCP", "A2A", "INFERENCE", "CUSTOM"
10724
+ # resp.targets[0].target_configuration.http.passthrough.schema.source.s3.uri #=> String
10725
+ # resp.targets[0].target_configuration.http.passthrough.schema.source.s3.bucket_owner_account_id #=> String
10726
+ # resp.targets[0].target_configuration.http.passthrough.schema.source.inline_payload #=> String
10727
+ # resp.targets[0].target_configuration.http.passthrough.stickiness_configuration.identifier #=> String
10728
+ # resp.targets[0].target_configuration.http.passthrough.stickiness_configuration.timeout #=> Integer
10729
+ # resp.targets[0].target_configuration.inference.connector.source.connector_id #=> String
10730
+ # resp.targets[0].target_configuration.inference.provider.endpoint #=> String
10731
+ # resp.targets[0].target_configuration.inference.provider.model_mapping.provider_prefix.strip #=> Boolean
10732
+ # resp.targets[0].target_configuration.inference.provider.model_mapping.provider_prefix.separator #=> String
10733
+ # resp.targets[0].target_configuration.inference.provider.operations #=> Array
10734
+ # resp.targets[0].target_configuration.inference.provider.operations[0].path #=> String
10735
+ # resp.targets[0].target_configuration.inference.provider.operations[0].provider_path #=> String
10736
+ # resp.targets[0].target_configuration.inference.provider.operations[0].models #=> Array
10737
+ # resp.targets[0].target_configuration.inference.provider.operations[0].models[0].model #=> String
10108
10738
  # resp.targets[0].credential_provider_configurations #=> Array
10109
10739
  # resp.targets[0].credential_provider_configurations[0].credential_provider_type #=> String, one of "GATEWAY_IAM_ROLE", "OAUTH", "API_KEY", "CALLER_IAM_CREDENTIALS", "JWT_PASSTHROUGH"
10110
10740
  # resp.targets[0].credential_provider_configurations[0].credential_provider.oauth_credential_provider.provider_arn #=> String
@@ -10318,6 +10948,9 @@ module Aws::BedrockAgentCoreControl
10318
10948
  # allowed_audience: ["AllowedAudience"],
10319
10949
  # allowed_clients: ["AllowedClient"],
10320
10950
  # allowed_scopes: ["AllowedScopeType"],
10951
+ # advertised_scope_mapping: {
10952
+ # "AllowedScopeType" => "AllowedScopeType",
10953
+ # },
10321
10954
  # custom_claims: [
10322
10955
  # {
10323
10956
  # inbound_token_claim_name: "InboundTokenClaimNameType", # required
@@ -10366,6 +10999,14 @@ module Aws::BedrockAgentCoreControl
10366
10999
  # },
10367
11000
  # },
10368
11001
  # ],
11002
+ # allowed_workload_configuration: {
11003
+ # hosting_environments: [
11004
+ # {
11005
+ # arn: "BedrockAgentcoreResourceArn", # required
11006
+ # },
11007
+ # ],
11008
+ # workload_identities: ["WorkloadIdentityNameType"],
11009
+ # },
10369
11010
  # },
10370
11011
  # },
10371
11012
  # request_header_configuration: {
@@ -10492,15 +11133,15 @@ module Aws::BedrockAgentCoreControl
10492
11133
  # existing API key and is encrypted and stored securely.
10493
11134
  #
10494
11135
  # @option params [Types::SecretReference] :api_key_secret_config
10495
- # A reference to the AWS Secrets Manager secret that stores the API key.
10496
- # This includes the secret ID and the JSON key used to extract the API
10497
- # key value from the secret. Required when `apiKeySecretSource` is set
10498
- # to `EXTERNAL`.
11136
+ # A reference to the Amazon Web Services Secrets Manager secret that
11137
+ # stores the API key. This includes the secret ID and the JSON key used
11138
+ # to extract the API key value from the secret. Required when
11139
+ # `apiKeySecretSource` is set to `EXTERNAL`.
10499
11140
  #
10500
11141
  # @option params [String] :api_key_secret_source
10501
11142
  # The source type of the API key secret. Use `MANAGED` if the secret is
10502
11143
  # managed by the service, or `EXTERNAL` if you manage the secret
10503
- # yourself in AWS Secrets Manager.
11144
+ # yourself in Amazon Web Services Secrets Manager.
10504
11145
  #
10505
11146
  # @return [Types::UpdateApiKeyCredentialProviderResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
10506
11147
  #
@@ -10911,6 +11552,11 @@ module Aws::BedrockAgentCoreControl
10911
11552
  # @option params [String] :kms_key_arn
10912
11553
  # The updated ARN of the KMS key used to encrypt the gateway.
10913
11554
  #
11555
+ # @option params [Types::CustomTransformConfiguration] :custom_transform_configuration
11556
+ # The updated custom transformation configuration for the gateway. This
11557
+ # configuration defines how the gateway transforms requests and
11558
+ # responses.
11559
+ #
10914
11560
  # @option params [Array<Types::GatewayInterceptorConfiguration>] :interceptor_configurations
10915
11561
  # The updated interceptor configurations for the gateway.
10916
11562
  #
@@ -10931,6 +11577,9 @@ module Aws::BedrockAgentCoreControl
10931
11577
  # * If the value is omitted, a generic error message is returned to the
10932
11578
  # end user.
10933
11579
  #
11580
+ # @option params [Types::WafConfiguration] :waf_configuration
11581
+ # The updated Amazon Web Services WAF configuration for the gateway.
11582
+ #
10934
11583
  # @return [Types::UpdateGatewayResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
10935
11584
  #
10936
11585
  # * {Types::UpdateGatewayResponse#gateway_arn #gateway_arn} => String
@@ -10948,10 +11597,13 @@ module Aws::BedrockAgentCoreControl
10948
11597
  # * {Types::UpdateGatewayResponse#authorizer_type #authorizer_type} => String
10949
11598
  # * {Types::UpdateGatewayResponse#authorizer_configuration #authorizer_configuration} => Types::AuthorizerConfiguration
10950
11599
  # * {Types::UpdateGatewayResponse#kms_key_arn #kms_key_arn} => String
11600
+ # * {Types::UpdateGatewayResponse#custom_transform_configuration #custom_transform_configuration} => Types::CustomTransformConfiguration
10951
11601
  # * {Types::UpdateGatewayResponse#interceptor_configurations #interceptor_configurations} => Array&lt;Types::GatewayInterceptorConfiguration&gt;
10952
11602
  # * {Types::UpdateGatewayResponse#policy_engine_configuration #policy_engine_configuration} => Types::GatewayPolicyEngineConfiguration
10953
11603
  # * {Types::UpdateGatewayResponse#workload_identity_details #workload_identity_details} => Types::WorkloadIdentityDetails
10954
11604
  # * {Types::UpdateGatewayResponse#exception_level #exception_level} => String
11605
+ # * {Types::UpdateGatewayResponse#web_acl_arn #web_acl_arn} => String
11606
+ # * {Types::UpdateGatewayResponse#waf_configuration #waf_configuration} => Types::WafConfiguration
10955
11607
  #
10956
11608
  # @example Request syntax with placeholder values
10957
11609
  #
@@ -10981,6 +11633,9 @@ module Aws::BedrockAgentCoreControl
10981
11633
  # allowed_audience: ["AllowedAudience"],
10982
11634
  # allowed_clients: ["AllowedClient"],
10983
11635
  # allowed_scopes: ["AllowedScopeType"],
11636
+ # advertised_scope_mapping: {
11637
+ # "AllowedScopeType" => "AllowedScopeType",
11638
+ # },
10984
11639
  # custom_claims: [
10985
11640
  # {
10986
11641
  # inbound_token_claim_name: "InboundTokenClaimNameType", # required
@@ -11029,9 +11684,22 @@ module Aws::BedrockAgentCoreControl
11029
11684
  # },
11030
11685
  # },
11031
11686
  # ],
11687
+ # allowed_workload_configuration: {
11688
+ # hosting_environments: [
11689
+ # {
11690
+ # arn: "BedrockAgentcoreResourceArn", # required
11691
+ # },
11692
+ # ],
11693
+ # workload_identities: ["WorkloadIdentityNameType"],
11694
+ # },
11032
11695
  # },
11033
11696
  # },
11034
11697
  # kms_key_arn: "KmsKeyArn",
11698
+ # custom_transform_configuration: {
11699
+ # lambda: {
11700
+ # arn: "LambdaFunctionArn",
11701
+ # },
11702
+ # },
11035
11703
  # interceptor_configurations: [
11036
11704
  # {
11037
11705
  # interceptor: { # required
@@ -11042,6 +11710,13 @@ module Aws::BedrockAgentCoreControl
11042
11710
  # interception_points: ["REQUEST"], # required, accepts REQUEST, RESPONSE
11043
11711
  # input_configuration: {
11044
11712
  # pass_request_headers: false, # required
11713
+ # payload_filter: {
11714
+ # exclude: [ # required
11715
+ # {
11716
+ # field: "RESPONSE_BODY", # accepts RESPONSE_BODY
11717
+ # },
11718
+ # ],
11719
+ # },
11045
11720
  # },
11046
11721
  # },
11047
11722
  # ],
@@ -11050,6 +11725,9 @@ module Aws::BedrockAgentCoreControl
11050
11725
  # mode: "LOG_ONLY", # required, accepts LOG_ONLY, ENFORCE
11051
11726
  # },
11052
11727
  # exception_level: "DEBUG", # accepts DEBUG
11728
+ # waf_configuration: {
11729
+ # failure_mode: "FAIL_CLOSE", # accepts FAIL_CLOSE, FAIL_OPEN
11730
+ # },
11053
11731
  # })
11054
11732
  #
11055
11733
  # @example Response structure
@@ -11080,6 +11758,8 @@ module Aws::BedrockAgentCoreControl
11080
11758
  # resp.authorizer_configuration.custom_jwt_authorizer.allowed_clients[0] #=> String
11081
11759
  # resp.authorizer_configuration.custom_jwt_authorizer.allowed_scopes #=> Array
11082
11760
  # resp.authorizer_configuration.custom_jwt_authorizer.allowed_scopes[0] #=> String
11761
+ # resp.authorizer_configuration.custom_jwt_authorizer.advertised_scope_mapping #=> Hash
11762
+ # resp.authorizer_configuration.custom_jwt_authorizer.advertised_scope_mapping["AllowedScopeType"] #=> String
11083
11763
  # resp.authorizer_configuration.custom_jwt_authorizer.custom_claims #=> Array
11084
11764
  # resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_name #=> String
11085
11765
  # resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_value_type #=> String, one of "STRING", "STRING_ARRAY"
@@ -11109,16 +11789,25 @@ module Aws::BedrockAgentCoreControl
11109
11789
  # resp.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.tags #=> Hash
11110
11790
  # resp.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.tags["TagKey"] #=> String
11111
11791
  # resp.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.routing_domain #=> String
11792
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.hosting_environments #=> Array
11793
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.hosting_environments[0].arn #=> String
11794
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.workload_identities #=> Array
11795
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.workload_identities[0] #=> String
11112
11796
  # resp.kms_key_arn #=> String
11797
+ # resp.custom_transform_configuration.lambda.arn #=> String
11113
11798
  # resp.interceptor_configurations #=> Array
11114
11799
  # resp.interceptor_configurations[0].interceptor.lambda.arn #=> String
11115
11800
  # resp.interceptor_configurations[0].interception_points #=> Array
11116
11801
  # resp.interceptor_configurations[0].interception_points[0] #=> String, one of "REQUEST", "RESPONSE"
11117
11802
  # resp.interceptor_configurations[0].input_configuration.pass_request_headers #=> Boolean
11803
+ # resp.interceptor_configurations[0].input_configuration.payload_filter.exclude #=> Array
11804
+ # resp.interceptor_configurations[0].input_configuration.payload_filter.exclude[0].field #=> String, one of "RESPONSE_BODY"
11118
11805
  # resp.policy_engine_configuration.arn #=> String
11119
11806
  # resp.policy_engine_configuration.mode #=> String, one of "LOG_ONLY", "ENFORCE"
11120
11807
  # resp.workload_identity_details.workload_identity_arn #=> String
11121
11808
  # resp.exception_level #=> String, one of "DEBUG"
11809
+ # resp.web_acl_arn #=> String
11810
+ # resp.waf_configuration.failure_mode #=> String, one of "FAIL_CLOSE", "FAIL_OPEN"
11122
11811
  #
11123
11812
  # @see http://docs.aws.amazon.com/goto/WebAPI/bedrock-agentcore-control-2023-06-05/UpdateGateway AWS API Documentation
11124
11813
  #
@@ -11291,7 +11980,7 @@ module Aws::BedrockAgentCoreControl
11291
11980
  # @option params [required, String] :target_id
11292
11981
  # The unique identifier of the gateway target to update.
11293
11982
  #
11294
- # @option params [required, String] :name
11983
+ # @option params [String] :name
11295
11984
  # The updated name for the gateway target.
11296
11985
  #
11297
11986
  # @option params [String] :description
@@ -11336,7 +12025,7 @@ module Aws::BedrockAgentCoreControl
11336
12025
  # resp = client.update_gateway_target({
11337
12026
  # gateway_identifier: "GatewayIdentifier", # required
11338
12027
  # target_id: "TargetId", # required
11339
- # name: "TargetName", # required
12028
+ # name: "TargetName",
11340
12029
  # description: "TargetDescription",
11341
12030
  # target_configuration: { # required
11342
12031
  # mcp: {
@@ -11427,11 +12116,85 @@ module Aws::BedrockAgentCoreControl
11427
12116
  # ],
11428
12117
  # },
11429
12118
  # },
12119
+ # connector: {
12120
+ # source: { # required
12121
+ # connector_id: "ConnectorId", # required
12122
+ # },
12123
+ # enabled: ["String"],
12124
+ # configurations: [
12125
+ # {
12126
+ # name: "ConnectorConfigurationNameString", # required
12127
+ # description: "ConnectorConfigurationDescriptionString",
12128
+ # parameter_values: {
12129
+ # },
12130
+ # parameter_overrides: [
12131
+ # {
12132
+ # path: "String", # required
12133
+ # description: "String",
12134
+ # visible: false,
12135
+ # },
12136
+ # ],
12137
+ # },
12138
+ # ],
12139
+ # },
11430
12140
  # },
11431
12141
  # http: {
11432
12142
  # agentcore_runtime: {
11433
12143
  # arn: "RuntimeArn", # required
11434
12144
  # qualifier: "RuntimeQualifier",
12145
+ # schema: {
12146
+ # source: { # required
12147
+ # s3: {
12148
+ # uri: "S3BucketUri",
12149
+ # bucket_owner_account_id: "AwsAccountId",
12150
+ # },
12151
+ # inline_payload: "InlinePayload",
12152
+ # },
12153
+ # },
12154
+ # },
12155
+ # passthrough: {
12156
+ # endpoint: "PassthroughEndpoint", # required
12157
+ # protocol_type: "MCP", # required, accepts MCP, A2A, INFERENCE, CUSTOM
12158
+ # schema: {
12159
+ # source: { # required
12160
+ # s3: {
12161
+ # uri: "S3BucketUri",
12162
+ # bucket_owner_account_id: "AwsAccountId",
12163
+ # },
12164
+ # inline_payload: "InlinePayload",
12165
+ # },
12166
+ # },
12167
+ # stickiness_configuration: {
12168
+ # identifier: "StickinessConfigurationIdentifierString", # required
12169
+ # timeout: 1,
12170
+ # },
12171
+ # },
12172
+ # },
12173
+ # inference: {
12174
+ # connector: {
12175
+ # source: { # required
12176
+ # connector_id: "InferenceConnectorId", # required
12177
+ # },
12178
+ # },
12179
+ # provider: {
12180
+ # endpoint: "PassthroughEndpoint", # required
12181
+ # model_mapping: {
12182
+ # provider_prefix: {
12183
+ # strip: false,
12184
+ # separator: "ProviderPrefixSeparatorString",
12185
+ # },
12186
+ # },
12187
+ # operations: [
12188
+ # {
12189
+ # path: "InferenceOperationPath", # required
12190
+ # provider_path: "InferenceOperationPath",
12191
+ # models: [
12192
+ # {
12193
+ # model: "ModelPattern", # required
12194
+ # },
12195
+ # ],
12196
+ # },
12197
+ # ],
11435
12198
  # },
11436
12199
  # },
11437
12200
  # },
@@ -11537,8 +12300,37 @@ module Aws::BedrockAgentCoreControl
11537
12300
  # resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters[0].filter_path #=> String
11538
12301
  # resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters[0].methods #=> Array
11539
12302
  # resp.target_configuration.mcp.api_gateway.api_gateway_tool_configuration.tool_filters[0].methods[0] #=> String, one of "GET", "DELETE", "HEAD", "OPTIONS", "PATCH", "PUT", "POST"
12303
+ # resp.target_configuration.mcp.connector.source.connector_id #=> String
12304
+ # resp.target_configuration.mcp.connector.enabled #=> Array
12305
+ # resp.target_configuration.mcp.connector.enabled[0] #=> String
12306
+ # resp.target_configuration.mcp.connector.configurations #=> Array
12307
+ # resp.target_configuration.mcp.connector.configurations[0].name #=> String
12308
+ # resp.target_configuration.mcp.connector.configurations[0].description #=> String
12309
+ # resp.target_configuration.mcp.connector.configurations[0].parameter_overrides #=> Array
12310
+ # resp.target_configuration.mcp.connector.configurations[0].parameter_overrides[0].path #=> String
12311
+ # resp.target_configuration.mcp.connector.configurations[0].parameter_overrides[0].description #=> String
12312
+ # resp.target_configuration.mcp.connector.configurations[0].parameter_overrides[0].visible #=> Boolean
11540
12313
  # resp.target_configuration.http.agentcore_runtime.arn #=> String
11541
12314
  # resp.target_configuration.http.agentcore_runtime.qualifier #=> String
12315
+ # resp.target_configuration.http.agentcore_runtime.schema.source.s3.uri #=> String
12316
+ # resp.target_configuration.http.agentcore_runtime.schema.source.s3.bucket_owner_account_id #=> String
12317
+ # resp.target_configuration.http.agentcore_runtime.schema.source.inline_payload #=> String
12318
+ # resp.target_configuration.http.passthrough.endpoint #=> String
12319
+ # resp.target_configuration.http.passthrough.protocol_type #=> String, one of "MCP", "A2A", "INFERENCE", "CUSTOM"
12320
+ # resp.target_configuration.http.passthrough.schema.source.s3.uri #=> String
12321
+ # resp.target_configuration.http.passthrough.schema.source.s3.bucket_owner_account_id #=> String
12322
+ # resp.target_configuration.http.passthrough.schema.source.inline_payload #=> String
12323
+ # resp.target_configuration.http.passthrough.stickiness_configuration.identifier #=> String
12324
+ # resp.target_configuration.http.passthrough.stickiness_configuration.timeout #=> Integer
12325
+ # resp.target_configuration.inference.connector.source.connector_id #=> String
12326
+ # resp.target_configuration.inference.provider.endpoint #=> String
12327
+ # resp.target_configuration.inference.provider.model_mapping.provider_prefix.strip #=> Boolean
12328
+ # resp.target_configuration.inference.provider.model_mapping.provider_prefix.separator #=> String
12329
+ # resp.target_configuration.inference.provider.operations #=> Array
12330
+ # resp.target_configuration.inference.provider.operations[0].path #=> String
12331
+ # resp.target_configuration.inference.provider.operations[0].provider_path #=> String
12332
+ # resp.target_configuration.inference.provider.operations[0].models #=> Array
12333
+ # resp.target_configuration.inference.provider.operations[0].models[0].model #=> String
11542
12334
  # resp.credential_provider_configurations #=> Array
11543
12335
  # resp.credential_provider_configurations[0].credential_provider_type #=> String, one of "GATEWAY_IAM_ROLE", "OAUTH", "API_KEY", "CALLER_IAM_CREDENTIALS", "JWT_PASSTHROUGH"
11544
12336
  # resp.credential_provider_configurations[0].credential_provider.oauth_credential_provider.provider_arn #=> String
@@ -11588,7 +12380,7 @@ module Aws::BedrockAgentCoreControl
11588
12380
  req.send_request(options)
11589
12381
  end
11590
12382
 
11591
- # Operation to update a Harness.
12383
+ # Operation to update a harness.
11592
12384
  #
11593
12385
  # @option params [required, String] :harness_id
11594
12386
  # The ID of the harness to update.
@@ -11726,6 +12518,9 @@ module Aws::BedrockAgentCoreControl
11726
12518
  # allowed_audience: ["AllowedAudience"],
11727
12519
  # allowed_clients: ["AllowedClient"],
11728
12520
  # allowed_scopes: ["AllowedScopeType"],
12521
+ # advertised_scope_mapping: {
12522
+ # "AllowedScopeType" => "AllowedScopeType",
12523
+ # },
11729
12524
  # custom_claims: [
11730
12525
  # {
11731
12526
  # inbound_token_claim_name: "InboundTokenClaimNameType", # required
@@ -11774,6 +12569,14 @@ module Aws::BedrockAgentCoreControl
11774
12569
  # },
11775
12570
  # },
11776
12571
  # ],
12572
+ # allowed_workload_configuration: {
12573
+ # hosting_environments: [
12574
+ # {
12575
+ # arn: "BedrockAgentcoreResourceArn", # required
12576
+ # },
12577
+ # ],
12578
+ # workload_identities: ["WorkloadIdentityNameType"],
12579
+ # },
11777
12580
  # },
11778
12581
  # },
11779
12582
  # },
@@ -11878,6 +12681,9 @@ module Aws::BedrockAgentCoreControl
11878
12681
  # username: "String",
11879
12682
  # },
11880
12683
  # },
12684
+ # aws_skills: {
12685
+ # paths: ["HarnessAwsSkillPath"],
12686
+ # },
11881
12687
  # },
11882
12688
  # ],
11883
12689
  # allowed_tools: ["HarnessAllowedTool"],
@@ -11895,6 +12701,14 @@ module Aws::BedrockAgentCoreControl
11895
12701
  # },
11896
12702
  # },
11897
12703
  # },
12704
+ # managed_memory_configuration: {
12705
+ # arn: "MemoryArn",
12706
+ # strategies: ["SEMANTIC"], # accepts SEMANTIC, SUMMARIZATION, USER_PREFERENCE, EPISODIC
12707
+ # event_expiry_duration: 1,
12708
+ # encryption_key_arn: "KmsKeyArn",
12709
+ # },
12710
+ # disabled: {
12711
+ # },
11898
12712
  # },
11899
12713
  # },
11900
12714
  # truncation: {
@@ -11921,6 +12735,7 @@ module Aws::BedrockAgentCoreControl
11921
12735
  # resp.harness.harness_name #=> String
11922
12736
  # resp.harness.arn #=> String
11923
12737
  # resp.harness.status #=> String, one of "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "READY", "DELETING", "DELETE_FAILED"
12738
+ # resp.harness.harness_version #=> String
11924
12739
  # resp.harness.execution_role_arn #=> String
11925
12740
  # resp.harness.created_at #=> Time
11926
12741
  # resp.harness.updated_at #=> Time
@@ -11973,6 +12788,8 @@ module Aws::BedrockAgentCoreControl
11973
12788
  # resp.harness.skills[0].git.path #=> String
11974
12789
  # resp.harness.skills[0].git.auth.credential_arn #=> String
11975
12790
  # resp.harness.skills[0].git.auth.username #=> String
12791
+ # resp.harness.skills[0].aws_skills.paths #=> Array
12792
+ # resp.harness.skills[0].aws_skills.paths[0] #=> String
11976
12793
  # resp.harness.allowed_tools #=> Array
11977
12794
  # resp.harness.allowed_tools[0] #=> String
11978
12795
  # resp.harness.truncation.strategy #=> String, one of "sliding_window", "summarization", "none"
@@ -12007,6 +12824,8 @@ module Aws::BedrockAgentCoreControl
12007
12824
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_clients[0] #=> String
12008
12825
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_scopes #=> Array
12009
12826
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_scopes[0] #=> String
12827
+ # resp.harness.authorizer_configuration.custom_jwt_authorizer.advertised_scope_mapping #=> Hash
12828
+ # resp.harness.authorizer_configuration.custom_jwt_authorizer.advertised_scope_mapping["AllowedScopeType"] #=> String
12010
12829
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.custom_claims #=> Array
12011
12830
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_name #=> String
12012
12831
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_value_type #=> String, one of "STRING", "STRING_ARRAY"
@@ -12036,6 +12855,10 @@ module Aws::BedrockAgentCoreControl
12036
12855
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.tags #=> Hash
12037
12856
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.tags["TagKey"] #=> String
12038
12857
  # resp.harness.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.routing_domain #=> String
12858
+ # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.hosting_environments #=> Array
12859
+ # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.hosting_environments[0].arn #=> String
12860
+ # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.workload_identities #=> Array
12861
+ # resp.harness.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.workload_identities[0] #=> String
12039
12862
  # resp.harness.memory.agent_core_memory_configuration.arn #=> String
12040
12863
  # resp.harness.memory.agent_core_memory_configuration.actor_id #=> String
12041
12864
  # resp.harness.memory.agent_core_memory_configuration.messages_count #=> Integer
@@ -12043,6 +12866,11 @@ module Aws::BedrockAgentCoreControl
12043
12866
  # resp.harness.memory.agent_core_memory_configuration.retrieval_config["String"].top_k #=> Integer
12044
12867
  # resp.harness.memory.agent_core_memory_configuration.retrieval_config["String"].relevance_score #=> Float
12045
12868
  # resp.harness.memory.agent_core_memory_configuration.retrieval_config["String"].strategy_id #=> String
12869
+ # resp.harness.memory.managed_memory_configuration.arn #=> String
12870
+ # resp.harness.memory.managed_memory_configuration.strategies #=> Array
12871
+ # resp.harness.memory.managed_memory_configuration.strategies[0] #=> String, one of "SEMANTIC", "SUMMARIZATION", "USER_PREFERENCE", "EPISODIC"
12872
+ # resp.harness.memory.managed_memory_configuration.event_expiry_duration #=> Integer
12873
+ # resp.harness.memory.managed_memory_configuration.encryption_key_arn #=> String
12046
12874
  # resp.harness.max_iterations #=> Integer
12047
12875
  # resp.harness.max_tokens #=> Integer
12048
12876
  # resp.harness.timeout_seconds #=> Integer
@@ -12057,6 +12885,66 @@ module Aws::BedrockAgentCoreControl
12057
12885
  req.send_request(options)
12058
12886
  end
12059
12887
 
12888
+ # Operation to update a harness endpoint.
12889
+ #
12890
+ # @option params [required, String] :harness_id
12891
+ # The ID of the harness that the endpoint belongs to.
12892
+ #
12893
+ # @option params [required, String] :endpoint_name
12894
+ # The name of the endpoint to update.
12895
+ #
12896
+ # @option params [String] :target_version
12897
+ # The harness version that the endpoint points to. If not specified, the
12898
+ # existing value is retained.
12899
+ #
12900
+ # @option params [String] :description
12901
+ # A description of the endpoint. If not specified, the existing value is
12902
+ # retained.
12903
+ #
12904
+ # @option params [String] :client_token
12905
+ # A unique, case-sensitive identifier to ensure idempotency of the
12906
+ # request.
12907
+ #
12908
+ # **A suitable default value is auto-generated.** You should normally
12909
+ # not need to pass this option.**
12910
+ #
12911
+ # @return [Types::UpdateHarnessEndpointResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
12912
+ #
12913
+ # * {Types::UpdateHarnessEndpointResponse#endpoint #endpoint} => Types::HarnessEndpoint
12914
+ #
12915
+ # @example Request syntax with placeholder values
12916
+ #
12917
+ # resp = client.update_harness_endpoint({
12918
+ # harness_id: "HarnessId", # required
12919
+ # endpoint_name: "HarnessEndpointName", # required
12920
+ # target_version: "HarnessVersion",
12921
+ # description: "HarnessEndpointDescription",
12922
+ # client_token: "ClientToken",
12923
+ # })
12924
+ #
12925
+ # @example Response structure
12926
+ #
12927
+ # resp.endpoint.harness_id #=> String
12928
+ # resp.endpoint.harness_name #=> String
12929
+ # resp.endpoint.endpoint_name #=> String
12930
+ # resp.endpoint.arn #=> String
12931
+ # resp.endpoint.status #=> String, one of "CREATING", "CREATE_FAILED", "UPDATING", "UPDATE_FAILED", "READY", "DELETING", "DELETE_FAILED"
12932
+ # resp.endpoint.created_at #=> Time
12933
+ # resp.endpoint.updated_at #=> Time
12934
+ # resp.endpoint.live_version #=> String
12935
+ # resp.endpoint.target_version #=> String
12936
+ # resp.endpoint.description #=> String
12937
+ # resp.endpoint.failure_reason #=> String
12938
+ #
12939
+ # @see http://docs.aws.amazon.com/goto/WebAPI/bedrock-agentcore-control-2023-06-05/UpdateHarnessEndpoint AWS API Documentation
12940
+ #
12941
+ # @overload update_harness_endpoint(params = {})
12942
+ # @param [Hash] params ({})
12943
+ def update_harness_endpoint(params = {}, options = {})
12944
+ req = build_request(:update_harness_endpoint, params)
12945
+ req.send_request(options)
12946
+ end
12947
+
12060
12948
  # Update an Amazon Bedrock AgentCore Memory resource memory.
12061
12949
  #
12062
12950
  # @option params [String] :client_token
@@ -12699,6 +13587,7 @@ module Aws::BedrockAgentCoreControl
12699
13587
  # resp.memory.stream_delivery_resources.resources[0].kinesis.content_configurations #=> Array
12700
13588
  # resp.memory.stream_delivery_resources.resources[0].kinesis.content_configurations[0].type #=> String, one of "MEMORY_RECORDS"
12701
13589
  # resp.memory.stream_delivery_resources.resources[0].kinesis.content_configurations[0].level #=> String, one of "METADATA_ONLY", "FULL_CONTENT"
13590
+ # resp.memory.managed_by_resource_arn #=> String
12702
13591
  #
12703
13592
  # @see http://docs.aws.amazon.com/goto/WebAPI/bedrock-agentcore-control-2023-06-05/UpdateMemory AWS API Documentation
12704
13593
  #
@@ -13370,6 +14259,9 @@ module Aws::BedrockAgentCoreControl
13370
14259
  # allowed_audience: ["AllowedAudience"],
13371
14260
  # allowed_clients: ["AllowedClient"],
13372
14261
  # allowed_scopes: ["AllowedScopeType"],
14262
+ # advertised_scope_mapping: {
14263
+ # "AllowedScopeType" => "AllowedScopeType",
14264
+ # },
13373
14265
  # custom_claims: [
13374
14266
  # {
13375
14267
  # inbound_token_claim_name: "InboundTokenClaimNameType", # required
@@ -13418,6 +14310,14 @@ module Aws::BedrockAgentCoreControl
13418
14310
  # },
13419
14311
  # },
13420
14312
  # ],
14313
+ # allowed_workload_configuration: {
14314
+ # hosting_environments: [
14315
+ # {
14316
+ # arn: "BedrockAgentcoreResourceArn", # required
14317
+ # },
14318
+ # ],
14319
+ # workload_identities: ["WorkloadIdentityNameType"],
14320
+ # },
13421
14321
  # },
13422
14322
  # },
13423
14323
  # role_arn: "RoleArn",
@@ -13480,6 +14380,13 @@ module Aws::BedrockAgentCoreControl
13480
14380
  # FAIL\_ON\_ANY\_FINDINGS to ensure policy correctness during updates,
13481
14381
  # especially when modifying policy logic or conditions.
13482
14382
  #
14383
+ # @option params [String] :enforcement_mode
14384
+ # The enforcement mode for the policy. Run this policy in `LOG_ONLY`
14385
+ # mode to collect data on how it affects your application. Once you are
14386
+ # satisfied with the data gathered, switch the policy to `ACTIVE`. If
14387
+ # you omit this field, the policy's existing enforcement mode is
14388
+ # unchanged.
14389
+ #
13483
14390
  # @return [Types::UpdatePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
13484
14391
  #
13485
14392
  # * {Types::UpdatePolicyResponse#policy_id #policy_id} => String
@@ -13489,6 +14396,7 @@ module Aws::BedrockAgentCoreControl
13489
14396
  # * {Types::UpdatePolicyResponse#updated_at #updated_at} => Time
13490
14397
  # * {Types::UpdatePolicyResponse#policy_arn #policy_arn} => String
13491
14398
  # * {Types::UpdatePolicyResponse#status #status} => String
14399
+ # * {Types::UpdatePolicyResponse#enforcement_mode #enforcement_mode} => String
13492
14400
  # * {Types::UpdatePolicyResponse#definition #definition} => Types::PolicyDefinition
13493
14401
  # * {Types::UpdatePolicyResponse#description #description} => String
13494
14402
  # * {Types::UpdatePolicyResponse#status_reasons #status_reasons} => Array&lt;String&gt;
@@ -13509,8 +14417,12 @@ module Aws::BedrockAgentCoreControl
13509
14417
  # policy_generation_id: "ResourceId", # required
13510
14418
  # policy_generation_asset_id: "ResourceId", # required
13511
14419
  # },
14420
+ # policy: {
14421
+ # statement: "Statement", # required
14422
+ # },
13512
14423
  # },
13513
14424
  # validation_mode: "FAIL_ON_ANY_FINDINGS", # accepts FAIL_ON_ANY_FINDINGS, IGNORE_ALL_FINDINGS
14425
+ # enforcement_mode: "ACTIVE", # accepts ACTIVE, LOG_ONLY
13514
14426
  # })
13515
14427
  #
13516
14428
  # @example Response structure
@@ -13522,9 +14434,11 @@ module Aws::BedrockAgentCoreControl
13522
14434
  # resp.updated_at #=> Time
13523
14435
  # resp.policy_arn #=> String
13524
14436
  # resp.status #=> String, one of "CREATING", "ACTIVE", "UPDATING", "DELETING", "CREATE_FAILED", "UPDATE_FAILED", "DELETE_FAILED"
14437
+ # resp.enforcement_mode #=> String, one of "ACTIVE", "LOG_ONLY"
13525
14438
  # resp.definition.cedar.statement #=> String
13526
14439
  # resp.definition.policy_generation.policy_generation_id #=> String
13527
14440
  # resp.definition.policy_generation.policy_generation_asset_id #=> String
14441
+ # resp.definition.policy.statement #=> String
13528
14442
  # resp.description #=> String
13529
14443
  # resp.status_reasons #=> Array
13530
14444
  # resp.status_reasons[0] #=> String
@@ -13648,6 +14562,9 @@ module Aws::BedrockAgentCoreControl
13648
14562
  # allowed_audience: ["AllowedAudience"],
13649
14563
  # allowed_clients: ["AllowedClient"],
13650
14564
  # allowed_scopes: ["AllowedScopeType"],
14565
+ # advertised_scope_mapping: {
14566
+ # "AllowedScopeType" => "AllowedScopeType",
14567
+ # },
13651
14568
  # custom_claims: [
13652
14569
  # {
13653
14570
  # inbound_token_claim_name: "InboundTokenClaimNameType", # required
@@ -13696,6 +14613,14 @@ module Aws::BedrockAgentCoreControl
13696
14613
  # },
13697
14614
  # },
13698
14615
  # ],
14616
+ # allowed_workload_configuration: {
14617
+ # hosting_environments: [
14618
+ # {
14619
+ # arn: "BedrockAgentcoreResourceArn", # required
14620
+ # },
14621
+ # ],
14622
+ # workload_identities: ["WorkloadIdentityNameType"],
14623
+ # },
13699
14624
  # },
13700
14625
  # },
13701
14626
  # },
@@ -13720,6 +14645,8 @@ module Aws::BedrockAgentCoreControl
13720
14645
  # resp.authorizer_configuration.custom_jwt_authorizer.allowed_clients[0] #=> String
13721
14646
  # resp.authorizer_configuration.custom_jwt_authorizer.allowed_scopes #=> Array
13722
14647
  # resp.authorizer_configuration.custom_jwt_authorizer.allowed_scopes[0] #=> String
14648
+ # resp.authorizer_configuration.custom_jwt_authorizer.advertised_scope_mapping #=> Hash
14649
+ # resp.authorizer_configuration.custom_jwt_authorizer.advertised_scope_mapping["AllowedScopeType"] #=> String
13723
14650
  # resp.authorizer_configuration.custom_jwt_authorizer.custom_claims #=> Array
13724
14651
  # resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_name #=> String
13725
14652
  # resp.authorizer_configuration.custom_jwt_authorizer.custom_claims[0].inbound_token_claim_value_type #=> String, one of "STRING", "STRING_ARRAY"
@@ -13749,6 +14676,10 @@ module Aws::BedrockAgentCoreControl
13749
14676
  # resp.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.tags #=> Hash
13750
14677
  # resp.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.tags["TagKey"] #=> String
13751
14678
  # resp.authorizer_configuration.custom_jwt_authorizer.private_endpoint_overrides[0].private_endpoint.managed_vpc_resource.routing_domain #=> String
14679
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.hosting_environments #=> Array
14680
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.hosting_environments[0].arn #=> String
14681
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.workload_identities #=> Array
14682
+ # resp.authorizer_configuration.custom_jwt_authorizer.allowed_workload_configuration.workload_identities[0] #=> String
13752
14683
  # resp.approval_configuration.auto_approval #=> Boolean
13753
14684
  # resp.status #=> String, one of "CREATING", "READY", "UPDATING", "CREATE_FAILED", "UPDATE_FAILED", "DELETING", "DELETE_FAILED"
13754
14685
  # resp.status_reason #=> String
@@ -14080,7 +15011,7 @@ module Aws::BedrockAgentCoreControl
14080
15011
  tracer: tracer
14081
15012
  )
14082
15013
  context[:gem_name] = 'aws-sdk-bedrockagentcorecontrol'
14083
- context[:gem_version] = '1.53.0'
15014
+ context[:gem_version] = '1.55.0'
14084
15015
  Seahorse::Client::Request.new(handlers, context)
14085
15016
  end
14086
15017