cdk-local 0.135.0 → 0.137.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -3448,10 +3448,14 @@ function scanByType(stacks, type) {
3448
3448
  /**
3449
3449
  * Enumerate `AWS::BedrockAgentCore::Runtime` targets, marking each with
3450
3450
  * {@link TargetEntry.agentCoreHasWs} — true for HTTP / AGUI runtimes (which
3451
- * expose a `/ws` WebSocket endpoint), false for MCP / A2A (which do not). The
3452
- * marker lets the studio `agentcore-ws` serve group list only the runtimes
3453
- * `cdkl start-agentcore` can serve. The protocol is read the same way the
3454
- * resolver reads it (`Properties.ProtocolConfiguration`, default HTTP).
3451
+ * expose a `/ws` WebSocket endpoint), false for MCP / A2A (which do not) — and
3452
+ * {@link TargetEntry.agentCoreContractPath}, the POST path the runtime's
3453
+ * protocol contract is served on (`/invocations` / `/mcp` / `/`). `cdkl
3454
+ * start-agentcore` serves every protocol (issue #454), so the studio serve
3455
+ * group lists every runtime; the `hasWs` marker decides only whether to render
3456
+ * the WebSocket console too, and the contract path seeds the HTTP composer. The
3457
+ * protocol is read the same way the resolver reads it
3458
+ * (`Properties.ProtocolConfiguration`, default HTTP).
3455
3459
  */
3456
3460
  function scanAgentCoreRuntimes(stacks) {
3457
3461
  const entries = [];
@@ -3462,6 +3466,7 @@ function scanAgentCoreRuntimes(stacks) {
3462
3466
  const entry = makeEntry(stack.stackName, logicalId, readCdkPathOrUndefined(resource));
3463
3467
  const protocol = resource.Properties?.["ProtocolConfiguration"];
3464
3468
  entry.agentCoreHasWs = protocol !== "MCP" && protocol !== "A2A";
3469
+ entry.agentCoreContractPath = protocol === "MCP" ? "/mcp" : protocol === "A2A" ? "/" : "/invocations";
3465
3470
  entries.push(entry);
3466
3471
  }
3467
3472
  }
@@ -18469,8 +18474,8 @@ function defaultFetchObject$1(options) {
18469
18474
  * plain HTTP. `cdkl invoke-agentcore` runs the container, waits for `/ping`,
18470
18475
  * then POSTs one event to `/invocations` (invoke-once).
18471
18476
  */
18472
- const PING_PATH$1 = "/ping";
18473
- const INVOCATIONS_PATH$1 = "/invocations";
18477
+ const PING_PATH = "/ping";
18478
+ const INVOCATIONS_PATH = "/invocations";
18474
18479
  /**
18475
18480
  * Header AgentCore Runtime uses to carry the session id to the container.
18476
18481
  * Real AgentCore always sends it; we generate one (or pass the user's
@@ -18507,7 +18512,7 @@ async function waitForAgentCorePing(host, port, timeoutMs = 3e4) {
18507
18512
  await setTimeout$1(150);
18508
18513
  }
18509
18514
  const tail = lastDetail ? `: ${lastDetail}` : "";
18510
- throw new Error(`AgentCore agent did not become ready on ${host}:${port} within ${timeoutMs}ms${tail}. The container may have exited early or may not serve GET ${PING_PATH$1} — check 'docker logs' output.`);
18515
+ throw new Error(`AgentCore agent did not become ready on ${host}:${port} within ${timeoutMs}ms${tail}. The container may have exited early or may not serve GET ${PING_PATH} — check 'docker logs' output.`);
18511
18516
  }
18512
18517
  /**
18513
18518
  * Issue `GET /ping`. Returns the HTTP status on any response, undefined on
@@ -18518,7 +18523,7 @@ async function pingProbe(host, port, timeoutMs) {
18518
18523
  const controller = new AbortController();
18519
18524
  const timer = setTimeout(() => controller.abort(), timeoutMs);
18520
18525
  try {
18521
- const response = await fetch(`http://${host}:${port}${PING_PATH$1}`, {
18526
+ const response = await fetch(`http://${host}:${port}${PING_PATH}`, {
18522
18527
  method: "GET",
18523
18528
  signal: controller.signal
18524
18529
  });
@@ -18532,6 +18537,47 @@ async function pingProbe(host, port, timeoutMs) {
18532
18537
  }
18533
18538
  }
18534
18539
  /**
18540
+ * Wait until the container's HTTP server on `host:port` answers a probe `POST`
18541
+ * at `path` with ANY HTTP status, or throw after `timeoutMs`. This is the
18542
+ * readiness gate for the MCP / A2A warm serve (`cdkl start-agentcore`), which —
18543
+ * unlike the HTTP / AGUI protocol — have no `GET /ping`: an HTTP response (even
18544
+ * a 4xx for the probe's empty body) proves the app's HTTP server is bound and
18545
+ * routing the protocol path, so the warm serve can advertise its endpoint
18546
+ * without racing container boot. Only transient connect failures (the
18547
+ * container still coming up) are retried; the probe does NOT interpret the
18548
+ * protocol — the real client drives the MCP handshake / A2A JSON-RPC through
18549
+ * the serve.
18550
+ *
18551
+ * A TCP-only probe would be too early (Docker's port forwarder accepts the
18552
+ * connection before the agent's HTTP server binds); an HTTP response is the
18553
+ * honest "the app is up" signal.
18554
+ */
18555
+ async function waitForAgentCoreHttpReady(host, port, path, timeoutMs = 3e4) {
18556
+ const deadline = Date.now() + timeoutMs;
18557
+ let lastDetail = "";
18558
+ while (Date.now() < deadline) {
18559
+ const controller = new AbortController();
18560
+ const timer = setTimeout(() => controller.abort(), 1e3);
18561
+ try {
18562
+ await (await fetch(`http://${host}:${port}${path}`, {
18563
+ method: "POST",
18564
+ headers: { "content-type": "application/json" },
18565
+ body: "{}",
18566
+ signal: controller.signal
18567
+ })).text().catch(() => void 0);
18568
+ return;
18569
+ } catch (err) {
18570
+ if (!isTransientNetworkError$2(err)) throw err;
18571
+ lastDetail = err instanceof Error ? err.message : String(err);
18572
+ } finally {
18573
+ clearTimeout(timer);
18574
+ }
18575
+ await setTimeout$1(150);
18576
+ }
18577
+ const tail = lastDetail ? `: ${lastDetail}` : "";
18578
+ throw new Error(`AgentCore agent did not become ready on ${host}:${port} within ${timeoutMs}ms${tail}. The container may have exited early or may not serve POST ${path} — check 'docker logs' output.`);
18579
+ }
18580
+ /**
18535
18581
  * `fetch()` failures during container boot manifest as a generic
18536
18582
  * `TypeError: fetch failed` whose `.cause` carries the underlying Node
18537
18583
  * `ECONNRESET` / `ECONNREFUSED` / `UND_ERR_SOCKET`. Treat all of those —
@@ -18557,7 +18603,7 @@ function isTransientNetworkError$2(err) {
18557
18603
  * a missing sink) is buffered into `raw` and returned verbatim.
18558
18604
  */
18559
18605
  async function invokeAgentCore(host, port, event, options) {
18560
- const url = `http://${host}:${port}${INVOCATIONS_PATH$1}`;
18606
+ const url = `http://${host}:${port}${INVOCATIONS_PATH}`;
18561
18607
  const body = JSON.stringify(event ?? {});
18562
18608
  const controller = new AbortController();
18563
18609
  const timer = setTimeout(() => controller.abort(), options.timeoutMs);
@@ -31010,33 +31056,14 @@ function startAgentCoreWsBridge(config) {
31010
31056
 
31011
31057
  //#endregion
31012
31058
  //#region src/local/agentcore-http-server.ts
31013
- /**
31014
- * Host HTTP serve in front of a warm AgentCore runtime container, the serving
31015
- * primitive behind `cdkl start-agentcore` for HTTP / AGUI protocols (issue
31016
- * #454). Unlike the single-shot `cdkl invoke-agentcore` — which boots a
31017
- * container, POSTs ONE `/invocations`, and tears it down — this keeps the
31018
- * container warm and serves its native HTTP contract until `^C`, so a client
31019
- * can hit `POST /invocations` (and `GET /ping`) repeatedly against the SAME
31020
- * warm container. That mirrors AgentCore's deployed model, where many
31021
- * `InvokeAgentRuntime` calls on the same `runtimeSessionId` reuse one warm
31022
- * microVM.
31023
- *
31024
- * One host `http.Server` serves all three:
31025
- * - `GET /ping` -> proxied to the container's `/ping`
31026
- * - `POST /invocations` -> proxied to the container's `/invocations`
31027
- * (request body streamed up, response — JSON or SSE — streamed back)
31028
- * - `/ws` upgrade -> the existing header-injecting bridge
31029
- * ({@link attachAgentCoreWsBridge}) on the same port, so a header-less
31030
- * browser `WebSocket` still works exactly as before.
31031
- *
31032
- * Auth parity: the boot-resolved `authorization` (the `--bearer-token`
31033
- * validated once at boot under a `customJwtAuthorizer`, or the `--sigv4`
31034
- * header set) is injected on every forwarded request — the same model the
31035
- * `/ws` bridge uses. Per-request inbound JWT verification is out of scope for
31036
- * this slice.
31037
- */
31038
- const PING_PATH = "/ping";
31039
- const INVOCATIONS_PATH = "/invocations";
31059
+ /** Default routing table — the HTTP / AGUI contract (POST /invocations + GET /ping). */
31060
+ const DEFAULT_ROUTES = [{
31061
+ method: "POST",
31062
+ path: "/invocations"
31063
+ }, {
31064
+ method: "GET",
31065
+ path: "/ping"
31066
+ }];
31040
31067
  /**
31041
31068
  * Proxy one inbound HTTP request to the warm container, injecting the
31042
31069
  * session-id + Authorization (+ any extra) headers, and stream the response
@@ -31077,22 +31104,25 @@ function proxyToContainer(clientReq, clientRes, config, upstreamPath) {
31077
31104
  */
31078
31105
  function startAgentCoreHttpServer(config) {
31079
31106
  const host = config.host ?? "127.0.0.1";
31107
+ const routes = config.routes ?? DEFAULT_ROUTES;
31108
+ const attachWs = config.attachWs ?? true;
31109
+ const notFoundHint = buildNotFoundHint(routes, attachWs);
31080
31110
  const httpServer = createServer$1((req, res) => {
31081
31111
  const path = (req.url ?? "/").split("?")[0];
31082
- if (req.method === "GET" && path === PING_PATH) return proxyToContainer(req, res, config, PING_PATH);
31083
- if (req.method === "POST" && path === INVOCATIONS_PATH) return proxyToContainer(req, res, config, INVOCATIONS_PATH);
31112
+ const match = routes.find((r) => r.method === req.method && r.path === path);
31113
+ if (match) return proxyToContainer(req, res, config, match.path);
31084
31114
  res.writeHead(404, { "content-type": "application/json" });
31085
31115
  res.end(JSON.stringify({
31086
31116
  error: "not found",
31087
- hint: "POST /invocations or GET /ping (WebSocket: connect to /ws)"
31117
+ hint: notFoundHint
31088
31118
  }));
31089
31119
  });
31090
- const bridge = attachAgentCoreWsBridge(httpServer, {
31120
+ const bridge = attachWs ? attachAgentCoreWsBridge(httpServer, {
31091
31121
  containerHost: config.containerHost,
31092
31122
  containerPort: config.containerPort,
31093
31123
  ...config.sessionId && { sessionId: config.sessionId },
31094
31124
  ...config.authorization && { authorization: config.authorization }
31095
- });
31125
+ }) : void 0;
31096
31126
  return new Promise((resolve, reject) => {
31097
31127
  httpServer.once("error", reject);
31098
31128
  httpServer.listen(config.port ?? 0, host, () => {
@@ -31101,15 +31131,26 @@ function startAgentCoreHttpServer(config) {
31101
31131
  const port = httpServer.address().port;
31102
31132
  resolve({
31103
31133
  httpUrl: `http://${host}:${port}`,
31104
- wsUrl: `ws://${host}:${port}${bridge.path}`,
31134
+ ...bridge && { wsUrl: `ws://${host}:${port}${bridge.path}` },
31105
31135
  port,
31106
31136
  close: () => new Promise((res) => {
31107
- bridge.close().then(() => httpServer.close(() => res()));
31137
+ if (bridge) bridge.close().then(() => httpServer.close(() => res()));
31138
+ else httpServer.close(() => res());
31108
31139
  })
31109
31140
  });
31110
31141
  });
31111
31142
  });
31112
31143
  }
31144
+ /**
31145
+ * Build the 404 hint from the served routes, appending the `/ws` pointer when
31146
+ * the WebSocket bridge is attached. e.g. HTTP / AGUI ->
31147
+ * `POST /invocations or GET /ping (WebSocket: connect to /ws)`; MCP ->
31148
+ * `POST /mcp`.
31149
+ */
31150
+ function buildNotFoundHint(routes, attachWs) {
31151
+ const base = routes.map((r) => `${r.method} ${r.path}`).join(" or ");
31152
+ return attachWs ? `${base} (WebSocket: connect to /ws)` : base;
31153
+ }
31113
31154
 
31114
31155
  //#endregion
31115
31156
  //#region src/cli/commands/local-start-agentcore.ts
@@ -31122,31 +31163,66 @@ function parsePort(raw) {
31122
31163
  return n;
31123
31164
  }
31124
31165
  /**
31125
- * Reject MCP / A2A runtimes: the `/ws` WebSocket endpoint this command serves
31126
- * exists only on the HTTP / AGUI protocols. MCP (`POST /mcp`) and A2A
31127
- * (`POST /`) are single-shot request/response contracts with no bidirectional
31128
- * socket. Exported so a unit test can drive the gate without the Docker
31129
- * pipeline.
31166
+ * Map a resolved runtime's protocol to its warm-serve plan. All four protocols
31167
+ * are served (issue #454): HTTP / AGUI on 8080 (`POST /invocations` + `GET
31168
+ * /ping` + the `/ws` bridge), MCP on 8000 (`POST /mcp`), A2A on 9000
31169
+ * (`POST /`). MCP / A2A are pure request/response pass-through with no `/ws`.
31130
31170
  */
31131
- function assertAgentCoreWsServable(resolved) {
31132
- if (resolved.protocol === "MCP" || resolved.protocol === "A2A") throw new CdkLocalError(`${getEmbedConfig().cliName} start-agentcore serves the HTTP / AGUI /ws WebSocket endpoint, but '${resolved.logicalId}' is a ${resolved.protocol} runtime, which has no /ws. Use \`${getEmbedConfig().cliName} invoke-agentcore\` for ${resolved.protocol} runtimes.`, "LOCAL_START_AGENTCORE_PROTOCOL_UNSUPPORTED");
31171
+ function resolveAgentCoreServePlan(protocol) {
31172
+ if (protocol === "MCP") return {
31173
+ containerPort: MCP_CONTAINER_PORT,
31174
+ containerPortLabel: `${MCP_CONTAINER_PORT}${MCP_PATH}`,
31175
+ routes: [{
31176
+ method: "POST",
31177
+ path: MCP_PATH
31178
+ }],
31179
+ attachWs: false,
31180
+ readyPath: MCP_PATH
31181
+ };
31182
+ if (protocol === "A2A") return {
31183
+ containerPort: A2A_CONTAINER_PORT,
31184
+ containerPortLabel: `${A2A_CONTAINER_PORT}${"/"}`,
31185
+ routes: [{
31186
+ method: "POST",
31187
+ path: "/"
31188
+ }],
31189
+ attachWs: false,
31190
+ readyPath: "/"
31191
+ };
31192
+ return {
31193
+ containerPort: void 0,
31194
+ containerPortLabel: "8080",
31195
+ routes: [{
31196
+ method: "POST",
31197
+ path: "/invocations"
31198
+ }, {
31199
+ method: "GET",
31200
+ path: "/ping"
31201
+ }],
31202
+ attachWs: true,
31203
+ readyPath: void 0
31204
+ };
31133
31205
  }
31134
31206
  /**
31135
31207
  * `cdkl start-agentcore <target>` — boot a Bedrock AgentCore Runtime container
31136
- * locally and serve its bidirectional `/ws` WebSocket endpoint behind a
31137
- * long-running host bridge, so a browser (or any WebSocket client) can hold an
31138
- * interactive multi-frame session against it.
31139
- *
31140
- * Why a bridge rather than the published container port directly: the
31141
- * AgentCore `/ws` upgrade requires the session-id (and, under a
31142
- * `customJwtAuthorizer`, `Authorization`) header, which a browser `WebSocket`
31143
- * cannot set. The bridge accepts a header-less client and injects those
31144
- * headers on the container leg. HTTP / AGUI protocols only — MCP / A2A
31145
- * runtimes have no `/ws`.
31208
+ * locally ONCE, keep it warm, and serve its native contract on one host port
31209
+ * until SIGINT / SIGTERM, so a client can hit the agent repeatedly against the
31210
+ * SAME warm container (issue #454).
31211
+ *
31212
+ * All four protocols are served (the proxy is protocol-agnostic; only the
31213
+ * routing + readiness differ per {@link resolveAgentCoreServePlan}):
31214
+ * - HTTP / AGUI (8080): `POST /invocations` + `GET /ping`, plus the
31215
+ * bidirectional `/ws` endpoint behind a host bridge. The `/ws` upgrade
31216
+ * requires the session-id (and, under a `customJwtAuthorizer`,
31217
+ * `Authorization`) header a browser `WebSocket` cannot set, so the bridge
31218
+ * accepts a header-less client and injects those headers on the container
31219
+ * leg.
31220
+ * - MCP (8000): `POST /mcp`. A2A (9000): `POST /`. No `/ws` — pure
31221
+ * request/response pass-through (the client drives the handshake).
31146
31222
  *
31147
31223
  * The container is booted once via the SAME image / env / auth resolution as
31148
31224
  * `cdkl invoke-agentcore`; the process then blocks until SIGINT / SIGTERM,
31149
- * tearing down the bridge and the container.
31225
+ * tearing down the serve and the container.
31150
31226
  */
31151
31227
  async function localStartAgentCoreCommand(target, options, extraStateProviders) {
31152
31228
  const logger = getLogger();
@@ -31218,7 +31294,7 @@ async function localStartAgentCoreCommand(target, options, extraStateProviders)
31218
31294
  };
31219
31295
  const resolved = resolveAgentCoreTarget(resolvedTarget, stacks, imageContext);
31220
31296
  logger.info(`Target: ${resolved.stack.stackName}/${resolved.logicalId} (${resolved.protocol})`);
31221
- assertAgentCoreWsServable(resolved);
31297
+ const plan = resolveAgentCoreServePlan(resolved.protocol);
31222
31298
  const authorization = await resolveInboundAuthorization(resolved, options);
31223
31299
  await resolveFromS3BucketIntrinsic(resolved, stateProvider, loadedState, imageContext);
31224
31300
  const image = await resolveAgentCoreImage(resolved, options, loadedState, stateProvider);
@@ -31226,7 +31302,7 @@ async function localStartAgentCoreCommand(target, options, extraStateProviders)
31226
31302
  const containerHostPort = await pickFreePort();
31227
31303
  const containerHost = options.containerHost;
31228
31304
  const containerName = `${getEmbedConfig().resourceNamePrefix}-agentcore-${process.pid}-${Math.random().toString(36).slice(2, 8)}`;
31229
- logger.info(`Starting agent container (image=${image}, port=${containerHostPort} -> 8080)...`);
31305
+ logger.info(`Starting agent container (image=${image}, port=${containerHostPort} -> ${plan.containerPortLabel})...`);
31230
31306
  containerId = await runDetached({
31231
31307
  image,
31232
31308
  mounts: [],
@@ -31236,6 +31312,7 @@ async function localStartAgentCoreCommand(target, options, extraStateProviders)
31236
31312
  host: containerHost,
31237
31313
  platform: options.platform,
31238
31314
  name: containerName,
31315
+ ...plan.containerPort !== void 0 && { containerPort: plan.containerPort },
31239
31316
  ...sensitiveEnvKeys.size > 0 && { sensitiveEnvKeys }
31240
31317
  });
31241
31318
  stopLogs = streamLogs(containerId);
@@ -31249,12 +31326,15 @@ async function localStartAgentCoreCommand(target, options, extraStateProviders)
31249
31326
  process.on("SIGINT", () => void shutdown("SIGINT", 130));
31250
31327
  process.on("SIGTERM", () => void shutdown("SIGTERM", 0));
31251
31328
  try {
31252
- await waitForAgentCorePing(containerHost, containerHostPort, options.timeout);
31329
+ if (plan.readyPath === void 0) await waitForAgentCorePing(containerHost, containerHostPort, options.timeout);
31330
+ else await waitForAgentCoreHttpReady(containerHost, containerHostPort, plan.readyPath, options.timeout);
31253
31331
  server = await startAgentCoreHttpServer({
31254
31332
  containerHost,
31255
31333
  containerPort: containerHostPort,
31256
31334
  host: options.host,
31257
31335
  port: options.port,
31336
+ routes: plan.routes,
31337
+ attachWs: plan.attachWs,
31258
31338
  ...authorization && { authorization },
31259
31339
  ...options.sessionId && { sessionId: options.sessionId }
31260
31340
  });
@@ -31262,21 +31342,30 @@ async function localStartAgentCoreCommand(target, options, extraStateProviders)
31262
31342
  await teardown();
31263
31343
  throw err;
31264
31344
  }
31265
- logger.info(`Server listening on ${server.wsUrl} (${resolved.logicalId} (AgentCore WebSocket))`);
31266
- logger.info(`HTTP contract served on ${server.httpUrl} — POST ${server.httpUrl}/invocations, GET ${server.httpUrl}/ping`);
31345
+ if (server.wsUrl) {
31346
+ logger.info(`Server listening on ${server.wsUrl} (${resolved.logicalId} (AgentCore WebSocket))`);
31347
+ logger.info(`HTTP contract served on ${server.httpUrl} — POST ${server.httpUrl}/invocations, GET ${server.httpUrl}/ping`);
31348
+ } else {
31349
+ const contractPath = plan.routes[0]?.path ?? "/";
31350
+ const contractUrl = `${server.httpUrl}${contractPath}`;
31351
+ logger.info(`Server listening on ${server.httpUrl} (${resolved.logicalId})`);
31352
+ logger.info(`${resolved.protocol} contract served on ${contractUrl} — POST ${contractUrl}`);
31353
+ }
31267
31354
  logger.info("Press ^C to shut down.");
31268
31355
  await new Promise(() => void 0);
31269
31356
  }
31270
31357
  /**
31271
- * `cdkl start-agentcore <target>` — long-running serve for a Bedrock AgentCore
31272
- * Runtime's `/ws` WebSocket endpoint, fronted by a host bridge that injects the
31273
- * session-id / Authorization upgrade headers a browser `WebSocket` cannot set.
31274
- * The serve counterpart of the single-shot `cdkl invoke-agentcore`; the studio
31358
+ * `cdkl start-agentcore <target>` — long-running warm serve for a Bedrock
31359
+ * AgentCore Runtime. Boots the container once and serves its native contract on
31360
+ * one host port: HTTP / AGUI get `POST /invocations` + `GET /ping` plus the
31361
+ * `/ws` bridge (which injects the session-id / Authorization upgrade headers a
31362
+ * browser `WebSocket` cannot set), MCP gets `POST /mcp`, A2A gets `POST /`. The
31363
+ * serve counterpart of the single-shot `cdkl invoke-agentcore`; the studio
31275
31364
  * `agentcore-ws` serve kind spawns this command.
31276
31365
  */
31277
31366
  function createLocalStartAgentCoreCommand(opts = {}) {
31278
31367
  setEmbedConfig(opts.embedConfig);
31279
- const cmd = new Command("start-agentcore").description("Serve a Bedrock AgentCore Runtime's bidirectional /ws WebSocket endpoint locally for an interactive multi-frame session. Boots the AWS::BedrockAgentCore::Runtime container (same image / env / credential resolution as invoke-agentcore), then runs a host WebSocket bridge that injects the AgentCore session-id (and Authorization under a customJwtAuthorizer) on the container upgrade so a header-less client (e.g. a browser) can connect. HTTP / AGUI protocols only (MCP / A2A runtimes have no /ws). Target accepts a CDK display path (MyStack/MyAgent) or stack-qualified logical ID; single-stack apps may omit the prefix. Omit <target> in a TTY to pick from a list. Runs until ^C.").argument("[target]", "CDK display path or stack-qualified logical ID of the AgentCore Runtime to serve (omit to pick interactively in a TTY)").action(withErrorHandling(async (target, options) => {
31368
+ const cmd = new Command("start-agentcore").description("Serve a Bedrock AgentCore Runtime's contract locally against a warm container. Boots the AWS::BedrockAgentCore::Runtime container ONCE (same image / env / credential resolution as invoke-agentcore) and keeps it warm, so a client can hit it repeatedly. HTTP / AGUI runtimes serve POST /invocations + GET /ping plus the bidirectional /ws endpoint behind a host bridge (injects the AgentCore session-id, and Authorization under a customJwtAuthorizer, so a header-less client like a browser can connect); MCP runtimes serve POST /mcp, A2A POST /. Target accepts a CDK display path (MyStack/MyAgent) or stack-qualified logical ID; single-stack apps may omit the prefix. Omit <target> in a TTY to pick from a list. Runs until ^C.").argument("[target]", "CDK display path or stack-qualified logical ID of the AgentCore Runtime to serve (omit to pick interactively in a TTY)").action(withErrorHandling(async (target, options) => {
31280
31369
  await localStartAgentCoreCommand(target, options, opts.extraStateProviders);
31281
31370
  }));
31282
31371
  addStartAgentCoreSpecificOptions(cmd);
@@ -31296,7 +31385,7 @@ function createLocalStartAgentCoreCommand(opts = {}) {
31296
31385
  * `.addOption(...)` blocks. Chainable: returns `cmd`.
31297
31386
  */
31298
31387
  function addStartAgentCoreSpecificOptions(cmd) {
31299
- return cmd.addOption(new Option("--port <n>", "Bridge-server bind port the client (browser) connects to. Default 0 (OS-assigned).").default(0).argParser(parsePort)).addOption(new Option("--host <ip>", "Bridge-server bind host. Default 127.0.0.1.").default("127.0.0.1")).addOption(new Option("--session-id <id>", "Pin one AgentCore runtime session id header value for every connection (default: a fresh random UUID per connection, so each client is its own session).")).addOption(new Option("--bearer-token <jwt>", "Bearer JWT to present when the runtime declares a customJwtAuthorizer. Verified against the runtime's OIDC discovery URL before the container starts, then injected as Authorization: Bearer <jwt> on the container /ws upgrade for every bridged connection.")).addOption(new Option("--no-verify-auth", "Skip inbound JWT verification even when the runtime declares a customJwtAuthorizer (local-dev escape hatch). A --bearer-token, if given, is still forwarded.")).addOption(new Option("--env-vars <file>", "JSON env-var overrides (SAM-compatible: {\"LogicalId\":{\"KEY\":\"VALUE\"}, \"Parameters\": {...}})")).addOption(new Option("--platform <platform>", "docker --platform for the agent container (linux/amd64 or linux/arm64). Defaults to linux/arm64 because the cloud AgentCore Runtime requires arm64.").choices(["linux/amd64", "linux/arm64"]).default("linux/arm64")).addOption(new Option("--no-pull", "Skip docker pull (use cached image) — no-op for the local-build path")).addOption(new Option("--no-build", "Skip docker build on the local-asset path (use the previously-built tag). No-op for the ECR / registry pull paths.")).addOption(new Option("--container-host <host>", "Host IP used to bind the agent container port. Must be a numeric IP. Defaults to 127.0.0.1.").default("127.0.0.1")).addOption(new Option("--timeout <ms>", "Maximum time in milliseconds to wait for the container to become ready (the GET /ping readiness deadline). Default 120000.").default(12e4).argParser(parseTimeoutMs)).addOption(new Option("--assume-role [arn]", "Assume the runtime's execution role and forward STS-issued temp credentials to the container. (1) `--assume-role <arn>` assumes the explicit ARN; (2) `--assume-role` (bare) uses the runtime's literal RoleArn; (3) `--no-assume-role` opts out. Off by default.")).addOption(new Option("--ecr-role-arn <arn>", "Role ARN to assume before authenticating against ECR for cross-account / centralized registries.")).addOption(new Option("--from-cfn-stack [cfn-stack-name]", "Read a deployed CloudFormation stack and substitute Ref / Fn::ImportValue in env vars / image URIs with the deployed physical IDs / exports. Bare form uses the resolved stack name.")).addOption(new Option("--stack-region <region>", "Region of the state record to read. Used with --from-cfn-stack as the CFn client region."));
31388
+ return cmd.addOption(new Option("--port <n>", "Serve bind port the client connects to (HTTP contract + /ws on the same port). Default 0 (OS-assigned).").default(0).argParser(parsePort)).addOption(new Option("--host <ip>", "Serve bind host. Default 127.0.0.1.").default("127.0.0.1")).addOption(new Option("--session-id <id>", "Pin one AgentCore runtime session id header value for every forwarded request / /ws connection (default: a fresh random UUID each, so each is its own session).")).addOption(new Option("--bearer-token <jwt>", "Bearer JWT to present when the runtime declares a customJwtAuthorizer. Verified against the runtime's OIDC discovery URL before the container starts, then injected as Authorization: Bearer <jwt> on every forwarded request and the container /ws upgrade.")).addOption(new Option("--no-verify-auth", "Skip inbound JWT verification even when the runtime declares a customJwtAuthorizer (local-dev escape hatch). A --bearer-token, if given, is still forwarded.")).addOption(new Option("--env-vars <file>", "JSON env-var overrides (SAM-compatible: {\"LogicalId\":{\"KEY\":\"VALUE\"}, \"Parameters\": {...}})")).addOption(new Option("--platform <platform>", "docker --platform for the agent container (linux/amd64 or linux/arm64). Defaults to linux/arm64 because the cloud AgentCore Runtime requires arm64.").choices(["linux/amd64", "linux/arm64"]).default("linux/arm64")).addOption(new Option("--no-pull", "Skip docker pull (use cached image) — no-op for the local-build path")).addOption(new Option("--no-build", "Skip docker build on the local-asset path (use the previously-built tag). No-op for the ECR / registry pull paths.")).addOption(new Option("--container-host <host>", "Host IP used to bind the agent container port. Must be a numeric IP. Defaults to 127.0.0.1.").default("127.0.0.1")).addOption(new Option("--timeout <ms>", "Maximum time in milliseconds to wait for the container to become ready (the GET /ping readiness deadline). Default 120000.").default(12e4).argParser(parseTimeoutMs)).addOption(new Option("--assume-role [arn]", "Assume the runtime's execution role and forward STS-issued temp credentials to the container. (1) `--assume-role <arn>` assumes the explicit ARN; (2) `--assume-role` (bare) uses the runtime's literal RoleArn; (3) `--no-assume-role` opts out. Off by default.")).addOption(new Option("--ecr-role-arn <arn>", "Role ARN to assume before authenticating against ECR for cross-account / centralized registries.")).addOption(new Option("--from-cfn-stack [cfn-stack-name]", "Read a deployed CloudFormation stack and substitute Ref / Fn::ImportValue in env vars / image URIs with the deployed physical IDs / exports. Bare form uses the resolved stack name.")).addOption(new Option("--stack-region <region>", "Region of the state record to read. Used with --from-cfn-stack as the CFn client region."));
31300
31389
  }
31301
31390
 
31302
31391
  //#endregion
@@ -32314,8 +32403,8 @@ const STUDIO_CSS = `
32314
32403
  font: 12px ui-monospace, Menlo, monospace; }
32315
32404
  `;
32316
32405
  const STUDIO_SCRIPT = `
32317
- const KIND_LABEL = { lambda: 'Lambda', api: 'API', alb: 'ALB', ecs: 'ECS Service', 'ecs-task': 'ECS Task', cloudfront: 'CloudFront', agentcore: 'AgentCore', 'agentcore-ws': 'AgentCore WS' };
32318
- const SERVE_KINDS = ['api', 'alb', 'ecs', 'ecs-task', 'cloudfront', 'agentcore-ws']; // long-running serve targets (ecs-task = run-task; agentcore-ws = start-agentcore /ws bridge)
32406
+ const KIND_LABEL = { lambda: 'Lambda', api: 'API', alb: 'ALB', ecs: 'ECS Service', 'ecs-task': 'ECS Task', cloudfront: 'CloudFront', agentcore: 'AgentCore', 'agentcore-ws': 'AgentCore serve' };
32407
+ const SERVE_KINDS = ['api', 'alb', 'ecs', 'ecs-task', 'cloudfront', 'agentcore-ws']; // long-running serve targets (ecs-task = run-task; agentcore-ws = start-agentcore warm serve)
32319
32408
  const INVOKE_KINDS = ['lambda', 'agentcore']; // single-shot invoke targets (event composer)
32320
32409
  const rowsById = new Map(); // invocationId -> timeline row element
32321
32410
  const invById = new Map(); // invocationId -> latest invocation event
@@ -32856,6 +32945,8 @@ const STUDIO_SCRIPT = `
32856
32945
  kind: group.kind,
32857
32946
  pinned: entry.pinned === true,
32858
32947
  backingPinnedServices: entry.backingPinnedServices || [],
32948
+ agentCoreHasWs: entry.agentCoreHasWs === true,
32949
+ agentCoreContractPath: entry.agentCoreContractPath || null,
32859
32950
  });
32860
32951
  updateServeRow(entry.id);
32861
32952
  }
@@ -33293,13 +33384,25 @@ const STUDIO_SCRIPT = `
33293
33384
  : null;
33294
33385
  if (httpBase) {
33295
33386
  const captured = (st.endpoints || []).indexOf(httpBase) >= 0;
33296
- ws.appendChild(renderRequestComposer(id, httpBase, captured));
33387
+ // An agentcore serve's contract is POST-only on a fixed path
33388
+ // (/invocations | /mcp | /), so seed the composer with that method + path
33389
+ // instead of the generic GET / (issue #454). Other serves default to GET /.
33390
+ const composerDefaults =
33391
+ meta && meta.kind === 'agentcore-ws'
33392
+ ? { method: 'POST', path: meta.agentCoreContractPath || '/invocations' }
33393
+ : null;
33394
+ ws.appendChild(renderRequestComposer(id, httpBase, captured, composerDefaults));
33297
33395
  }
33298
33396
 
33299
- // A served WebSocket API exposes a ws:// endpoint attach a WebSocket
33300
- // console so the browser can connect + exchange frames (issue #303).
33397
+ // A served WebSocket endpoint (an API Gateway WebSocket API, or an HTTP /
33398
+ // AGUI AgentCore runtime's /ws bridge) gets a WebSocket console so the
33399
+ // browser can connect + exchange frames (issue #303). For an agentcore
33400
+ // serve the console is gated on agentCoreHasWs (HTTP / AGUI expose /ws;
33401
+ // MCP / A2A do not — issue #454); the ws:// endpoint the serve advertises
33402
+ // already encodes that, so this guard is belt-and-suspenders with the spec.
33301
33403
  const wsEndpoint = running ? (st.endpoints || []).find((u) => /^wss?:/.test(u)) : null;
33302
- if (wsEndpoint) {
33404
+ const wsServable = !meta || meta.kind !== 'agentcore-ws' || meta.agentCoreHasWs === true;
33405
+ if (wsEndpoint && wsServable) {
33303
33406
  ws.appendChild(renderWsConsole(wsEndpoint));
33304
33407
  }
33305
33408
 
@@ -33514,7 +33617,7 @@ const STUDIO_SCRIPT = `
33514
33617
  return sec;
33515
33618
  }
33516
33619
 
33517
- function renderRequestComposer(id, baseUrl, captured) {
33620
+ function renderRequestComposer(id, baseUrl, captured, defaults) {
33518
33621
  const sec = el('div', 'section req-composer');
33519
33622
  sec.appendChild(el('h3', null, 'Request'));
33520
33623
  const row = el('div', 'req-row');
@@ -33524,9 +33627,12 @@ const STUDIO_SCRIPT = `
33524
33627
  o.value = m;
33525
33628
  method.appendChild(o);
33526
33629
  });
33630
+ // Per-kind defaults (issue #454): an agentcore serve seeds POST + the
33631
+ // protocol contract path; otherwise GET / (the generic default).
33632
+ if (defaults && defaults.method) method.value = defaults.method;
33527
33633
  row.appendChild(method);
33528
33634
  const path = el('input', 'req-path');
33529
- path.value = '/';
33635
+ path.value = defaults && defaults.path ? defaults.path : '/';
33530
33636
  path.placeholder = '/path?query';
33531
33637
  row.appendChild(path);
33532
33638
  sec.appendChild(row);
@@ -34508,8 +34614,13 @@ function toStudioTargetGroups(listing) {
34508
34614
  },
34509
34615
  {
34510
34616
  kind: "agentcore-ws",
34511
- title: "AgentCore WebSocket",
34512
- entries: map(listing.agentCoreRuntimes.filter((e) => e.agentCoreHasWs))
34617
+ title: "AgentCore (serve)",
34618
+ entries: map(listing.agentCoreRuntimes).map((t, i) => {
34619
+ const src = listing.agentCoreRuntimes[i];
34620
+ if (src?.agentCoreHasWs !== void 0) t.agentCoreHasWs = src.agentCoreHasWs;
34621
+ if (src?.agentCoreContractPath !== void 0) t.agentCoreContractPath = src.agentCoreContractPath;
34622
+ return t;
34623
+ })
34513
34624
  },
34514
34625
  {
34515
34626
  kind: "alb",
@@ -35638,8 +35749,9 @@ const SERVE_SPECS = {
35638
35749
  "--host",
35639
35750
  "127.0.0.1"
35640
35751
  ],
35641
- readyRe: /Server listening on (ws:\/\/\S+)/,
35642
- capturesHttp: false
35752
+ readyRe: /Server listening on (\S+)/,
35753
+ capturesHttp: true,
35754
+ extraEndpointRe: /HTTP contract served on (https?:\/\/\S+)/
35643
35755
  }
35644
35756
  };
35645
35757
  /**
@@ -35851,6 +35963,10 @@ function createStudioServeManager(config) {
35851
35963
  streamLines(child.stdout, (line) => {
35852
35964
  const m = spec.readyRe.exec(line);
35853
35965
  if (m) onReady(m[1]);
35966
+ if (spec.extraEndpointRe) {
35967
+ const me = spec.extraEndpointRe.exec(line);
35968
+ if (me) onReady(me[1]);
35969
+ }
35854
35970
  if (req.kind === "ecs" && entry.hostUrl === void 0) {
35855
35971
  const endpoint = parsePublishedHostEndpoint(line);
35856
35972
  if (endpoint) {
@@ -36848,5 +36964,5 @@ function addStudioSpecificOptions(cmd) {
36848
36964
  }
36849
36965
 
36850
36966
  //#endregion
36851
- export { edgeHeadersToHttp as $, verifyJwtViaDiscovery as $n, countTargets as $r, SOFT_RELOAD_COMPLETION_LOG_SUFFIX as $t, startAgentCoreWsBridge as A, createLocalStartApiCommand as An, buildMessageEvent as Ar, addCommonEcsServiceOptions as At, resolveDeployedKvsArnByName as B, filterRoutesByApiIdentifier as Bn, substituteEnvVarsFromStateAsync as Br, ImageOverrideError as Bt, addListSpecificOptions as C, buildStsClientConfig as Ci, computeCodeImageTag as Cn, bufferToBody as Cr, resolveAlbFrontDoor as Ct, createLocalStartAgentCoreCommand as D, addInvokeSpecificOptions as Dn, parseConnectionsPath as Dr, addRunTaskSpecificOptions as Dt, addStartAgentCoreSpecificOptions as E, classifySourceChange as En, handleConnectionsRequest as Er, serviceStrategy as Et, parseOriginOverrides as F, attachStageContext as Fn, resolveRuntimeImage as Fr, parseMaxTasks as Ft, startCloudFrontServer as G, resolveSelectionExpression as Gn, resolveCfnFallbackRegion as Gr, resolveImageOverrides as Gt, classifyS3Error as H, groupRoutesByServer as Hn, createLocalStateProvider as Hr, enforceImageOverrideOrphans as Ht, resolveCloudFrontTarget as I, buildStageMap as In, EcsTaskResolutionError as Ir, parseRestartPolicy as It, serveLambdaUrlOrigin as J, buildCognitoJwksUrl as Jn, CfnLocalStateProvider as Jr, isLocalCdkAssetImage as Jt, resolveErrorResponseCandidates as K, resolveServiceIntegrationParameters as Kn, resolveCfnRegion as Kr, runImageOverrideBuilds as Kt, idFromArn as L, materializeLayerFromArn as Ln, substituteAgainstState as Lr, resolveEcsAssumeRoleOption as Lt, addStartCloudFrontSpecificOptions as M, resolveApiTargetSubset as Mn, buildContainerImage as Mr, addImageOverrideOptions as Mt, createLocalStartCloudFrontCommand as N, createAuthorizerCache as Nn, resolveRuntimeCodeMountPath as Nr, buildEcsImageResolutionContext$1 as Nt, startAgentCoreHttpServer as O, createLocalInvokeCommand as On, buildConnectEvent as Or, createLocalRunTaskCommand as Ot, parseKvsFileOverrides as P, createFileWatcher as Pn, resolveRuntimeFileExtension as Pr, ecsClusterOption as Pt, buildEdgeResponseEvent as Q, verifyJwtAuthorizer as Qn, resolveSingleTarget as Qr, DEFAULT_SHADOW_READY_TIMEOUT_MS as Qt, resolveKvsModulesForDistribution as R, resolveEnvVars$1 as Rn, substituteAgainstStateAsync as Rr, resolveSharedSidecarCredentials as Rt, StudioEventBus as S, LocalInvokeBuildError as Si, buildAgentCoreCodeImage as Sn, probeHostGatewaySupport as Sr, isApplicationLoadBalancer as St, formatTargetListing as T, toCmdArgv as Tn, buildMgmtEndpointEnvUrl as Tr, createLocalStartServiceCommand as Tt, createS3OriginReader as U, readMtlsMaterialsFromDisk as Un, isCfnFlagPresent as Ur, mergeForService as Ut, resolveDeployedOriginBucket as V, filterRoutesByApiIdentifiers as Vn, LocalStateSourceError as Vr, buildImageOverrideTag as Vt, matchBehavior as W, startApiServer as Wn, rejectExplicitCfnStackWithMultipleStacks as Wr, parseImageOverrideFlags as Wt, applyEdgeResponseResult as X, createJwksCache as Xn, resolveSsmParameters as Xr, buildCloudMapIndex as Xt, applyEdgeRequestResult as Y, buildJwksUrlFromIssuer as Yn, collectSsmParameterRefs as Yr, listPinnedTargets as Yt, buildEdgeRequestEvent as Z, verifyCognitoJwt as Zn, resolveWatchConfig as Zr, CloudMapRegistry as Zt, filterStudioTargetGroups as _, resolveAgentCoreTarget as _i, AGENTCORE_SESSION_ID_HEADER as _n, pickResponseTemplate as _r, addAlbSpecificOptions as _t, createLocalStudioCommand as a, parseSelectionExpressionPath as ai, bridgeAgentCoreWs as an, attachAuthorizers as ar, pickFunctionUrlLogicalIdFromOrigin as at, renderStudioHtml as b, substituteImagePlaceholders as bi, downloadAndExtractS3Bundle as bn, VtlEvaluationError as br, parseLbPortOverrides as bt, startStudioProxy as c, pickRefLogicalId as ci, A2A_PATH as cn, buildCorsConfigFromCloudFrontChain as cr, pickTargetFunctionLogicalId as ct, createStudioDispatcher as d, AGENTCORE_AGUI_PROTOCOL as di, MCP_PATH as dn, matchRoute as dr, runViewerRequest as dt, listTargets as ei, setShadowReadyTimeoutMs as en, buildMethodArn as er, httpHeadersToEdge as et, filterStudioCustomResources as f, AGENTCORE_HTTP_PROTOCOL as fi, MCP_PROTOCOL_VERSION as fn, translateLambdaResponse as fr, runViewerResponse as ft, annotatePinnedEcsTargets as g, pickAgentCoreCandidateStack as gi, signAgentCoreInvocation as gn, evaluateResponseParameters as gr, createUnboundCloudFrontModule as gt, annotateEcsTaskPinnedTargets as h, AgentCoreResolutionError as hi, AGENTCORE_SIGV4_SERVICE as hn, buildRestV1Event as hr, createLocalFileKvsDataSource as ht, coerceStopRequest as i, filterWebSocketApisByIdentifiers as ii, createLocalInvokeAgentCoreCommand as in, invokeTokenAuthorizer as ir, isCloudFrontDistribution as it, LocalStartCloudFrontError as j, createWatchPredicates as jn, architectureToPlatform as jr, addEcsAssumeRoleOptions as jt, attachAgentCoreWsBridge as k, addStartApiSpecificOptions as kn, buildDisconnectEvent as kr, MAX_TASKS_SUBNET_RANGE_CAP as kt, relayServeRequest as l, resolveLambdaArnIntrinsic as li, a2aInvokeOnce as ln, isFunctionUrlOacFronted as lr, resolveCloudFrontDistribution as lt, annotateAlbPinnedBackingServices as m, AGENTCORE_RUNTIME_TYPE as mi, parseSseForJsonRpc as mn, buildHttpApiV2Event as mr, createCloudFrontModule as mt, coerceRunRequest as n, discoverWebSocketApis as ni, attachContainerLogStreamer as nn, evaluateCachedLambdaPolicy as nr, describeS3OriginDomain as nt, resolveServeBaseUrl as o, webSocketApiMatchesIdentifier as oi, invokeAgentCoreWs as on, applyCorsResponseHeaders as or, pickKvsLogicalIdFromArn as ot, isCustomResourceLambdaTarget as p, AGENTCORE_MCP_PROTOCOL as pi, mcpInvokeOnce as pn, applyAuthorizerOverlay as pr, stripCloudFrontImport as pt, serveFromStaticOrigin as q, defaultCredentialsLoader as qn, resolveCfnStackName as qr, describePinnedImageUri as qt, coerceServeRequest as r, discoverWebSocketApisOrThrow as ri, addInvokeAgentCoreSpecificOptions as rn, invokeRequestAuthorizer as rr, extractKvsAssociations as rt, createStudioServeManager as s, discoverRoutes as si, A2A_CONTAINER_PORT as sn, buildCorsConfigByApiId as sr, pickLambdaEdgeFunctionLogicalId as st, addStudioSpecificOptions as t, availableWebSocketApiIdentifiers as ti, getContainerNetworkIp as tn, computeRequestIdentityHash as tr, CLOUDFRONT_DISTRIBUTION_TYPE as tt, reinvoke as u, AGENTCORE_A2A_PROTOCOL as ui, MCP_CONTAINER_PORT as un, matchPreflight as ur, compileCloudFrontFunction as ut, startStudioServer as v, derivePseudoParametersFromRegion as vi, invokeAgentCore as vn, selectIntegrationResponse as vr, albStrategy as vt, createLocalListCommand as w, resolveProfileCredentials as wi, renderCodeDockerfile as wn, ConnectionRegistry as wr, addStartServiceSpecificOptions as wt, createStudioStore as x, tryResolveImageFnJoin as xi, SUPPORTED_CODE_RUNTIMES as xn, HOST_GATEWAY_MIN_VERSION as xr, resolveAlbTarget as xt, toStudioTargetGroups as y, formatStateRemedy as yi, waitForAgentCorePing as yn, tryParseStatus as yr, createLocalStartAlbCommand as yt, createDeployedKvsDataSource as z, availableApiIdentifiers as zn, substituteEnvVarsFromState as zr, runEcsServiceEmulator as zt };
36852
- //# sourceMappingURL=local-studio-CdpdUbIA.js.map
36967
+ export { edgeHeadersToHttp as $, verifyJwtAuthorizer as $n, resolveSingleTarget as $r, SOFT_RELOAD_COMPLETION_LOG_SUFFIX as $t, startAgentCoreWsBridge as A, addStartApiSpecificOptions as An, buildDisconnectEvent as Ar, addCommonEcsServiceOptions as At, resolveDeployedKvsArnByName as B, availableApiIdentifiers as Bn, substituteEnvVarsFromState as Br, ImageOverrideError as Bt, addListSpecificOptions as C, LocalInvokeBuildError as Ci, buildAgentCoreCodeImage as Cn, probeHostGatewaySupport as Cr, resolveAlbFrontDoor as Ct, createLocalStartAgentCoreCommand as D, classifySourceChange as Dn, handleConnectionsRequest as Dr, addRunTaskSpecificOptions as Dt, addStartAgentCoreSpecificOptions as E, toCmdArgv as En, buildMgmtEndpointEnvUrl as Er, serviceStrategy as Et, parseOriginOverrides as F, createFileWatcher as Fn, resolveRuntimeFileExtension as Fr, parseMaxTasks as Ft, startCloudFrontServer as G, startApiServer as Gn, rejectExplicitCfnStackWithMultipleStacks as Gr, resolveImageOverrides as Gt, classifyS3Error as H, filterRoutesByApiIdentifiers as Hn, LocalStateSourceError as Hr, enforceImageOverrideOrphans as Ht, resolveCloudFrontTarget as I, attachStageContext as In, resolveRuntimeImage as Ir, parseRestartPolicy as It, serveLambdaUrlOrigin as J, defaultCredentialsLoader as Jn, resolveCfnStackName as Jr, isLocalCdkAssetImage as Jt, resolveErrorResponseCandidates as K, resolveSelectionExpression as Kn, resolveCfnFallbackRegion as Kr, runImageOverrideBuilds as Kt, idFromArn as L, buildStageMap as Ln, EcsTaskResolutionError as Lr, resolveEcsAssumeRoleOption as Lt, addStartCloudFrontSpecificOptions as M, createWatchPredicates as Mn, architectureToPlatform as Mr, addImageOverrideOptions as Mt, createLocalStartCloudFrontCommand as N, resolveApiTargetSubset as Nn, buildContainerImage as Nr, buildEcsImageResolutionContext$1 as Nt, startAgentCoreHttpServer as O, addInvokeSpecificOptions as On, parseConnectionsPath as Or, createLocalRunTaskCommand as Ot, parseKvsFileOverrides as P, createAuthorizerCache as Pn, resolveRuntimeCodeMountPath as Pr, ecsClusterOption as Pt, buildEdgeResponseEvent as Q, verifyCognitoJwt as Qn, resolveWatchConfig as Qr, DEFAULT_SHADOW_READY_TIMEOUT_MS as Qt, resolveKvsModulesForDistribution as R, materializeLayerFromArn as Rn, substituteAgainstState as Rr, resolveSharedSidecarCredentials as Rt, StudioEventBus as S, tryResolveImageFnJoin as Si, SUPPORTED_CODE_RUNTIMES as Sn, HOST_GATEWAY_MIN_VERSION as Sr, isApplicationLoadBalancer as St, formatTargetListing as T, resolveProfileCredentials as Ti, renderCodeDockerfile as Tn, ConnectionRegistry as Tr, createLocalStartServiceCommand as Tt, createS3OriginReader as U, groupRoutesByServer as Un, createLocalStateProvider as Ur, mergeForService as Ut, resolveDeployedOriginBucket as V, filterRoutesByApiIdentifier as Vn, substituteEnvVarsFromStateAsync as Vr, buildImageOverrideTag as Vt, matchBehavior as W, readMtlsMaterialsFromDisk as Wn, isCfnFlagPresent as Wr, parseImageOverrideFlags as Wt, applyEdgeResponseResult as X, buildJwksUrlFromIssuer as Xn, collectSsmParameterRefs as Xr, buildCloudMapIndex as Xt, applyEdgeRequestResult as Y, buildCognitoJwksUrl as Yn, CfnLocalStateProvider as Yr, listPinnedTargets as Yt, buildEdgeRequestEvent as Z, createJwksCache as Zn, resolveSsmParameters as Zr, CloudMapRegistry as Zt, filterStudioTargetGroups as _, pickAgentCoreCandidateStack as _i, AGENTCORE_SESSION_ID_HEADER as _n, evaluateResponseParameters as _r, addAlbSpecificOptions as _t, createLocalStudioCommand as a, filterWebSocketApisByIdentifiers as ai, bridgeAgentCoreWs as an, invokeTokenAuthorizer as ar, pickFunctionUrlLogicalIdFromOrigin as at, renderStudioHtml as b, formatStateRemedy as bi, waitForAgentCorePing as bn, tryParseStatus as br, parseLbPortOverrides as bt, startStudioProxy as c, discoverRoutes as ci, A2A_PATH as cn, buildCorsConfigByApiId as cr, pickTargetFunctionLogicalId as ct, createStudioDispatcher as d, AGENTCORE_A2A_PROTOCOL as di, MCP_PATH as dn, matchPreflight as dr, runViewerRequest as dt, countTargets as ei, setShadowReadyTimeoutMs as en, verifyJwtViaDiscovery as er, httpHeadersToEdge as et, filterStudioCustomResources as f, AGENTCORE_AGUI_PROTOCOL as fi, MCP_PROTOCOL_VERSION as fn, matchRoute as fr, runViewerResponse as ft, annotatePinnedEcsTargets as g, AgentCoreResolutionError as gi, signAgentCoreInvocation as gn, buildRestV1Event as gr, createUnboundCloudFrontModule as gt, annotateEcsTaskPinnedTargets as h, AGENTCORE_RUNTIME_TYPE as hi, AGENTCORE_SIGV4_SERVICE as hn, buildHttpApiV2Event as hr, createLocalFileKvsDataSource as ht, coerceStopRequest as i, discoverWebSocketApisOrThrow as ii, createLocalInvokeAgentCoreCommand as in, invokeRequestAuthorizer as ir, isCloudFrontDistribution as it, LocalStartCloudFrontError as j, createLocalStartApiCommand as jn, buildMessageEvent as jr, addEcsAssumeRoleOptions as jt, attachAgentCoreWsBridge as k, createLocalInvokeCommand as kn, buildConnectEvent as kr, MAX_TASKS_SUBNET_RANGE_CAP as kt, relayServeRequest as l, pickRefLogicalId as li, a2aInvokeOnce as ln, buildCorsConfigFromCloudFrontChain as lr, resolveCloudFrontDistribution as lt, annotateAlbPinnedBackingServices as m, AGENTCORE_MCP_PROTOCOL as mi, parseSseForJsonRpc as mn, applyAuthorizerOverlay as mr, createCloudFrontModule as mt, coerceRunRequest as n, availableWebSocketApiIdentifiers as ni, attachContainerLogStreamer as nn, computeRequestIdentityHash as nr, describeS3OriginDomain as nt, resolveServeBaseUrl as o, parseSelectionExpressionPath as oi, invokeAgentCoreWs as on, attachAuthorizers as or, pickKvsLogicalIdFromArn as ot, isCustomResourceLambdaTarget as p, AGENTCORE_HTTP_PROTOCOL as pi, mcpInvokeOnce as pn, translateLambdaResponse as pr, stripCloudFrontImport as pt, serveFromStaticOrigin as q, resolveServiceIntegrationParameters as qn, resolveCfnRegion as qr, describePinnedImageUri as qt, coerceServeRequest as r, discoverWebSocketApis as ri, addInvokeAgentCoreSpecificOptions as rn, evaluateCachedLambdaPolicy as rr, extractKvsAssociations as rt, createStudioServeManager as s, webSocketApiMatchesIdentifier as si, A2A_CONTAINER_PORT as sn, applyCorsResponseHeaders as sr, pickLambdaEdgeFunctionLogicalId as st, addStudioSpecificOptions as t, listTargets as ti, getContainerNetworkIp as tn, buildMethodArn as tr, CLOUDFRONT_DISTRIBUTION_TYPE as tt, reinvoke as u, resolveLambdaArnIntrinsic as ui, MCP_CONTAINER_PORT as un, isFunctionUrlOacFronted as ur, compileCloudFrontFunction as ut, startStudioServer as v, resolveAgentCoreTarget as vi, invokeAgentCore as vn, pickResponseTemplate as vr, albStrategy as vt, createLocalListCommand as w, buildStsClientConfig as wi, computeCodeImageTag as wn, bufferToBody as wr, addStartServiceSpecificOptions as wt, createStudioStore as x, substituteImagePlaceholders as xi, downloadAndExtractS3Bundle as xn, VtlEvaluationError as xr, resolveAlbTarget as xt, toStudioTargetGroups as y, derivePseudoParametersFromRegion as yi, waitForAgentCoreHttpReady as yn, selectIntegrationResponse as yr, createLocalStartAlbCommand as yt, createDeployedKvsDataSource as z, resolveEnvVars$1 as zn, substituteAgainstStateAsync as zr, runEcsServiceEmulator as zt };
36968
+ //# sourceMappingURL=local-studio-DxzjQZJu.js.map