iSharkFly-Docs/amazon-bedrock-agentcore-samples
1
0
Fork 0
mirror of https://github.com/awslabs/amazon-bedrock-agentcore-samples.git synced 2025-09-08 20:50:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
amazon-bedrock-agentcore-sa.../02-use-cases/AWS-operations-agent/config/static-config.yaml

305 lines
11 KiB
YAML
Raw Permalink Normal View History

fix (02-use-cases): AWS Operations Agent updated with AgentCore Runtime (#177) * feat: Add AWS Operations Agent with AgentCore Runtime - Complete rewrite of AWS Operations Agent using Amazon Bedrock AgentCore - Added comprehensive deployment scripts for DIY and SDK runtime modes - Implemented OAuth2/PKCE authentication with Okta integration - Added MCP (Model Context Protocol) tool support for AWS service operations - Sanitized all sensitive information (account IDs, domains, client IDs) with placeholders - Added support for 17 AWS services: EC2, S3, Lambda, CloudFormation, IAM, RDS, CloudWatch, Cost Explorer, ECS, EKS, SNS, SQS, DynamoDB, Route53, API Gateway, SES, Bedrock, SageMaker - Includes chatbot client, gateway management scripts, and comprehensive testing - Ready for public GitHub with security-cleared configuration files Security: All sensitive values replaced with <YOUR_AWS_ACCOUNT_ID>, <YOUR_OKTA_DOMAIN>, <YOUR_OKTA_CLIENT_ID> placeholders * Update AWS Operations Agent architecture diagram --------- Co-authored-by: name <alias@amazon.com>
2025-07-31 11:59:30 -07:00
# Static Configuration - Manual edits only
# This file contains all configuration values that are manually set and do not change during deployment
# AWS Settings (used by ALL deployment scripts and agents)
aws:
region: "us-east-1"
account_id: "<YOUR_AWS_ACCOUNT_ID>"
# Model Settings (used by agents via get_model_settings())
agents:
modelid: "us.anthropic.claude-3-7-sonnet-20250219-v1:0"
max_concurrent: 2
payload_formats:
diy: "direct"
sdk: "direct"
streaming: true
# Okta OAuth2 Configuration (used by deployment scripts and gateway creation)
okta:
domain: "<YOUR_OKTA_DOMAIN>"
fix(02-use-cases): Updated AWS Operations agents Readme.md (#229) * Update AWS operations agent configuration and documentation - preserve local changes * Update AWS operations agent README.md * Update OKTA OpenID PKCE setup documentation * Update OKTA authentication configuration and nginx setup * Update OKTA OpenID PKCE setup documentation --------- Co-authored-by: name <alias@amazon.com>
2025-08-11 07:03:46 -07:00
# OAuth2 authorization server configuration (recommended to keep default authorization server. otherwise change the configuration urls accordingly)
fix (02-use-cases): AWS Operations Agent updated with AgentCore Runtime (#177) * feat: Add AWS Operations Agent with AgentCore Runtime - Complete rewrite of AWS Operations Agent using Amazon Bedrock AgentCore - Added comprehensive deployment scripts for DIY and SDK runtime modes - Implemented OAuth2/PKCE authentication with Okta integration - Added MCP (Model Context Protocol) tool support for AWS service operations - Sanitized all sensitive information (account IDs, domains, client IDs) with placeholders - Added support for 17 AWS services: EC2, S3, Lambda, CloudFormation, IAM, RDS, CloudWatch, Cost Explorer, ECS, EKS, SNS, SQS, DynamoDB, Route53, API Gateway, SES, Bedrock, SageMaker - Includes chatbot client, gateway management scripts, and comprehensive testing - Ready for public GitHub with security-cleared configuration files Security: All sensitive values replaced with <YOUR_AWS_ACCOUNT_ID>, <YOUR_OKTA_DOMAIN>, <YOUR_OKTA_CLIENT_ID> placeholders * Update AWS Operations Agent architecture diagram --------- Co-authored-by: name <alias@amazon.com>
2025-07-31 11:59:30 -07:00
authorization_server: "default"
Update AWS Operations Agent README.md (#235) * Update AWS operations agent configuration and documentation - preserve local changes * Update AWS operations agent README.md * Update OKTA OpenID PKCE setup documentation * Update OKTA authentication configuration and nginx setup * Update OKTA OpenID PKCE setup documentation * Update static-config.yaml for AWS operations agent * Update AWS Operations Agent README.md --------- Signed-off-by: rohillasandeep <31911590+rohillasandeep@users.noreply.github.com> Co-authored-by: name <alias@amazon.com>
2025-08-14 14:25:11 -07:00
# Client configuration for user authentication (PKCE flow) - Okta App ClientID - 'aws-support-agent-client'
fix (02-use-cases): AWS Operations Agent updated with AgentCore Runtime (#177) * feat: Add AWS Operations Agent with AgentCore Runtime - Complete rewrite of AWS Operations Agent using Amazon Bedrock AgentCore - Added comprehensive deployment scripts for DIY and SDK runtime modes - Implemented OAuth2/PKCE authentication with Okta integration - Added MCP (Model Context Protocol) tool support for AWS service operations - Sanitized all sensitive information (account IDs, domains, client IDs) with placeholders - Added support for 17 AWS services: EC2, S3, Lambda, CloudFormation, IAM, RDS, CloudWatch, Cost Explorer, ECS, EKS, SNS, SQS, DynamoDB, Route53, API Gateway, SES, Bedrock, SageMaker - Includes chatbot client, gateway management scripts, and comprehensive testing - Ready for public GitHub with security-cleared configuration files Security: All sensitive values replaced with <YOUR_AWS_ACCOUNT_ID>, <YOUR_OKTA_DOMAIN>, <YOUR_OKTA_CLIENT_ID> placeholders * Update AWS Operations Agent architecture diagram --------- Co-authored-by: name <alias@amazon.com>
2025-07-31 11:59:30 -07:00
user_auth:
client_id: "<YOUR_OKTA_CLIENT_ID>"
Configuration Management Fixes (#223) * feat: Add AWS Operations Agent with AgentCore Runtime - Complete rewrite of AWS Operations Agent using Amazon Bedrock AgentCore - Added comprehensive deployment scripts for DIY and SDK runtime modes - Implemented OAuth2/PKCE authentication with Okta integration - Added MCP (Model Context Protocol) tool support for AWS service operations - Sanitized all sensitive information (account IDs, domains, client IDs) with placeholders - Added support for 17 AWS services: EC2, S3, Lambda, CloudFormation, IAM, RDS, CloudWatch, Cost Explorer, ECS, EKS, SNS, SQS, DynamoDB, Route53, API Gateway, SES, Bedrock, SageMaker - Includes chatbot client, gateway management scripts, and comprehensive testing - Ready for public GitHub with security-cleared configuration files Security: All sensitive values replaced with <YOUR_AWS_ACCOUNT_ID>, <YOUR_OKTA_DOMAIN>, <YOUR_OKTA_CLIENT_ID> placeholders * Update AWS Operations Agent architecture diagram * feat: Enhance AWS Operations Agent with improved testing and deployment - Update README with new local container testing approach using run-*-local-container.sh scripts - Replace deprecated SAM-based MCP Lambda deployment with ZIP-based deployment - Add no-cache flag to Docker builds to ensure clean builds - Update deployment scripts to use consolidated configuration files - Add comprehensive cleanup scripts for all deployment components - Improve error handling and credential validation in deployment scripts - Add new MCP tool deployment using ZIP packaging instead of Docker containers - Update configuration management to use dynamic-config.yaml structure - Add local testing capabilities with containerized agents - Remove outdated test scripts and replace with interactive chat client approach * fix: Update IAM policy configurations - Update bac-permissions-policy.json with enhanced permissions - Update bac-trust-policy.json for improved trust relationships * fix: Update Docker configurations for agent runtimes - Update Dockerfile.diy with improved container configuration - Update Dockerfile.sdk with enhanced build settings * fix: Update OAuth iframe flow configuration - Update iframe-oauth-flow.html with improved OAuth handling * feat: Update AWS Operations Agent configuration and cleanup - Update IAM permissions policy with enhanced access controls - Update IAM trust policy with improved security conditions - Enhance OAuth iframe flow with better UX and error handling - Improve chatbot client with enhanced local testing capabilities - Remove cache files and duplicate code for cleaner repository * docs: Add architecture diagrams and update README - Add architecture-2.jpg and flow.jpg diagrams for better visualization - Update README.md with enhanced documentation and diagrams * Save current work before resolving merge conflicts * Keep AWS-operations-agent changes (local version takes precedence) * Fix: Remove merge conflict markers from AWS-operations-agent files - restore clean version * Fix deployment and cleanup script issues Major improvements and fixes: Configuration Management: - Fix role assignment in gateway creation (use bac-execution-role instead of Lambda role) - Add missing role_arn cleanup in MCP tool deletion script - Fix OAuth provider deletion script configuration clearing - Improve memory deletion script to preserve quote consistency - Add Lambda invoke permissions to bac-permissions-policy.json Script Improvements: - Reorganize deletion scripts: 11-delete-oauth-provider.sh, 12-delete-memory.sh, 13-cleanup-everything.sh - Fix interactive prompt handling in cleanup scripts (echo -e format) - Add yq support with sed fallbacks for better YAML manipulation - Remove obsolete 04-deploy-mcp-tool-lambda-zip.sh script Architecture Fixes: - Correct gateway role assignment to use runtime.role_arn (bac-execution-role) - Ensure proper role separation between gateway and Lambda execution - Fix configuration cleanup to clear all dynamic config fields consistently Documentation: - Update README with clear configuration instructions - Maintain security best practices with placeholder values - Add comprehensive deployment and cleanup guidance These changes address systematic issues with cleanup scripts, role assignments, and configuration management while maintaining security best practices. * Update README.md with comprehensive documentation Enhanced documentation includes: - Complete project structure with 75 files - Step-by-step deployment guide with all 13 scripts - Clear configuration instructions with security best practices - Dual agent architecture documentation (DIY + SDK) - Authentication flow and security implementation details - Troubleshooting guide and operational procedures - Local testing and container development guidance - Tool integration and MCP protocol documentation The README now provides complete guidance for deploying and operating the AWS Support Agent with Amazon Bedrock AgentCore system. --------- Co-authored-by: name <alias@amazon.com>
2025-08-09 13:51:24 -07:00
audience: "<YOUR_OKTA_AUTHORIZATION_SERVER_AUDIENCE>"
fix (02-use-cases): AWS Operations Agent updated with AgentCore Runtime (#177) * feat: Add AWS Operations Agent with AgentCore Runtime - Complete rewrite of AWS Operations Agent using Amazon Bedrock AgentCore - Added comprehensive deployment scripts for DIY and SDK runtime modes - Implemented OAuth2/PKCE authentication with Okta integration - Added MCP (Model Context Protocol) tool support for AWS service operations - Sanitized all sensitive information (account IDs, domains, client IDs) with placeholders - Added support for 17 AWS services: EC2, S3, Lambda, CloudFormation, IAM, RDS, CloudWatch, Cost Explorer, ECS, EKS, SNS, SQS, DynamoDB, Route53, API Gateway, SES, Bedrock, SageMaker - Includes chatbot client, gateway management scripts, and comprehensive testing - Ready for public GitHub with security-cleared configuration files Security: All sensitive values replaced with <YOUR_AWS_ACCOUNT_ID>, <YOUR_OKTA_DOMAIN>, <YOUR_OKTA_CLIENT_ID> placeholders * Update AWS Operations Agent architecture diagram --------- Co-authored-by: name <alias@amazon.com>
2025-07-31 11:59:30 -07:00
redirect_uri: "http://localhost:8080/callback"
scope: "openid profile email"
fix(02-use-cases): Updated AWS Operations agents Readme.md (#229) * Update AWS operations agent configuration and documentation - preserve local changes * Update AWS operations agent README.md * Update OKTA OpenID PKCE setup documentation * Update OKTA authentication configuration and nginx setup * Update OKTA OpenID PKCE setup documentation --------- Co-authored-by: name <alias@amazon.com>
2025-08-11 07:03:46 -07:00
# JWT token configuration for M2M flow
fix (02-use-cases): AWS Operations Agent updated with AgentCore Runtime (#177) * feat: Add AWS Operations Agent with AgentCore Runtime - Complete rewrite of AWS Operations Agent using Amazon Bedrock AgentCore - Added comprehensive deployment scripts for DIY and SDK runtime modes - Implemented OAuth2/PKCE authentication with Okta integration - Added MCP (Model Context Protocol) tool support for AWS service operations - Sanitized all sensitive information (account IDs, domains, client IDs) with placeholders - Added support for 17 AWS services: EC2, S3, Lambda, CloudFormation, IAM, RDS, CloudWatch, Cost Explorer, ECS, EKS, SNS, SQS, DynamoDB, Route53, API Gateway, SES, Bedrock, SageMaker - Includes chatbot client, gateway management scripts, and comprehensive testing - Ready for public GitHub with security-cleared configuration files Security: All sensitive values replaced with <YOUR_AWS_ACCOUNT_ID>, <YOUR_OKTA_DOMAIN>, <YOUR_OKTA_CLIENT_ID> placeholders * Update AWS Operations Agent architecture diagram --------- Co-authored-by: name <alias@amazon.com>
2025-07-31 11:59:30 -07:00
jwt:
Configuration Management Fixes (#223) * feat: Add AWS Operations Agent with AgentCore Runtime - Complete rewrite of AWS Operations Agent using Amazon Bedrock AgentCore - Added comprehensive deployment scripts for DIY and SDK runtime modes - Implemented OAuth2/PKCE authentication with Okta integration - Added MCP (Model Context Protocol) tool support for AWS service operations - Sanitized all sensitive information (account IDs, domains, client IDs) with placeholders - Added support for 17 AWS services: EC2, S3, Lambda, CloudFormation, IAM, RDS, CloudWatch, Cost Explorer, ECS, EKS, SNS, SQS, DynamoDB, Route53, API Gateway, SES, Bedrock, SageMaker - Includes chatbot client, gateway management scripts, and comprehensive testing - Ready for public GitHub with security-cleared configuration files Security: All sensitive values replaced with <YOUR_AWS_ACCOUNT_ID>, <YOUR_OKTA_DOMAIN>, <YOUR_OKTA_CLIENT_ID> placeholders * Update AWS Operations Agent architecture diagram * feat: Enhance AWS Operations Agent with improved testing and deployment - Update README with new local container testing approach using run-*-local-container.sh scripts - Replace deprecated SAM-based MCP Lambda deployment with ZIP-based deployment - Add no-cache flag to Docker builds to ensure clean builds - Update deployment scripts to use consolidated configuration files - Add comprehensive cleanup scripts for all deployment components - Improve error handling and credential validation in deployment scripts - Add new MCP tool deployment using ZIP packaging instead of Docker containers - Update configuration management to use dynamic-config.yaml structure - Add local testing capabilities with containerized agents - Remove outdated test scripts and replace with interactive chat client approach * fix: Update IAM policy configurations - Update bac-permissions-policy.json with enhanced permissions - Update bac-trust-policy.json for improved trust relationships * fix: Update Docker configurations for agent runtimes - Update Dockerfile.diy with improved container configuration - Update Dockerfile.sdk with enhanced build settings * fix: Update OAuth iframe flow configuration - Update iframe-oauth-flow.html with improved OAuth handling * feat: Update AWS Operations Agent configuration and cleanup - Update IAM permissions policy with enhanced access controls - Update IAM trust policy with improved security conditions - Enhance OAuth iframe flow with better UX and error handling - Improve chatbot client with enhanced local testing capabilities - Remove cache files and duplicate code for cleaner repository * docs: Add architecture diagrams and update README - Add architecture-2.jpg and flow.jpg diagrams for better visualization - Update README.md with enhanced documentation and diagrams * Save current work before resolving merge conflicts * Keep AWS-operations-agent changes (local version takes precedence) * Fix: Remove merge conflict markers from AWS-operations-agent files - restore clean version * Fix deployment and cleanup script issues Major improvements and fixes: Configuration Management: - Fix role assignment in gateway creation (use bac-execution-role instead of Lambda role) - Add missing role_arn cleanup in MCP tool deletion script - Fix OAuth provider deletion script configuration clearing - Improve memory deletion script to preserve quote consistency - Add Lambda invoke permissions to bac-permissions-policy.json Script Improvements: - Reorganize deletion scripts: 11-delete-oauth-provider.sh, 12-delete-memory.sh, 13-cleanup-everything.sh - Fix interactive prompt handling in cleanup scripts (echo -e format) - Add yq support with sed fallbacks for better YAML manipulation - Remove obsolete 04-deploy-mcp-tool-lambda-zip.sh script Architecture Fixes: - Correct gateway role assignment to use runtime.role_arn (bac-execution-role) - Ensure proper role separation between gateway and Lambda execution - Fix configuration cleanup to clear all dynamic config fields consistently Documentation: - Update README with clear configuration instructions - Maintain security best practices with placeholder values - Add comprehensive deployment and cleanup guidance These changes address systematic issues with cleanup scripts, role assignments, and configuration management while maintaining security best practices. * Update README.md with comprehensive documentation Enhanced documentation includes: - Complete project structure with 75 files - Step-by-step deployment guide with all 13 scripts - Clear configuration instructions with security best practices - Dual agent architecture documentation (DIY + SDK) - Authentication flow and security implementation details - Troubleshooting guide and operational procedures - Local testing and container development guidance - Tool integration and MCP protocol documentation The README now provides complete guidance for deploying and operating the AWS Support Agent with Amazon Bedrock AgentCore system. --------- Co-authored-by: name <alias@amazon.com>
2025-08-09 13:51:24 -07:00
audience: "<YOUR_OKTA_AUTHORIZATION_SERVER_AUDIENCE>"
fix (02-use-cases): AWS Operations Agent updated with AgentCore Runtime (#177) * feat: Add AWS Operations Agent with AgentCore Runtime - Complete rewrite of AWS Operations Agent using Amazon Bedrock AgentCore - Added comprehensive deployment scripts for DIY and SDK runtime modes - Implemented OAuth2/PKCE authentication with Okta integration - Added MCP (Model Context Protocol) tool support for AWS service operations - Sanitized all sensitive information (account IDs, domains, client IDs) with placeholders - Added support for 17 AWS services: EC2, S3, Lambda, CloudFormation, IAM, RDS, CloudWatch, Cost Explorer, ECS, EKS, SNS, SQS, DynamoDB, Route53, API Gateway, SES, Bedrock, SageMaker - Includes chatbot client, gateway management scripts, and comprehensive testing - Ready for public GitHub with security-cleared configuration files Security: All sensitive values replaced with <YOUR_AWS_ACCOUNT_ID>, <YOUR_OKTA_DOMAIN>, <YOUR_OKTA_CLIENT_ID> placeholders * Update AWS Operations Agent architecture diagram --------- Co-authored-by: name <alias@amazon.com>
2025-07-31 11:59:30 -07:00
issuer: "https://<YOUR_OKTA_DOMAIN>/oauth2/default"
discovery_url: "https://<YOUR_OKTA_DOMAIN>/oauth2/default/.well-known/openid-configuration"
cache_duration: 300
refresh_threshold: 60
fix(02-use-cases): Updated AWS Operations agents Readme.md (#229) * Update AWS operations agent configuration and documentation - preserve local changes * Update AWS operations agent README.md * Update OKTA OpenID PKCE setup documentation * Update OKTA authentication configuration and nginx setup * Update OKTA OpenID PKCE setup documentation --------- Co-authored-by: name <alias@amazon.com>
2025-08-11 07:03:46 -07:00
# AgentCore JWT Authorizer Configuration for Runtime
fix (02-use-cases): AWS Operations Agent updated with AgentCore Runtime (#177) * feat: Add AWS Operations Agent with AgentCore Runtime - Complete rewrite of AWS Operations Agent using Amazon Bedrock AgentCore - Added comprehensive deployment scripts for DIY and SDK runtime modes - Implemented OAuth2/PKCE authentication with Okta integration - Added MCP (Model Context Protocol) tool support for AWS service operations - Sanitized all sensitive information (account IDs, domains, client IDs) with placeholders - Added support for 17 AWS services: EC2, S3, Lambda, CloudFormation, IAM, RDS, CloudWatch, Cost Explorer, ECS, EKS, SNS, SQS, DynamoDB, Route53, API Gateway, SES, Bedrock, SageMaker - Includes chatbot client, gateway management scripts, and comprehensive testing - Ready for public GitHub with security-cleared configuration files Security: All sensitive values replaced with <YOUR_AWS_ACCOUNT_ID>, <YOUR_OKTA_DOMAIN>, <YOUR_OKTA_CLIENT_ID> placeholders * Update AWS Operations Agent architecture diagram --------- Co-authored-by: name <alias@amazon.com>
2025-07-31 11:59:30 -07:00
agentcore:
jwt_authorizer:
discovery_url: "https://<YOUR_OKTA_DOMAIN>/oauth2/default/.well-known/openid-configuration"
allowed_audience:
fix(02-use-cases): Updated AWS Operations agents Readme.md (#229) * Update AWS operations agent configuration and documentation - preserve local changes * Update AWS operations agent README.md * Update OKTA OpenID PKCE setup documentation * Update OKTA authentication configuration and nginx setup * Update OKTA OpenID PKCE setup documentation --------- Co-authored-by: name <alias@amazon.com>
2025-08-11 07:03:46 -07:00
- "<YOUR_OKTA_AUTHORIZATION_SERVER_AUDIENCE>"
fix (02-use-cases): AWS Operations Agent updated with AgentCore Runtime (#177) * feat: Add AWS Operations Agent with AgentCore Runtime - Complete rewrite of AWS Operations Agent using Amazon Bedrock AgentCore - Added comprehensive deployment scripts for DIY and SDK runtime modes - Implemented OAuth2/PKCE authentication with Okta integration - Added MCP (Model Context Protocol) tool support for AWS service operations - Sanitized all sensitive information (account IDs, domains, client IDs) with placeholders - Added support for 17 AWS services: EC2, S3, Lambda, CloudFormation, IAM, RDS, CloudWatch, Cost Explorer, ECS, EKS, SNS, SQS, DynamoDB, Route53, API Gateway, SES, Bedrock, SageMaker - Includes chatbot client, gateway management scripts, and comprehensive testing - Ready for public GitHub with security-cleared configuration files Security: All sensitive values replaced with <YOUR_AWS_ACCOUNT_ID>, <YOUR_OKTA_DOMAIN>, <YOUR_OKTA_CLIENT_ID> placeholders * Update AWS Operations Agent architecture diagram --------- Co-authored-by: name <alias@amazon.com>
2025-07-31 11:59:30 -07:00
# Client Settings (used by chatbot client)
client:
default_agent: "sdk"
interface: "cli"
log_level: "INFO"
session_timeout: 480
# Container Settings (used by deployment scripts)
container:
health_path: "/ping"
memory_size: 3008
platform: "linux/arm64"
port: 8080
timeout: 900
# Runtime Base Settings (used by deployment scripts)
runtime:
name_prefix: "bac-runtime"
role_arn: "arn:aws:iam::<YOUR_AWS_ACCOUNT_ID>:role/bac-execution-role"
diy_agent:
name: "bac_runtime_diy"
sdk_agent:
name: "bac_runtime_sdk"
# Gateway Base Settings
gateway:
name: "bac-gtw"
protocol: "MCP"
# MCP Lambda Settings (used by deployment scripts)
mcp_lambda:
ecr_repository_name: "bac-mcp-tool-repo"
stack_name: "bac-mcp-stack"
# Memory Settings (used by deployment scripts and agents)
memory:
name: "bac_agent_memory"
description: "BAC Agent conversation memory storage"
event_expiry_days: 90
# Deployment Settings (used by deployment scripts)
deployment:
aws_profile: "" # Leave empty to use default AWS credentials
# Development settings
development:
local_callback_port: 8080
debug_token_validation: true
log_token_claims: false
mock_auth: false
mock_token: ""
# Production settings
production:
require_https: true
validate_token_expiry: true
strict_audience_validation: true
token_request_rate_limit: 10
log_auth_events: true
metrics_enabled: true
# Bedrock agent tools schema for gateway target creation
tools_schema:
- name: "hello_world"
description: "Returns a friendly hello world message"
inputSchema:
type: "object"
properties:
name:
type: "string"
description: "Name to greet (optional)"
required: []
- name: "get_time"
description: "Returns current server time"
inputSchema:
type: "object"
properties: {}
required: []
- name: "ec2_read_operations"
description: "Perform read-only operations on EC2 resources. Accepts natural language queries about EC2 instances, security groups, VPCs, subnets, and key pairs."
inputSchema:
type: "object"
properties:
query:
type: "string"
description: "Natural language query about EC2 resources (e.g., 'list running instances', 'show security groups', 'count instances by region')"
required: ["query"]
- name: "s3_read_operations"
description: "Perform read-only operations on S3 resources. Accepts natural language queries about S3 buckets, policies, and configurations."
inputSchema:
type: "object"
properties:
query:
type: "string"
description: "Natural language query about S3 resources (e.g., 'list all buckets', 'show bucket policies', 'find large buckets')"
required: ["query"]
- name: "lambda_read_operations"
description: "Perform read-only operations on Lambda resources. Accepts natural language queries about Lambda functions, layers, and configurations."
inputSchema:
type: "object"
properties:
query:
type: "string"
description: "Natural language query about Lambda resources (e.g., 'list all functions', 'show function runtimes', 'find functions with high memory')"
required: ["query"]
- name: "cloudformation_read_operations"
description: "Perform read-only operations on CloudFormation resources. Accepts natural language queries about stacks, resources, and templates."
inputSchema:
type: "object"
properties:
query:
type: "string"
description: "Natural language query about CloudFormation resources (e.g., 'list all stacks', 'show failed stacks', 'find stack resources')"
required: ["query"]
- name: "iam_read_operations"
description: "Perform read-only operations on IAM resources. Accepts natural language queries about users, roles, policies, and groups."
inputSchema:
type: "object"
properties:
query:
type: "string"
description: "Natural language query about IAM resources (e.g., 'list all users', 'show admin roles', 'find unused policies')"
required: ["query"]
- name: "rds_read_operations"
description: "Perform read-only operations on RDS resources. Accepts natural language queries about database instances, clusters, and configurations."
inputSchema:
type: "object"
properties:
query:
type: "string"
description: "Natural language query about RDS resources (e.g., 'list all databases', 'show database engines', 'find large instances')"
required: ["query"]
- name: "cloudwatch_read_operations"
description: "Perform read-only operations on CloudWatch resources. Accepts natural language queries about metrics, alarms, and logs."
inputSchema:
type: "object"
properties:
query:
type: "string"
description: "Natural language query about CloudWatch resources (e.g., 'show active alarms', 'list log groups', 'find high CPU metrics')"
required: ["query"]
- name: "cost_explorer_read_operations"
description: "Perform read-only operations on Cost Explorer. Accepts natural language queries about costs, billing, and usage."
inputSchema:
type: "object"
properties:
query:
type: "string"
description: "Natural language query about costs and billing (e.g., 'show monthly costs', 'find expensive services', 'compare last 3 months')"
required: ["query"]
- name: "ecs_read_operations"
description: "Perform read-only operations on ECS resources. Accepts natural language queries about clusters, services, and tasks."
inputSchema:
type: "object"
properties:
query:
type: "string"
description: "Natural language query about ECS resources (e.g., 'list all clusters', 'show running services', 'find failed tasks')"
required: ["query"]
- name: "eks_read_operations"
description: "Perform read-only operations on EKS resources. Accepts natural language queries about Kubernetes clusters and node groups."
inputSchema:
type: "object"
properties:
query:
type: "string"
description: "Natural language query about EKS resources (e.g., 'list all clusters', 'show node groups', 'find cluster versions')"
required: ["query"]
- name: "sns_read_operations"
description: "Perform read-only operations on SNS resources. Accepts natural language queries about topics and subscriptions."
inputSchema:
type: "object"
properties:
query:
type: "string"
description: "Natural language query about SNS resources (e.g., 'list all topics', 'show subscriptions', 'find topic policies')"
required: ["query"]
- name: "sqs_read_operations"
description: "Perform read-only operations on SQS resources. Accepts natural language queries about queues and messages."
inputSchema:
type: "object"
properties:
query:
type: "string"
description: "Natural language query about SQS resources (e.g., 'list all queues', 'show queue attributes', 'find queues with messages')"
required: ["query"]
- name: "dynamodb_read_operations"
description: "Perform read-only operations on DynamoDB resources. Accepts natural language queries about tables and indexes."
inputSchema:
type: "object"
properties:
query:
type: "string"
description: "Natural language query about DynamoDB resources (e.g., 'list all tables', 'show table indexes', 'find large tables')"
required: ["query"]
- name: "route53_read_operations"
description: "Perform read-only operations on Route53 resources. Accepts natural language queries about DNS zones and records."
inputSchema:
type: "object"
properties:
query:
type: "string"
description: "Natural language query about Route53 resources (e.g., 'list hosted zones', 'show DNS records', 'find domain configurations')"
required: ["query"]
- name: "apigateway_read_operations"
description: "Perform read-only operations on API Gateway resources. Accepts natural language queries about APIs and deployments."
inputSchema:
type: "object"
properties:
query:
type: "string"
description: "Natural language query about API Gateway resources (e.g., 'list all APIs', 'show API stages', 'find API methods')"
required: ["query"]
- name: "ses_read_operations"
description: "Perform read-only operations on SES resources. Accepts natural language queries about email identities and configurations."
inputSchema:
type: "object"
properties:
query:
type: "string"
description: "Natural language query about SES resources (e.g., 'list verified emails', 'show sending statistics', 'find configuration sets')"
required: ["query"]
- name: "bedrock_read_operations"
description: "Perform read-only operations on Bedrock resources. Accepts natural language queries about foundation models and jobs."
inputSchema:
type: "object"
properties:
query:
type: "string"
description: "Natural language query about Bedrock resources (e.g., 'list available models', 'show model capabilities', 'find customization jobs')"
required: ["query"]
- name: "sagemaker_read_operations"
description: "Perform read-only operations on SageMaker resources. Accepts natural language queries about ML endpoints and models."
inputSchema:
type: "object"
properties:
query:
type: "string"
description: "Natural language query about SageMaker resources (e.g., 'list all endpoints', 'show training jobs', 'find model artifacts')"
required: ["query"]
Reference in New Issue Copy Permalink