iSharkFly-Docs/amazon-bedrock-agentcore-samples
1
0
Fork 0
mirror of https://github.com/awslabs/amazon-bedrock-agentcore-samples.git synced 2025-09-08 20:50:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
amazon-bedrock-agentcore-sa.../02-use-cases/SRE-agent/docs/cli-reference.md
Shreyas Subramanian 176ef7bd91
renaming folders (#102)
2025-07-21 10:45:13 -04:00

5.8 KiB
Raw Permalink Blame History

Command Line Arguments Reference

This document describes all command line arguments available for the AgentCore Gateway Management Tool.

Usage

python main.py [-h] [--region REGION] [--endpoint-url ENDPOINT_URL] --role-arn ROLE_ARN --discovery-url DISCOVERY_URL 
               [--allowed-audience ALLOWED_AUDIENCE] [--allowed-clients ALLOWED_CLIENTS] 
               [--description-for-gateway DESCRIPTION] [--description-for-target DESCRIPTION] 
               [--search-type SEARCH_TYPE] [--protocol-version PROTOCOL_VERSION] 
               [--create-s3-target] [--s3-uri S3_URI] [--create-inline-target] 
               [--openapi-schema-file OPENAPI_SCHEMA_FILE] [--provider-arn PROVIDER_ARN] 
               [--save-gateway-url] [--delete-gateway-if-exists] [--output-json]
               gateway_name

Required Arguments

gateway_name

  • Type: String
  • Description: Name for the AgentCore Gateway

AWS Configuration

--region

  • Type: String
  • Default: us-east-1
  • Description: AWS region

--endpoint-url

--role-arn

  • Type: String
  • Required: Yes
  • Description: IAM Role ARN with gateway permissions

Authorization Configuration

--discovery-url

  • Type: String
  • Required: Yes
  • Description: JWT discovery URL for authorization

--allowed-audience

  • Type: String
  • Default: MCPGateway
  • Description: Allowed JWT audience (for Auth0/Okta)

--allowed-clients

  • Type: String (comma-separated)
  • Description: Allowed JWT client IDs (for Cognito)

Gateway Configuration

--description-for-gateway

  • Type: String
  • Default: "AgentCore Gateway created via SDK"
  • Description: Gateway description

--description-for-target

  • Type: String (can be specified multiple times)
  • Default: "S3 target for OpenAPI schema"
  • Description: Target description (can be specified multiple times for multiple targets)

--search-type

  • Type: String
  • Default: SEMANTIC
  • Description: MCP search type

--protocol-version

  • Type: String
  • Default: 2025-03-26
  • Description: MCP protocol version

Target Configuration

--create-s3-target

  • Type: Flag
  • Description: Create an S3 OpenAPI target

--s3-uri

  • Type: String (can be specified multiple times)
  • Description: S3 URI for OpenAPI schema (can be specified multiple times to create multiple targets)

--create-inline-target

  • Type: Flag
  • Description: Create an inline OpenAPI target

--openapi-schema-file

  • Type: String
  • Description: File containing OpenAPI schema for inline target

--provider-arn

  • Type: String
  • Description: OAuth credential provider ARN for targets

Output Options

--save-gateway-url

  • Type: Flag
  • Description: Save gateway URL to .gateway_uri file

--delete-gateway-if-exists

  • Type: Flag
  • Description: Delete gateway if it already exists before creating new one

--output-json

  • Type: Flag
  • Description: Output responses in JSON format

Examples

Create Gateway for Cognito

python main.py "CognitoGateway" \
    --role-arn "arn:aws:iam::123456789012:role/TestRole" \
    --discovery-url "https://cognito-idp.us-west-2.amazonaws.com/YourUserPoolId/.well-known/openid-configuration" \
    --allowed-clients "your-client-id"

Create Gateway for Okta

python main.py "OktaGateway" \
    --role-arn "arn:aws:iam::123456789012:role/TestRole" \
    --discovery-url "https://dev-xxxxx.okta.com/oauth2/default/.well-known/openid-configuration" \
    --allowed-audience "gateway123"

Create Gateway for Auth0

python main.py "Auth0Gateway" \
    --role-arn "arn:aws:iam::123456789012:role/TestRole" \
    --discovery-url "https://dev-xxxxx.us.auth0.com/.well-known/openid-configuration" \
    --allowed-audience "gateway123"

Full Example with S3 Target

python main.py "ProductionGateway" \
    --region "us-east-1" \
    --role-arn "arn:aws:iam::123456789012:role/GatewayRole" \
    --discovery-url "https://cognito-idp.us-west-2.amazonaws.com/us-west-2_xxxxx/.well-known/openid-configuration" \
    --allowed-audience "MCPGateway" \
    --description-for-gateway "Production Gateway for API Integration" \
    --create-s3-target \
    --s3-uri "s3://my-bucket/openapi-spec.yaml" \
    --provider-arn "arn:aws:bedrock-agentcore:us-east-1:123456789012:token-vault/default/oauth2credentialprovider/Cognito" \
    --save-gateway-url \
    --output-json

Create Gateway with Inline OpenAPI Target

python main.py "TestGateway" \
    --role-arn "arn:aws:iam::123456789012:role/GatewayRole" \
    --discovery-url "https://your-domain.auth0.com/.well-known/openid-configuration" \
    --create-inline-target \
    --openapi-schema-file "./schemas/hello.yaml" \
    --provider-arn "arn:aws:bedrock-agentcore:us-east-1:123456789012:token-vault/default/oauth2credentialprovider/Auth0"

Create Gateway with Multiple S3 Targets

python main.py "MultiTargetGateway" \
    --role-arn "arn:aws:iam::123456789012:role/GatewayRole" \
    --discovery-url "https://cognito-idp.us-east-1.amazonaws.com/us-east-1_xxxxx/.well-known/openid-configuration" \
    --allowed-clients "client-id-1,client-id-2" \
    --create-s3-target \
    --s3-uri "s3://my-bucket/api1.yaml" \
    --s3-uri "s3://my-bucket/api2.yaml" \
    --s3-uri "s3://my-bucket/api3.yaml" \
    --description-for-target "First API schema" \
    --description-for-target "Second API schema" \
    --description-for-target "Third API schema" \
    --provider-arn "arn:aws:bedrock-agentcore:us-east-1:123456789012:token-vault/default/oauth2credentialprovider/Cognito" \
    --save-gateway-url