RFC 797: Bedrock AgentCore Tools 1P L2 construct#797
Conversation
text/0785-bedrock-agentcore-l2.md
Outdated
| import { | ||
| Runtime, | ||
| NetworkMode, | ||
| } from "@krokoko/agentcore-cdk-constructs/lib/cdk-lib/bedrock-agentcore/runtime/runtime"; |
There was a problem hiding this comment.
I know where this is coming from, but lets remember to change them before we remove the draft mode on the RFC
text/0785-bedrock-agentcore-l2.md
Outdated
|
|
||
| For more details please refer here [Amazon Bedrock AgentCore Documentation](https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/what-is-bedrock-agentcore.html). | ||
|
|
||
| ## AgentCore Runtime |
There was a problem hiding this comment.
General comment:
We are missing here a table of properties and attributes this resource will need/return, but I think it can be added once the L1s are ready.
Additionally, there are some support and helper methods that will target runtime directly, but that don't provide a good explanation and use case example on why they are needed, and how can they be used. For example, the code snippets below explaining how to create the runtime are good, but they suddenly also add a endpoint to it, but we don't explain why or what use case will be solved by doing that. Adding additional sections explaining this helper methods, specially for people that are not fully knowledgable on AgentCore specifics, will give a better understanding of how we want this L2 to work and why
There was a problem hiding this comment.
Ack , Added some details for versioning and endpoint. - a493146
text/0785-bedrock-agentcore-l2.md
Outdated
| }); | ||
| ``` | ||
|
|
||
| ### Invoking the Runtime |
There was a problem hiding this comment.
Not sure if we need to add this code snippets here, as they can add confusion since this is not really CDK related. If we want to keep them, lets please add a one paragraph explanation, clarifying that his is just an example how you will use the runtime later, once deployed.
There was a problem hiding this comment.
Ack, removed this snippet to avoid any confusion.
text/0785-bedrock-agentcore-l2.md
Outdated
| console.log(new TextDecoder().decode(event)); | ||
| } | ||
| ``` | ||
|
|
There was a problem hiding this comment.
There are no mentions of Runtime versioning. Is this something we don't plan to support initially?
There was a problem hiding this comment.
Runtime versioning is an implicit behaviour of runtime, added some notes for versioning. a493146
text/0785-bedrock-agentcore-l2.md
Outdated
| or production environments. For example, you might keep a "production" endpoint on a stable version while testing newer versions | ||
| through a "staging" endpoint. This separation allows you to test changes thoroughly before promoting them | ||
| to production by simply updating the endpoint to point to the newer version. | ||
| The "DEFAULT" endpoint automatically points to the latest version of your agent runtime. |
There was a problem hiding this comment.
This is a good explanation. Can we also add examples how this multi endpoint setup will look like in code?
I am trying to understand how this method will work. From what I can see, and correct me if I am wrong, addEndpoint will assign the endpoint to the latest runtime. But lets say I update that runtime at some point in the future, because I modified something in the configuration. How will the original endpoint be preserved and accessed through CDK? What I imagining that will happen is that since the runtime changed, then we will end up also creating a new endpoint (the "DEFAULT" one) that is targeting the new version of the runtime which is ok, but makes me wonder how can people access or modify the old endpoint.
There was a problem hiding this comment.
When you create an endpoint with addEndpoint(), it captures the version at that moment. If you specify a version explicitly, it uses that; otherwise, it uses the runtime's current version. You can use version to point to old endpoint.
I will add some example to RFC.
const publicEndpoint = agentRuntime.addEndpoint('public_endpoint_auth', {
description: 'Public endpoint for AgentCore runtime access',
version:"2"
});
export interface AddEndpointOptions {
/**
* Description for the endpoint
* @default - No description
*/
readonly description?: string;
/**
* Override the runtime version for this endpoint
* @default - Uses the runtime's version
*/
readonly version?: string;
}
There was a problem hiding this comment.
On a second thought, do you think we should add a function in l2 construct to list all the old versions of a runtime.
boto3 has this -
response = client.list_agent_runtime_versions(
agentRuntimeId='string',
maxResults=123,
nextToken='string'
)
There was a problem hiding this comment.
I was confused by this, but now, an also with the table provided above, I get it better. Due to the nature of cdk, listing the version itself in the L2 construct wont work, since this call will be made probably during deployment and at that point you cannot control choosing which version to use, you already made that decision. But lets add this to the documentation both in the JSDoc and in the README file of the module itself, so we let our customers know how to look for existing versions so they can use a diff one than the latest if they need to. But after understanding this, I think this implementation is good enough as it is, we just need to expand the documentation around it
text/0785-bedrock-agentcore-l2.md
Outdated
| | `authorizerConfiguration` | `AuthorizerConfigurationRuntime` | No | Authorizer configuration for the agent runtime | | ||
| | `concurrencyConfiguration` | `ConcurrencyConfiguration` | No | Concurrency configuration for the agent runtime | | ||
| | `environmentVariables` | `{ [key: string]: string }` | No | Environment variables for the agent runtime | | ||
| | `clientToken` | `string` | No | A unique identifier to ensure idempotency of the request | |
There was a problem hiding this comment.
I could be wrong, but I think this clientToken is needed for the initial custom resource implementation, and wont be needed for the L1s. That property is normally needed in direct API calls, but I dont see anything similar now that the L1s for this resource are available
There was a problem hiding this comment.
Correct, it has been removed from the current implementation which uses cfn resources, we will update the RFC with the changes
There was a problem hiding this comment.
Yes, It is not in CFN anymore, will remove it. Same with concurrencyConfiguration, will remove that too.
text/0785-bedrock-agentcore-l2.md
Outdated
| ### Runtime Versioning | ||
|
|
||
| Amazon Bedrock AgentCore automatically manages runtime versioning to ensure safe deployments and rollback capabilities. | ||
| When you create an agent runtime, AgentCore automatically creates version 1 (V1). Each subsequent update to the |
There was a problem hiding this comment.
Just out of curiosity, can you give a name to the version that is generated, or is it always autogenerated by the service ?
There was a problem hiding this comment.
Yes runtime versions are automatically generated when you update the runtime's configuration.
There was a problem hiding this comment.
I like this explanation
There was a problem hiding this comment.
This is a very nice table. Does this DEFAULT endpoint exists when the moment you create the runtime? lets say I create the runtime in cdk without any specific endpoint, will this default one be created by the create runtime call? and can customers use it to invoke the runtime? In any case, this is good information and explain well the scenario, lets add it to the notes of the README in the alpha module PR if not there already, it will help customers to understand how they can manage their resources
There was a problem hiding this comment.
Yes, the DEFAULT endpoint gets created with runtime and you can use it to invoke too.
There was a problem hiding this comment.
Ok, makes sense, lets add notes on this, mostly in the readme notes of the alpha module, once the PR of this resource is implemented
text/0785-bedrock-agentcore-l2.md
Outdated
| memory.addMemoryStrategy(MemoryStrategy.BUILT_IN_SEMANTIC); | ||
| ``` | ||
|
|
||
| ## Browser Tool |
There was a problem hiding this comment.
Lets add some paragraphs explaining what is this construct for, and some usecases explaining how it can be used, The examples below are great, so lets add a bit of explanation here, to help the user understand when they could use each of them
There was a problem hiding this comment.
Done in the local repo and will update the rfc
text/0785-bedrock-agentcore-l2.md
Outdated
| - Supports GATEWAY_IAM_ROLE credential provider only | ||
| - Ideal for custom serverless function integration | ||
|
|
||
| ## Code Interpreter |
There was a problem hiding this comment.
Same as in the Browser tool section, lets add some paragraphs explaining what is this construct for, and some usecases explaining how it can be used, The examples below are great, so lets add a bit of explanation here, to help the user understand when they could use each of them. And lets bring up the Network Modes explanation before the code examples
text/0785-bedrock-agentcore-l2.md
Outdated
| ### Runtime Versioning | ||
|
|
||
| Amazon Bedrock AgentCore automatically manages runtime versioning to ensure safe deployments and rollback capabilities. | ||
| When you create an agent runtime, AgentCore automatically creates version 1 (V1). Each subsequent update to the |
There was a problem hiding this comment.
This is a very nice table. Does this DEFAULT endpoint exists when the moment you create the runtime? lets say I create the runtime in cdk without any specific endpoint, will this default one be created by the create runtime call? and can customers use it to invoke the runtime? In any case, this is good information and explain well the scenario, lets add it to the notes of the README in the alpha module PR if not there already, it will help customers to understand how they can manage their resources
text/0785-bedrock-agentcore-l2.md
Outdated
| or production environments. For example, you might keep a "production" endpoint on a stable version while testing newer versions | ||
| through a "staging" endpoint. This separation allows you to test changes thoroughly before promoting them | ||
| to production by simply updating the endpoint to point to the newer version. | ||
| The "DEFAULT" endpoint automatically points to the latest version of your agent runtime. |
There was a problem hiding this comment.
I was confused by this, but now, an also with the table provided above, I get it better. Due to the nature of cdk, listing the version itself in the L2 construct wont work, since this call will be made probably during deployment and at that point you cannot control choosing which version to use, you already made that decision. But lets add this to the documentation both in the JSDoc and in the README file of the module itself, so we let our customers know how to look for existing versions so they can use a diff one than the latest if they need to. But after understanding this, I think this implementation is good enough as it is, we just need to expand the documentation around it
text/0785-bedrock-agentcore-l2.md
Outdated
| }); | ||
|
|
||
| // Later, update to a new version | ||
| endpoint.updateRuntimeVersion("2"); |
There was a problem hiding this comment.
I am not sure this method adds value. What is the use case we are trying to solve with it? It seems weird to have a constructor for a resource with a param and then call a method to change that param. Considering that in CDK code everything happens at synth time, is this going to create just 1 resource (targeting v2) or is this going to create 2 endpoints, one per each version?
There was a problem hiding this comment.
You are right , forgot to remove this, it was there as per the initial plan, but we don't need it now.
…g rfc for agentcore tools
|
Refactored the RFC. This RFC is now only for Agent Core Tools. We will raise separate RFC for runtime , memory , gateway and other agent core modules. This makes it easy for everyone to follow on RFC and Code changes for individual bedrock agent core modules. |
|
After all the changes that were implemented, I am signing off this RFC. Will keep it open for the final comments period |
This is a request for Amazon Bedrock AgentCore L2 construct that simplifies the deployment and management of AI agents at scale by wrapping the AgentCore L1 constructs. It provides a high-level, object-oriented approach to creating and managing Amazon Bedrock AgentCore resources. This enables developers to deploy highly effective agents securely using any framework and model. The package will provide constructs for the following primitives:
AgentCore tools
See # Issue 785 for
additional details.
APIs are signed off by @alvazjor
By submitting this pull request, I confirm that my contribution is made under
the terms of the Apache-2.0 license