2025/10/06 - Amazon Bedrock Agent Core Control Plane Fronting Layer - 4 updated api methods
Changes Add support for batch memory management, agent card retrieval and session termination
{'lifecycleConfiguration': {'idleRuntimeSessionTimeout': 'integer',
'maxLifetime': 'integer'},
'protocolConfiguration': {'serverProtocol': {'A2A'}}}
Creates an Amazon Bedrock AgentCore Runtime.
See also: AWS API Documentation
Request Syntax
client.create_agent_runtime(
agentRuntimeName='string',
agentRuntimeArtifact={
'containerConfiguration': {
'containerUri': 'string'
}
},
roleArn='string',
networkConfiguration={
'networkMode': 'PUBLIC'|'VPC',
'networkModeConfig': {
'securityGroups': [
'string',
],
'subnets': [
'string',
]
}
},
clientToken='string',
description='string',
authorizerConfiguration={
'customJWTAuthorizer': {
'discoveryUrl': 'string',
'allowedAudience': [
'string',
],
'allowedClients': [
'string',
]
}
},
requestHeaderConfiguration={
'requestHeaderAllowlist': [
'string',
]
},
protocolConfiguration={
'serverProtocol': 'MCP'|'HTTP'|'A2A'
},
lifecycleConfiguration={
'idleRuntimeSessionTimeout': 123,
'maxLifetime': 123
},
environmentVariables={
'string': 'string'
},
tags={
'string': 'string'
}
)
string
[REQUIRED]
The name of the AgentCore Runtime.
dict
[REQUIRED]
The artifact of the AgentCore Runtime.
containerConfiguration (dict) --
The container configuration for the agent artifact.
containerUri (string) -- [REQUIRED]
The ECR URI of the container.
string
[REQUIRED]
The IAM role ARN that provides permissions for the AgentCore Runtime.
dict
[REQUIRED]
The network configuration for the AgentCore Runtime.
networkMode (string) -- [REQUIRED]
The network mode for the AgentCore Runtime.
networkModeConfig (dict) --
The network mode configuration for the AgentCore Runtime.
securityGroups (list) -- [REQUIRED]
The security groups associated with the VPC configuration.
(string) --
subnets (list) -- [REQUIRED]
The subnets associated with the VPC configuration.
(string) --
string
A unique, case-sensitive identifier to ensure idempotency of the request.
This field is autopopulated if not provided.
string
The description of the AgentCore Runtime.
dict
The authorizer configuration for the AgentCore Runtime.
customJWTAuthorizer (dict) --
The inbound JWT-based authorization, specifying how incoming requests should be authenticated.
discoveryUrl (string) -- [REQUIRED]
This URL is used to fetch OpenID Connect configuration or authorization server metadata for validating incoming tokens.
allowedAudience (list) --
Represents individual audience values that are validated in the incoming JWT token validation process.
(string) --
allowedClients (list) --
Represents individual client IDs that are validated in the incoming JWT token validation process.
(string) --
dict
Configuration for HTTP request headers that will be passed through to the runtime.
requestHeaderAllowlist (list) --
A list of HTTP request headers that are allowed to be passed through to the runtime.
(string) --
dict
The protocol configuration for an agent runtime. This structure defines how the agent runtime communicates with clients.
serverProtocol (string) -- [REQUIRED]
The server protocol for the agent runtime. This field specifies which protocol the agent runtime uses to communicate with clients.
dict
The life cycle configuration for the AgentCore Runtime.
idleRuntimeSessionTimeout (integer) --
Timeout in seconds for idle runtime sessions. When a session remains idle for this duration, it will be automatically terminated. Default: 900 seconds (15 minutes).
maxLifetime (integer) --
Maximum lifetime for the instance in seconds. Once reached, instances will be automatically terminated and replaced. Default: 28800 seconds (8 hours).
dict
Environment variables to set in the AgentCore Runtime environment.
(string) --
(string) --
dict
A map of tag keys and values to assign to the agent runtime. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment.
(string) --
(string) --
dict
Response Syntax
{
'agentRuntimeArn': 'string',
'workloadIdentityDetails': {
'workloadIdentityArn': 'string'
},
'agentRuntimeId': 'string',
'agentRuntimeVersion': 'string',
'createdAt': datetime(2015, 1, 1),
'status': 'CREATING'|'CREATE_FAILED'|'UPDATING'|'UPDATE_FAILED'|'READY'|'DELETING'
}
Response Structure
(dict) --
agentRuntimeArn (string) --
The Amazon Resource Name (ARN) of the AgentCore Runtime.
workloadIdentityDetails (dict) --
The workload identity details for the AgentCore Runtime.
workloadIdentityArn (string) --
The ARN associated with the workload identity.
agentRuntimeId (string) --
The unique identifier of the AgentCore Runtime.
agentRuntimeVersion (string) --
The version of the AgentCore Runtime.
createdAt (datetime) --
The timestamp when the AgentCore Runtime was created.
status (string) --
The current status of the AgentCore Runtime.
{'tags': {'string': 'string'}}
Creates a new Amazon Bedrock AgentCore Memory resource.
See also: AWS API Documentation
Request Syntax
client.create_memory(
clientToken='string',
name='string',
description='string',
encryptionKeyArn='string',
memoryExecutionRoleArn='string',
eventExpiryDuration=123,
memoryStrategies=[
{
'semanticMemoryStrategy': {
'name': 'string',
'description': 'string',
'namespaces': [
'string',
]
},
'summaryMemoryStrategy': {
'name': 'string',
'description': 'string',
'namespaces': [
'string',
]
},
'userPreferenceMemoryStrategy': {
'name': 'string',
'description': 'string',
'namespaces': [
'string',
]
},
'customMemoryStrategy': {
'name': 'string',
'description': 'string',
'namespaces': [
'string',
],
'configuration': {
'semanticOverride': {
'extraction': {
'appendToPrompt': 'string',
'modelId': 'string'
},
'consolidation': {
'appendToPrompt': 'string',
'modelId': 'string'
}
},
'summaryOverride': {
'consolidation': {
'appendToPrompt': 'string',
'modelId': 'string'
}
},
'userPreferenceOverride': {
'extraction': {
'appendToPrompt': 'string',
'modelId': 'string'
},
'consolidation': {
'appendToPrompt': 'string',
'modelId': 'string'
}
}
}
}
},
],
tags={
'string': 'string'
}
)
string
A unique, case-sensitive identifier to ensure that the operation completes no more than one time. If this token matches a previous request, Amazon Bedrock ignores the request but does not return an error.
This field is autopopulated if not provided.
string
[REQUIRED]
The name of the memory. The name must be unique within your account.
string
The description of the memory.
string
The Amazon Resource Name (ARN) of the KMS key used to encrypt the memory data.
string
The Amazon Resource Name (ARN) of the IAM role that provides permissions for the memory to access Amazon Web Services services.
integer
[REQUIRED]
The duration after which memory events expire. Specified as an ISO 8601 duration.
list
The memory strategies to use for this memory. Strategies define how information is extracted, processed, and consolidated.
(dict) --
Contains input information for creating a memory strategy.
semanticMemoryStrategy (dict) --
Input for creating a semantic memory strategy.
name (string) -- [REQUIRED]
The name of the semantic memory strategy.
description (string) --
The description of the semantic memory strategy.
namespaces (list) --
The namespaces associated with the semantic memory strategy.
(string) --
summaryMemoryStrategy (dict) --
Input for creating a summary memory strategy.
name (string) -- [REQUIRED]
The name of the summary memory strategy.
description (string) --
The description of the summary memory strategy.
namespaces (list) --
The namespaces associated with the summary memory strategy.
(string) --
userPreferenceMemoryStrategy (dict) --
Input for creating a user preference memory strategy.
name (string) -- [REQUIRED]
The name of the user preference memory strategy.
description (string) --
The description of the user preference memory strategy.
namespaces (list) --
The namespaces associated with the user preference memory strategy.
(string) --
customMemoryStrategy (dict) --
Input for creating a custom memory strategy.
name (string) -- [REQUIRED]
The name of the custom memory strategy.
description (string) --
The description of the custom memory strategy.
namespaces (list) --
The namespaces associated with the custom memory strategy.
(string) --
configuration (dict) --
The configuration for the custom memory strategy.
semanticOverride (dict) --
The semantic override configuration for a custom memory strategy.
extraction (dict) --
The extraction configuration for a semantic override.
appendToPrompt (string) -- [REQUIRED]
The text to append to the prompt for semantic extraction.
modelId (string) -- [REQUIRED]
The model ID to use for semantic extraction.
consolidation (dict) --
The consolidation configuration for a semantic override.
appendToPrompt (string) -- [REQUIRED]
The text to append to the prompt for semantic consolidation.
modelId (string) -- [REQUIRED]
The model ID to use for semantic consolidation.
summaryOverride (dict) --
The summary override configuration for a custom memory strategy.
consolidation (dict) --
The consolidation configuration for a summary override.
appendToPrompt (string) -- [REQUIRED]
The text to append to the prompt for summary consolidation.
modelId (string) -- [REQUIRED]
The model ID to use for summary consolidation.
userPreferenceOverride (dict) --
The user preference override configuration for a custom memory strategy.
extraction (dict) --
The extraction configuration for a user preference override.
appendToPrompt (string) -- [REQUIRED]
The text to append to the prompt for user preference extraction.
modelId (string) -- [REQUIRED]
The model ID to use for user preference extraction.
consolidation (dict) --
The consolidation configuration for a user preference override.
appendToPrompt (string) -- [REQUIRED]
The text to append to the prompt for user preference consolidation.
modelId (string) -- [REQUIRED]
The model ID to use for user preference consolidation.
dict
A map of tag keys and values to assign to an AgentCore Memory. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment.
(string) --
(string) --
dict
Response Syntax
{
'memory': {
'arn': 'string',
'id': 'string',
'name': 'string',
'description': 'string',
'encryptionKeyArn': 'string',
'memoryExecutionRoleArn': 'string',
'eventExpiryDuration': 123,
'status': 'CREATING'|'ACTIVE'|'FAILED'|'DELETING',
'failureReason': 'string',
'createdAt': datetime(2015, 1, 1),
'updatedAt': datetime(2015, 1, 1),
'strategies': [
{
'strategyId': 'string',
'name': 'string',
'description': 'string',
'configuration': {
'type': 'SEMANTIC_OVERRIDE'|'SUMMARY_OVERRIDE'|'USER_PREFERENCE_OVERRIDE',
'extraction': {
'customExtractionConfiguration': {
'semanticExtractionOverride': {
'appendToPrompt': 'string',
'modelId': 'string'
},
'userPreferenceExtractionOverride': {
'appendToPrompt': 'string',
'modelId': 'string'
}
}
},
'consolidation': {
'customConsolidationConfiguration': {
'semanticConsolidationOverride': {
'appendToPrompt': 'string',
'modelId': 'string'
},
'summaryConsolidationOverride': {
'appendToPrompt': 'string',
'modelId': 'string'
},
'userPreferenceConsolidationOverride': {
'appendToPrompt': 'string',
'modelId': 'string'
}
}
}
},
'type': 'SEMANTIC'|'SUMMARIZATION'|'USER_PREFERENCE'|'CUSTOM',
'namespaces': [
'string',
],
'createdAt': datetime(2015, 1, 1),
'updatedAt': datetime(2015, 1, 1),
'status': 'CREATING'|'ACTIVE'|'DELETING'|'FAILED'
},
]
}
}
Response Structure
(dict) --
memory (dict) --
The details of the created memory, including its ID, ARN, name, description, and configuration settings.
arn (string) --
The Amazon Resource Name (ARN) of the memory.
id (string) --
The unique identifier of the memory.
name (string) --
The name of the memory.
description (string) --
The description of the memory.
encryptionKeyArn (string) --
The ARN of the KMS key used to encrypt the memory.
memoryExecutionRoleArn (string) --
The ARN of the IAM role that provides permissions for the memory.
eventExpiryDuration (integer) --
The number of days after which memory events will expire.
status (string) --
The current status of the memory.
failureReason (string) --
The reason for failure if the memory is in a failed state.
createdAt (datetime) --
The timestamp when the memory was created.
updatedAt (datetime) --
The timestamp when the memory was last updated.
strategies (list) --
The list of memory strategies associated with this memory.
(dict) --
Contains information about a memory strategy.
strategyId (string) --
The unique identifier of the memory strategy.
name (string) --
The name of the memory strategy.
description (string) --
The description of the memory strategy.
configuration (dict) --
The configuration of the memory strategy.
type (string) --
The type of override for the strategy configuration.
extraction (dict) --
The extraction configuration for the memory strategy.
customExtractionConfiguration (dict) --
The custom extraction configuration.
semanticExtractionOverride (dict) --
The semantic extraction override configuration.
appendToPrompt (string) --
The text to append to the prompt for semantic extraction.
modelId (string) --
The model ID to use for semantic extraction.
userPreferenceExtractionOverride (dict) --
The user preference extraction override configuration.
appendToPrompt (string) --
The text to append to the prompt for user preference extraction.
modelId (string) --
The model ID to use for user preference extraction.
consolidation (dict) --
The consolidation configuration for the memory strategy.
customConsolidationConfiguration (dict) --
The custom consolidation configuration.
semanticConsolidationOverride (dict) --
The semantic consolidation override configuration.
appendToPrompt (string) --
The text to append to the prompt for semantic consolidation.
modelId (string) --
The model ID to use for semantic consolidation.
summaryConsolidationOverride (dict) --
The summary consolidation override configuration.
appendToPrompt (string) --
The text to append to the prompt for summary consolidation.
modelId (string) --
The model ID to use for summary consolidation.
userPreferenceConsolidationOverride (dict) --
The user preference consolidation override configuration.
appendToPrompt (string) --
The text to append to the prompt for user preference consolidation.
modelId (string) --
The model ID to use for user preference consolidation.
type (string) --
The type of the memory strategy.
namespaces (list) --
The namespaces associated with the memory strategy.
(string) --
createdAt (datetime) --
The timestamp when the memory strategy was created.
updatedAt (datetime) --
The timestamp when the memory strategy was last updated.
status (string) --
The current status of the memory strategy.
{'lifecycleConfiguration': {'idleRuntimeSessionTimeout': 'integer',
'maxLifetime': 'integer'},
'protocolConfiguration': {'serverProtocol': {'A2A'}}}
Gets an Amazon Bedrock AgentCore Runtime.
See also: AWS API Documentation
Request Syntax
client.get_agent_runtime(
agentRuntimeId='string',
agentRuntimeVersion='string'
)
string
[REQUIRED]
The unique identifier of the AgentCore Runtime to retrieve.
string
The version of the AgentCore Runtime to retrieve.
dict
Response Syntax
{
'agentRuntimeArn': 'string',
'agentRuntimeName': 'string',
'agentRuntimeId': 'string',
'agentRuntimeVersion': 'string',
'createdAt': datetime(2015, 1, 1),
'lastUpdatedAt': datetime(2015, 1, 1),
'roleArn': 'string',
'networkConfiguration': {
'networkMode': 'PUBLIC'|'VPC',
'networkModeConfig': {
'securityGroups': [
'string',
],
'subnets': [
'string',
]
}
},
'status': 'CREATING'|'CREATE_FAILED'|'UPDATING'|'UPDATE_FAILED'|'READY'|'DELETING',
'lifecycleConfiguration': {
'idleRuntimeSessionTimeout': 123,
'maxLifetime': 123
},
'description': 'string',
'workloadIdentityDetails': {
'workloadIdentityArn': 'string'
},
'agentRuntimeArtifact': {
'containerConfiguration': {
'containerUri': 'string'
}
},
'protocolConfiguration': {
'serverProtocol': 'MCP'|'HTTP'|'A2A'
},
'environmentVariables': {
'string': 'string'
},
'authorizerConfiguration': {
'customJWTAuthorizer': {
'discoveryUrl': 'string',
'allowedAudience': [
'string',
],
'allowedClients': [
'string',
]
}
},
'requestHeaderConfiguration': {
'requestHeaderAllowlist': [
'string',
]
}
}
Response Structure
(dict) --
agentRuntimeArn (string) --
The Amazon Resource Name (ARN) of the AgentCore Runtime.
agentRuntimeName (string) --
The name of the AgentCore Runtime.
agentRuntimeId (string) --
The unique identifier of the AgentCore Runtime.
agentRuntimeVersion (string) --
The version of the AgentCore Runtime.
createdAt (datetime) --
The timestamp when the AgentCore Runtime was created.
lastUpdatedAt (datetime) --
The timestamp when the AgentCore Runtime was last updated.
roleArn (string) --
The IAM role ARN that provides permissions for the AgentCore Runtime.
networkConfiguration (dict) --
The network configuration for the AgentCore Runtime.
networkMode (string) --
The network mode for the AgentCore Runtime.
networkModeConfig (dict) --
The network mode configuration for the AgentCore Runtime.
securityGroups (list) --
The security groups associated with the VPC configuration.
(string) --
subnets (list) --
The subnets associated with the VPC configuration.
(string) --
status (string) --
The current status of the AgentCore Runtime.
lifecycleConfiguration (dict) --
The life cycle configuration for the AgentCore Runtime.
idleRuntimeSessionTimeout (integer) --
Timeout in seconds for idle runtime sessions. When a session remains idle for this duration, it will be automatically terminated. Default: 900 seconds (15 minutes).
maxLifetime (integer) --
Maximum lifetime for the instance in seconds. Once reached, instances will be automatically terminated and replaced. Default: 28800 seconds (8 hours).
description (string) --
The description of the AgentCore Runtime.
workloadIdentityDetails (dict) --
The workload identity details for the AgentCore Runtime.
workloadIdentityArn (string) --
The ARN associated with the workload identity.
agentRuntimeArtifact (dict) --
The artifact of the AgentCore Runtime.
containerConfiguration (dict) --
The container configuration for the agent artifact.
containerUri (string) --
The ECR URI of the container.
protocolConfiguration (dict) --
The protocol configuration for an agent runtime. This structure defines how the agent runtime communicates with clients.
serverProtocol (string) --
The server protocol for the agent runtime. This field specifies which protocol the agent runtime uses to communicate with clients.
environmentVariables (dict) --
Environment variables set in the AgentCore Runtime environment.
(string) --
(string) --
authorizerConfiguration (dict) --
The authorizer configuration for the AgentCore Runtime.
customJWTAuthorizer (dict) --
The inbound JWT-based authorization, specifying how incoming requests should be authenticated.
discoveryUrl (string) --
This URL is used to fetch OpenID Connect configuration or authorization server metadata for validating incoming tokens.
allowedAudience (list) --
Represents individual audience values that are validated in the incoming JWT token validation process.
(string) --
allowedClients (list) --
Represents individual client IDs that are validated in the incoming JWT token validation process.
(string) --
requestHeaderConfiguration (dict) --
Configuration for HTTP request headers that will be passed through to the runtime.
requestHeaderAllowlist (list) --
A list of HTTP request headers that are allowed to be passed through to the runtime.
(string) --
{'lifecycleConfiguration': {'idleRuntimeSessionTimeout': 'integer',
'maxLifetime': 'integer'},
'protocolConfiguration': {'serverProtocol': {'A2A'}}}
Updates an existing Amazon Secure Agent.
See also: AWS API Documentation
Request Syntax
client.update_agent_runtime(
agentRuntimeId='string',
agentRuntimeArtifact={
'containerConfiguration': {
'containerUri': 'string'
}
},
roleArn='string',
networkConfiguration={
'networkMode': 'PUBLIC'|'VPC',
'networkModeConfig': {
'securityGroups': [
'string',
],
'subnets': [
'string',
]
}
},
description='string',
authorizerConfiguration={
'customJWTAuthorizer': {
'discoveryUrl': 'string',
'allowedAudience': [
'string',
],
'allowedClients': [
'string',
]
}
},
requestHeaderConfiguration={
'requestHeaderAllowlist': [
'string',
]
},
protocolConfiguration={
'serverProtocol': 'MCP'|'HTTP'|'A2A'
},
lifecycleConfiguration={
'idleRuntimeSessionTimeout': 123,
'maxLifetime': 123
},
environmentVariables={
'string': 'string'
},
clientToken='string'
)
string
[REQUIRED]
The unique identifier of the AgentCore Runtime to update.
dict
[REQUIRED]
The updated artifact of the AgentCore Runtime.
containerConfiguration (dict) --
The container configuration for the agent artifact.
containerUri (string) -- [REQUIRED]
The ECR URI of the container.
string
[REQUIRED]
The updated IAM role ARN that provides permissions for the AgentCore Runtime.
dict
[REQUIRED]
The updated network configuration for the AgentCore Runtime.
networkMode (string) -- [REQUIRED]
The network mode for the AgentCore Runtime.
networkModeConfig (dict) --
The network mode configuration for the AgentCore Runtime.
securityGroups (list) -- [REQUIRED]
The security groups associated with the VPC configuration.
(string) --
subnets (list) -- [REQUIRED]
The subnets associated with the VPC configuration.
(string) --
string
The updated description of the AgentCore Runtime.
dict
The updated authorizer configuration for the AgentCore Runtime.
customJWTAuthorizer (dict) --
The inbound JWT-based authorization, specifying how incoming requests should be authenticated.
discoveryUrl (string) -- [REQUIRED]
This URL is used to fetch OpenID Connect configuration or authorization server metadata for validating incoming tokens.
allowedAudience (list) --
Represents individual audience values that are validated in the incoming JWT token validation process.
(string) --
allowedClients (list) --
Represents individual client IDs that are validated in the incoming JWT token validation process.
(string) --
dict
The updated configuration for HTTP request headers that will be passed through to the runtime.
requestHeaderAllowlist (list) --
A list of HTTP request headers that are allowed to be passed through to the runtime.
(string) --
dict
The protocol configuration for an agent runtime. This structure defines how the agent runtime communicates with clients.
serverProtocol (string) -- [REQUIRED]
The server protocol for the agent runtime. This field specifies which protocol the agent runtime uses to communicate with clients.
dict
The updated life cycle configuration for the AgentCore Runtime.
idleRuntimeSessionTimeout (integer) --
Timeout in seconds for idle runtime sessions. When a session remains idle for this duration, it will be automatically terminated. Default: 900 seconds (15 minutes).
maxLifetime (integer) --
Maximum lifetime for the instance in seconds. Once reached, instances will be automatically terminated and replaced. Default: 28800 seconds (8 hours).
dict
Updated environment variables to set in the AgentCore Runtime environment.
(string) --
(string) --
string
A unique, case-sensitive identifier to ensure idempotency of the request.
This field is autopopulated if not provided.
dict
Response Syntax
{
'agentRuntimeArn': 'string',
'agentRuntimeId': 'string',
'workloadIdentityDetails': {
'workloadIdentityArn': 'string'
},
'agentRuntimeVersion': 'string',
'createdAt': datetime(2015, 1, 1),
'lastUpdatedAt': datetime(2015, 1, 1),
'status': 'CREATING'|'CREATE_FAILED'|'UPDATING'|'UPDATE_FAILED'|'READY'|'DELETING'
}
Response Structure
(dict) --
agentRuntimeArn (string) --
The Amazon Resource Name (ARN) of the updated AgentCore Runtime.
agentRuntimeId (string) --
The unique identifier of the updated AgentCore Runtime.
workloadIdentityDetails (dict) --
The workload identity details for the updated AgentCore Runtime.
workloadIdentityArn (string) --
The ARN associated with the workload identity.
agentRuntimeVersion (string) --
The version of the updated AgentCore Runtime.
createdAt (datetime) --
The timestamp when the AgentCore Runtime was created.
lastUpdatedAt (datetime) --
The timestamp when the AgentCore Runtime was last updated.
status (string) --
The current status of the updated AgentCore Runtime.