Reactive Machines

View your AWS Secrets Manager secrets in Amazon Bedrock AgentCore Identity

Photo of nimda nimda Send an email 3 hours ago
0 1 6 minutes read
View your AWS Secrets Manager secrets in Amazon Bedrock AgentCore Identity

AI agents are only as powerful as the tools they can access. Whether retrieving customer data from a CRM, sending updates to Slack, or querying a GitHub repository, agents need to call external APIs, and that means securely passing credentials at runtime. Getting that right, without hard-coding secrets or exposing them to agent information, is one of the clear challenges of building production-ready agent systems.

Amazon Bedrock AgentCore Identity meets this challenge with authentication providers and a token vault that automatically creates and manages a secret in AWS Secret Manager for your resource account for each outgoing authentication provider. This secret contains the API key or client secret and other metadata of the external identity provider. Although AgentCore Identity creates and fully controls these keys, customers cannot configure custom tags, rotation policies, or encryption for customer-managed AWS Key Management Service (AWS KMS) keys during creation.

Today, we're excited to announce the ability to reference a secret in AWS Secret Manager for AgentCore Identity, so you can reference your own pre-configured secret from Secret Manager and maintain full control over how it's managed. With this capability, you can extend your organization's privacy management practices to AgentCore. You can provide an existing, preconfigured AWS Secret Manager secret to use with your authentication tools. You retain full control over its configuration, rotation, replication, tags, and resource policies, just as you would manage other secrets in the Secret Manager. You can also choose a secret from another AWS account within the same AWS Region, although cross-region secret sharing is not supported. This also supports secrets delivered through external AWS Secrets Manager connectors, allowing integration with third-party secret managers.

In this post, we'll review example use cases, and walk through how to start configuring your authentication provider services with an existing secret.

Examples of using scenarios

The following are examples of use cases:

  1. Your agent accesses an external API that your team already has a secret for: Provide the ARN of that secret that exists in your authentication provider's resources instead of having AgentCore Identity create a new one. You can also reference a secret from another AWS account within the same Region, and secrets delivered through external AWS Secrets Manager connectors are supported, allowing integration with third-party secret managers.
  2. You would like to exchange your secret for best security practices and want your agent to continue working as you rotate: If you rotate a private value, AgentCore Identity receives the updated value on its next read. You do not need to update or recreate the authentication provider services.
  3. You grant private access to the target agent's implementation: Configure the resource policy for your privacy directly in AWS Privacy Manager. You control which AWS Identity and Access Management (IAM) principals can access privacy and scope access conditions.
  4. Your agent operates in a controlled environment where all credentials must be encrypted with a key held by your customer: Create a secret with your customer-owned encryption key before providing it to AgentCore Identity. This is especially important if your organization enforces SCPs and RCPs to help ensure that all data is encrypted using customer-managed CMKs. By referring to the existing secret, your encryption configuration is fully preserved.
  5. Your organization needs confidential resource tags for cost allocation, compliance tracking, or administrative audits: Create and tag a secret according to your standards before assigning it to AgentCore Identity.

To learn more about the privacy configuration options available, see the AWS Privacy Manager User Guide.

What is required

To follow along, you need the following:

  1. An existing AWS Secrets Manager secret with an API key or an OAuth client secret.
  2. IAM permissions to assign the AgentCore Identity service principal secretsmanager:GetSecretValue to access the secret.
  3. If you use a customer-managed AWS KMS key, kms:Decrypt permission on that key to the service principal.
  4. Access to the Amazon Bedrock AgentCore Identity console or the AWS Command Line Interface (AWS CLI).

Getting started

To reference a secret in AWS Secret Manager, provide an ARN and JSON secret key when creating your authentication provider services with the AgentCore Identity API. AgentCore Identity returns an authentication value from the specified JSON key in your secret at runtime.

The following sections show how to create an authentication provider resource with a specified password using the AWS Management Console, the AWS CLI, or the AI ​​agent.

Using the console

You can configure the specified secret when creating new identity provider services directly from the Amazon Bedrock AgentCore Identity console. The feature supports both API key and OAuth client authentication types.

Figure 1: AgentCore Identity console, creating an Outbound Auth resource with the specified secret.

A. Add an API key with the specified secret

To add an API key with a specified secret, complete the following steps:

  1. Open the Amazon Bedrock AgentCore console.
  2. In the left navigation pane, select Ownership.
  3. Of Outbound Auth section, choose Add Outbound Auth.
  4. Select Add an API key.
  5. Enter a Name with your help of Outbound Auth.
  6. Underneath How to choose an API keychoose Provide an API key through the Secrets Manager.
  7. Of Privacy Manager ARN field, enter or select the ARN of your existing password. The list shows the secrets available in your account. For example: arn:aws:secretsmanager:us-east-1:123456789012:secret:myApiKeySecret-AbCdEf.
  8. Of JSON key field, specify the key within your Secret Manager secret that contains the API key value.
  9. Select Add.
  10. Verify that the authentication provider has been created by checking that it appears in the Outbound Auth list.

AgentCore Identity console showing how to add an API key from the Secret Manager

Figure 2: AgentCore Identity console, adding an API key from the Secret Manager.

B. Add an OAuth client secret with the specified secret

To add an OAuth client secret with a specified secret, complete the following steps:

  1. From the Ownership page, choose Add Outbound Auth.
  2. Select Add an OAuth client.
  3. Enter a Name in your OAuth client (for example, google-oauth-client-v5fz5).
  4. Underneath Providerselect your installed or custom target provider.
  5. Enter your own Client ID as provided by the identity provider.
  6. Underneath Client confidentialitychoose Provide Client privacy with Privacy Manager.
  7. Of Privacy Manager ARN field, enter the secret ARN that contains your OAuth client secret.
  8. Of JSON key field, specify the key within the secret that contains the client's secret value.
  9. Select Add an OAuth Client.
  10. Verify that the authentication provider has been created by checking that it appears in the Outbound Auth list.

AgentCore Identity console showing how to add an OAuth client secret from the Secrets Manager

Figure 3: AgentCore Identity console, adding an OAuth client secret from the Secret Manager.

Using the AWS CLI

You can configure the specified secret when creating a new Outbound Auth resource directly from the OAuth client secret from the AWS CLI as shown in the following code:

aws bedrock-agentcore-control create-oauth2-credential-provider 
    --name "google-oauth-client-v5fz5" 
    --credential-provider-vendor "GoogleOauth2" 
    --oauth2-provider-config-input '{
        "googleOauth2ProviderConfig": {
            "clientId": "",
            "clientSecretSource": "EXTERNAL",
            "clientSecretConfig": {
                "secretId": "arn:aws:secretsmanager:us-east-1:123456789012:secret:myGoogleKeySecret-AbCdEf",
                "jsonKey": "key"
            }
        }
    }'

Using an AI agent on your desktop

If you're using an AI code agent (like Kiro or similar), you can command it to configure the specified secret directly:

“I have a secret in AWS Secrets Manager at ARN arn:aws:secretsmanager:us-east-1:123456789012:secret:my-api-key. Create an OAuth2 authentication provider in Amazon Bedrock AgentCore Identity named using GoogleOauth2 as the broker. The client ID is the client secret source is EXTERNAL, and the JSON private key is the key.”

Note: Replace again with your principles.

Important: Give AgentCore Identity permission to read your secret by adding a service policy to the secret that allows the service principal to call secretsmanager:GetSecretValue. If your secret is encrypted with a customer-owned KMS key, also provide a service principal kms:Decrypt permission on that key.

The conclusion

With the ability to reference a secret in AWS Secret Manager, AgentCore Identity gives you the ability to use your existing secrets and secret management practices when configuring outbound auth for your AI agents. You can maintain full control over how your information is encrypted, encrypted, and accessed, while AgentCore Identity handles retrieval at runtime.

To get started, see the Amazon Bedrock AgentCore Identity documentation. For more on privacy management, see the AWS Privacy Manager User Guide.

About the writers

Swara Gandhi

Swara Gandhi

Swara Gandhi is a Senior Solutions Architect on the AWS Identity Solutions team. He works to create secure and reliable identity solutions. He is passionate about all things identity, security, and the cloud.

Satveer Khurpa

Satveer Khurpa

Satveer Khurpa Sr. WW Specialist Solutions Architect, Amazon Bedrock AgentCore at Amazon Web Services, specializing in AI security focusing on AgentCore Identity and security. In this role, he uses his expertise in cloud-based architecture to help his clients and deploy secure AI systems across various industries. Satveer applies his deep understanding of agent AI patterns, ownership and access management, and deep security principles to architect scalable, secure, and responsible agent-based applications, allowing organizations to unlock new business opportunities while maintaining a strong security posture for autonomous AI workloads.

Source link

Photo of nimda nimda Send an email 3 hours ago
0 1 6 minutes read
Photo of nimda

nimda

Related Articles

Transforming rare cancer research with Amazon Quick: Integrating biomedical databases for breakthrough discoveries

Transforming rare cancer research with Amazon Quick: Integrating biomedical databases for breakthrough discoveries

3 hours ago
Extending MCP support for Amazon Bedrock AgentCore Gateway

Extending MCP support for Amazon Bedrock AgentCore Gateway

6 hours ago
AgentOps: Operationalize agentic AI at scale with Amazon Bedrock AgentCore

AgentOps: Operationalize agentic AI at scale with Amazon Bedrock AgentCore

9 hours ago
Comprehensive observability for Amazon SageMaker AI LLM inference: From GPU utilization to LLM quality

Comprehensive observability for Amazon SageMaker AI LLM inference: From GPU utilization to LLM quality

3 days ago

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button