iSharkFly-Docs/amazon-bedrock-agentcore-samples
1
0
Fork 0
mirror of synced 2026-05-22 14:43:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
amazon-bedrock-agentcore-sa…/04-infrastructure-as-code/cdk/README.md
T
Jerad 8bb4db3009 feat(cdk): reorganize CDK samples into python/ and typescript/ folders and add TypeScript CDK sample (#923) 
* feat(cdk): reorganize CDK samples into python/ and typescript/ folders

- Move existing Python CDK samples to cdk/python/
- Add TypeScript CDK samples folder with knowledge-base-rag-agent
- Update cdk/README.md with language comparison table
- Update parent README with new paths and TypeScript mention
- Add cdk/python/README.md for Python-specific guidance

🤖 Assisted by Amazon Q Developer

* docs: add Jerad Engebreth to CONTRIBUTORS.md

🤖 Assisted by Amazon Q Developer

* fix(cdk/typescript): document known vulnerabilities and fix npm workspaces build

- Add Known Dependency Vulnerabilities section to README documenting
  upstream issues in aws-amplify (fast-xml-parser, lodash)
- Add build/test scripts to Lambda layer package.json to fix npm
  workspaces build command

🤖 Assisted by Amazon Q Developer

* fix(security): add HEALTHCHECK and non-root USER to Dockerfile

- Add HEALTHCHECK instruction for container orchestration
- Create non-root appuser for security best practices
- Addresses CKV_DOCKER_2, CKV_DOCKER_3 security findings

* fix(security): address CodeQL findings for insecure randomness and HTML sanitization

- Replace Math.random() with crypto.randomBytes() for session ID generation
- Use iterative sanitization loop to handle nested/obfuscated HTML tags
- Addresses CodeQL insecure randomness and incomplete sanitization findings

* fix(security): improve HTML sanitization to address CodeQL findings

- Handle closing tags with spaces like </script >
- Add data: and vbscript: URL scheme blocking
- Use tag-based approach instead of content-matching regex
- Add more dangerous tags (form, input, button, etc.)

* remove unused import

* fix(lint): fix import ordering and remove extra blank lines

- Sort imports alphabetically (logging before os)
- Remove extra blank line in knowledge_base.py
- Consistent import grouping (stdlib, then third-party)

* fix(security): use HTML entity encoding instead of regex-based sanitization

- Replace regex-based tag stripping with HTML entity encoding
- Encode all special characters (&, <, >, ", ', /, `, =)
- This approach is CodeQL-compliant and more secure
- Regex-based HTML filtering is inherently flawed

* fix(lint): add __all__ to fix F401 unused import warnings

- Add __all__ exports to infra_utils/__init__.py files
- Explicitly declares AgentCoreRole as public API

* style: apply ruff formatting to all Python files in 04-infrastructure-as-code

- Format 32 Python files with ruff
- Includes CDK Python samples, Terraform samples, and TypeScript agent code

* refactor: rename project from bedrock-agentcore-template to knowledge-base-rag-agent

- Update package.json names for root and infrastructure packages
- Update README and docs with new project name and paths
- Update CloudWatch, SNS, KMS, and Cognito resource names
- Regenerate package-lock.json with new package names

* refactor: complete project rename to knowledge-base-rag-agent

- Update README title and all documentation headers
- Update TypeScript stack descriptions and resource names
- Update Python agent module docstrings
- Update Dockerfile header comment
- Update Lambda function package description
- Rename runtime to knowledge_base_rag_agent
- Rename memory to knowledge_base_rag_agent_memory
- Rename API to Knowledge Base RAG Agent API
- Update Secrets Manager secret name

* fix: correct Docker references and fix Lambda bundling

- Update README and docs to clarify Docker is for AgentCore Runtime container, not Lambda bundling
- Add @aws-lambda-powertools/logger dependency for Lambda function
- Add esbuild as dev dependency for NodejsFunction bundling
- Fix S3 bucket deployment to use single deployment with auto content-type detection
- Deploy config.json separately with prune:false to preserve other files

---------

Co-authored-by: Jerad Engebreth <awsjerad@amazon.com>
2026-02-05 10:32:37 -06:00

1.8 KiB
Raw Permalink Blame History

CDK Samples

Deploy Amazon Bedrock AgentCore resources using AWS CDK in Python or TypeScript.

Choose Your Language

Language Description Samples
Python Familiar syntax for Python developers, quick prototyping 4 samples
TypeScript Strong typing, rich npm ecosystem, compile-time checks 1 sample

Prerequisites

Common

  • AWS CLI configured
  • AWS CDK CLI installed: npm install -g aws-cdk
  • Access to Amazon Bedrock AgentCore

Python Samples

  • Python 3.8+
  • AWS CDK v2.218.0+

TypeScript Samples

  • Node.js 18+ and npm
  • AWS CDK v2.236.0+ (for BedrockAgentCore alpha support)
  • Docker installed and running

Samples Overview

Python Samples

Sample Description
basic-runtime Simple agent deployment
multi-agent-runtime Multi-agent system with agent-to-agent communication
mcp-server-agentcore-runtime MCP Server with JWT authentication
end-to-end-weather-agent Weather agent with tools and memory

TypeScript Samples

Sample Description
knowledge-base-rag-agent Full-stack RAG agent with Knowledge Base, OpenSearch Serverless, web interface, and Cognito authentication

CDK Advantages Over CloudFormation

  • DockerImageAsset - Automatic container building without CodeBuild
  • Construct reusability - Share and compose infrastructure patterns
  • Type safety - IDE support and compile-time error checking
  • Faster iterations - Quicker deployment times
  • Programmatic logic - Loops, conditionals, and abstractions
Reference in New Issue View Git Blame Copy Permalink