In [10]:
import os
import boto3
import sys

# Set AWS region
os.environ['AWS_DEFAULT_REGION'] = os.environ.get('AWS_REGION', 'us-east-1')
REGION = os.environ['AWS_DEFAULT_REGION']

# # Import utils (adjust path as needed)
# # Get the directory of the current script
# if '__file__' in globals():
#     current_dir = os.path.dirname(os.path.abspath(__file__))
# else:
#     current_dir = os.getcwd()  # Fallback if __file__ is not defined (e.g., Jupyter)

# # Navigate to the directory containing utils.py (SAME LEVEL, not one level up)
# utils_dir = current_dir  # Changed from os.path.abspath(os.path.join(current_dir, '..'))

# # Add to sys.path
# sys.path.insert(0, utils_dir)

# Now you can import utils
import utils

print(f"Using AWS region: {REGION}")

Using AWS region: us-east-1


In [11]:
import os

# Check current directory
current_dir = os.getcwd()
print(f"Current directory: {current_dir}")

# List files in current directory
files = os.listdir(current_dir)
print(f"Files in current directory: {files}")

# Check if utils.py exists
utils_exists = 'utils.py' in files
print(f"utils.py exists in current directory: {utils_exists}")

Current directory: /Users/hsin-weilin/Desktop/projects/AWS_AgentCore_TechResidential/agents
Files in current directory: ['lambda_credentials.py', 'requirements.txt', '01-transform-lambda-into-mcp-tools', 'first_stage_gateway.ipynb', '01-browser-with-NovaAct', 'lambda_get_prompt_file.py', 'first_stage_agent.ipynb', '01-strands-with-bedrock-model', 'enhanced_strands_claude_with_nova.py', 'utils.py', 'lambda_credentials.zip', '.ipynb_checkpoints', 'lambda_get_prompt_file.zip']
utils.py exists in current directory: True


In [12]:
# Create IAM role that allows Gateway to invoke your Lambda functions
gateway_iam_role = utils.create_agentcore_gateway_role("techresidential-gateway-role")
gateway_role_arn = gateway_iam_role['Role']['Arn']
print(f"Gateway IAM Role ARN: {gateway_role_arn}")

AttributeError: module 'utils' has no attribute 'create_agentcore_gateway_role'

In [None]:
# Cognito configuration
USER_POOL_NAME = "techresidential-agentcore-pool"
RESOURCE_SERVER_ID = "techresidential-gateway-id"  
RESOURCE_SERVER_NAME = "techresidential-gateway-name"
CLIENT_NAME = "techresidential-gateway-client"

SCOPES = [
    {"ScopeName": "gateway:read", "ScopeDescription": "Read access"},
    {"ScopeName": "gateway:write", "ScopeDescription": "Write access"}
]

scopeString = f"{RESOURCE_SERVER_ID}/gateway:read {RESOURCE_SERVER_ID}/gateway:write"

# Initialize Cognito client
cognito = boto3.client("cognito-idp", region_name=REGION)

# Create Cognito resources
user_pool_id = utils.get_or_create_user_pool(cognito, USER_POOL_NAME)
utils.get_or_create_resource_server(cognito, user_pool_id, RESOURCE_SERVER_ID, RESOURCE_SERVER_NAME, SCOPES)
client_id, client_secret = utils.get_or_create_m2m_client(cognito, user_pool_id, CLIENT_NAME, RESOURCE_SERVER_ID)

cognito_discovery_url = f'https://cognito-idp.{REGION}.amazonaws.com/{user_pool_id}/.well-known/openid-configuration'

print(f"User Pool ID: {user_pool_id}")
print(f"Client ID: {client_id}")
print(f"Discovery URL: {cognito_discovery_url}")

In [None]:
# Initialize Gateway client
gateway_client = boto3.client('bedrock-agentcore-control', region_name=REGION)

# Configure Cognito authorizer
auth_config = {
    "customJWTAuthorizer": { 
        "allowedClients": [client_id],
        "discoveryUrl": cognito_discovery_url
    }
}

# Create the Gateway
create_response = gateway_client.create_gateway(
    name='TechResidentialGateway',
    roleArn=gateway_role_arn,
    protocolType='MCP',
    authorizerType='CUSTOM_JWT',
    authorizerConfiguration=auth_config,
    description='AgentCore Gateway for TechResidential Lambda functions'
)

gatewayID = create_response["gatewayId"]
gatewayURL = create_response["gatewayUrl"]

print(f"Gateway ID: {gatewayID}")
print(f"Gateway URL: {gatewayURL}")

In [None]:
# Replace with your actual Lambda ARN
CREDENTIALS_LAMBDA_ARN = "arn:aws:lambda:us-east-1:254599367545:function:agentcore-credential-retrieval"

credentials_target_config = {
    "mcp": {
        "lambda": {
            "lambdaArn": CREDENTIALS_LAMBDA_ARN,
            "toolSchema": {
                "inlinePayload": [
                    {
                        "name": "get_credentials",
                        "description": "Retrieve login credentials and website information for a client",
                        "inputSchema": {
                            "type": "object",
                            "properties": {
                                "client_name": {
                                    "type": "string",
                                    "description": "Name of the client (e.g., TechResidential)"
                                }
                            },
                            "required": ["client_name"]
                        }
                    }
                ]
            }
        }
    }
}

credential_config = [{"credentialProviderType": "GATEWAY_IAM_ROLE"}]

credentials_target = gateway_client.create_gateway_target(
    gatewayIdentifier=gatewayID,
    name='CredentialsRetriever',
    description='Lambda target for retrieving client credentials',
    targetConfiguration=credentials_target_config,
    credentialProviderConfigurations=credential_config
)

print("Credentials target created successfully")

In [None]:
# Replace with your actual Lambda ARN
S3_LAMBDA_ARN = "arn:aws:lambda:us-east-1:254599367545:function:agentcore-prompt-file-retrieval"

s3_target_config = {
    "mcp": {
        "lambda": {
            "lambdaArn": S3_LAMBDA_ARN,
            "toolSchema": {
                "inlinePayload": [
                    {
                        "name": "get_prompt_file",
                        "description": "Retrieve prompt file from S3 for a client",
                        "inputSchema": {
                            "type": "object",
                            "properties": {
                                "client_name": {
                                    "type": "string",
                                    "description": "Name of the client (e.g., TechResidential)"
                                }
                            },
                            "required": ["client_name"]
                        }
                    }
                ]
            }
        }
    }
}

s3_target = gateway_client.create_gateway_target(
    gatewayIdentifier=gatewayID,
    name='PromptFileRetriever',
    description='Lambda target for retrieving client prompt files from S3',
    targetConfiguration=s3_target_config,
    credentialProviderConfigurations=credential_config
)

print("S3 file retriever target created successfully")

In [None]:
import time
time.sleep(10)  # Wait for domain propagation

print("Requesting access token from Cognito...")
token_response = utils.get_token(user_pool_id, client_id, client_secret, scopeString, REGION)
token = token_response["access_token"]
print("Access token obtained successfully")

In [None]:
from strands.models import BedrockModel
from mcp.client.streamable_http import streamablehttp_client 
from strands.tools.mcp.mcp_client import MCPClient
from strands import Agent
import logging

# Configure logging
logging.getLogger("strands").setLevel(logging.INFO)
logging.basicConfig(format="%(levelname)s | %(name)s | %(message)s", handlers=[logging.StreamHandler()])

# Create MCP client
def create_streamable_http_transport():
    return streamablehttp_client(gatewayURL, headers={"Authorization": f"Bearer {token}"})

client = MCPClient(create_streamable_http_transport)

# Initialize Bedrock model
model = BedrockModel(
    model_id="us.anthropic.claude-3-7-sonnet-20250219-v1:0",
    temperature=0.7,
)

# Test the integration
with client:
    # List available tools
    tools = client.list_tools_sync()
    print(f"Available tools: {[tool.name for tool in tools]}")
    
    # Create agent with tools
    agent = Agent(model=model, tools=tools)
    
    # Test credentials retrieval
    print("\n=== Testing Credentials Retrieval ===")
    response = agent("Get the credentials for client TechResidential")
    print(response)
    
    # Test prompt file retrieval
    print("\n=== Testing Prompt File Retrieval ===")
    response = agent("Get the prompt file for client TechResidential")
    print(response)
    
    # Test direct tool calls
    print("\n=== Direct Tool Call - Credentials ===")
    result = client.call_tool_sync(
        tool_use_id="creds-call-1",
        name="CredentialsRetriever___get_credentials",
        arguments={"client_name": "TechResidential"}
    )
    print(f"Credentials result: {result['content'][0]['text']}")
    
    print("\n=== Direct Tool Call - Prompt File ===")
    result = client.call_tool_sync(
        tool_use_id="prompt-call-1", 
        name="PromptFileRetriever___get_prompt_file",
        arguments={"client_name": "TechResidential"}
    )
    print(f"Prompt file result: {result['content'][0]['text']}")