# Masking Sensitive Data in the Bedrock AgentCore Gateway tools output

## Overview

This tutorial demonstrates how to implement Fine-Grained Access Control (FGAC) using custom Lambda interceptors for AgentCore Gateway's semantic search functionality. The interceptor allows you to control access to specific tools and operations based on permissions defined in custom scopes.

Custom Lambda interceptors provide a powerful mechanism to:

* **Implement Fine-Grained Access Control**: Control access to specific tools, operations, or data based on user identity, roles, or custom business logic
* **Add Custom Authorization Logic**: Implement complex authorization rules that go beyond standard OAuth/JWT token validation
* **Audit and Logging**: Track tool usage, log access attempts, and maintain compliance records
* **Request/Response Transformation**: Modify requests before they reach targets or transform responses before returning to clients
* **Rate Limiting and Throttling**: Implement custom rate limiting logic based on user, tool, or other criteria

The interceptor operates at the gateway level, intercepting requests before they reach the targets and responses before they return to clients. This allows for centralized policy enforcement across all gateway targets.

### Tutorial Details

| Information          | Details                                                   |
|:---------------------|:----------------------------------------------------------|
| Tutorial type        | Interactive                                               |
| AgentCore components | AgentCore Gateway, Custom Lambda Interceptor              |
| Gateway Target type  | MCP Server                                                |
| Interceptor type     | AWS Lambda function                                       |
| Inbound Auth IdP     | Amazon Cognito                                            |                      
| Tutorial components  | Gateway with Lambda Interceptors,Masking Sensitive Data  |
| Tutorial vertical    | Cross-vertical                                            |
| Example complexity   | Easy                                                      |
| SDK used             | boto3                                                     |

## Prerequisites

To execute this tutorial you will need:
* Jupyter notebook (Python kernel)
* AWS credentials with permissions for Lambda, IAM, Cognito, and AgentCore services
* Python 3.8 or higher
* Basic understanding of AWS Lambda and IAM roles

## Architecture

```
Client ‚Üí Gateway ‚Üí Tools -> Lambda Interceptor (modifies response) -> Gateway -> Client
```

---

## Setting up Custom Boto3 library

Deploy the complete system from scratch.

## Import Required Libraries

In [1]:
import boto3
import json
import time
import zipfile
import io
from pathlib import Path
from datetime import datetime
from botocore.exceptions import ClientError

print("‚úì Libraries imported")

# Generate unique identifier for this deployment
DEPLOYMENT_ID = datetime.now().strftime('%Y%m%d-%H%M%S')
print(f"\nDeployment ID: {DEPLOYMENT_ID}")

‚úì Libraries imported

Deployment ID: 20251122-172350


## Setting up Required Variables

In [2]:
# Configuration

LAMBDA_REGION = "us-east-1"  
LAMBDA_FUNCTION_NAME = f"interceptor-lambda-{DEPLOYMENT_ID}"
LAMBDA_ROLE_NAME = f"interceptor-lambda-role-{DEPLOYMENT_ID}"
GATEWAY_NAME = f"interceptor-gateway-{DEPLOYMENT_ID}"

print("Configuration:")
print(f"  Lambda Function: {LAMBDA_FUNCTION_NAME}")
print(f"  Lambda Role: {LAMBDA_ROLE_NAME}")
print(f"  Gateway Name: {GATEWAY_NAME}")
print(f"  Region: {LAMBDA_REGION}")


Configuration:
  Lambda Function: interceptor-lambda-20251122-172350
  Lambda Role: interceptor-lambda-role-20251122-172350
  Gateway Name: interceptor-gateway-20251122-172350
  Region: us-east-1


## Create IAM Role for Lambda

In [3]:
# Create IAM role for Lambda
print("Creating IAM role...")

iam_client = boto3.client('iam')

# Trust policy for Lambda
trust_policy = {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {"Service": "lambda.amazonaws.com"},
            "Action": "sts:AssumeRole"
        }
    ]
}

try:
    role_response = iam_client.create_role(
        RoleName=LAMBDA_ROLE_NAME,
        AssumeRolePolicyDocument=json.dumps(trust_policy),
        Description='Role for AgentCore Lambda Interceptor'
    )
    
    LAMBDA_ROLE_ARN = role_response['Role']['Arn']
    print(f"‚úì IAM Role created: {LAMBDA_ROLE_NAME}")
    print(f"  ARN: {LAMBDA_ROLE_ARN}")
    
except ClientError as e:
    if e.response['Error']['Code'] == 'EntityAlreadyExists':
        print(f"‚ö† Role already exists: {LAMBDA_ROLE_NAME}")
        role_response = iam_client.get_role(RoleName=LAMBDA_ROLE_NAME)
        LAMBDA_ROLE_ARN = role_response['Role']['Arn']
        print(f"  ARN: {LAMBDA_ROLE_ARN}")
    else:
        raise

# Attach basic Lambda execution policy
print("  Attaching Lambda execution policy...")
iam_client.attach_role_policy(
    RoleName=LAMBDA_ROLE_NAME,
    PolicyArn='arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole'
)

# Wait for role to propagate
print("  Waiting for IAM role to propagate...")
time.sleep(10)
print("  ‚úì IAM role ready")

Creating IAM role...
‚úì IAM Role created: interceptor-lambda-role-20251122-172350
  ARN: arn:aws:iam::588717141866:role/interceptor-lambda-role-20251122-172350
  Attaching Lambda execution policy...
  Waiting for IAM role to propagate...
  ‚úì IAM role ready


## Creating Lambda Deployment Zip File

In [4]:
# Verify Lambda code uses correct format
print("Verifying Lambda interceptor code...")

lambda_code_path = Path('src/lambda/lambda_function.py')

if not lambda_code_path.exists():
    print(f"‚úó Lambda code not found: {lambda_code_path}")
    raise FileNotFoundError(f"Missing {lambda_code_path}")

with open(lambda_code_path, 'r') as f:
    lambda_code = f.read()

# Create deployment package
print("Creating deployment package...")
zip_buffer = io.BytesIO()
with zipfile.ZipFile(zip_buffer, 'w', zipfile.ZIP_DEFLATED) as zip_file:
    zip_file.writestr('lambda_function.py', lambda_code)

zip_buffer.seek(0)
deployment_package = zip_buffer.read()
print(f"‚úì Package size: {len(deployment_package)} bytes")

Verifying Lambda interceptor code...
Creating deployment package...
‚úì Package size: 2072 bytes


## Creating Lambda Response Interpretor

In [5]:
# Create Lambda function
print("Creating Lambda function...")

lambda_client = boto3.client('lambda', region_name=LAMBDA_REGION)

try:
    response = lambda_client.create_function(
        FunctionName=LAMBDA_FUNCTION_NAME,
        Runtime='python3.13',
        Role=LAMBDA_ROLE_ARN,
        Handler='lambda_function.lambda_handler',
        Code={'ZipFile': deployment_package},
        Description='AgentCore Response Lambda Interceptor to mask sensitive data ',
        Timeout=30,
        MemorySize=256
    )
    
    LAMBDA_ARN = response['FunctionArn']
    print(f"‚úì Lambda created: {LAMBDA_FUNCTION_NAME}")
    print(f"  ARN: {LAMBDA_ARN}")
    print(f"  Runtime: {response['Runtime']}")
    print(f"  Memory: {response['MemorySize']} MB")
    
except ClientError as e:
    if e.response['Error']['Code'] == 'ResourceConflictException':
        print(f"‚ö† Lambda already exists: {LAMBDA_FUNCTION_NAME}")
        response = lambda_client.get_function(FunctionName=LAMBDA_FUNCTION_NAME)
        LAMBDA_ARN = response['Configuration']['FunctionArn']
        print(f"  ARN: {LAMBDA_ARN}")
    else:
        raise

Creating Lambda function...
‚úì Lambda created: interceptor-lambda-20251122-172350
  ARN: arn:aws:lambda:us-east-1:588717141866:function:interceptor-lambda-20251122-172350
  Runtime: python3.13
  Memory: 256 MB


## Granting Gateway permission to invoke the interceptor Lambda

In [6]:
# Grant Gateway permission to invoke the interceptor Lambda
print("\nüîê Granting Gateway permission to invoke Lambda...")

# Get AWS account ID
sts_client = boto3.client('sts')
ACCOUNT_ID = sts_client.get_caller_identity()['Account']

try:
    lambda_client.add_permission(
        FunctionName=LAMBDA_FUNCTION_NAME,
        StatementId='AllowGatewayInvoke',
        Action='lambda:InvokeFunction',
        Principal='bedrock-agentcore.amazonaws.com',
        SourceArn=f'arn:aws:bedrock-agentcore:{LAMBDA_REGION}:{ACCOUNT_ID}:gateway/*'
    )
    print(f"‚úì Gateway invoke permission added to Lambda")
    print(f"  Principal: bedrock-agentcore.amazonaws.com")
    print(f"  Source: arn:aws:bedrock-agentcore:{LAMBDA_REGION}:{ACCOUNT_ID}:gateway/*")
    
except ClientError as e:
    if e.response['Error']['Code'] == 'ResourceConflictException':
        print(f"‚ö† Permission already exists (this is fine)")
    else:
        print(f"‚ö† Error adding permission: {e}")
        raise



üîê Granting Gateway permission to invoke Lambda...
‚úì Gateway invoke permission added to Lambda
  Principal: bedrock-agentcore.amazonaws.com
  Source: arn:aws:bedrock-agentcore:us-east-1:588717141866:gateway/*


## Creating Cognito User Pool for Inbound Authentication

In [7]:
# Create Cognito User Pool and Client for Gateway authentication
print("Creating Cognito User Pool and Client...")

cognito_client = boto3.client('cognito-idp', region_name='us-east-1')

# Create User Pool
USER_POOL_NAME = f"gateway-pool-{DEPLOYMENT_ID}"

try:
    pool_response = cognito_client.create_user_pool(
        PoolName=USER_POOL_NAME,
        Policies={'PasswordPolicy': {
            'MinimumLength': 8,
            'RequireUppercase': False,
            'RequireLowercase': False,
            'RequireNumbers': False,
            'RequireSymbols': False
        }}
    )
    
    USER_POOL_ID = pool_response['UserPool']['Id']
    print(f"‚úì User Pool created: {USER_POOL_NAME}")
    print(f"  Pool ID: {USER_POOL_ID}")
    
except ClientError as e:
    print(f"‚ö† Error creating user pool: {e}")
    raise

# Create User Pool Domain (required for OAuth)
POOL_DOMAIN = f"interceptor-{DEPLOYMENT_ID.replace('_', '-').lower()}"

try:
    cognito_client.create_user_pool_domain(Domain=POOL_DOMAIN, UserPoolId=USER_POOL_ID)
    print(f"‚úì User Pool Domain created: {POOL_DOMAIN}")
except ClientError as e:
    if 'Domain already exists' in str(e):
        print(f"‚ö† Domain already exists: {POOL_DOMAIN}")
    else:
        print(f"‚ö† Error creating domain: {e}")

# Create Resource Server with custom scope
try:
    cognito_client.create_resource_server(
        UserPoolId=USER_POOL_ID,
        Identifier='gateway',
        Name='Gateway Resource Server',
        Scopes=[{'ScopeName': 'tools', 'ScopeDescription': 'Access to gateway tools'}]
    )
    print(f"‚úì Resource Server created with scope: gateway/tools")
except ClientError as e:
    print(f"‚ö† Resource server error: {e}")

# Wait for resource server
print("  Waiting for resource server to propagate...")
time.sleep(3)

# Create User Pool Client with client credentials flow
CLIENT_NAME = f"gateway-client-{DEPLOYMENT_ID}"

try:
    client_response = cognito_client.create_user_pool_client(
        UserPoolId=USER_POOL_ID,
        ClientName=CLIENT_NAME,
        GenerateSecret=True,
        ExplicitAuthFlows=[],
        AllowedOAuthFlows=['client_credentials'],
        AllowedOAuthScopes=['gateway/tools'],
        AllowedOAuthFlowsUserPoolClient=True,
        SupportedIdentityProviders=[]
    )
    
    CLIENT_ID = client_response['UserPoolClient']['ClientId']
    CLIENT_SECRET = client_response['UserPoolClient']['ClientSecret']
    
    print(f"‚úì User Pool Client created: {CLIENT_NAME}")
    print(f"  Client ID: {CLIENT_ID}")
    print(f"  Client Secret: {CLIENT_SECRET[:20]}...")
    
    # Construct OAuth URLs
    COGNITO_DOMAIN = f"https://{POOL_DOMAIN}.auth.us-east-1.amazoncognito.com"
    DISCOVERY_URL = f"https://cognito-idp.us-east-1.amazonaws.com/{USER_POOL_ID}/.well-known/openid-configuration"
    TOKEN_URL = f"{COGNITO_DOMAIN}/oauth2/token"
    
    print(f"\n‚úì OAuth Configuration:")
    print(f"  Discovery URL: {DISCOVERY_URL}")
    print(f"  Token URL: {TOKEN_URL}")
    print(f"  Scope: gateway/tools")
    
except ClientError as e:
    print(f"‚úó Error creating client: {e}")
    raise

Creating Cognito User Pool and Client...
‚úì User Pool created: gateway-pool-20251122-172350
  Pool ID: us-east-1_mvcbtJlrJ
‚úì User Pool Domain created: interceptor-20251122-172350
‚úì Resource Server created with scope: gateway/tools
  Waiting for resource server to propagate...
‚úì User Pool Client created: gateway-client-20251122-172350
  Client ID: 62evd4fvfnee9qnemik453imbb
  Client Secret: rrghne3aru44k4dvsqdc...

‚úì OAuth Configuration:
  Discovery URL: https://cognito-idp.us-east-1.amazonaws.com/us-east-1_mvcbtJlrJ/.well-known/openid-configuration
  Token URL: https://interceptor-20251122-172350.auth.us-east-1.amazoncognito.com/oauth2/token
  Scope: gateway/tools


## Creating Gateway Client using Boto3

In [8]:
# Initialize Boto3 client for bedrock-agentcore-control
print("Initializing Boto3 Gateway client...")

gateway_client = boto3.client('bedrock-agentcore-control', region_name=LAMBDA_REGION)

print(f"‚úì Gateway client initialized for region: {LAMBDA_REGION}")

Initializing Boto3 Gateway client...
‚úì Gateway client initialized for region: us-east-1


## Creating AgentCore Gateway with Lambda Response Interpretor

In [9]:
# Create Gateway with Lambda interceptor using signed HTTP requests
print("Creating Gateway with Lambda RESPONSE interceptor...")

# First, create an IAM role for the Gateway
iam_client = boto3.client('iam')

gateway_trust_policy = {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "Service": "bedrock-agentcore.amazonaws.com"
            },
            "Action": "sts:AssumeRole"
        }
    ]
}

GATEWAY_ROLE_NAME = f"gateway-role-{DEPLOYMENT_ID}"

try:
    gateway_role_response = iam_client.create_role(
        RoleName=GATEWAY_ROLE_NAME,
        AssumeRolePolicyDocument=json.dumps(gateway_trust_policy),
        Description='IAM role for Bedrock AgentCore Gateway'
    )
    
    GATEWAY_ROLE_ARN = gateway_role_response['Role']['Arn']
    print(f"‚úì Gateway IAM role created: {GATEWAY_ROLE_NAME}")
    print(f"  ARN: {GATEWAY_ROLE_ARN}")
    
except ClientError as e:
    if e.response['Error']['Code'] == 'EntityAlreadyExists':
        print(f"‚ö† Role already exists: {GATEWAY_ROLE_NAME}")
        gateway_role_response = iam_client.get_role(RoleName=GATEWAY_ROLE_NAME)
        GATEWAY_ROLE_ARN = gateway_role_response['Role']['Arn']
        print(f"  ARN: {GATEWAY_ROLE_ARN}")
    else:
        raise

# Attach necessary policies to the Gateway role
print("  Attaching policies to Gateway role...")
try:
    # Attach Lambda invoke policy
    lambda_policy = {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Effect": "Allow",
                "Action": "lambda:InvokeFunction",
                "Resource": "*"
            }
        ]
    }
    
    iam_client.put_role_policy(
        RoleName=GATEWAY_ROLE_NAME,
        PolicyName='LambdaInvokePolicy',
        PolicyDocument=json.dumps(lambda_policy)
    )
    print("  ‚úì Lambda invoke policy attached")
except Exception as e:
    print(f"  ‚ö† Policy attach error: {e}")

# Wait for Gateway role to propagate
print("  Waiting for Gateway role to propagate...")
time.sleep(10)

# Create Gateway using signed HTTP request with interceptor configuration
print(f"\n  Creating Gateway with signed HTTP request and RESPONSE interceptor:")
print(f"    Name: {GATEWAY_NAME}")
print(f"    Protocol: MCP")
print(f"    Auth: CUSTOM_JWT (Cognito)")
print(f"    Interceptor: {LAMBDA_ARN}")

gateway_control_plane_url = f"https://bedrock-agentcore-control.{LAMBDA_REGION}.amazonaws.com/gateways"

# Prepare gateway payload with interceptor configuration
gateway_payload = {
    "name": GATEWAY_NAME,
    "protocolType": "MCP",
    "protocolConfiguration": {
        "mcp": {
            "supportedVersions": ["2025-03-26"]
        }
    },
    # ‚≠ê Interceptor configuration for tool filtering
    "interceptorConfigurations": [{
        "interceptor": {
            "lambda": {
                "arn": LAMBDA_ARN
            }
        },
        "interceptionPoints": ["RESPONSE"],  # Intercept responses to filter tools
        "inputConfiguration": {
            "passRequestHeaders": True  # Pass Agent-ID header to interceptor
        }
    }],
    "authorizerType": "CUSTOM_JWT",
    "authorizerConfiguration": {
        "customJWTAuthorizer": {
            "discoveryUrl": DISCOVERY_URL,
            "allowedClients": [CLIENT_ID]
        }
    },
    "roleArn": GATEWAY_ROLE_ARN
}

try:
    print(f"\n Creating gateway using {gateway_control_plane_url}")

    gateway_response = gateway_client.create_gateway(
    name=GATEWAY_NAME,
    protocolType="MCP",
    protocolConfiguration={
        "mcp": {
            "supportedVersions": ["2025-03-26"]
        }
    },

    interceptorConfigurations=[
        {
            "interceptor": {
                "lambda": {
                    "arn": LAMBDA_ARN
                }
            },
            "interceptionPoints": ["RESPONSE"],  # Intercept responses to filter tools
            "inputConfiguration": {
                "passRequestHeaders": True  # Pass Agent-ID header to interceptor
            }
        }
    ],

    authorizerType="CUSTOM_JWT",
    authorizerConfiguration={
        "customJWTAuthorizer": {
            "discoveryUrl": DISCOVERY_URL,
            "allowedClients": [CLIENT_ID]
        }
    },

    roleArn=GATEWAY_ROLE_ARN
)
    status_code = gateway_response.get("ResponseMetadata", {}).get("HTTPStatusCode")
    if status_code not in [200, 202]:
        print(f"\n‚úó Failed to create Gateway: {status_code}")
        print(f"  Response: {gateway_response.text}")
        raise Exception(f"Gateway creation failed: {gateway_response.text}")
    
    # gateway_data = gateway_response.json()
    GATEWAY_ID = gateway_response.get('gatewayId')
    
    print(f"\n‚úì Gateway created successfully with RESPONSE interceptor")
    print(f"  ID: {GATEWAY_ID}")
    print(f"  Status: {gateway_response.get('status', 'CREATING')}")
    print(f"  Interceptor Lambda: {LAMBDA_ARN}")
    print(f"  Interception Point: RESPONSE (filters tools after aggregation)")
    
    # Verify interceptor configuration in response
    if 'interceptorConfigurations' in gateway_response and gateway_response['interceptorConfigurations']:
        print(f"  ‚úì Interceptor configuration confirmed in response!")
        print(f"    Interceptors: {len(gateway_response['interceptorConfigurations'])}")
    else:
        print(f"  ‚ö† Warning: No interceptor configuration in response")
    
except Exception as e:
    print(f"\n‚úó Failed to create Gateway: {e}")
    raise


Creating Gateway with Lambda RESPONSE interceptor...
‚úì Gateway IAM role created: gateway-role-20251122-172350
  ARN: arn:aws:iam::588717141866:role/gateway-role-20251122-172350
  Attaching policies to Gateway role...
  ‚úì Lambda invoke policy attached
  Waiting for Gateway role to propagate...

  Creating Gateway with signed HTTP request and RESPONSE interceptor:
    Name: interceptor-gateway-20251122-172350
    Protocol: MCP
    Auth: CUSTOM_JWT (Cognito)
    Interceptor: arn:aws:lambda:us-east-1:588717141866:function:interceptor-lambda-20251122-172350

 Creating gateway using https://bedrock-agentcore-control.us-east-1.amazonaws.com/gateways

‚úì Gateway created successfully with RESPONSE interceptor
  ID: interceptor-gateway-20251122-172350-gjiabgcdpv
  Status: CREATING
  Interceptor Lambda: arn:aws:lambda:us-east-1:588717141866:function:interceptor-lambda-20251122-172350
  Interception Point: RESPONSE (filters tools after aggregation)
  ‚úì Interceptor configuration confirmed in

## Waiting for the Gateway to be ready

In [10]:
# Wait for Gateway to be ready using signed requests
print("\nWaiting for Gateway to be ready...")

# get_gateway_url = f"{gateway_control_plane_url}/{GATEWAY_ID}"

max_attempts = 30
for attempt in range(max_attempts):
    try:
        response = gateway_client.get_gateway(gatewayIdentifier=GATEWAY_ID)
        status_code = response.get("ResponseMetadata", {}).get("HTTPStatusCode")

        if status_code == 200:
            # gateway_info = response.json()
            status = response.get('status', 'UNKNOWN')
            
            print(f"  [{attempt + 1}/{max_attempts}] Status: {status}")
            
            if status == 'READY':
                GATEWAY_URL = response.get('gatewayUrl')
                print(f"\n‚úì Gateway is ready!")
                print(f"  URL: {GATEWAY_URL}")
                
                # Show interceptor configuration
                if 'interceptorConfigurations' in response:
                    interceptor_configs = response['interceptorConfigurations']
                    print(f"\n  Interceptor Configuration:")
                    for idx, config in enumerate(interceptor_configs):
                        print(f"    [{idx}] Interception Points: {config.get('interceptionPoints', [])}")
                        print(f"    [{idx}] Lambda ARN: {config.get('interceptor', {}).get('lambda', {}).get('arn', 'N/A')}")
                        print(f"    [{idx}] Pass Headers: {config.get('inputConfiguration', {}).get('passRequestHeaders', False)}")
                break
            elif status == 'FAILED':
                print(f"\n‚úó Gateway creation failed")
                print(f"  Details: {response}")
                raise Exception("Gateway failed")
        else:
            print(f"  [{attempt + 1}/{max_attempts}] HTTP Error: {response.status_code}")
    except Exception as e:
        print(f"  [{attempt + 1}/{max_attempts}] Error: {e}")
    
    time.sleep(10)
else:
    print(f"\n‚ö† Timeout waiting for Gateway")
    raise Exception("Gateway timeout")



Waiting for Gateway to be ready...
  [1/30] Status: READY

‚úì Gateway is ready!
  URL: https://interceptor-gateway-20251122-172350-gjiabgcdpv.gateway.bedrock-agentcore.us-east-1.amazonaws.com/mcp

  Interceptor Configuration:
    [0] Interception Points: ['RESPONSE']
    [0] Lambda ARN: arn:aws:lambda:us-east-1:588717141866:function:interceptor-lambda-20251122-172350
    [0] Pass Headers: True


## Verifying Interceptor Configuration on Gateway

In [11]:
# ‚≠ê CRITICAL: Verify interceptor configuration is actually stored
print("\nüîç Verifying interceptor configuration on Gateway...")
print("-" * 60)

if 'interceptorConfigurations' not in response:
    print("\n‚ùå ERROR: Gateway does NOT have interceptor configured!")
    print("The interceptorConfigurations parameter was not accepted.")
    print("\nGateway Info:")
    print(json.dumps(response, indent=2, default=str))
    raise Exception("Interceptor not configured on Gateway - this explains why filtering isn't working!")

# If we get here, interceptor IS configured
interceptor_configs = response['interceptorConfigurations']
print(f"‚úì Interceptor configuration found!")
print(f"  Number of interceptors: {len(interceptor_configs)}")

for idx, config in enumerate(interceptor_configs):
    print(f"\n  Interceptor [{idx}]:")
    print(f"    Interception Points: {config.get('interceptionPoints', [])}")
    print(f"    Lambda ARN: {config.get('interceptor', {}).get('lambda', {}).get('arn', 'N/A')}")
    print(f"    Pass Headers: {config.get('inputConfiguration', {}).get('passRequestHeaders', False)}")
    
    # Verify it matches what we configured
    configured_arn = config.get('interceptor', {}).get('lambda', {}).get('arn', '')
    if configured_arn == LAMBDA_ARN:
        print(f"    ‚úì Lambda ARN matches our interceptor")
    else:
        print(f"    ‚ö† Lambda ARN mismatch!")
        print(f"      Expected: {LAMBDA_ARN}")
        print(f"      Got: {configured_arn}")
    
    # Verify passRequestHeaders is enabled
    pass_headers = config.get('inputConfiguration', {}).get('passRequestHeaders', False)
    if pass_headers:
        print(f"    ‚úì Request headers will be passed to interceptor")
    else:
        print(f"    ‚ö† WARNING: passRequestHeaders is FALSE - Agent-ID won't be passed!")

print("\n" + "-" * 60)
print("‚úÖ Interceptor configuration verification complete")



üîç Verifying interceptor configuration on Gateway...
------------------------------------------------------------
‚úì Interceptor configuration found!
  Number of interceptors: 1

  Interceptor [0]:
    Interception Points: ['RESPONSE']
    Lambda ARN: arn:aws:lambda:us-east-1:588717141866:function:interceptor-lambda-20251122-172350
    Pass Headers: True
    ‚úì Lambda ARN matches our interceptor
    ‚úì Request headers will be passed to interceptor

------------------------------------------------------------
‚úÖ Interceptor configuration verification complete


## Register Sample Tools with Gateway

In [None]:
# Deploy real tool Lambdas and register as Gateway targets using SIGNED HTTP requests
print("="*80)
print("Deploying Real Tool Lambdas and Registering with Gateway")
print("="*80)

import sys
import importlib

# Step 1: Deploy tool Lambda functions
print("\nüì¶ Step 1: Deploying tool Lambda functions...")
print("-" * 60)

# Import tool modules with RELOAD to get latest changes
sys.path.insert(0, str(Path.cwd()))

# Force reload modules to get updated TOOL_DEFINITION (without enum)
from src.tools import customer_data_tool

# Reload all modules to ensure we get the latest TOOL_DEFINITION
customer_data_tool = importlib.reload(customer_data_tool)

print("‚úì Tool modules reloaded with updated schemas")

# Create IAM role for tool Lambdas
TOOL_ROLE_NAME = f"tool-lambda-role-{DEPLOYMENT_ID}"

try:
    tool_role_response = iam_client.create_role(
        RoleName=TOOL_ROLE_NAME,
        AssumeRolePolicyDocument=json.dumps({
            "Version": "2012-10-17",
            "Statement": [{"Effect": "Allow", "Principal": {"Service": "lambda.amazonaws.com"}, "Action": "sts:AssumeRole"}]
        }),
        Description='Role for tool Lambda functions'
    )
    TOOL_ROLE_ARN = tool_role_response['Role']['Arn']
    print(f"‚úì Tool IAM role created: {TOOL_ROLE_NAME}")
    
    # Attach basic execution policy
    iam_client.attach_role_policy(
        RoleName=TOOL_ROLE_NAME,
        PolicyArn='arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole'
    )
    time.sleep(15)  # Wait for role to propagate
    
except ClientError as e:
    if e.response['Error']['Code'] == 'EntityAlreadyExists':
        tool_role_response = iam_client.get_role(RoleName=TOOL_ROLE_NAME)
        TOOL_ROLE_ARN = tool_role_response['Role']['Arn']
        print(f"‚ö† Tool role already exists: {TOOL_ROLE_NAME}")
    else:
        raise

# Additional wait to ensure IAM is fully propagated
print("‚è≥ Waiting 15 seconds for IAM role propagation...")
time.sleep(15)
print("‚úì IAM role should be ready")

# Deploy each tool Lambda
tools_to_deploy = [
    ('customer_data_tool', customer_data_tool),
]

deployed_tools = []

for tool_name, tool_module in tools_to_deploy:
    print(f"\n  Deploying {tool_name}...")
    
    # Create ZIP
    tool_code_path = Path(tool_module.__file__)
    with open(tool_code_path, 'r') as f:
        tool_code = f.read()
    
    zip_buf = io.BytesIO()
    with zipfile.ZipFile(zip_buf, 'w', zipfile.ZIP_DEFLATED) as zf:
        zf.writestr('lambda_function.py', tool_code)
    zip_buf.seek(0)
    
    function_name = f"{tool_name.replace('_', '-')}-{DEPLOYMENT_ID}"
    
    try:
        response = lambda_client.create_function(
            FunctionName=function_name,
            Runtime='python3.9',
            Role=TOOL_ROLE_ARN,
            Handler='lambda_function.lambda_handler',
            Code={'ZipFile': zip_buf.read()},
            Timeout=30,
            MemorySize=256,
            Environment={'Variables': {'TOOL_NAME': tool_name}}
        )
        lambda_arn = response['FunctionArn']
        print(f"    ‚úì Created: {function_name}")
        
    except ClientError as e:
        if e.response['Error']['Code'] == 'ResourceConflictException':
            response = lambda_client.get_function(FunctionName=function_name)
            lambda_arn = response['Configuration']['FunctionArn']
            print(f"    ‚ö† Already exists: {function_name}")
        else:
            raise
    
    # Get tool definition (now reloaded without enum)
    tool_definition = getattr(tool_module, 'TOOL_DEFINITION', {
        "name": tool_name,
        "description": f"{tool_name} function"
    })
    
    # Verify no enum in tool_definition
    tool_def_str = json.dumps(tool_definition)
    if '"enum"' in tool_def_str:
        print(f"    ‚ö† WARNING: Tool definition still contains 'enum' - module may not have reloaded!")
        print(f"    Tool definition: {tool_def_str[:200]}...")
    
    deployed_tools.append({
        'tool_name': tool_name,
        'function_name': function_name,
        'lambda_arn': lambda_arn,
        'tool_definition': tool_definition
    })

print(f"\n‚úì Deployed {len(deployed_tools)} tool Lambdas")

# Step 2: Register tools as Gateway targets using SIGNED HTTP REQUESTS (for gamma endpoint)
print(f"\nüéØ Step 2: Registering tools as Gateway targets with signed HTTP requests...")
print(f"  Gateway endpoint: {gateway_control_plane_url}")
print("-" * 60)

created_targets = []

for tool in deployed_tools:
    print(f"\n  Registering {tool['tool_name']}...")
 
    try:
        # Create target using signed HTTP request

        response = gateway_client.create_gateway_target(
            gatewayIdentifier=GATEWAY_ID,
            name=f"{tool['tool_name'].replace('_', '-')}-target",
            targetConfiguration={
                "mcp": {
                    "lambda": {
                        "lambdaArn": tool["lambda_arn"],
                        "toolSchema": {
                            "inlinePayload": [
                                tool["tool_definition"]
                            ]
                        }
                    }
                }
            },
            credentialProviderConfigurations=[
                {
                    "credentialProviderType": "GATEWAY_IAM_ROLE"
                }
            ]
        )

        status_code = response.get("ResponseMetadata", {}).get("HTTPStatusCode")
        if status_code not in [200, 202]:
            print(f"    ‚úó Failed to create target: {response.status_code}")
            print(f"    Response: {response.text}")
            continue
        
        # target_data = response.json()
        target_id = response['targetId']
        print(f"    ‚úì Target created: {target_id}")
        
        # Wait for target to be READY using signed requests
        print(f"    Waiting for target to be READY...")
        
        for attempt in range(18):  # 3 minutes max
            try:
                response = gateway_client.get_gateway_target(gatewayIdentifier=GATEWAY_ID, targetId=target_id)
                status_code = response.get("ResponseMetadata", {}).get("HTTPStatusCode")

                
                if status_code == 200:
                    # status_data = status_response.json()
                    status = response.get('status', 'UNKNOWN')
                    
                    if status == 'READY':
                        print(f"    ‚úì Target is READY")
                        created_targets.append({
                            'tool_name': tool['tool_name'],
                            'target_id': target_id,
                            'lambda_arn': tool['lambda_arn'],
                            'status': 'READY'
                        })
                        break
                    elif status == 'FAILED':
                        print(f"    ‚úó Target FAILED")
                        print(f"    Failure details: {json.dumps(status_data, indent=6, default=str)}")
                        break
                else:
                    print(f"    Status check error: HTTP {status_response.status_code}")
                
            except Exception as e:
                print(f"    Status check error: {e}")
            
            time.sleep(10)
            
    except Exception as e:
        print(f"    ‚úó Failed to create target: {e}")

# Summary
print(f"\n{'='*80}")
print(f"Summary:")
print(f"  ‚Ä¢ Tool Lambdas deployed: {len(deployed_tools)}")
print(f"  ‚Ä¢ Gateway targets created: {len(created_targets)}")
print(f"{'='*80}\n")

for target in created_targets:
    print(f"  ‚úì {target['tool_name']}: {target['target_id']} ({target['status']})")

if len(created_targets) < len(deployed_tools):
    print(f"\n‚ö† Warning: Not all targets were created successfully")
    print(f"  Some tools may not be available through the Gateway")
else:
    print(f"\n‚úÖ All tools are registered and ready!")

# Store for cleanup
DEPLOYED_TOOL_FUNCTIONS = [t['function_name'] for t in deployed_tools]
CREATED_TARGET_IDS = [t['target_id'] for t in created_targets]


Deploying Real Tool Lambdas and Registering with Gateway

üì¶ Step 1: Deploying tool Lambda functions...
------------------------------------------------------------
‚úì Tool modules reloaded with updated schemas
‚úì Tool IAM role created: tool-lambda-role-20251122-172350
‚è≥ Waiting 15 seconds for IAM role propagation...
‚úì IAM role should be ready

  Deploying weather_tool...
    ‚úì Created: weather-tool-20251122-172350

  Deploying database_query_tool...
    ‚úì Created: database-query-tool-20251122-172350

  Deploying calculation_tool...
    ‚úì Created: calculation-tool-20251122-172350

  Deploying search_tool...
    ‚úì Created: search-tool-20251122-172350

  Deploying file_handler_tool...
    ‚úì Created: file-handler-tool-20251122-172350

  Deploying customer_data_tool...
    ‚úì Created: customer-data-tool-20251122-172350

‚úì Deployed 6 tool Lambdas

üéØ Step 2: Registering tools as Gateway targets with signed HTTP requests...
  Gateway endpoint: https://bedrock-agentcore

In [13]:
tool['tool_name']

'customer_data_tool'

In [14]:
!pip install requests

Looking in indexes: https://pypi.org/simple, https://plugin.us-east-1.prod.workshops.aws

[1m[[0m[34;49mnotice[0m[1;39;49m][0m[39;49m A new release of pip is available: [0m[31;49m25.2[0m[39;49m -> [0m[32;49m25.3[0m
[1m[[0m[34;49mnotice[0m[1;39;49m][0m[39;49m To update, run: [0m[32;49mpip install --upgrade pip[0m


In [17]:
# Helper function to invoke a specific tool through Gateway with REAL OAuth token
def invoke_tool_through_gateway(gateway_url, tool_name, arguments):
    """Make real MCP request to Gateway to invoke a specific tool with real OAuth token from Cognito."""
    import requests as req

    gateway_target_name = "customer-data-tool-target"  # Set gateway target name here
    tool_name = "customer_data_tool"

    # print(f"\nüåê Invoking tool '{tool_name}' on agent: {agent_id}")
    print(f"   Gateway URL: {gateway_url}")

    # Get REAL OAuth token from Cognito using the credentials created earlier
    print(f"   Getting real OAuth token from Cognito...")
    print(f"   Using User Pool: {USER_POOL_ID}")
    print(f"   Using Client: {CLIENT_ID}")
    print(f"   Using Client: {CLIENT_SECRET}")

    try:
        # Get token using client credentials flow
        print(f"Requesting token from: {TOKEN_URL}")

        token_response = req.post(
            TOKEN_URL,
            headers={'Content-Type': 'application/x-www-form-urlencoded'},
            data={
                'grant_type': 'client_credentials',
                'client_id': CLIENT_ID,
                'client_secret': CLIENT_SECRET,
                'scope': 'gateway/tools'
            }
        )

        if token_response.status_code == 200:
            token_data = token_response.json()
            oauth_token = token_data['access_token']
            print(oauth_token)
            print(f"   ‚úì Got real OAuth token from Cognito")
        else:
            error_msg = f"Failed to get token: {token_response.status_code} - {token_response.text}"
            print(f"   ‚úó {error_msg}")
            return None, error_msg

    except Exception as e:
        error_msg = f"Token retrieval error: {e}"
        print(f"   ‚úó {error_msg}")
        return None, error_msg

    # Default to empty arguments if none provided
    if arguments is None:
        arguments = {}

    # Construct MCP request for tools/call with tool name and inputs
    mcp_request = {
        "jsonrpc": "2.0",
        "method": "tools/call",
        "id": 1,
        "params": {
            "tool": f"{gateway_target_name}___{tool_name}",
            "inputs": arguments
        }
    }

    headers = {
        "Authorization": f"Bearer {oauth_token}",
        "Content-Type": "application/json"
    }

    try:
        gateway_url = GATEWAY_URL
        response = req.post(gateway_url, headers=headers, json=mcp_request, timeout=30)

        if response.status_code == 200:
            data = response.json()
            print(f"   ‚úì Tool '{tool_name}' invoked successfully")
            return data, None
        else:
            error = f"Status {response.status_code}: {response.text}"
            print(f"   ‚úó {error}")
            return None, error
    except Exception as e:
        error = str(e)
        print(f"   ‚úó Error: {error}")
        return None, error


In [23]:
# Call the function to invoke the tool through the gateway
arguments = {"customer_id": "CUST-12345"}
result, error = invoke_tool_through_gateway(GATEWAY_URL, tool_name, arguments)

if error:
    print(f"Error invoking tool: {error}")
else:
    print("Tool invocation response:")
    print(result)

   Gateway URL: https://interceptor-gateway-20251122-172350-gjiabgcdpv.gateway.bedrock-agentcore.us-east-1.amazonaws.com/mcp
   Getting real OAuth token from Cognito...
   Using User Pool: us-east-1_mvcbtJlrJ
   Using Client: 62evd4fvfnee9qnemik453imbb
   Using Client: rrghne3aru44k4dvsqdc4a6km74jr29p65jbe42jhp9pqaui5su
Requesting token from: https://interceptor-20251122-172350.auth.us-east-1.amazoncognito.com/oauth2/token
eyJraWQiOiI0MFpkM2FMcnRpU1VFdFo3dFBYY0xzTVNUcGRsZXY5QWRnZ3NrQ2NmOFZ3PSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiI2MmV2ZDRmdmZuZWU5cW5lbWlrNDUzaW1iYiIsInRva2VuX3VzZSI6ImFjY2VzcyIsInNjb3BlIjoiZ2F0ZXdheVwvdG9vbHMiLCJhdXRoX3RpbWUiOjE3NjM4NzQzNzYsImlzcyI6Imh0dHBzOlwvXC9jb2duaXRvLWlkcC51cy1lYXN0LTEuYW1hem9uYXdzLmNvbVwvdXMtZWFzdC0xX212Y2J0SmxySiIsImV4cCI6MTc2Mzg3Nzk3NiwiaWF0IjoxNzYzODc0Mzc2LCJ2ZXJzaW9uIjoyLCJqdGkiOiI1N2YxMzUzYi05Y2Y4LTQ2ZmItOWQyZi1hZTJiMjc0YWUyZTIiLCJjbGllbnRfaWQiOiI2MmV2ZDRmdmZuZWU5cW5lbWlrNDUzaW1iYiJ9.Jx7PtUl8KfjZsTc3sjNZtq3bx7LhBE_9SM812nXNyR9jvrxSlxgA70io8FnzjCkt

In [24]:
import requests
import json

CLIENT_ID = "62evd4fvfnee9qnemik453imbb"
CLIENT_SECRET = "rrghne3aru44k4dvsqdc4a6km74jr29p65jbe42jhp9pqaui5su"
TOKEN_URL = "https://interceptor-20251122-172350.auth.us-east-1.amazoncognito.com/oauth2/token"

def fetch_access_token(client_id, client_secret, token_url):
  response = requests.post(
    token_url,
    data="grant_type=client_credentials&client_id={client_id}&client_secret={client_secret}".format(client_id=client_id, client_secret=client_secret),
    headers={'Content-Type': 'application/x-www-form-urlencoded'}
  )

  return response.json()['access_token']

def list_tools(gateway_url, access_token):
  headers = {
      "Content-Type": "application/json",
      "Authorization": f"Bearer {access_token}"
  }

  payload = {
      "jsonrpc": "2.0",
      "id": "list-tools-request",
      "method": "tools/list"
  }

  response = requests.post(gateway_url, headers=headers, json=payload)
  return response.json()

# Example usage
gateway_url = "https://interceptor-gateway-20251122-172350-gjiabgcdpv.gateway.bedrock-agentcore.us-east-1.amazonaws.com/mcp"
access_token = fetch_access_token(CLIENT_ID, CLIENT_SECRET, TOKEN_URL)
tools = list_tools(gateway_url, access_token)
print(json.dumps(tools, indent=2))

{
  "jsonrpc": "2.0",
  "id": "list-tools-request",
  "result": {
    "tools": [
      {
        "inputSchema": {
          "type": "object",
          "properties": {
            "operand1": {
              "description": "First operand (or only operand for unary operations)",
              "type": "number"
            },
            "operand2": {
              "description": "Second operand (required for binary operations, optional for log to specify base)",
              "type": "number"
            },
            "operation": {
              "description": "The mathematical operation to perform: 'add', 'subtract', 'multiply', 'divide', 'power', 'sqrt', 'log', 'abs', or 'round'",
              "type": "string"
            }
          },
          "required": [
            "operand1",
            "operation"
          ]
        },
        "name": "calculation-tool-target___calculation_tool",
        "description": "Perform mathematical calculations. Supports: add, subtract, multiply,

In [41]:
import requests
import json

CLIENT_ID = "62evd4fvfnee9qnemik453imbb"
CLIENT_SECRET = "rrghne3aru44k4dvsqdc4a6km74jr29p65jbe42jhp9pqaui5su"
TOKEN_URL = "https://interceptor-20251122-172350.auth.us-east-1.amazoncognito.com/oauth2/token"
GATEWAY_URL = "https://interceptor-gateway-20251122-172350-gjiabgcdpv.gateway.bedrock-agentcore.us-east-1.amazonaws.com/mcp"

def fetch_access_token(client_id, client_secret, token_url):
    """Fetch OAuth access token from Cognito"""
    response = requests.post(
        token_url,
        data={
            "grant_type": "client_credentials",
            "client_id": client_id,
            "client_secret": client_secret
        },
        headers={'Content-Type': 'application/x-www-form-urlencoded'}
    )
    
    if response.status_code != 200:
        raise Exception(f"Failed to fetch token: {response.text}")
        
    return response.json()['access_token']

def invoke_tool(gateway_url, access_token, tool_name, parameters):
    """Invoke a specific tool with parameters"""
    headers = {
        "Content-Type": "application/json",
        "Authorization": f"Bearer {access_token}"
    }

    payload = {
        "jsonrpc": "2.0",
        "id": tool_name,
        "method": "tools/call",
        "params": {
            "name": tool_name,
            "arguments": parameters
        }
    }

    response = requests.post(gateway_url, headers=headers, json=payload)
    
    if response.status_code != 200:
        raise Exception(f"Tool invocation failed: {response.text}")
        
    return response.json()

def main():
    try:
        # Get access token
        access_token = fetch_access_token(CLIENT_ID, CLIENT_SECRET, TOKEN_URL)
        
        # Example tool invocation
        tool_name = "customer-data-tool-target___customer_data_tool"  # Replace with actual tool name

        parameters = {
            "customer_id": "CUST-12345"
        }
        
        # Invoke the tool
        result = invoke_tool(GATEWAY_URL, access_token, tool_name, parameters)
        
        # Pretty print the result
        print(json.dumps(result, indent=2))
        
    except Exception as e:
        print(f"Error: {str(e)}")

if __name__ == "__main__":
    main()


{
  "jsonrpc": "2.0",
  "id": "customer-data-tool-target___customer_data_tool",
  "result": {
    "isError": false,
    "content": [
      {
        "type": "text",
      }
    ]
  }
}


---

# Part 3: Cleanup - Delete All Resources

‚ö†Ô∏è **WARNING: This will DELETE all resources created in Part 1!**

Only run this section if you want to clean up everything.

## Step 3.1: Delete Gateway

In [None]:
# Delete Gateway and Targets using Boto3
print("\nDeleting Gateway and targets...")

try:
    # First delete all targets
    if 'CREATED_TARGET_IDS' in globals() and CREATED_TARGET_IDS:
        print(f"  Deleting {len(CREATED_TARGET_IDS)} targets...")
        
        for target_id in CREATED_TARGET_IDS:
            try:
                gateway_client.delete_gateway_target(
                    gatewayIdentifier=GATEWAY_ID,
                    targetId=target_id
                )
                print(f"    ‚úì Target deleted: {target_id}")
            except ClientError as e:
                print(f"    ‚ö† Error deleting target {target_id}: {e}")
        
        time.sleep(5)  # Wait for targets to be deleted
    
    # Then delete Gateway
    try:
        gateway_client.delete_gateway(gatewayIdentifier=GATEWAY_ID)
        print(f"  ‚úì Gateway deleted: {GATEWAY_ID}")
    except ClientError as e:
        print(f"  ‚ö† Error deleting gateway: {e}")
        
except Exception as e:
    print(f"  ‚ö† Error during Gateway cleanup: {e}")

## Step 3.2: Delete Lambda Function

In [None]:
# Delete Lambda functions (interceptor + tools)
print("\nDeleting Lambda functions...")

# Delete interceptor Lambda
try:
    lambda_client.delete_function(FunctionName=LAMBDA_FUNCTION_NAME)
    print(f"  ‚úì Interceptor Lambda deleted: {LAMBDA_FUNCTION_NAME}")
except ClientError as e:
    if e.response['Error']['Code'] == 'ResourceNotFoundException':
        print(f"  ‚ö† Interceptor Lambda not found: {LAMBDA_FUNCTION_NAME}")
    else:
        print(f"  ‚ö† Error: {e}")

# Delete tool Lambdas
if 'DEPLOYED_TOOL_FUNCTIONS' in globals() and DEPLOYED_TOOL_FUNCTIONS:
    print(f"\n  Deleting {len(DEPLOYED_TOOL_FUNCTIONS)} tool Lambdas...")
    for function_name in DEPLOYED_TOOL_FUNCTIONS:
        try:
            lambda_client.delete_function(FunctionName=function_name)
            print(f"    ‚úì Deleted: {function_name}")
        except ClientError as e:
            if e.response['Error']['Code'] == 'ResourceNotFoundException':
                print(f"    ‚ö† Not found: {function_name}")
            else:
                print(f"    ‚ö† Error deleting {function_name}: {e}")

## Step 3.3: Delete IAM Role

In [None]:
# Delete IAM roles (Lambda interceptor, tools, Gateway)
print("\nDeleting IAM roles...")

# Delete Lambda interceptor role
try:
    print("  Deleting Lambda interceptor role...")
    
    # Detach policies
    iam_client.detach_role_policy(
        RoleName=LAMBDA_ROLE_NAME,
        PolicyArn='arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole'
    )
    
    # Delete inline policies
    iam_client.delete_role_policy(
        RoleName=LAMBDA_ROLE_NAME,
        PolicyName='DynamoDBAccess'
    )
    
    # Delete role
    iam_client.delete_role(RoleName=LAMBDA_ROLE_NAME)
    print(f"    ‚úì Lambda interceptor role deleted: {LAMBDA_ROLE_NAME}")
    
except ClientError as e:
    if e.response['Error']['Code'] == 'NoSuchEntity':
        print(f"    ‚ö† Role not found: {LAMBDA_ROLE_NAME}")
    else:
        print(f"    ‚ö† Error: {e}")

# Delete tool Lambda role
if 'TOOL_ROLE_NAME' in globals():
    try:
        print("  Deleting tool Lambda role...")
        
        # Detach policies
        iam_client.detach_role_policy(
            RoleName=TOOL_ROLE_NAME,
            PolicyArn='arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole'
        )
        
        # Delete role
        iam_client.delete_role(RoleName=TOOL_ROLE_NAME)
        print(f"    ‚úì Tool Lambda role deleted: {TOOL_ROLE_NAME}")
        
    except ClientError as e:
        if e.response['Error']['Code'] == 'NoSuchEntity':
            print(f"    ‚ö† Role not found: {TOOL_ROLE_NAME}")
        else:
            print(f"    ‚ö† Error: {e}")

# Delete Gateway role
if 'GATEWAY_ROLE_NAME' in globals():
    try:
        print("  Deleting Gateway role...")
        
        # Detach admin policy
        iam_client.detach_role_policy(
            RoleName=GATEWAY_ROLE_NAME,
            PolicyArn='arn:aws:iam::aws:policy/AdministratorAccess'
        )
        
        # Delete role
        iam_client.delete_role(RoleName=GATEWAY_ROLE_NAME)
        print(f"    ‚úì Gateway role deleted: {GATEWAY_ROLE_NAME}")
        
    except ClientError as e:
        if e.response['Error']['Code'] == 'NoSuchEntity':
            print(f"    ‚ö† Role not found: {GATEWAY_ROLE_NAME}")
        else:
            print(f"    ‚ö† Error: {e}")

---

# Summary

This notebook completed the full lifecycle:

1. ‚úÖ **Setup** - Created DynamoDB, Lambda, IAM Role, and Gateway
2. ‚úÖ **Test** - Verified tool filtering through real Gateway
3. ‚úÖ **Cleanup** - Deleted all resources

## What We Demonstrated

- **Agent-based tool filtering** using DynamoDB permissions
- **Lambda RESPONSE interceptor** that modifies Gateway responses
- **Custom header propagation** (Agent-ID) through the request chain
- **Complete resource lifecycle** management

## Next Steps

- Run again with different configurations
- Add more custom agents and tools
- Integrate with real AgentCore Runtime agents
- Monitor CloudWatch logs for debugging