Open
Conversation
cosmetic update Signed-off-by: Hardik Thakkar <68253981+HardikThakkar94@users.noreply.github.com>
Signed-off-by: Hardik Thakkar <68253981+HardikThakkar94@users.noreply.github.com>
Signed-off-by: Hardik Thakkar <68253981+HardikThakkar94@users.noreply.github.com>
Modified - Requirements.txt (added dependencies) - chatbot_app_cognito.py (added get_streamlit_url, for sagemaker access) - runtime_with_strands_and_egress_3lo.ipynb (streamlit piece for access url, cosmetic updates)
…ound Auth notebook" This reverts commit 5dded4c.
…ing Python best practices (PEP 8). The linting errors should now be resolved: - ✅ runtime.py:18:1: E402 - Fixed - ✅ runtime.py:19:1: E402 - Fixed - ✅ runtime.py:19:20: F811 - Fixed - ✅ runtime.py:25:1: E402 - Fixed
…ovements:
1. 05-Outbound_Auth_3lo notebook: Fixed credential provider name typo
2. 06-Outbound_Auth_Github notebook: Multiple improvements including:
- Updated description text for GitHub-specific use case
- Reorganized imports (moved to top of cell)
- Added boto session and region setup
- Reordered OAuth flow description
- Restructured notebook sections (removed redundant policy section, added clearer status check and invoke sections)
- Fixed credential provider name reference
Replace fake weather calls with real Google Maps Weather API. API key from AgentCore Identity is now used for actual authentication.
CLI 0.4.0 changed agentcore status --json output format, breaking ARN resolution in invoke.py and streamlit apps. Reading deployed-state.json directly works across all CLI versions. - invoke.py (09, 10, 11): read runtimeArn from deployed-state.json instead of parsing status - configure_inbound_auth.py (10, 11): read runtimeId from deployed-state.json - streamlit_app.py (09, 10, 11): same fix for resolve_agent_arn and resolve_gateway_url - Removed subprocess/re imports where no longer needed
Links pointed to samples that don't exist yet (EntraID, Okta) or were circular references.
Switch from Google Weather to OpenWeatherMap. Free tier, no billing required.
Use recursive JSON search for runtimeArn/runtimeId in deployed-state.json. Works regardless of nesting structure across CLI 0.3.x and 0.4.x.
Add optional Streamlit instructions to all 3 README files (samples 09, 10, 11).
Token field cleared on rerun because Streamlit key overrides value param. Pre-fill via session state on login instead.
MCP server is public, no OAuth needed. Remove confusing outbound auth flags and outdated JSON example from sample 10 README.
Replace fake internal API with real OpenWeatherMap call in sample 11 M2M flow. Users can reuse the same API key from sample 09.
Move project creation before credential setup so CLI commands work. Renumber steps 3-10.
- Fetch OpenWeatherMap key via @requires_api_key - M2M token + API key working together - Fix invoke.py prompt to match new tool - Tested end-to-end: real weather data returned
Add clear instructions for OpenWeatherMap key with link to sample 09 for users who skip ahead.
Add detailed instructions for creating GitHub OAuth App and Google OAuth credentials in sample 11 README. Steps taken from existing samples 05 and 06 notebooks.
Copy github_details.png from sample 06 to show the OAuth App creation form in sample 11 README.
Upstream added 09-Outbound_Auth_Self_Hosted to main. Shift our CLI samples to avoid conflict: 09 → 10-runtime-inbound-outbound-auth 10 → 11-gateway-inbound-outbound-auth 11 → 12-m2m-3lo-runtime Update all internal cross-references.
Single table with all 12 samples. Method column shows Notebook or CLI for each. No more legacy/recommended split.
Fix IDP examples type to Inbound + Outbound.
|
Check out this pull request on See visual diffs & provide feedback on Jupyter Notebooks. Powered by ReviewNB |
github-actions
bot
added
01-tutorials
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
01-tutorials/03-AgentCore-identity/12-m2m-3lo-runtime/invoke.py
Dismissed
Show dismissed
Hide dismissed
01-tutorials/03-AgentCore-identity/12-m2m-3lo-runtime/oauth2_callback_server.py
Dismissed
Show dismissed
Hide dismissed
01-tutorials/03-AgentCore-identity/12-m2m-3lo-runtime/oauth2_callback_server.py
Dismissed
Show dismissed
Hide dismissed
01-tutorials/03-AgentCore-identity/12-m2m-3lo-runtime/oauth2_callback_server.py
Dismissed
Show dismissed
Hide dismissed
01-tutorials/03-AgentCore-identity/12-m2m-3lo-runtime/oauth2_callback_server.py
Dismissed
Show dismissed
Hide dismissed
|
Latest scan for commit: Security Scan ResultsScan Metadata
SummaryScanner ResultsThe table below shows findings by scanner, with status based on severity thresholds and dependencies: Column Explanations: Severity Levels (S/C/H/M/L/I):
Other Columns:
Scanner Results:
Severity Thresholds (Thresh Column):
Threshold Source: Values in parentheses indicate where the threshold is configured:
Statistics calculation:
Detailed FindingsShow 10 actionable findingsFinding 1: SECRET-SECRET-KEYWORD
Description: Code Snippet: Finding 2: SECRET-SECRET-KEYWORD
Description: Code Snippet: Finding 3: SECRET-SECRET-KEYWORD
Description: Code Snippet: Finding 4: SECRET-SECRET-KEYWORD
Description: Code Snippet: Finding 5: SECRET-SECRET-KEYWORD
Description: Code Snippet: Finding 6: SECRET-SECRET-KEYWORD
Description: Code Snippet: Finding 7: SECRET-SECRET-KEYWORD
Description: Code Snippet: Finding 8: B307
Description: Code Snippet: Finding 9: B104
Description: Code Snippet: Finding 10: python.lang.security.audit.eval-detected.eval-detected
Description: Code Snippet: Report generated by Automated Security Helper (ASH) at 2026-04-07T20:12:18+00:00 |
- Remove unused imports (asyncio, json, subprocess, time) - Fix E402: move imports to top of file - Fix F541: remove f-prefix from strings without placeholders
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Amazon Bedrock AgentCore Samples Pull Request
Important
review readylabel to it. Only PRs withreview readywill be reviewed.Issue number:
Concise description of the PR
User experience
Checklist
If your change doesn't seem to apply, please leave them unchecked.
Acknowledgment
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of the project license.