Issue #400 - Enable API key usage

02-use-cases/local-prototype-to-agentcore/agentcore_app/cloud_insurance_api/deployment/deploy.sh

@@ -77,4 +77,16 @@ sam deploy \
     --capabilities CAPABILITY_IAM CAPABILITY_NAMED_IAM \
     --parameter-overrides EnvironmentType="$STAGE"
 
+# Deploy the API key and usage plan
+echo "Deploying the API key and usage plan..."
+API_ID=$(aws cloudformation list-exports \
+    --query "Exports[?Name=='InsuranceApiGatewayId-${STAGE}'].Value" \
+    --output text)
+
+sam deploy \
+    --stack-name insurance-api-key-usageplan-$STAGE \
+    --template-file post_deploy_api_key.yaml \
+    --capabilities CAPABILITY_IAM \
+    --parameter-overrides ApiId="$API_ID" StageName="$STAGE"
+
 echo "=== Deployment Complete ==="

02-use-cases/local-prototype-to-agentcore/agentcore_app/cloud_insurance_api/deployment/post_deploy_api_key.yaml

@@ -0,0 +1,56 @@
+AWSTemplateFormatVersion: '2010-09-09'
+Description: Post-deploy stack to create API Key and Usage Plan for existing SAM-managed API Gateway
+
+Parameters:
+  ApiId:
+    Type: String
+    Description: The physical ID of the API Gateway created by the SAM stack
+  StageName:
+    Type: String
+    Default: dev
+    Description: The stage of the API to attach the usage plan to
+    AllowedValues:
+      - dev
+      - test
+      - prod
+
+Resources:
+  # ------------------------
+  # API Key
+  # ------------------------
+  InsuranceApiKey:
+    Type: AWS::ApiGateway::ApiKey
+    Properties:
+      Name: !Sub "insurance-api-key-${StageName}"
+      Enabled: true
+      StageKeys:
+        - RestApiId: !Ref ApiId
+          StageName: !Ref StageName
+
+  # ------------------------
+  # Usage Plan
+  # ------------------------
+  InsuranceApiUsagePlan:
+    Type: AWS::ApiGateway::UsagePlan
+    Properties:
+      UsagePlanName: !Sub "insurance-api-usageplan-${StageName}"
+      Description: !Sub "Usage plan for insurance API (${StageName})"
+      ApiStages:
+        - ApiId: !Ref ApiId
+          Stage: !Ref StageName
+      Throttle:
+        RateLimit: 50
+        BurstLimit: 100
+      Quota:
+        Limit: 1000
+        Period: MONTH
+
+  # ------------------------
+  # Usage Plan Key
+  # ------------------------
+  InsuranceApiUsagePlanKey:
+    Type: AWS::ApiGateway::UsagePlanKey
+    Properties:
+      KeyId: !Ref InsuranceApiKey
+      KeyType: API_KEY
+      UsagePlanId: !Ref InsuranceApiUsagePlan

02-use-cases/local-prototype-to-agentcore/agentcore_app/cloud_insurance_api/deployment/template.yaml

@@ -44,6 +44,8 @@ Resources:
         AllowMethods: "'*'"
         AllowHeaders: "'Content-Type,Authorization'"
         AllowOrigin: "'*'"
+      Auth:
+        ApiKeyRequired: true
 
 Outputs:
   InsuranceApiFunction:
@@ -56,4 +58,10 @@ Outputs:
 
   InsuranceApiGatewayConsole:
     Description: API Gateway console URL
-    Value: !Sub https://console.aws.amazon.com/apigateway/home?region=${AWS::Region}#/apis/${InsuranceApiGateway}/resources
+    Value: !Sub https://console.aws.amazon.com/apigateway/home?region=${AWS::Region}#/apis/${InsuranceApiGateway}/resources
+
+  InsuranceApiGatewayId:
+    Description: API Gateway ID
+    Value: !Ref InsuranceApiGateway
+    Export:
+      Name: !Sub "InsuranceApiGatewayId-${EnvironmentType}"

02-use-cases/local-prototype-to-agentcore/agentcore_app/cloud_mcp_server/.env_example

@@ -56,7 +56,7 @@ CREDENTIAL_LOCATION=HEADER
 # CREDENTIAL_PARAMETER_NAME: The name of the header/parameter for the API key
 # For headers, common names: X-API-Key, X-Subscription-Token, Authorization
 # For query parameters: api_key, token
-CREDENTIAL_PARAMETER_NAME=X-Subscription-Token
+CREDENTIAL_PARAMETER_NAME=X-API-Key
 
 # =============================================================================
 # Output Configuration