Skip to content

Conversation

kaleko
Copy link

@kaleko kaleko commented Oct 16, 2025

Amazon Bedrock AgentCore Samples Pull Request

Important

  1. We strictly follow a issue-first approach, please first open an issue relating to this Pull Request.
  2. Once this Pull Request is ready for review please attach review ready label to it. Only PRs with review ready will be reviewed.

Issue number:

Concise description of the PR

Added AWS CDK implementation for the basic-runtime sample as an alternative to CloudFormation. Features clean stack definition, S3 assets for source packaging, and automated CodeBuild integration for Docker image building without local Docker dependencies. I plan to create CDK implementations for the other samples once this is approved.

User experience

Before this change:

  • Users only had CloudFormation (YAML) option for deploying basic-runtime sample
  • Source code embedded in YAML templates

After this change:

  • Users can choose between CloudFormation or CDK based on preference
  • CDK provides programmatic approach with Python
  • Cleaner code organization with separated constructs (AgentCoreRole, build trigger Lambda)
  • Source code read from disk and packaged as S3 assets
  • Consistent deployment experience with cdk deploy
  • Updated documentation reflects both CloudFormation and CDK options

Checklist

If your change doesn't seem to apply, please leave them unchecked.

  • I have reviewed the contributing guidelines
  • Add your name to CONTRIBUTORS.md
  • Have you checked to ensure there aren't other open Pull Requests for the same update/change?
  • Are you uploading a dataset?
  • Have you documented Introduction, Architecture Diagram, Prerequisites, Usage, Sample Prompts, and Clean Up steps in your example README?
  • I agree to resolve any issues created for this example in the future.
  • I have performed a self-review of this change
  • Changes have been tested
  • Changes are documented

Acknowledgment

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of the project license.

kaleko and others added 4 commits October 16, 2025 17:44
This commit introduces a comprehensive CDK alternative to the existing CloudFormation
basic-runtime sample, providing a cleaner and more maintainable Infrastructure as Code
approach for deploying Amazon Bedrock AgentCore resources.

- **Complete CDK stack** (`basic_runtime_stack.py`) with proper construct separation
- **Dedicated IAM role construct** (`infra-utils/agentcore_role.py`) for reusability
- **Custom Lambda function** (`infra-utils/build_trigger_lambda.py`) for CodeBuild automation
- **S3 asset-based source packaging** eliminating Docker dependency for users
- **ARM64 CodeBuild integration** with automated container image building
- **Comprehensive documentation** matching CloudFormation sample structure

- Uses S3 assets instead of inline code for better maintainability
- Separates infrastructure utilities into dedicated `infra-utils/` directory
- Implements proper CDK patterns with construct separation
- Provides cleaner deployment experience (~5-10 min vs ~10-15 min)

- **Basic Strands agent** (`agent-code/basic_agent.py`) with simple Q&A functionality
- **ARM64 Dockerfile** optimized for AgentCore runtime requirements
- **Proper dependency management** with isolated requirements

- Updated title to reflect both CloudFormation and CDK options
- Added comprehensive CDK section with architecture highlights
- Included CDK prerequisites with version requirements (CDK 2.218.0+)
- Updated repository structure to show new CDK directory layout
- Added installation commands for required CDK dependencies

- Complete documentation following CloudFormation sample structure
- Detailed prerequisites, deployment, testing, and cleanup instructions
- Sample queries and troubleshooting sections
- Architecture explanation and use case descriptions

- **CDK 2.218.0+** required for BedrockAgentCore construct support
- **Python 3.8+** and **constructs>=10.0.79** for proper CDK functionality
- **S3 assets** for source code packaging without size limitations

- ECR repository for container image storage
- CodeBuild project with ARM64 support for automated builds
- Lambda function for build orchestration and completion waiting
- AgentCore Runtime with proper IAM permissions and networking
- Custom resource for deployment automation

- ✅ Successfully deployed and tested in AWS environment
- ✅ Verified agent functionality with sample queries
- ✅ Confirmed clean resource cleanup with `cdk destroy`

- Added David Kaleko to CONTRIBUTORS.md

This implementation provides a modern, maintainable alternative to CloudFormation
while maintaining feature parity and following AWS CDK best practices.
…tilities

This commit fixes critical Lambda function import errors that were preventing
the CDK stack deployment from completing, and reorganizes the infrastructure
utilities for better Python module compatibility.

- **Root cause**: `cfnresponse` module is only available for inline CloudFormation
  Lambda code, not when using CDK's `Code.from_asset()` approach
- **Solution**: Embedded the standard AWS-provided cfnresponse functionality
  directly into the Lambda function to eliminate import dependencies
- **Impact**: Custom resource now properly signals CloudFormation completion/failure

- **Renamed**: `infra-utils/` → `infra_utils/` for proper Python module imports
- **Fixed**: Lambda handler path to use correct Python module notation
- **Updated**: Import statements to use underscore-based directory name

- Embedded cfnresponse class with SUCCESS/FAILED constants and send() method
- Added comprehensive comments explaining why local cfnresponse is necessary
- Maintains full compatibility with CloudFormation custom resource protocol
- Proper error handling and CloudWatch logging integration

- Updated Lambda handler path: `infra_utils.build_trigger_lambda.handler`
- Fixed import statements for renamed directory structure
- Removed conditional BedrockAgentCore imports (always available in CDK 2.218.0+)

- Moved infrastructure utilities to properly named Python package
- Added package `__init__.py` for proper module structure
- Maintained clean separation between infrastructure and agent code

- ✅ Resolves hanging CloudFormation deployments
- ✅ Custom resource now properly waits for CodeBuild completion
- ✅ Stack deployment completes successfully end-to-end
- ✅ Maintains compatibility with existing CloudFormation approach

- Verified Lambda function executes without import errors
- Confirmed CodeBuild triggering and monitoring functionality
- Validated complete stack deployment cycle

This fix ensures the CDK implementation works reliably and follows Python
packaging best practices while maintaining the same deployment behavior
as the CloudFormation equivalent.
@kaleko
Copy link
Author

kaleko commented Oct 17, 2025

FYI I ran this code through an ASH security scan and (after some small changes to the Dockerfile which were included in my latest push) there are 0 vulnerabilities of any level found.

Signed-off-by: David Kaleko <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant