BedrockAgentCoreControl / Client / create_gateway_rule
create_gateway_rule¶
- BedrockAgentCoreControl.Client.create_gateway_rule(**kwargs)¶
Creates a rule for a gateway. Rules define conditions and actions that control how requests are routed and processed through the gateway, including principal-based access control and path-based routing.
See also: AWS API Documentation
Request Syntax
response = client.create_gateway_rule( gatewayIdentifier='string', clientToken='string', priority=123, conditions=[ { 'matchPrincipals': { 'anyOf': [ { 'iamPrincipal': { 'arn': 'string', 'operator': 'StringEquals'|'StringLike' } }, ] }, 'matchPaths': { 'anyOf': [ 'string', ] } }, ], actions=[ { 'configurationBundle': { 'staticOverride': { 'bundleArn': 'string', 'bundleVersion': 'string' }, 'weightedOverride': { 'trafficSplit': [ { 'name': 'string', 'weight': 123, 'configurationBundle': { 'bundleArn': 'string', 'bundleVersion': 'string' }, 'description': 'string', 'metadata': { 'string': 'string' } }, ] } }, 'routeToTarget': { 'staticRoute': { 'targetName': 'string' }, 'weightedRoute': { 'trafficSplit': [ { 'name': 'string', 'weight': 123, 'targetName': 'string', 'description': 'string', 'metadata': { 'string': 'string' } }, ] } } }, ], description='string' )
- Parameters:
gatewayIdentifier (string) –
[REQUIRED]
The identifier of the gateway to create a rule for.
clientToken (string) –
A unique, case-sensitive identifier to ensure that the API request completes no more than one time. If you don’t specify this field, a value is randomly generated for you. If this token matches a previous request, the service ignores the request, but doesn’t return an error. For more information, see Ensuring idempotency.
This field is autopopulated if not provided.
priority (integer) –
[REQUIRED]
The priority of the rule. Rules are evaluated in order of priority, with lower numbers evaluated first. Must be between 1 and 1,000,000.
conditions (list) –
The conditions that must be met for the rule to apply. Conditions can match on principals (IAM ARNs) or request paths.
(dict) –
A condition that determines when a gateway rule applies. Conditions can match on principals or request paths.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
matchPrincipals,matchPaths.matchPrincipals (dict) –
A condition that matches on the identity of the caller making the request.
anyOf (list) – [REQUIRED]
A list of principal entries. The condition is met if any of the entries match the caller’s identity.
(dict) –
Union for principal matching. Currently supports IAM principal ARN glob matching.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
iamPrincipal.iamPrincipal (dict) –
An IAM principal to match against, specified by ARN.
arn (string) – [REQUIRED]
The Amazon Resource Name (ARN) of the IAM principal. Supports user, role, and assumed-role ARNs. Wildcards can be used with the
StringLikeoperator.operator (string) –
The match operator.
StringEqualsrequires an exact match.StringLikesupports wildcard patterns using*and?.
matchPaths (dict) –
A condition that matches on the request path.
anyOf (list) – [REQUIRED]
A list of path patterns. The condition is met if the request path matches any of the patterns.
(string) –
actions (list) –
[REQUIRED]
The actions to take when the rule conditions are met. Actions can route to a specific target or apply a configuration bundle override.
(dict) –
An action to take when a gateway rule’s conditions are met.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
configurationBundle,routeToTarget.configurationBundle (dict) –
An action that applies a configuration bundle override to the request.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
staticOverride,weightedOverride.staticOverride (dict) –
A static configuration bundle override that applies a single bundle version to all matching requests.
bundleArn (string) – [REQUIRED]
The Amazon Resource Name (ARN) of the configuration bundle to apply.
bundleVersion (string) – [REQUIRED]
The version of the configuration bundle to apply.
weightedOverride (dict) –
A weighted configuration bundle override that splits traffic between multiple bundle versions based on configured weights.
trafficSplit (list) – [REQUIRED]
The traffic split entries defining how traffic is distributed between configuration bundle versions.
(dict) –
An entry in a traffic split configuration, defining a named variant with a weight and configuration bundle reference.
name (string) – [REQUIRED]
The name of this traffic split variant.
weight (integer) – [REQUIRED]
The percentage of traffic to route to this variant. Weights across all entries must sum to 100.
configurationBundle (dict) – [REQUIRED]
The configuration bundle reference for this variant.
bundleArn (string) – [REQUIRED]
The Amazon Resource Name (ARN) of the configuration bundle.
bundleVersion (string) – [REQUIRED]
The version of the configuration bundle.
description (string) –
The description of this traffic split variant.
metadata (dict) –
Key-value metadata associated with this traffic split variant.
(string) –
(string) –
routeToTarget (dict) –
An action that routes the request to a specific target.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set:
staticRoute,weightedRoute.staticRoute (dict) –
A static route that sends all matching requests to a single target.
targetName (string) – [REQUIRED]
The name of the target to route requests to.
weightedRoute (dict) –
A weighted route that splits traffic between multiple targets.
trafficSplit (list) – [REQUIRED]
The traffic split entries defining how traffic is distributed between targets.
(dict) –
An entry in a target traffic split configuration.
name (string) – [REQUIRED]
The name of this traffic split variant.
weight (integer) – [REQUIRED]
The percentage of traffic to route to this variant.
targetName (string) – [REQUIRED]
The name of the target to route traffic to.
description (string) –
The description of this traffic split variant.
metadata (dict) –
Key-value metadata associated with this traffic split variant.
(string) –
(string) –
description (string) – The description of the gateway rule.
- Return type:
dict
- Returns:
Response Syntax
{ 'ruleId': 'string', 'gatewayArn': 'string', 'priority': 123, 'conditions': [ { 'matchPrincipals': { 'anyOf': [ { 'iamPrincipal': { 'arn': 'string', 'operator': 'StringEquals'|'StringLike' } }, ] }, 'matchPaths': { 'anyOf': [ 'string', ] } }, ], 'actions': [ { 'configurationBundle': { 'staticOverride': { 'bundleArn': 'string', 'bundleVersion': 'string' }, 'weightedOverride': { 'trafficSplit': [ { 'name': 'string', 'weight': 123, 'configurationBundle': { 'bundleArn': 'string', 'bundleVersion': 'string' }, 'description': 'string', 'metadata': { 'string': 'string' } }, ] } }, 'routeToTarget': { 'staticRoute': { 'targetName': 'string' }, 'weightedRoute': { 'trafficSplit': [ { 'name': 'string', 'weight': 123, 'targetName': 'string', 'description': 'string', 'metadata': { 'string': 'string' } }, ] } } }, ], 'description': 'string', 'createdAt': datetime(2015, 1, 1), 'status': 'CREATING'|'ACTIVE'|'UPDATING'|'DELETING', 'system': { 'managedBy': 'string' } }
Response Structure
(dict) –
ruleId (string) –
The unique identifier of the gateway rule.
gatewayArn (string) –
The Amazon Resource Name (ARN) of the gateway that the rule belongs to.
priority (integer) –
The priority of the rule. Rules are evaluated in order of priority, with lower numbers evaluated first.
conditions (list) –
The conditions that must be met for the rule to apply.
(dict) –
A condition that determines when a gateway rule applies. Conditions can match on principals or request paths.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set:
matchPrincipals,matchPaths. If a client receives an unknown member it will setSDK_UNKNOWN_MEMBERas the top level key, which maps to the name or tag of the unknown member. The structure ofSDK_UNKNOWN_MEMBERis as follows:'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
matchPrincipals (dict) –
A condition that matches on the identity of the caller making the request.
anyOf (list) –
A list of principal entries. The condition is met if any of the entries match the caller’s identity.
(dict) –
Union for principal matching. Currently supports IAM principal ARN glob matching.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set:
iamPrincipal. If a client receives an unknown member it will setSDK_UNKNOWN_MEMBERas the top level key, which maps to the name or tag of the unknown member. The structure ofSDK_UNKNOWN_MEMBERis as follows:'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
iamPrincipal (dict) –
An IAM principal to match against, specified by ARN.
arn (string) –
The Amazon Resource Name (ARN) of the IAM principal. Supports user, role, and assumed-role ARNs. Wildcards can be used with the
StringLikeoperator.operator (string) –
The match operator.
StringEqualsrequires an exact match.StringLikesupports wildcard patterns using*and?.
matchPaths (dict) –
A condition that matches on the request path.
anyOf (list) –
A list of path patterns. The condition is met if the request path matches any of the patterns.
(string) –
actions (list) –
The actions to take when the rule conditions are met.
(dict) –
An action to take when a gateway rule’s conditions are met.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set:
configurationBundle,routeToTarget. If a client receives an unknown member it will setSDK_UNKNOWN_MEMBERas the top level key, which maps to the name or tag of the unknown member. The structure ofSDK_UNKNOWN_MEMBERis as follows:'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
configurationBundle (dict) –
An action that applies a configuration bundle override to the request.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set:
staticOverride,weightedOverride. If a client receives an unknown member it will setSDK_UNKNOWN_MEMBERas the top level key, which maps to the name or tag of the unknown member. The structure ofSDK_UNKNOWN_MEMBERis as follows:'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
staticOverride (dict) –
A static configuration bundle override that applies a single bundle version to all matching requests.
bundleArn (string) –
The Amazon Resource Name (ARN) of the configuration bundle to apply.
bundleVersion (string) –
The version of the configuration bundle to apply.
weightedOverride (dict) –
A weighted configuration bundle override that splits traffic between multiple bundle versions based on configured weights.
trafficSplit (list) –
The traffic split entries defining how traffic is distributed between configuration bundle versions.
(dict) –
An entry in a traffic split configuration, defining a named variant with a weight and configuration bundle reference.
name (string) –
The name of this traffic split variant.
weight (integer) –
The percentage of traffic to route to this variant. Weights across all entries must sum to 100.
configurationBundle (dict) –
The configuration bundle reference for this variant.
bundleArn (string) –
The Amazon Resource Name (ARN) of the configuration bundle.
bundleVersion (string) –
The version of the configuration bundle.
description (string) –
The description of this traffic split variant.
metadata (dict) –
Key-value metadata associated with this traffic split variant.
(string) –
(string) –
routeToTarget (dict) –
An action that routes the request to a specific target.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set:
staticRoute,weightedRoute. If a client receives an unknown member it will setSDK_UNKNOWN_MEMBERas the top level key, which maps to the name or tag of the unknown member. The structure ofSDK_UNKNOWN_MEMBERis as follows:'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
staticRoute (dict) –
A static route that sends all matching requests to a single target.
targetName (string) –
The name of the target to route requests to.
weightedRoute (dict) –
A weighted route that splits traffic between multiple targets.
trafficSplit (list) –
The traffic split entries defining how traffic is distributed between targets.
(dict) –
An entry in a target traffic split configuration.
name (string) –
The name of this traffic split variant.
weight (integer) –
The percentage of traffic to route to this variant.
targetName (string) –
The name of the target to route traffic to.
description (string) –
The description of this traffic split variant.
metadata (dict) –
Key-value metadata associated with this traffic split variant.
(string) –
(string) –
description (string) –
The description of the gateway rule.
createdAt (datetime) –
The timestamp when the rule was created.
status (string) –
The current status of the rule.
system (dict) –
System-managed metadata for rules created by automated processes.
managedBy (string) –
The identifier of the system or process that manages this rule.
Exceptions
BedrockAgentCoreControl.Client.exceptions.ServiceQuotaExceededExceptionBedrockAgentCoreControl.Client.exceptions.ConflictExceptionBedrockAgentCoreControl.Client.exceptions.ValidationExceptionBedrockAgentCoreControl.Client.exceptions.AccessDeniedExceptionBedrockAgentCoreControl.Client.exceptions.ResourceNotFoundExceptionBedrockAgentCoreControl.Client.exceptions.ThrottlingExceptionBedrockAgentCoreControl.Client.exceptions.InternalServerException