AWS::BedrockAgentCore::OAuth2CredentialProvider

BedrockAgentCore OAuth2CredentialProvider

Resource Type definition for AWS::BedrockAgentCore::OAuth2CredentialProvider

Properties

4 configurable properties. 2 required. Click a row to see details.

Filter:

Property	Type	Flags
`CredentialProviderVendor`	`string`	RequiredCreate-only
`Name`	`string`	RequiredCreate-only
`Oauth2ProviderConfigInput`	`Oauth2ProviderConfigInput`	Write-only
`Tags`	`Array<Tag>`

Return Values

Values returned after the resource is created. Access these with Fn::GetAtt.

Attribute	Type	Description
`CallbackUrl`	`string`	The callback URL for the OAuth2 authorization flow
`ClientSecretArn`	`ClientSecretArn`	The ARN of the client secret in AWS Secrets Manager
`CreatedTime`	`string`	The timestamp when the credential provider was created
`CredentialProviderArn`	`string`	The Amazon Resource Name (ARN) of the OAuth2 credential provider
`LastUpdatedTime`	`string`	The timestamp when the credential provider was last updated
`Oauth2ProviderConfigOutput`	`Oauth2ProviderConfigOutput`	The output configuration for the OAuth2 provider

Sample CloudFormation Template

A minimal template with required properties and common optional ones.

template.yaml

AWSTemplateFormatVersion: "2010-09-09"
Description: Sample template for AWS::BedrockAgentCore::OAuth2CredentialProvider

Resources:
  MyResource:
    Type: AWS::BedrockAgentCore::OAuth2CredentialProvider
    Properties:
      Name: "my-name"
      CredentialProviderVendor: "GoogleOauth2"
      Tags:
        - Key: Environment
          Value: Production

Required IAM Permissions

Permissions CloudFormation needs in your IAM role to manage this resource.

create

bedrock-agentcore:CreateOauth2CredentialProviderbedrock-agentcore:GetOauth2CredentialProviderbedrock-agentcore:CreateTokenVaultbedrock-agentcore:TagResourcesecretsmanager:CreateSecret

read

bedrock-agentcore:GetOauth2CredentialProviderbedrock-agentcore:ListTagsForResource

update

bedrock-agentcore:UpdateOauth2CredentialProviderbedrock-agentcore:GetOauth2CredentialProviderbedrock-agentcore:TagResourcebedrock-agentcore:UntagResourcebedrock-agentcore:ListTagsForResourcesecretsmanager:PutSecretValue

delete

bedrock-agentcore:DeleteOauth2CredentialProviderbedrock-agentcore:GetOauth2CredentialProvidersecretsmanager:DeleteSecret

list

bedrock-agentcore:ListOauth2CredentialProviders

Learn AWS the Practical Way

Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.

Subscribe to Newsletter

Quick Facts

ServiceBedrockAgentCore

Properties10

Required2

TaggingSupported

Primary IDCredentialProviderArn

Supported Operations

CreateReadUpdateDeleteList

Immutable After Creation

These properties cannot be changed after the resource is created. Updating them triggers a replacement.

NameCredentialProviderVendor

Related Resources

External Links

AWS Documentation