Add AgentCore Web Search Tool managed connector for customer service agent#1749
Add AgentCore Web Search Tool managed connector for customer service agent#1749sumanayanamandra wants to merge 3 commits into
Conversation
…wed tools, link to docs for IAM action
| @@ -87,12 +87,144 @@ module "secrets" { | |||
| langfuse_secret_key = var.langfuse_secret_key | |||
| gateway_url = var.gateway_url | |||
| gateway_api_key = var.gateway_api_key | |||
| tavily_api_key = var.tavily_api_key | |||
| tavily_api_key = "" # No longer used — replaced by AgentCore Web Search Tool connector | |||
There was a problem hiding this comment.
If it's unused, pls remove it completely
There was a problem hiding this comment.
Removed this and all the references to it.
| @@ -0,0 +1,150 @@ | |||
| # AgentCore Web Search Tool integration | |||
|
|
|||
| Provides web search capability for the customer service agent using the AgentCore managed Web Search Tool connector — zero infrastructure, no API keys, queries stay within AWS. | |||
There was a problem hiding this comment.
We do not need a readme for Websearch only.
|
Latest scan for commit: Security Scan ResultsScan Metadata
SummaryScanner ResultsThe table below shows findings by scanner, with status based on severity thresholds and dependencies: Column Explanations: Severity Levels (S/C/H/M/L/I):
Other Columns:
Scanner Results:
Severity Thresholds (Thresh Column):
Threshold Source: Values in parentheses indicate where the threshold is configured:
Statistics calculation:
Detailed FindingsShow 9 actionable findingsFinding 1: CKV_AWS_28
Description: Code Snippet: Finding 2: CKV_AWS_119
Description: Code Snippet: Finding 3: CKV_AWS_116
Description: Code Snippet: Finding 4: CKV_AWS_173
Description: Code Snippet: Finding 5: CKV_AWS_272
Description: Code Snippet: Finding 6: CKV_AWS_117
Description: Code Snippet: Finding 7: CKV_AWS_115
Description: Code Snippet: Finding 8: CKV_AWS_290
Description: Code Snippet: Finding 9: CKV_AWS_355
Description: Code Snippet: Report generated by Automated Security Helper (ASH) at 2026-06-30T15:31:52+00:00 |
…ix checkov findings (PITR, DLQ, concurrency, scoped IAM)
9bcfe91 to
80cd9a9
Compare
|
@akshseh Thanks for the review. Here is the review feedback addressed: Code fixes: Removed tavily_api_key completely (main.tf, secrets module variables, outputs, rotation policy) Findings accepted with justification (not fixable in a sample blueprint): CKV_AWS_119 (DynamoDB CMK): Table stores only ephemeral rate-limit counters (caller ID + request count) with short TTLs. AWS-owned encryption is enabled. |
Amazon Bedrock AgentCore Samples Pull Request
Concise description of the PR
Changes to
05-blueprints/end-to-end-customer-service-agent/infra/, because the blueprint now uses the AgentCore Web Search Tool managed connector for web search — a fully managed, MCP-compliant capability that requires no external API keys, no Lambda functions, and keeps all queries within AWS.User experience
Before: Web search required provisioning and managing a separate Lambda function with third-party API keys, handling rate limits, and parsing external response formats.
After: Web search is available as a zero-infrastructure managed connector on the AgentCore Gateway. Agents discover it via
tools/listand invoke it like any other MCP tool. Queries never leave AWS, results include semantic snippets optimized for LLM context, and no API keys or external services are needed.Acknowledgment
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of the project license.
Acknowledgment
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of the project license.