Secure Credentials with Bedrock AgentCore Identity
Building production-grade agents requires integrating with third-party services like Exa for web search or Slack for messaging. The biggest challenge is doing so without hardcoding sensitive API keys. Bedrock AgentCore Identity provides a secure, encrypted credential store that allows agents to retrieve secrets just-in-time during execution, eliminating the risk of accidental exposure in code or logs.
By using the IdentityClient, you can create "Credential Providers" that map specific secrets to your agentโs runtime. This ensures a complete audit trail and fine-grained access control, moving your agent architecture from "proof-of-concept" to "security-compliant."
A. Provisioning a Secure Credential
Instead of using environment variables, you register your API keys directly into the AgentCore managed identity store. This only needs to be done once during the setup phase.
from bedrock_agentcore.tools.identity_client import IdentityClient
# Initialize the Identity Client
identity_client = IdentityClient(region="us-east-1")
# Securely store an API key (e.g., for Exa Search)
credential_provider = identity_client.create_api_key_credential_provider(
name="ExaAPIKey",
api_key="your-actual-secret-key-here" # This value is encrypted immediately
)
credential_id = credential_provider["id"]
print(f"Credential registered with ID: {credential_id}")
B. Integrating Secure Search into a Strands Agent
Once the credential is stored, your agent tools can fetch the key dynamically. In this example, we wrap a search function that retrieves the key via AgentCore Identity right before making the request.
from strands import Agent, tool
@tool
def secure_search(query: str) -> str:
"""Perform a web search using a securely stored Exa API key."""
# Retrieve the key from the secure store at runtime
provider = identity_client.get_credential_provider(id=credential_id)
api_key = provider["apiKey"] # Handled securely behind the scenes
# Use the key for the external API call (logic simplified for demo)
return f"Search results for '{query}' using secure key."
# Initialize the agent with the secure tool
agent = Agent(
model="us.amazon.nova-pro-v1:0",
system_prompt="You are a research assistant with secure web access.",
tools=[secure_search]
)
agent("Find the latest whitepapers on AI Security.")
Key Takeaway: Bedrock AgentCore Identity solves the "secret sprawl" problem. Agents no longer need access to long-lived environment variables; instead, they retrieve encrypted credentials only when a tool specifically requests them, ensuring your infrastructure remains "Zero-Trust" by design.
Top comments (0)