Fetch Akeyless secrets at runtime on AWS Bedrock AgentCore using cloud identity authentication
Project description
akeyless-agentcore-runtime
Fetch Akeyless secrets at runtime on AWS Bedrock AgentCore. Authenticate with cloud identity (AWS IAM) — no long-lived API keys in your agent deployment. Application secrets stay in Akeyless, not AWS Secrets Manager.
Repository: github.com/akeyless-community/bedrock-agentcore-akeyless-runtime
Documentation
| Guide | Description |
|---|---|
| Installation | pip install — no git clone required |
| Akeyless setup | Auth method, RBAC, secret paths — do this first |
| Deployment patterns | In-agent fetch, hybrid, MCP server, Gateway Lambda |
| Examples | Runnable sample agents |
| Security | Production checklist and reporting |
| Contributing | Development setup and PR guidelines |
Why this integration?
| Concern | AWS default pattern | This integration |
|---|---|---|
| Authentication to secrets platform | IAM role → Secrets Manager | IAM role → Akeyless (AWS IAM auth method) |
| Secret storage | AWS Secrets Manager | Akeyless (static, dynamic, rotated) |
| Bootstrap credentials | None (IAM only) | Only AKEYLESS_ACCESS_ID (no secret key) |
| Rotation & governance | Secrets Manager policies | Akeyless RBAC, rotation, audit |
AgentCore Runtime provides an IAM execution role with ambient AWS credentials. This library uses those credentials to generate an Akeyless cloud ID and authenticate — the same pattern used by EKS, Lambda, and other Akeyless integrations.
Install
No git clone needed. Add to your agent project and install with pip.
From PyPI (when published)
pip install akeyless-agentcore-runtime
From GitHub (available now)
pip install "akeyless-agentcore-runtime @ git+https://github.com/akeyless-community/bedrock-agentcore-akeyless-runtime.git@v0.2.0"
Add to your AgentCore requirements.txt:
akeyless-agentcore-runtime @ git+https://github.com/akeyless-community/bedrock-agentcore-akeyless-runtime.git@v0.2.0
bedrock-agentcore>=0.1.0
Full install guide (extras, MCP CLI, verification): docs/INSTALL.md
Optional extras:
pip install "akeyless-agentcore-runtime[strands] @ git+https://github.com/akeyless-community/bedrock-agentcore-akeyless-runtime.git@v0.2.0"
pip install "akeyless-agentcore-runtime[mcp] @ git+https://github.com/akeyless-community/bedrock-agentcore-akeyless-runtime.git@v0.2.0"
pip install "akeyless-agentcore-runtime[gateway] @ git+https://github.com/akeyless-community/bedrock-agentcore-akeyless-runtime.git@v0.2.0"
pip install "akeyless-agentcore-runtime[all] @ git+https://github.com/akeyless-community/bedrock-agentcore-akeyless-runtime.git@v0.2.0"
Requires Python 3.10+.
Quick start
1. Configure Akeyless
Follow the full guide: docs/AKEYLESS_SETUP.md
Summary:
- Create an AWS IAM Auth Method bound to your AgentCore execution role ARN
- Grant read/list on
/bedrock-agentcore/<agent>/<env>/* - Store secrets in Akeyless (not in AgentCore env vars)
2. Set bootstrap env vars on AgentCore
Configure only auth + path prefix — not application secrets:
| Variable | Required | Example |
|---|---|---|
AKEYLESS_ACCESS_ID |
Yes | p-xxxxx |
AKEYLESS_ACCESS_TYPE |
No (default: aws_iam) |
aws_iam |
AKEYLESS_SECRET_PREFIX |
Recommended | /bedrock-agentcore/my-agent/production |
AKEYLESS_GATEWAY_URL |
No | https://api.akeyless.io |
AGENTCORE_AGENT_NAME |
No | my-agent |
3. Fetch a secret in your agent
from akeyless_agentcore import get_secret_sync
api_key = get_secret_sync("OPENAI_API_KEY")
4. Deploy
pip install akeyless-agentcore-runtime bedrock-agentcore
agentcore deploy
See examples/strands-agent/ for a complete agent.
In-agent fetch vs AgentCore tools
Use both in production — they solve different problems:
| Pattern | When to use | Example |
|---|---|---|
| In-agent fetch | Bootstrap secrets on every invocation; no tool-call overhead | Model API key at cold start |
| AgentCore tools | Agent decides which secret to fetch; shared across agents | get_akeyless_secret("DATABASE_URL") on demand |
| Hybrid (recommended) | Bootstrap + on-demand | examples/hybrid-agent/ |
from akeyless_agentcore import get_secret_sync
from akeyless_agentcore.tools.strands import create_strands_tools
api_key = get_secret_sync("OPENAI_API_KEY") # bootstrap
agent = Agent(model=model, tools=create_strands_tools()) # on-demand
Tool deployment options
| Deployment | Install extra | Use case |
|---|---|---|
| In-process Strands tools | [strands] |
Tools in the same agent process |
| MCP server on AgentCore Runtime | [mcp] |
Dedicated secrets MCP endpoint |
| Gateway Lambda target | [gateway] |
Shared tools via AgentCore Gateway |
| Tool | Returns values? | Description |
|---|---|---|
list_akeyless_secrets |
No | Discover secret names under a prefix |
get_akeyless_secret |
Yes | Fetch static, dynamic, or rotated secret |
Full details: docs/DEPLOYMENT.md
API reference
Convenience functions
from akeyless_agentcore import get_secret_sync, get_secret
api_key = get_secret_sync("OPENAI_API_KEY")
api_key = await get_secret("OPENAI_API_KEY") # async
Client
from akeyless_agentcore import AkeylessRuntimeClient
client = AkeylessRuntimeClient(
gateway_url="https://api.akeyless.io",
secret_prefix="/bedrock-agentcore/my-agent/production",
access_id="p-xxxxx",
access_type="aws_iam",
)
client.get_secret_sync("OPENAI_API_KEY")
client.get_secret_json_sync("APP_CONFIG")
client.get_dynamic_secret_sync("aws-creds")
client.get_rotated_secret_sync("api-key")
client.list_secrets_sync()
Authentication
| Method | AKEYLESS_ACCESS_TYPE |
Additional env |
|---|---|---|
| AWS IAM (recommended) | aws_iam |
AKEYLESS_ACCESS_ID |
| Access key | access_key |
AKEYLESS_ACCESS_ID, AKEYLESS_ACCESS_KEY |
| API key | api_key |
AKEYLESS_ACCESS_ID, AKEYLESS_ACCESS_KEY |
| Universal Identity | universal_identity |
AKEYLESS_UID_TOKEN |
| JWT | jwt |
AKEYLESS_ACCESS_ID, AKEYLESS_JWT |
| Pre-authenticated | — | AKEYLESS_TOKEN |
Architecture
sequenceDiagram
participant Agent as AgentCore Runtime
participant Lib as akeyless-agentcore-runtime
participant AWS as AWS STS/IAM
participant AKL as Akeyless Gateway
Agent->>Lib: get_secret_sync("OPENAI_API_KEY")
Lib->>AWS: Generate cloud ID (SigV4 GetCallerIdentity)
AWS-->>Lib: Signed identity proof
Lib->>AKL: POST /auth (access_id, aws_iam, cloud_id)
AKL-->>Lib: Session token
Lib->>AKL: GET /get-secret-value
AKL-->>Lib: Secret value
Lib-->>Agent: OPENAI_API_KEY
Local development
cp .env.example .env # edit with your test credentials — never commit .env
export AKEYLESS_ACCESS_ID=p-xxxxx
export AKEYLESS_ACCESS_TYPE=access_key
export AKEYLESS_ACCESS_KEY=your-readonly-key
export AKEYLESS_SECRET_PREFIX=/bedrock-agentcore/my-agent/dev
python3 -c "from akeyless_agentcore import get_secret_sync; print(get_secret_sync('OPENAI_API_KEY')[:8] + '...')"
Related community projects
- netlify-akeyless-runtime — Netlify Functions
- fly-akeyless-runtime — Fly.io Machines
- vercel-akeyless-runtime — Vercel serverless
- heroku-akeyless-runtime — Heroku dynos
License
Apache-2.0
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file akeyless_agentcore_runtime-0.2.0.tar.gz.
File metadata
- Download URL: akeyless_agentcore_runtime-0.2.0.tar.gz
- Upload date:
- Size: 21.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
be7c7fad45d93650ded55ec670c19cdd1991dd1bbe5210b556298b6f3b0e8f4e
|
|
| MD5 |
bf2af3e2e51aa16c88a9fcec8bcd5c38
|
|
| BLAKE2b-256 |
31a2951f5372354dccf80dea39393eee224211867daabde5a02d393109242fc8
|
Provenance
The following attestation bundles were made for akeyless_agentcore_runtime-0.2.0.tar.gz:
Publisher:
publish.yml on akeyless-community/bedrock-agentcore-akeyless-runtime
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
akeyless_agentcore_runtime-0.2.0.tar.gz -
Subject digest:
be7c7fad45d93650ded55ec670c19cdd1991dd1bbe5210b556298b6f3b0e8f4e - Sigstore transparency entry: 2035853582
- Sigstore integration time:
-
Permalink:
akeyless-community/bedrock-agentcore-akeyless-runtime@f368ef9e6a3b03dc71f5df29421b19e12dfa6596 -
Branch / Tag:
refs/tags/v0.2.0 - Owner: https://github.com/akeyless-community
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@f368ef9e6a3b03dc71f5df29421b19e12dfa6596 -
Trigger Event:
release
-
Statement type:
File details
Details for the file akeyless_agentcore_runtime-0.2.0-py3-none-any.whl.
File metadata
- Download URL: akeyless_agentcore_runtime-0.2.0-py3-none-any.whl
- Upload date:
- Size: 18.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
7d3e826933f128230c9f2bdb5e801f55d5db0d101a6a0b7feb7b000ae20d8830
|
|
| MD5 |
d22276976d0dba2f35bc2c92e6d3c285
|
|
| BLAKE2b-256 |
8e19a21333ccadf32170627d0cecee8ba14530667f8b1e7ab3076bbd28b87379
|
Provenance
The following attestation bundles were made for akeyless_agentcore_runtime-0.2.0-py3-none-any.whl:
Publisher:
publish.yml on akeyless-community/bedrock-agentcore-akeyless-runtime
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
akeyless_agentcore_runtime-0.2.0-py3-none-any.whl -
Subject digest:
7d3e826933f128230c9f2bdb5e801f55d5db0d101a6a0b7feb7b000ae20d8830 - Sigstore transparency entry: 2035853698
- Sigstore integration time:
-
Permalink:
akeyless-community/bedrock-agentcore-akeyless-runtime@f368ef9e6a3b03dc71f5df29421b19e12dfa6596 -
Branch / Tag:
refs/tags/v0.2.0 - Owner: https://github.com/akeyless-community
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@f368ef9e6a3b03dc71f5df29421b19e12dfa6596 -
Trigger Event:
release
-
Statement type: