InvokeAgent data-plane endpoint. The transport is contract-only —
Bedrock agents carry server-side session state, SigV4 auth, and an
event-stream response envelope, so the contract is the right place to
declare all three.
What this example tests
- All 10 ASI categories against a Bedrock Agent.
- SigV4 signing via
botocore(lazy-imported from the[aws]extra) with the standard AWS credential chain. - The
server_sessionpattern — Bedrock’ssessionIdlives in the URL path; AgentGuardian reuses the swarm’s session as thesessionIdso conversation state carries between turns.
src/agent_guardian/transports/bedrock_agent.py,
src/agent_guardian/contract/schema.py
(BedrockAgentTransport).
Prerequisites
- AgentGuardian with the AWS extra installed:
pip install 'agent-guardian[aws]'. - A Bedrock Agent deployed in your AWS account. The AWS quickstart walks through the console flow.
- AWS credentials available via the standard chain (env vars, shared config, instance profile, etc.).
- The agent id and alias id (the
TSTALIASIDworking-draft alias is the fastest path). - A model spec —
--model stubfor the contract dry-run, or a real model spec for a graded scan.
Run target
The target itself is your deployed Bedrock Agent. Export the env vars the contract dereferences:examples/bedrock_agent/agentguardian.yaml):
agentguardian.yaml
BedrockAgentTransport in
src/agent_guardian/contract/schema.py.
Run AgentGuardian
--contract PATH— drive the scan from a target contract.--model stub— offline default. Swap foranthropic:claude-haiku-4-5(or another model spec) for a graded run.--mode fast—fast/smart/full(default).--output md --output-path scan.md— Markdown report.
Expected output
examples/bedrock_agent/sample-scan.json ships a committed reference
shape (env-redacted) for a --model stub contract run.
Common errors
ImportError: botocore is required for SigV4. Install the AWS extra:pip install 'agent-guardian[aws]'.NoCredentialsError. AWS credentials are not on the standard chain. ExportAWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEYor run on an instance with a role.AccessDeniedExceptiononInvokeAgent. The caller IAM principal is missingbedrock:InvokeAgentfor the agent ARN. Add the action to your policy.ResourceNotFoundException. The agent or alias id is wrong, or the region in the contract does not match the region the agent is deployed in.
Next step
- For a GCP-deployed target, read Scan a Gemini Vertex agent.
- For CI gating, wire the scan into GitHub Actions with OIDC-issued AWS credentials.