Bug Description
All three Python scripts under 01-features/05-authenticate-and-authorize/01-inbound-auth/02-inbound-auth-EntraID/ are undeployable:
entra_id_inbound_auth.py — inbound JWT auth on AgentCore Runtimeentra_gateway_auth_code.py — outbound 3LO (OneNote) on Runtimeentra_gateway_m2m.py — AgentCore Gateway with Entra M2M auth
Issues
-
create_agent_runtime schema is rejected by the control plane (all three scripts). codeConfiguration is passed as a top-level kwarg (must be nested in agentRuntimeArtifact); containerConfiguration is set redundantly with the managed runtime image; the code source uses the deprecated code.s3.{uri, entryPoint} shape instead of canonical code.s3.{bucket, prefix}; runtime and entryPoint are missing. Reproduces as ParamValidationError: Unknown parameter "codeConfiguration".
-
Agent dependencies are not installed in the deployment zip (entra_id_inbound_auth.py, entra_gateway_auth_code.py). Scripts bundle only the agent code plus a requirements.txt.
-
OAuth2 credential provider creation is not idempotent (entra_gateway_auth_code.py). The except clause catches ConflictException, but the control plane actually raises ValidationException("...already exists") for duplicate provider names. Re-running the script after a partial failure crashes at Step 1.
-
Gateway invoke fails with Missing Authentication Token (entra_gateway_auth_code.py). The runtime is created without authorizerConfiguration (defaults to SigV4) but the script invokes with raw requests.post(endpoint_url, ...) without SigV4 signing.
-
Gateway target creation races against gateway readiness (entra_gateway_m2m.py). create_gateway_target is called immediately after create_gateway returns, while the gateway is still in CREATING, and rejects with ValidationException("Cannot perform operation CreateGatewayTarget when gateway is in CREATING status").
-
MCPClient.stop() called as a regular method (entra_gateway_m2m.py). It is a context-manager exit method that expects (exc_type, exc_val, exc_tb); the script crashes at cleanup with TypeError: MCPClient.stop() missing 3 required positional arguments.
-
Cleanup fails on delete_gateway while targets still exist (entra_gateway_m2m.py, also entra_gateway_auth_code.py if a target was created). Target deletion is async; gateway delete rejects with ValidationException("...has targets associated with it").
-
IAM bedrock:InvokeModel resource too narrow. Scoped only to foundation-model/*, but the agents use cross-region inference profiles (global.anthropic.claude-haiku-4-5-...).
-
IAM role propagation race (all three scripts). 5–10s sleep after create_role is too short; create_agent_runtime / create_gateway intermittently fail with ValidationException ("role cannot be assumed by ...").
-
invoke_agent_with_oauth cannot show the user the auth URL (entra_gateway_auth_code.py). The agent emits the OAuth authorization URL into the streaming response, but the local script accumulates all chunks into a list and only prints the body after the loop ends - meanwhile the loop is held open by the agent's polling loop, so the URL never reaches the user's terminal. Self-imposed deadlock.
PR forthcoming.
Bug Description
All three Python scripts under
01-features/05-authenticate-and-authorize/01-inbound-auth/02-inbound-auth-EntraID/are undeployable:entra_id_inbound_auth.py— inbound JWT auth on AgentCore Runtimeentra_gateway_auth_code.py— outbound 3LO (OneNote) on Runtimeentra_gateway_m2m.py— AgentCore Gateway with Entra M2M authIssues
create_agent_runtimeschema is rejected by the control plane (all three scripts).codeConfigurationis passed as a top-level kwarg (must be nested inagentRuntimeArtifact);containerConfigurationis set redundantly with the managed runtime image; the code source uses the deprecatedcode.s3.{uri, entryPoint}shape instead of canonicalcode.s3.{bucket, prefix};runtimeandentryPointare missing. Reproduces asParamValidationError: Unknown parameter "codeConfiguration".Agent dependencies are not installed in the deployment zip (
entra_id_inbound_auth.py,entra_gateway_auth_code.py). Scripts bundle only the agent code plus arequirements.txt.OAuth2 credential provider creation is not idempotent (
entra_gateway_auth_code.py). Theexceptclause catchesConflictException, but the control plane actually raisesValidationException("...already exists")for duplicate provider names. Re-running the script after a partial failure crashes at Step 1.Gateway invoke fails with
Missing Authentication Token(entra_gateway_auth_code.py). The runtime is created withoutauthorizerConfiguration(defaults to SigV4) but the script invokes with rawrequests.post(endpoint_url, ...)without SigV4 signing.Gateway target creation races against gateway readiness (
entra_gateway_m2m.py).create_gateway_targetis called immediately aftercreate_gatewayreturns, while the gateway is still inCREATING, and rejects withValidationException("Cannot perform operation CreateGatewayTarget when gateway is in CREATING status").MCPClient.stop()called as a regular method (entra_gateway_m2m.py). It is a context-manager exit method that expects(exc_type, exc_val, exc_tb); the script crashes at cleanup withTypeError: MCPClient.stop() missing 3 required positional arguments.Cleanup fails on
delete_gatewaywhile targets still exist (entra_gateway_m2m.py, alsoentra_gateway_auth_code.pyif a target was created). Target deletion is async; gateway delete rejects withValidationException("...has targets associated with it").IAM
bedrock:InvokeModelresource too narrow. Scoped only tofoundation-model/*, but the agents use cross-region inference profiles (global.anthropic.claude-haiku-4-5-...).IAM role propagation race (all three scripts). 5–10s sleep after
create_roleis too short;create_agent_runtime/create_gatewayintermittently fail withValidationException("role cannot be assumed by ...").invoke_agent_with_oauthcannot show the user the auth URL (entra_gateway_auth_code.py). The agent emits the OAuth authorization URL into the streaming response, but the local script accumulates all chunks into a list and only prints the body after the loop ends - meanwhile the loop is held open by the agent's polling loop, so the URL never reaches the user's terminal. Self-imposed deadlock.PR forthcoming.