Add AWS MCP Server integration + IAM self-modify with approval gate

- CDK: add compute/build, broad read-only, IAM self-modify (scoped to own role), IAM policy management, and SSM read permissions to runtime1Role - config.py: load /agent-claw/aws-mcp-url from SSM at cold start - main.py: connect to AWS MCP Server with SigV4 auth (_AwsMcpSigV4Auth); add request_iam_permission and apply_iam_permission tools - agentcore.json: add EXECUTION_ROLE_ARN env var
2026-05-15 08:56:06 -05:00
parent 68aad4fb71
commit 88ed337938
4 changed files with 141 additions and 5 deletions
--- a/cdk/lib/agent-claw-stack.ts
+++ b/cdk/lib/agent-claw-stack.ts
@@ -371,6 +371,51 @@ export class AgentClawStack extends cdk.Stack {
      resources: [schedulerFn.functionArn],
    }));

+    // ── AgentCore Runtime 1 — extended permissions ───────────────────────
+
+    // Compute/build
+    runtime1Role.addToPolicy(new iam.PolicyStatement({
+      sid: 'ComputeBuild',
+      actions: ['codebuild:*', 'ecr:*', 'ecs:*', 'logs:*'],
+      resources: ['*'],
+    }));
+
+    // Broad read-only across account
+    runtime1Role.addToPolicy(new iam.PolicyStatement({
+      sid: 'BroadReadOnly',
+      actions: [
+        's3:List*', 's3:GetObject',
+        'lambda:List*', 'lambda:Get*',
+        'cloudformation:Describe*', 'cloudformation:List*',
+        'sqs:List*', 'sqs:GetQueueAttributes',
+        'ec2:Describe*',
+        'ssm:Describe*', 'ssm:List*',
+        'ce:GetCostAndUsage', 'ce:GetCostForecast',
+      ],
+      resources: ['*'],
+    }));
+
+    // IAM self-modify — scoped to own role only
+    runtime1Role.addToPolicy(new iam.PolicyStatement({
+      sid: 'IamSelfModify',
+      actions: ['iam:PutRolePolicy', 'iam:AttachRolePolicy', 'iam:DetachRolePolicy', 'iam:DeleteRolePolicy'],
+      resources: [runtime1Role.roleArn],
+    }));
+
+    // IAM policy management
+    runtime1Role.addToPolicy(new iam.PolicyStatement({
+      sid: 'IamPolicyManagement',
+      actions: ['iam:CreatePolicy', 'iam:GetPolicy', 'iam:ListPolicies'],
+      resources: ['*'],
+    }));
+
+    // SSM read for AWS MCP URL
+    runtime1Role.addToPolicy(new iam.PolicyStatement({
+      sid: 'AwsMcpUrlSsmRead',
+      actions: ['ssm:GetParameter', 'ssm:GetParameters'],
+      resources: [`arn:aws:ssm:${this.region}:${this.account}:parameter/agent-claw/aws-mcp-url`],
+    }));
+
    // ── Outputs ────────────────────────────────────────────────────────────

    new cdk.CfnOutput(this, 'WorkspaceMcpFunctionUrl', {