daniel/agent-claw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

multi-tenant phase 3: per-user Home Assistant + enrolled services

Browse Source 
- tools/home_assistant.py: remove hardcoded URL/token; read from per-user
  config injected via set_ha_config() at invocation time; return helpful
  enrollment prompt when HA not configured
- main.py: inject HA config from user_profile.services at startup; add
  manage_service tool (enroll/remove/list) that persists to DynamoDB;
  show enrolled services in user context; add USERS_TABLE_NAME env var
- agent-runner/handler.py: pass services dict from DDB user record in
  user_profile payload; initialize services={} for new users
- cdk/lib/agent-claw-stack.ts: grant usersTable read/write to runtime1Role
  so manage_service tool can update user records
- agentclaw/agentcore/agentcore.json: add USERS_TABLE_NAME env var
This commit is contained in:
daniel
2026-05-07 09:10:39 -05:00
parent 4f551ce069
commit 92c87222e8
13 changed files with 369 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
cdk/lib/agent-claw-stack.ts
View File

@@ -170,6 +170,7 @@ export class AgentClawStack extends cdk.Stack {
workspaceBucket.grantRead(runtime1Role);
botTokenSecret.grantRead(runtime1Role);
braveApiKeySecret.grantRead(runtime1Role);
usersTable.grantReadWriteData(runtime1Role);
// Google secret grants added after workspace_mcp section below
runtime1Role.addToPolicy(new iam.PolicyStatement({
actions: [