feat(payments): add AgentCore Payments as first-class CLI resource by aidandaly24 · Pull Request #1261 · aws/agentcore-cli

aidandaly24 · 2026-05-14T21:32:37Z

Description

Adds AgentCore Payments as a first-class resource type in the CLI. Includes:

agentcore add payment-manager / payment-connector commands (CLI + TUI wizard)
agentcore remove payment-manager / payment-connector with cascading delete
CDK-backed deployment via AgentCorePaymentManager + AgentCorePaymentConnector L3 constructs
Payment credential provider setup (imperative, same /identities/ endpoint as API key/OAuth)
CFN output parsing for deployed-state persistence
Invoke flags: --payment-instrument-id, --payment-session-id, --auto-session
Python agent template with x402 payment interception via SDK plugin
Validate command checks for payment credential completeness
Dev mode env var injection (AUTH_MODE for CUSTOM_JWT support)

Related Issue

Closes #

Documentation PR

Type of Change

New feature

Testing

How have you tested the change?

I ran npm run test:unit and npm run test:integ
I ran npm run typecheck
I ran npm run lint
If I modified src/assets/, I ran npm run test:update-snapshots and committed the updated snapshots

120 new payment-specific unit tests added covering:

parsePaymentOutputs, PaymentManagerPrimitive, PaymentConnectorPrimitive
validate command payment paths, payment-env dev mode, pre-deploy credential setup
wirePaymentCapability template patching

Checklist

I have read the CONTRIBUTING document
I have added any necessary tests that prove my fix is effective or my feature works
I have updated the documentation accordingly
I have added an appropriate example to the documentation to outline the feature, or no new docs are needed
My changes generate no new warnings
Any dependent changes have been merged and published

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the
terms of your choice.

Update — runtime IAM + system prompt for x402 auto-pay (commit `1f6a2f2`)

End-to-end testing surfaced a missing IAM grant and a stale system prompt. Both blockers are fixed in this commit; the rest of the PR is unchanged.

What broke without the fix

The agent runtime role only had sts:AssumeRole on the ProcessPaymentRole (which carries only ProcessPayment). But AgentCorePaymentsPlugin.generate_payment_header calls GetPaymentInstrument on the runtime's own credentials before any role assumption. The plugin failed with AccessDeniedException on the very first 402 it tried to settle:

Failed to get payment instrument: ... is not authorized to perform:
bedrock-agentcore:GetPaymentInstrument on resource: <pmgr-arn>
because no identity-based policy allows the bedrock-agentcore:GetPaymentInstrument action

Fix

Grant the runtime role the seven payment data-plane actions, scoped to the manager ARN, in the vended CDK stack template:

bedrock-agentcore:GetPaymentInstrument
bedrock-agentcore:ListPaymentInstruments
bedrock-agentcore:GetPaymentInstrumentBalance
bedrock-agentcore:GetPaymentSession
bedrock-agentcore:ListPaymentSessions
bedrock-agentcore:CreatePaymentSession (so --auto-session works without a separate ManagementRole call)
bedrock-agentcore:ProcessPayment

A code comment notes this deviates from the canonical 4-role split in the AgentCore Payments beta guide. The deviation is required by the current SDK plugin, which calls GetPaymentInstrument from inside generate_payment_header. If the SDK is later updated to accept a pre-fetched instrument and to split create-session into a backend-only flow, this grant can be tightened.

System-prompt update

PAYMENT_SYSTEM_PROMPT in capabilities/payments/payments.py now mentions the http_request tool that the SDK plugin auto-registers:

- Use http_request to call HTTP endpoints. 402 Payment Required responses
  are settled automatically by the plugin and the call is retried.

The other prompt lines (for get_payment_session, get_payment_instrument_balance, list_payment_instruments) are unchanged — those tools were already provided by the plugin.

SDK dependency

This commit's system-prompt change is forward-looking; the http_request tool ships in bedrock-agentcore SDK PR aws/bedrock-agentcore-sdk-python#493. Once that merges and a new SDK release ships, the template's pyproject.toml.hbs should pin bedrock-agentcore >= <released-version>. Pin bump intentionally NOT included in this commit — it should land alongside the published version number.

End-to-end verification (after IAM fix + SDK PR)

Tested against https://x402.bitcoinsapi.com/weather on Base Sepolia from a fresh project. Plugin path runs cleanly:

✅ Detected 402 Payment Required response from tool: http_request
✅ Successfully retrieved instrument (← fails without this commit's IAM grant)
✅ Successfully processed payment for user default-user (← fails without SDK PR feat: add agentcore traces command and trace link in invoke TUI #493)
✅ Added payment header to tool input headers: ['PAYMENT-SIGNATURE']
✅ Tool retried with the payment header

(Final on-chain settle currently fails inside the seller-side facilitator simulation due to two unrelated issues in CDP's signing service — validAfter set to current timestamp instead of now-N, and an ECRecover failure on the returned v byte. Those are tracked separately as service-side bugs and are out of scope for this PR.)

github-actions · 2026-05-14T21:33:35Z

Package Tarball

aws-agentcore-0.16.0.tgz