Amazon Bedrock AgentCore

Selecting the Connection Type

Once you have selected your connection type, a configuration tab will appear on the next step, prompting you to input the required connection details.

Integration Setup

• Agent Runtime ARN - ARN (Amazon Resource Name) of the Bedrock AgentCore runtime you want to invoke.

• AWS Region - AWS region where that runtime is deployed (for example: "us-east-1").

• AWS Access Key Id - IAM (Identity and Access Management) access key used to sign Bedrock AgentCore API calls.

• AWS Secret Access Key - IAM secret access key paired with the Access Key Id. Note that AWS only shows secret keys at creation time, so store it securely.

• Qualifier - Optional runtime qualifier (for example a version or alias) used to route the invocation to a specific runtime revision. Leave it empty to use the runtime’s default.

• Payload Template - JSON payload sent to the AgentCore runtime on each invocation. Use placeholders to let the platform inject dynamic values:

  • {message} - the current probe/test message.

  • {session_id} - unique identifier for the conversation session (useful for multi-step tests).

• Response Path - The JSON path pointing to the text response in the response.

• Image Response Path - The JSON path pointing to generated images in the response(for example an array of base64 strings or URLs). Leave empty if your runtime does not return images.

• Audios Response Path - The JSON path pointing to generated audio in the response. Leave empty if not applicable.

• Documents Response Path - The JSON path pointing to generated documents/files in the response. Leave empty if not applicable.

How to Obtain Required Fields

• Agent Runtime ARN

  • Find the runtime in the AWS console where you manage your AgentCore runtime.

  • Copy the resource ARN from the runtime details page.

  • If you provisioned it via IaC (CloudFormation/Terraform/CDK), you can also use the output variable that contains the ARN.

• AWS Region

  • Use the same region where the runtime lives.

  • You can read it from the AWS console region selector or from the ARN.

• AWS Access Key Id / AWS Secret Access Key

  • Create an access key for an IAM principal that has permission to invoke the runtime.

  • IAM console path: IAM → Users → select user → Security credentials → Access keys.

  • AWS docs: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html

• Qualifier

  • Only needed if your runtime supports routing by version/alias/qualifier.

  • Use the exact qualifier value your runtime expects. Otherwise leave it blank.

• Payload Template

  • Use the request payload schema your runtime expects.

  • Example:

  • Easiest way: run one test invocation from your app/SDK, then copy the JSON body and replace the user message with {message}.

  • Add {session_id} if your runtime supports multi-turn sessions.

  Placeholder

  Description

  {message}

  Main text message

  {session_id}

  Runtime session ID

  {image_url}

  Image URL

  {image_base64}

  Image as base64 data URL

  {audio_url}

  Audio URL

  {audio_base64}

  Audio as base64 data URL

  {document_url}

  Document URL

  {document_base64}

  Document as base64 data URL

• Response Path

  • Invoke the runtime once and inspect the raw JSON response.

  • Set this to the JSON path pointing to the text content you want SPLX to evaluate.

  • If you’re unsure about the JSON path format, see the definition used in the REST API connection.

• Image Response Path

  • JSON path to images in the response (array of base64 strings or URLs), if your runtime returns images.

• Audios Response Path

  • JSON path to audio in the response, if your runtime returns audio.

• Documents Response Path

  • JSON path to documents/files in the response, if your runtime returns documents.