docs: cover payments, policies/guardrails, insights, harness, datasets, web-search#1577
docs: cover payments, policies/guardrails, insights, harness, datasets, web-search#1577notgitika wants to merge 3 commits into
Conversation
…s, web-search The README and the vended AGENTS.md (copied into every agentcore create project as the AI-assistant context file) had grown stale relative to the feature surface. Several capabilities had docs in docs/ but no mention in the README, and the AGENTS.md customers see still listed only the original handful of resource types. README.md - Broaden 'add'/'remove' descriptions to enumerate the actual resource types (15+ now, was 'agents, memory, credentials, evaluators, targets') - Add command-table sections: Knowledge Bases, Insights ([preview]), Harness, Policies & Guardrails, Payments, Datasets, Web Search Gateway Targets — each linking to docs/ where one already exists - Refresh Capabilities to list the actual feature set - Group Documentation links into Reference / Resources & features / Evaluation & quality / Operations and add the missing entries (payments, container-builds, transaction_search, telemetry, tui-harness, PERMISSIONS, TESTING) src/assets/agents/AGENTS.md - AgentCoreProjectSpec resource list now reflects every top-level array in the schema (was missing onlineInsightsConfigs, knowledgeBases, harnesses, policyEngines, policies, payments, configBundles, datasets, runtimeEndpoints) - Key Types covers the new resource shapes - Common Enum Values adds PaymentProvider, PolicyEnforcementMode, GuardrailContentFilter (the spelled-out 'INSULTS' enum so AI assistants emit the canonical name) - CLI Commands replaced with grouped tables (lifecycle / resources / jobs / config bundles & datasets / observability / utilities) so the customer-vended file matches what the CLI actually exposes
agentcore-devx-automation
Bot
added
the
claude-security-reviewing
github-actions
Bot
added
the
agentcore-harness-reviewing
|
Claude Security Review: no high-confidence findings. (run) |
agentcore-devx-automation
Bot
removed
the
claude-security-reviewing
Package TarballHow to installgh release download pr-1577-tarball --repo aws/agentcore-cli --pattern "*.tgz" --dir /tmp/pr-tarball
npm install -g /tmp/pr-tarball/aws-agentcore-0.20.1.tgz |
github-actions
Bot
removed
the
agentcore-harness-reviewing
| | `resume online-insights` | Resume a paused online insights config | | ||
| | `archive insights` | Delete an insights job on the service + clear local history | | ||
|
|
||
| ### Harness |
There was a problem hiding this comment.
there's some risk adding this to the main README while the feature is still only available in preview version. Perhaps we should add a temporary note that its only available in preview version?
There was a problem hiding this comment.
that makes sense, I will add a note specifying that.
I think adding it in README will make it more visible so I would prefer to have it here
There was a problem hiding this comment.
Done — added a [preview] tag to the section header and an npm install -g @aws/agentcore@preview install hint right under it. Confirmed the gating: src/cli/primitives/registry.ts:26 instantiates HarnessPrimitive only when isPreviewEnabled(), so the commands legitimately do not exist on the GA tarball.
…@preview Per Avi's review on PR aws#1577 — harness commands are only registered in preview builds (registry.ts:26 gates HarnessPrimitive on isPreviewEnabled()), so a GA-tarball user reading the main README would hit 'unknown command' if they tried any of the harness commands. Add a [preview] tag to the section header and a one-line install hint.
agentcore-devx-automation
Bot
added
the
claude-security-reviewing
|
Claude Security Review: no high-confidence findings. (run) |
agentcore-devx-automation
Bot
removed
the
claude-security-reviewing
| | --------------------- | ------------------------------------------------------------------------- | | ||
| | `add harness` | Add a harness resource (runtime + tools + skills + memory) | | ||
| | `add harness --tool` | Add a tool to an existing harness | | ||
| | `add harness --skill` | Add a skill to an existing harness | |
There was a problem hiding this comment.
aren't the commands agentcore add skill and agentcore add tool?
There was a problem hiding this comment.
oh wait yes for the tool and i was not sure about the skill one. good catch!
let me confirm and make the change. I will also take a look at al the other flags
There was a problem hiding this comment.
Good catch — fixed in e104e721. You were right on both counts: add tool and add skill are top-level subcommands under add, not flags on add harness (verified at src/cli/cli.ts:137-139 registering them via registerAddTool/registerAddSkill, and src/cli/commands/add/{tool,skill}-command.ts defining them with --harness <name> as a required option).
While I was in there I audited every other command row in the README against the source (config-bundle aliases, run/view/pause/resume/stop/promote/archive subcommands, evals history, online-eval/insights pairs, payment commands, policy-engine/policy, knowledge-base, dataset subcommands, web-search via gateway-target connector). The rest matches what the CLI actually exposes — only the harness rows were wrong.
Avi spotted that 'add harness --tool' and 'add harness --skill' are
wrong: tool and skill are top-level subcommands under add, not flags
on add harness. Verified against src/cli/cli.ts:137-139
(registerAddTool/registerAddSkill) and src/cli/commands/add/{tool,skill}-command.ts.
Real shape: 'agentcore add tool --harness <name> --type <type>' and
'agentcore add skill --harness <name> --path|--s3|--git'. Also clarified
'add harness' is just runtime + model + memory — tools and skills get
added separately afterward.
Audited every other command row in the README against the source while
in here. Everything else (config-bundle aliases, run/view/pause/resume/
stop/promote/archive subcommands, evals history, online-eval/insights
pairs, payment commands, policy-engine/policy, knowledge-base, dataset
subcommands, web-search via gateway-target connector) matches what the
CLI actually exposes.
notgitika
requested a deployment
to
e2e-testing
GitHub Actions
In progress
agentcore-devx-automation
Bot
added
the
claude-security-reviewing
| | \`agentcore run recommendation\` | Optimize prompts or tool descriptions from real traces | | ||
| | \`agentcore run insights\` _[preview]_ | Run failure-pattern analysis across sessions | | ||
| | \`agentcore run ab-test\` | Start an A/B test (config-bundle or target-based) | | ||
| | \`agentcore run ingest\` | Ingest dataset rows for evaluation | |
There was a problem hiding this comment.
according to help screen this command has to do with knowledge base ingestion, not datasets
|
Claude Security Review: no high-confidence findings. (run) |
agentcore-devx-automation
Bot
removed
the
claude-security-reviewing
2 participants
Why
Two customer-facing docs had drifted from the actual feature surface:
add/removedescriptions, and several features that already haddocs/*.mdfiles (payments, knowledge bases, container builds, transaction search, telemetry, tui-harness) weren't surfaced anywhere in the README.src/assets/agents/AGENTS.md— the AI-assistant context file we vend into everyagentcore createproject. ItsAgentCoreProjectSpecresource list was missing 9+ top-level arrays that customers can edit (onlineInsightsConfigs,knowledgeBases,harnesses,policyEngines,policies,payments,configBundles,datasets,runtimeEndpoints), so AI assistants pointed at the file would happily fabricate the wrong shapes when asked to add those resources.What changed
README.mdadd/removedescriptions broaden from "agents, memory, credentials, evaluators, targets" to the full 15+ resource typesdocs/files:[preview](run insights,add online-insights,pause/resume online-insights,view insights,archive insights)add harness+export harness, with theEXPORT_NOTES.mdreminder)add policy-engine,add policy— including the canonical Bedrock content-filter enum:VIOLENCE | HATE | SEXUAL | MISCONDUCT | INSULTS)add payment-manager,add payment-connector)add dataset,dataset download/publish-version/remove-version)src/assets/agents/AGENTS.md(vended to every customer project)PaymentProvider,PolicyEnforcementMode,GuardrailContentFilter— the spelled-outINSULTSenum so AI assistants emit the canonical name (issue TUI/CLI acceptsINSULTas a contentFilter value, fails CFN deploy with ValidationException #1571 was a manifestation of the wrong-spelling problem)Snapshot
src/assets/__tests__/__snapshots__/assets.snapshot.test.ts.snapupdated vianpm run test:update-snapshotsper the convention inAGENTS.md.Out of scope (filed as follow-ups)
The features without their own
docs/*.mdfile get a brief table-row treatment in the README but no dedicated guide. Worth filing as separate issues:docs/insights.mddocs/harness.mddocs/policies.mddocs/datasets.mdThe internal contributor
AGENTS.md(/AGENTS.mdat repo root) is also slightly stale on the primitives list andrun/view/archive/stop/promotecommands — left for a separate PR since it's not customer-facing.Verification
npm run typecheck✅npm run test:unit✅ (5396/5396, snapshot updated)npm run test:update-snapshots✅npx prettier --check✅