feat(payments): add Pay for Data (Heurist) use case#1465
Open
joshuamarksmith wants to merge 13 commits into
Open
feat(payments): add Pay for Data (Heurist) use case#1465joshuamarksmith wants to merge 13 commits into
joshuamarksmith wants to merge 13 commits into
Conversation
A Strands-based finance research agent that calls paid Heurist x402 endpoints for real-time prices, SEC filings, and macro indicators. The AgentCorePaymentsPlugin intercepts HTTP 402 responses, asks the AgentCore payment manager to generate a payment proof against the configured payment instrument and payment session, and retries automatically — tool code stays an ordinary http_request call. Data is analyzed in AgentCore Code Interpreter and exported as charts and reports. Highlights: - HTTP 402 payment processing via AgentCorePaymentsPlugin — no manual payment code in tools - Embedded wallet (Coinbase CDP) with USDC as the settlement asset - AgentCore Code Interpreter for pandas/matplotlib analysis and artifact export - Public PyPI dependencies only (bedrock-agentcore==1.9.0) — no bundled or file-based SDK components - Targets x402 on Base mainnet (Heurist endpoints settle on Base) Adds: - 01-tutorials/13-AgentCore-payments/02-use-cases/pay-for-data/ - pay-for-data.ipynb (notebook walkthrough) - heurist_finance_agent/ (agent, catalog, config, artifact_export) - scripts/ (sync_registry, run CLI entry points) - requirements.txt, .env.example, README.md, .gitignore Updates: - 01-tutorials/13-AgentCore-payments/README.md: add Use Cases table entry - 01-tutorials/13-AgentCore-payments/02-use-cases/README.md: add use case overview and highlights
|
Check out this pull request on See visual diffs & provide feedback on Jupyter Notebooks. Powered by ReviewNB |
|
Latest scan for commit: Security Scan ResultsScan Metadata
SummaryScanner ResultsThe table below shows findings by scanner, with status based on severity thresholds and dependencies: Column Explanations: Severity Levels (S/C/H/M/L/I):
Other Columns:
Scanner Results:
Severity Thresholds (Thresh Column):
Threshold Source: Values in parentheses indicate where the threshold is configured:
Statistics calculation:
|
added 4 commits
May 9, 2026 14:57
1. Fix requirements.txt: bedrock-agentcore[strands-agents]==1.9.0 (extras install required for AgentCorePaymentsPlugin) 2. Change default prompt to non-crypto macroeconomic query (FredMacroAgent GDP/unemployment summary) in run.py and README 3. Remove 'no bundled/file-based SDK' line from README, 02-use-cases/README, and tutorial-level README table entry 4. Expand notebook: add architecture diagram (ASCII), AgentCore payments capabilities table (payment manager, instrument, session, processing, limits), step-by-step payment flow explanation, and restructure into numbered steps 5. Add cleanup section (local cache + artifacts) and shared responsibility model table to notebook
leewc
reviewed
May 11, 2026
leewc
reviewed
May 11, 2026
leewc
reviewed
May 11, 2026
leewc
reviewed
May 11, 2026
- agent.py: remove redundant 'No manual payment logic is needed' from docstring - artifact_export.py: replace multi-strategy JSON fallback parser with a single json.loads — the Code Interpreter runs our own script that always emits print(json.dumps(payload)), so the output is deterministic JSON - catalog.py: warn (via logging.warning) when a requested agent ID is not found in the live catalog, so renames or removals surface immediately rather than silently loading zero tools - requirements.txt: pin strands-agents==1.36.0, strands-agents-tools==0.5.0, boto3==1.43.1, botocore==1.43.3 to match PR awslabs#1459 versions; keep bedrock-agentcore[strands-agents]==1.9.0 (newer than awslabs#1459) - catalog.py line 199 (f-string suggestion): left as-is — the lines.append + join pattern is idiomatic for multi-line table construction and already uses f-strings inside the loop
Contributor
|
Please update the use case to use AgentCore runtime and AgentCore observability |
leewc
approved these changes
May 12, 2026
leewc
left a comment
leewc
left a comment
There was a problem hiding this comment.
Changes LGTM from my side. You might want to address Madhu's comments
added 4 commits
May 13, 2026 20:33
Deploy the Heurist finance agent to AgentCore Runtime with full feature parity: AgentCore Code Interpreter, S3 artifact storage, and automatic observability via CloudWatch GenAI Observability. ## What's new ### runtime_agent.py (new) AgentCore Runtime entry point using BedrockAgentCoreApp. Key design: - Stateless, payload-driven: all payment config (manager ARN, session ID, instrument ID) comes from the invocation payload. The container holds no credentials. The app backend (ManagementRole) creates payment sessions with spending limits; the execution role (ProcessPaymentRole) can only spend within those limits. - AgentCore Code Interpreter: AgentCoreCodeInterpreter is a remote AWS API and works identically from a Runtime container. pandas/matplotlib analysis and chart generation are fully supported. - S3 artifact storage: two @tool functions replace local disk writes — export_artifact_to_s3 (binary files from CI sandbox) and save_report_to_s3 (text/CSV/markdown). Both upload to S3 and return presigned URLs in the invocation response: {"response": "...", "artifacts": [{"name": "chart.png", "url": "...", "expires_in": 3600}]} If CI_ARTIFACTS_BUCKET is not set the agent degrades gracefully: charts become markdown tables, text returns inline. - Thread-local state (threading.local) for per-invocation CI session name and artifact list — correct for concurrent Runtime requests. - Observability: agentcore deploy configures the container to run under opentelemetry-instrument, automatically emitting OTel traces and logs to CloudWatch GenAI Observability. No instrumentation code required. ### pay-for-data.ipynb (rewritten) Runtime-only, 8-step notebook: 1. Configure credentials 2. Sync Heurist catalog (bundled in container image at build time) 3. Create private S3 artifacts bucket 4. Install agentcore CLI, scaffold project, copy files, deploy 5. Add IAM permissions to execution role (payment + CI + S3) 6. Invoke deployed agent, inspect response + session spend 7. View CloudWatch GenAI Observability dashboard 8. Cleanup (Runtime stack + S3 bucket) ### README.md (rewritten) Runtime-only documentation: - Architecture diagram reflects the deployed topology - Quick Start maps to the 8-step notebook - Runtime agent section covers: stateless design, Code Interpreter, S3 artifact response shape, graceful degradation, IAM permissions table - Prerequisites updated (Node.js 20+, Docker, CDK) ## IAM permissions added to execution role PaymentDataPlaneAccess: bedrock-agentcore: ProcessPayment, GetPaymentInstrument, GetPaymentInstrumentBalance, GetPaymentSession, GetResourcePaymentToken Resource: payment-manager/* CodeInterpreterAccess: bedrock-agentcore: StartCodeInterpreterSession, StopCodeInterpreterSession, InvokeCodeInterpreter Resource: code-interpreter/* S3ArtifactsAccess: s3: PutObject, GetObject Resource: <bucket>/heurist-finance-artifacts/* The execution role does not receive CreateSession, CreateInstrument, or any control-plane payment permissions.
Add aws-opentelemetry-distro>=0.10.0 to the Runtime container's pyproject.toml. This enables botocore auto-instrumentation which injects W3C traceparent headers into outgoing boto3 calls, stitching Code Interpreter and payment spans as child spans in the unified Runtime trace. AgentCore Observability docs explicitly list StartCodeInterpreterSession, InvokeCodeInterpreter, and StopCodeInterpreterSession as supporting traceparent for cross-service trace correlation: https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/observability-configure.html Update Step 7 observability description to accurately reflect what is now stitched: - Strands agent spans (LLM calls, tool calls, agent turns) - Code Interpreter calls as child spans via traceparent propagation - Payment boto3 calls as child spans via botocore instrumentation Update README Runtime Deployment section accordingly.
mvangara10
reviewed
May 14, 2026
Contributor
There was a problem hiding this comment.
Change the python query
mvangara10
reviewed
May 14, 2026
Contributor
There was a problem hiding this comment.
Remove the tutorail dependency
|
rajuans
suggested changes
May 15, 2026
| | | | | ||
| |---|---| | ||
| | AgentCore components | AgentCore payments, AgentCore Code Interpreter, AgentCore Runtime | | ||
| | Agent framework | [Strands Agents](https://strandsagents.com/) | |
There was a problem hiding this comment.
Strands is Agent SDK. Its not framework.
Comment on lines
+31
to
+55
| ## How It Works | ||
|
|
||
| `AgentCorePaymentsPlugin` handles the entire x402 payment lifecycle: | ||
|
|
||
| ```python | ||
| from bedrock_agentcore.payments.integrations.strands import ( | ||
| AgentCorePaymentsPlugin, | ||
| AgentCorePaymentsPluginConfig, | ||
| ) | ||
|
|
||
| payment_plugin = AgentCorePaymentsPlugin( | ||
| config=AgentCorePaymentsPluginConfig( | ||
| payment_manager_arn=PAYMENT_MANAGER_ARN, | ||
| user_id=USER_ID, | ||
| payment_instrument_id=PAYMENT_INSTRUMENT_ID, | ||
| payment_session_id=PAYMENT_SESSION_ID, | ||
| region="us-west-2", | ||
| ) | ||
| ) | ||
|
|
||
| agent = Agent( | ||
| model=BedrockModel(model_id=MODEL_ID), | ||
| tools=[http_request, code_interpreter, export_artifact_to_s3, ...], | ||
| plugins=[payment_plugin], | ||
| ) |
There was a problem hiding this comment.
Do we need to provide the code sample in readme? Can we add flow in How it work section?
| @@ -0,0 +1,31 @@ | |||
| #!/usr/bin/env python3 | |||
| """Fetch the live Heurist catalog and refresh the local cache. | |||
There was a problem hiding this comment.
Can we also add how agent would be using this file?
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
A Strands-based finance research agent that calls paid Heurist x402 endpoints for real-time prices, SEC filings, and macro indicators. The
AgentCorePaymentsPluginintercepts HTTP 402 responses, asks the AgentCore payment manager to generate a payment proof against the configured payment instrument and payment session, and retries automatically — tool code stays an ordinaryhttp_requestcall. Data is analyzed in AgentCore Code Interpreter and exported as charts and reports.Highlights:
AgentCorePaymentsPlugin— no manual payment code in toolsbedrock-agentcore==1.9.0) — no bundled or file-based SDK componentsAdds:
01-tutorials/13-AgentCore-payments/02-use-cases/pay-for-data/pay-for-data.ipynb(notebook walkthrough)heurist_finance_agent/(agent, catalog, config, artifact_export)scripts/(sync_registry,runCLI entry points)requirements.txt,.env.example,README.md,.gitignoreUpdates:
01-tutorials/13-AgentCore-payments/README.md: add Use Cases table entry01-tutorials/13-AgentCore-payments/02-use-cases/README.md: add use case overview and highlights