To use Amazon Bedrock in an application, you need to configure AWS Identity and Access Management (IAM) permissions that grant the application access to Bedrock’s APIs. This typically involves creating an IAM policy with specific Bedrock actions and attaching it to an IAM role or user associated with your application. The exact permissions depend on the Bedrock features your application uses, such as invoking foundation models, managing custom models, or accessing knowledge bases.
Core Permissions
At a minimum, your application needs permissions to invoke Bedrock’s inference APIs. For example, the bedrock:InvokeModel
action allows calling APIs like InvokeModel
or InvokeModelWithResponseStream
to generate text, images, or embeddings. If your application lists available models (e.g., to check regions or model IDs), include bedrock:ListFoundationModels
. For custom model workflows, actions like bedrock:CreateModelCustomizationJob
(for fine-tuning) or bedrock:CreateProvisionedModelThroughput
(for dedicated throughput) may be required. A basic policy might look like this:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"bedrock:InvokeModel",
"bedrock:ListFoundationModels"
],
"Resource": "*"
}
]
}
Note that Bedrock currently doesn’t support resource-level permissions, so Resource
is typically set to *
.
Role Configuration
If your application runs on AWS services like Lambda, EC2, or ECS, attach the policy to an IAM role with a trust policy allowing the service to assume it. For example, a Lambda function’s role would include a trust relationship with lambda.amazonaws.com
. For applications outside AWS (e.g., on-premises), use IAM user credentials or temporary credentials via AWS STS. Ensure the role/user has no unnecessary permissions—follow the principle of least privilege.
Advanced Scenarios
For features like Agents or Knowledge Bases, additional permissions are required. Agents need actions like bedrock:CreateAgent
and bedrock:InvokeAgent
, while Knowledge Bases require bedrock:Retrieve
and S3 permissions for data access. If using Bedrock’s runtime APIs in a specific AWS Region, add a Condition
block to restrict access to that Region. Always test permissions in a development environment before deployment to avoid runtime errors.