Communities
A collaborative platform to connect and grow with like-minded Informaticans across the globe
Product Communities
Connect and collaborate with Informatica experts and champions
Discussions
Have a question? Start a Discussion and get immediate answers you are looking for
User Groups
Customer-organized groups that meet online and in-person. Join today to network, share ideas, and get tips on how to get the most out of Informatica
Get Started
Community Guidelines
Knowledge Center
Troubleshooting documents, product guides, how to videos, best practices, and more
Knowledge Base
One-stop self-service portal for solutions, FAQs, Whitepapers, How Tos, Videos, and more
Support TV
Video channel for step-by-step instructions to use our products, best practices, troubleshooting tips, and much more
Documentation
Information library of the latest product documents
Velocity (Best Practices)
Best practices and use cases from the Implementation team
Learn
Rich resources to help you leverage full capabilities of our products
Trainings
Role-based training programs for the best ROI
Certifications
Get certified on Informatica products. Free, Foundation, or Professional
Product Learning Paths
Free and unlimited modules based on your expertise level and journey
Resources
Library of content to help you leverage the best of Informatica products
Tech Tuesdays Webinars
Most popular webinars on product architecture, best practices, and more
Product Availability Matrix
Product Availability Matrix statements of Informatica products
SupportFlash
Monthly support newsletter
Support Documents
Informatica Support Guide and Statements, Quick Start Guides, and Cloud Product Description Schedule
Product Lifecycle
End of Life statements of Informatica products
Ideas
Events
Change Request Tracking
Marketplace
English
  • Application Integration
  • All Products

Table of Contents

Search

  1. Preface
  2. Introduction to Create Amazon Bedrock Knowledge Base and Data Source using Guide recipe
  3. Create Amazon Bedrock Knowledge Base and Data Source using Guide recipe contents
  4. Using the Create Amazon Bedrock Knowledge Base and Data Source using Guide recipe

Create Amazon Bedrock Knowledge Base and Data Source using Guide

Create Amazon Bedrock Knowledge Base and Data Source using Guide

Back Next

Configure Role and Policy

Configure Role and Policy

Configure role and policy in AWS Identity and Access Management (IAM).
  1. Go to
    Amazon Identity and Access Management (IAM)
    Policies
    Create policy
     and create a new policy as shown in the following image:
    The image shows the Create policy button on the IAM Policies page.
  2. Specify the secret ARN, policy name, and model ID. The recipe is preconfigure to use amazon.titan-embed-text-v1. For the list of available models, see https://docs.aws.amazon.com/bedrock/latest/userguide/model-ids.html.
    The following image shows the secret ARN, policy name, and model ID in the
    Specify permissions
     page:
    The image shows the secret ARN, policy name, and model ID in the Policy editor on the Specify permissions page.
    Here is the sample of the secret ARN, policy name, and model ID to enter in the Policy editor :
    {
  "Version": "2012-10-17",
  "Statement": [
     {
        "Sid": "VisualEditor0",
        "Effect": "Allow",
        "Action": "s3:ListBucket",
        "Resource": "arn:aws:s3:::*"
     },
     {
        "Sid": "VisualEditor1",
        "Effect": "Allow",
        "Action": "s3:GetObject",
        "Resource": "arn:aws:s3:::*/*"
     },
     {
        "Sid": "BedrockInvokeModelStatement",
        "Effect": "Allow",
        "Action": [
               "bedrock:InvokeModel"
         ],
         "Resource": [
                      "arn:aws:bedrock:us-east-1::foundation-model/
    amazon.titan-embed-text-v1
    "
         ]
      },
      {
         "Sid": "SecretsManagerGetStatement",
         "Effect": "Allow",
         "Action": [
                   "secretsmanager:GetSecretValue"
          ],
          "Resource": [
                       "{
    Secret ARN
    }"
          ]
       }
   ]
}
  3. Go to
    Amazon Identity and Access Management (IAM)
    Roles
    Create role
     and create a new role as shown in the following image:
    The image shows the Create role button on the IAM Roles page.
  4. In the
    Select trusted entity
     page, select
    Custom trust policy
     in the
    Trusted entity type
     section, and configure the policy as shown in th efollowing example:
    The image shows the trusted entity type and snippet to configure the custom trust policy on the Select trusted entity page.
    Here is the sample to configure trust policy:
    {

    "Version": "2012-10-17",

    "Statement": [

        {

            "Sid": "AmazonBedrockKnowledgeBaseTrustPolicy",

            "Effect": "Allow",

            "Principal": {

                "Service": "bedrock.amazonaws.com"

            },

            "Action": "sts:AssumeRole"

        }

    ]

}
  5. In the
    Add permissions
     page, add the created policy and set the role name, and then click
    Next
     as shown in the following image:
    The image shows the policy name on the Add permissions page.
  6. Go to the created role and save the role
    ARN
     for future use as shown in the following image:b
    The image shows the role ARN on the NewRole page.
0 COMMENTS
We’d like to hear from you!