20.5.3 Creating an IAM Policy to Access Amazon
Bedrock LLMs
Use the AWS Management Console to create an IAM policy for HeatWave GenAI to access Amazon Bedrock LLMs .
This task requires the following:
- Access to AWS Management Console.
Do the following to create an IAM policy:
- Open the AWS Management Console and sign in with
your credentials.
- In the AWS Management Console home page, click Services, and click
Security, Identity, & Compliance, and then click
IAM.
- In the navigation pane of the Console, under Access management, click
Policies, and then click Create policy.
It opens the Specify permissions page.
- In the Specify permissions page, in the Policy editor section,
click JSON, and enter the following permissions to access the Amazon
Bedrock LLMs supported by HeatWave GenAI. For more information on
policies, see Generate policies.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AuthenticatedBedrockPolicy",
"Action": [
"bedrock:InvokeModel"
],
"Effect": "Allow",
"Resource": [
"arn:aws:bedrock:us-east-1::foundation-model/meta.llama3-70b-instruct-v1:0",
"arn:aws:bedrock:us-east-1::foundation-model/meta.llama2-70b-chat-v1",
"arn:aws:bedrock:us-east-1::foundation-model/cohere.command-text-v14",
"arn:aws:bedrock:us-east-1::foundation-model/cohere.command-light-text-v14"
]
}
]
}
}
- Resolve any warnings or errors generated during permissions validation, and
then click Next.
- In the Review and create page, in the Policy details section,
enter the following:
- Policy name: Specify a name to identify this
policy.
- Description: (Optional) Specify a description of the
policy.
- Click Create policy.