LoginSignup
3
0
@kanuazut

Amazon Bedrock 基盤モデルを使う為のIAMポリシー

Posted at

はじめに

Amazon Bedrock 基盤モデルのAPIを利用だけできれば良いというときのIAMポリシーの参考を記載します。
IAM Policyを作成するときに必要となる基盤モデルのARNそのものが書かれているページが見つからなかったので、併せてARNも記載しておきます。

結論

IAMポリシー

以下は東京リージョンでClaude v2.1を利用するためのポリシーです。

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "allow to invoke specifiic foundation model",
            "Effect": "Allow",
            "Action": [
                "bedrock:InvokeModel", 
                "bedrock:InvokeModelWithResponseStream",
            ],
            "Resource": "arn:aws:bedrock:ap-northeast-1::foundation-model/anthropic.claude-v2:1"
        }
    ]
}

見たままですが一応説明しますと"Action"は
bedrock:InvokeModelはモデルAPIの利用権限、
bedrock:InvokeModelWithResponseStreamはモデルAPIのストリームモードの利用権限です。
チャットボットなどでストリーム処理が必要な場合は、WithResponseStreamも必要になります。

また"Resource"には、基盤モデルのARNを指定します。

Bedrock基盤モデルのARN

現在(2024/3/10時点)のARN

東京、バージニア北部リージョンのARNを以下に記載しておきます。

東京(ap-northeast-1)
プロバイダ モデル名 ARN
Amazon Titan Text G1 - Express arn:aws:bedrock:ap-northeast-1::foundation-model/amazon.titan-text-express-v1:0:8k
Amazon Titan Text G1 - Express arn:aws:bedrock:ap-northeast-1::foundation-model/amazon.titan-text-express-v1
Amazon Titan Embeddings G1 - Text arn:aws:bedrock:ap-northeast-1::foundation-model/amazon.titan-embed-text-v1:2:8k
Amazon Titan Embeddings G1 - Text arn:aws:bedrock:ap-northeast-1::foundation-model/amazon.titan-embed-text-v1
Anthropic Claude Instant arn:aws:bedrock:ap-northeast-1::foundation-model/anthropic.claude-instant-v1:2:18k
Anthropic Claude Instant arn:aws:bedrock:ap-northeast-1::foundation-model/anthropic.claude-instant-v1
Anthropic Claude arn:aws:bedrock:ap-northeast-1::foundation-model/anthropic.claude-v2:1:18k
Anthropic Claude arn:aws:bedrock:ap-northeast-1::foundation-model/anthropic.claude-v2:1:200k
Anthropic Claude arn:aws:bedrock:ap-northeast-1::foundation-model/anthropic.claude-v2:1
バージニア北部(us-east-1)
プロバイダ モデル名 ARN
Amazon Titan Text Large arn:aws:bedrock:us-east-1::foundation-model/amazon.titan-tg1-large
Amazon Titan Image Generator G1 arn:aws:bedrock:us-east-1::foundation-model/amazon.titan-image-generator-v1:0
Amazon Titan Image Generator G1 arn:aws:bedrock:us-east-1::foundation-model/amazon.titan-image-generator-v1
Amazon Titan Text Embeddings v2 arn:aws:bedrock:us-east-1::foundation-model/amazon.titan-embed-g1-text-02
Amazon Titan Text G1 - Lite arn:aws:bedrock:us-east-1::foundation-model/amazon.titan-text-lite-v1:0:4k
Amazon Titan Text G1 - Lite arn:aws:bedrock:us-east-1::foundation-model/amazon.titan-text-lite-v1
Amazon Titan Text G1 - Express arn:aws:bedrock:us-east-1::foundation-model/amazon.titan-text-express-v1:0:8k
Amazon Titan Text G1 - Express arn:aws:bedrock:us-east-1::foundation-model/amazon.titan-text-express-v1
Amazon Titan Embeddings G1 - Text arn:aws:bedrock:us-east-1::foundation-model/amazon.titan-embed-text-v1:2:8k
Amazon Titan Embeddings G1 - Text arn:aws:bedrock:us-east-1::foundation-model/amazon.titan-embed-text-v1
Amazon Titan Multimodal Embeddings G1 arn:aws:bedrock:us-east-1::foundation-model/amazon.titan-embed-image-v1:0
Amazon Titan Multimodal Embeddings G1 arn:aws:bedrock:us-east-1::foundation-model/amazon.titan-embed-image-v1
Stability AI SDXL 0.8 arn:aws:bedrock:us-east-1::foundation-model/stability.stable-diffusion-xl
Stability AI SDXL 0.8 arn:aws:bedrock:us-east-1::foundation-model/stability.stable-diffusion-xl-v0
Stability AI SDXL 1.0 arn:aws:bedrock:us-east-1::foundation-model/stability.stable-diffusion-xl-v1:0
Stability AI SDXL 1.0 arn:aws:bedrock:us-east-1::foundation-model/stability.stable-diffusion-xl-v1
AI21 Labs J2 Grande Instruct arn:aws:bedrock:us-east-1::foundation-model/ai21.j2-grande-instruct
AI21 Labs J2 Jumbo Instruct arn:aws:bedrock:us-east-1::foundation-model/ai21.j2-jumbo-instruct
AI21 Labs Jurassic-2 Mid arn:aws:bedrock:us-east-1::foundation-model/ai21.j2-mid
AI21 Labs Jurassic-2 Mid arn:aws:bedrock:us-east-1::foundation-model/ai21.j2-mid-v1
AI21 Labs Jurassic-2 Ultra arn:aws:bedrock:us-east-1::foundation-model/ai21.j2-ultra
AI21 Labs Jurassic-2 Ultra arn:aws:bedrock:us-east-1::foundation-model/ai21.j2-ultra-v1
Anthropic Claude Instant arn:aws:bedrock:us-east-1::foundation-model/anthropic.claude-instant-v1:2:100k
Anthropic Claude Instant arn:aws:bedrock:us-east-1::foundation-model/anthropic.claude-instant-v1
Anthropic Claude arn:aws:bedrock:us-east-1::foundation-model/anthropic.claude-v2:0:18k
Anthropic Claude arn:aws:bedrock:us-east-1::foundation-model/anthropic.claude-v2:0:100k
Anthropic Claude arn:aws:bedrock:us-east-1::foundation-model/anthropic.claude-v2:1:18k
Anthropic Claude arn:aws:bedrock:us-east-1::foundation-model/anthropic.claude-v2:1:200k
Anthropic Claude arn:aws:bedrock:us-east-1::foundation-model/anthropic.claude-v2:1
Anthropic Claude arn:aws:bedrock:us-east-1::foundation-model/anthropic.claude-v2
Anthropic Claude 3 Sonnet arn:aws:bedrock:us-east-1::foundation-model/anthropic.claude-3-sonnet-20240229-v1:0
Cohere Command arn:aws:bedrock:us-east-1::foundation-model/cohere.command-text-v14:7:4k
Cohere Command arn:aws:bedrock:us-east-1::foundation-model/cohere.command-text-v14
Cohere Command Light arn:aws:bedrock:us-east-1::foundation-model/cohere.command-light-text-v14:7:4k
Cohere Command Light arn:aws:bedrock:us-east-1::foundation-model/cohere.command-light-text-v14
Cohere Embed English arn:aws:bedrock:us-east-1::foundation-model/cohere.embed-english-v3
Cohere Embed Multilingual arn:aws:bedrock:us-east-1::foundation-model/cohere.embed-multilingual-v3
Meta Llama 2 Chat 13B arn:aws:bedrock:us-east-1::foundation-model/meta.llama2-13b-chat-v1:0:4k
Meta Llama 2 Chat 13B arn:aws:bedrock:us-east-1::foundation-model/meta.llama2-13b-chat-v1
Meta Llama 2 Chat 70B arn:aws:bedrock:us-east-1::foundation-model/meta.llama2-70b-chat-v1:0:4k
Meta Llama 2 Chat 70B arn:aws:bedrock:us-east-1::foundation-model/meta.llama2-70b-chat-v1
Meta Llama 2 13B arn:aws:bedrock:us-east-1::foundation-model/meta.llama2-13b-v1:0:4k
Meta Llama 2 13B arn:aws:bedrock:us-east-1::foundation-model/meta.llama2-13b-v1
Meta Llama 2 70B arn:aws:bedrock:us-east-1::foundation-model/meta.llama2-70b-v1:0:4k
Meta Llama 2 70B arn:aws:bedrock:us-east-1::foundation-model/meta.llama2-70b-v1

※上記表の中にはOn-demand ThroughputのものとProvisioned Throughputのものが混在しているため注意してください。

ARN情報の取得コード

最新のARNは、以下のコマンドで取得できます。
region_nameはお好きなリージョンに変更してください。

import boto3 
bedrock = boto3.client(service_name='bedrock', region_name='us-east-1')
bedrock.list_foundation_models()

※実行にはAction: "bedrock:ListFoundationModels"の許可が必要です

補足

ARNは基本的に以下のページのmodel idをfoundation-model/以降につけただけのようです。
https://docs.aws.amazon.com/bedrock/latest/userguide/model-ids.html#model-ids-arns

以上

3
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
3
0