Module 2 Lesson 1: IAM for Bedrock
Mastering Identity and Access Management for AI. Creating policies that allow your apps to talk to Bedrock securely.
IAM for Bedrock: The Guard at the Door
In AWS, nothing happens without permission. Before your Python code can call invoke_model, your Identity (User or Role) must be granted the specific right to do so. This is handled by IAM (Identity and Access Management).
1. The Core Permission: bedrock:InvokeModel
This is the most critical permission. Without it, you cannot get a single word out of an LLM.
Example JSON Policy
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"bedrock:InvokeModel",
"bedrock:InvokeModelWithResponseStream"
],
"Resource": [
"arn:aws:bedrock:us-east-1::foundation-model/anthropic.claude-3-sonnet-20240229-v1:0"
]
}
]
}
2. Bedrock Read-Only vs. Full Access
AmazonBedrockFullAccess: (Managed Policy) Allows creating Knowledge Bases, Provisioning throughput, and calling models. (Use for Developers).AmazonBedrockReadOnly: Allows viewing models and settings but cannot invoke them. (Use for Auditors).
3. Best Practice: Least Privilege
You should specify exactly which models a service can call. Don't use Resource: "*".
- If your app only needs Llama 3 for translation, only give it permission for the Llama 3 ARN.
4. Visualizing IAM Logic
graph LR
App[Your Python Script] --> Role[IAM Role]
Role --> Policy[Policy: Allow InvokeModel]
Policy --> Model[Claude 3]
Model --> Success[AI Response]
💡 Guidance for Learners
If you get an error saying AccessDeniedException, it usually means one of two things:
- Your IAM User/Role doesn't have the
bedrock:InvokeModelpermission. - You haven't Requested Access to that model in the AWS Console (we cover this in the next lesson).
Summary
- IAM Policies govern who can call which model.
bedrock:InvokeModelis the primary action for AI applications.- Use Model ARNs to restrict access to specific foundation models.
- Always follow the principle of Least Privilege.