Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Preferences
Contact Us
Feedback
AWS Documentation
Create an AWS Account

Prerequisites for Provisioned Throughput

PDF
RSS
Focus mode
Prerequisites for Provisioned Throughput - Amazon Bedrock

Before you can purchase and manage Provisioned Throughput, you need to fulfill the following prerequisites:

  1. Request access to the model or models that you want to purchase Provisioned Throughput for. After access has been granted, you can purchase Provisioned Throughput for the base model and any models customized from it.

  2. Ensure that your IAM role has access to the Provisioned Throughput API actions. If your role has the AmazonBedrockFullAccess AWS-managed policy attached, you can skip this step. Otherwise, do the following:

    1. Follow the steps at Creating IAM policies and create the following policy, which allows a role to create a Provisioned Throughput for all foundation and custom models.

      {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "PermissionsForProvisionedThroughput",
            "Effect": "Allow",
            "Action": [
                "bedrock:GetFoundationModel",
                "bedrock:ListFoundationModels",
                "bedrock:GetCustomModel",
                "bedrock:ListCustomModels",
                "bedrock:InvokeModel",
                "bedrock:InvokeModelWithResponseStream",
                "bedrock:ListTagsForResource",
                "bedrock:UntagResource",
                "bedrock:TagResource",
                "bedrock:CreateProvisionedModelThroughput",
                "bedrock:GetProvisionedModelThroughput",
                "bedrock:ListProvisionedModelThroughputs",
                "bedrock:UpdateProvisionedModelThroughput",
                "bedrock:DeleteProvisionedModelThroughput"
            ],
            "Resource": "*"
        }
    ]
}

      (Optional) You can restrict the role's access in the following ways:

      • To restrict the API actions that the role can make, modify the list in the Action field to contain only the API operations that you want to allow access to.

      • After creating a provisioned model, you can restrict the role's ability to perform an API request with the provisioned model by modifying the Resource list to contain only the provisioned models that you want to allow access to. For an example, see Allow users to invoke a provisioned model.

      • To restrict a role's ability to create provisioned models from specific foundation or custom models, modify the Resource list to contain only the foundation and custom models that you want to allow access to.

    2. Follow the steps at Adding and removing IAM identity permissions to attach the policy to a role to grant the role permissions.

  3. If you're purchasing Provisioned Throughput for a custom model that's encrypted with a customer-managed AWS KMS key, your IAM role must have permissions to decrypt the key. You can use the template at Understand how to create a customer managed key and how to attach a key policy to it. For minimal permissions, you can use only the Permissions for custom model users policy statement.

Related resources

Amazon Bedrock API Reference
AWS CLI commands for Amazon Bedrock
SDKs & Tools 

Related resources

Amazon Bedrock API Reference
AWS CLI commands for Amazon Bedrock
SDKs & Tools 
PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.