Prerequisites for deploying an exported app Deploy the exported app

Deploy an exported Amazon Bedrock IDE app

The following instructions show you the steps you take to deploy a chat agent app that you export from Amazon Bedrock IDE. Make sure to

Topics

Prerequisites for deploying an exported app
Deploy the exported app

Prerequisites for deploying an exported app

Before you can deploy a chat agent app that you have exported, you must first do the following:

To prepare for app deployment

Install the latest version of the AWS CLI on your local machine by following the instructions at Install or update to the latest version of the AWS CLI.
Set up AWS credentials for the AWS CLI on your local machine by following the instructions at Configure the AWS CLI. The credentials that the deployment script uses will follow the order of precedence.
Create an IAM role that includes the policies from provisioning-inline-policy.json. For information about creating a role, see IAM role creation.
(Optional) Using the AWS account that you set up in step 2, create an AWS KMS key for app export by following the instructions at Creating keys. The key must be tagged with key EnableBedrock and a value of true. The key must also have a key policy that allows it to be used for encryption of your chat agent app resources. You may use the suggested policy declared in the kms-key-policy.json file of your zip package.
Create an Amazon S3 bucket to hold the app files that you export by following the instructions at Creating a bucket. Make sure the bucket is in the same AWS Region as the app that you are deploying.
If your app includes a Knowledge Base, copy the data source file to a folder named data/ in the Amazon S3 bucket that you created in step 5. If your app uses a document as a datasource, you supply a list of datasource files to the deployment script. For more information, see Deploy the exported app.
If your app calls a function that requires authorization keys, provision the keys in Amazon SageMaker AI by running the following command:
```
aws secretsmanager update-secret \
  --secret-id br-studio/function-name-export-environment-id \
  --secret-string 'secret-value'
```
Replace the following values:
- function-name — to the unique name of your function call component.
- export-environment-id — to the unique id of your function call component.
- secret-value — to the intended value to be used for authentication:
  
  If the function requires API Keys, the syntax of secret-value should be: {"key-name-1":"key-value-1","key-name-2":"key-value-2"}
  
  If the function requires Basic authentication, the syntax of secret-value should be: {"___AuthType___":"BASIC", "username":"username-value", "password":"password-value"}
  
  If the function requires Bearer token authentication, the syntax of secret-value should be: {"___AuthType___":"BEARER", "tokenValue":"token-value"}
Next step: Deploy the exported app.

Deploy the exported app

Before deploying your chat agent app, be sure to do the prerequisite steps.

Deploying a chat agent app deploys the AWS infrastructure files that you need to run the app in AWS.

To deploy an exported app

At the command prompt, do the following:
1. Navigate to the zip file that you exported from Amazon Bedrock IDE.
2. Assume the role of the AWS that you created in step 3 of Prerequisites for deploying an exported app.
3. Run the following command:
```
./deployApp.sh \
    [--awsRegion=value] \
    [--s3BucketName=value] \
    [--assetsS3Path=value] \
    [--kmsKeyArn=value] \
    [--dataFiles=value]
```
  Replace the following values:
  - awsRegion — with the AWS Region that you want to deploy the app to. Amazon Bedrock must be available in the Region you use. For more information, see Supported AWS Regions.
  - s3BucketName — With the Amazon S3 bucket that you created in step 5 of Prerequisites for deploying an exported app. The deployment store the CFN templates and application data files in this bucket.
  - assetsS3Path — (Optional) With the path in s3BucketName that you want deployment to store application files to.
  - kmsKeyArn — (Optional) with the ARN of the KMS Key that you created in step 3 of Prerequisites for deploying an exported app.
  - dataFiles — With a comma-separated list of data source file paths. Required for apps that use a document data source.
  For example, if you have a chat agent app with a single document as a data source, and you want to deploy the app with encryption, you can use the following command.
```
sudo sh ./deployApp.sh \
    --awsRegion=us-east-1 \
    --s3BucketName=my-s3-bucket-name-for-exported-chat-apps \
    --assetsS3Path=my-prod-folder/my-chat-app \
    --kmsKeyArn=arn:aws:kms:us-east-1:111122223333:key/11111111-2222-3333-4444-555555555555 \
    --dataFiles=my-data-source.pdf 
```
(Optional) Monitor the deployment in the AWS CloudFormation console.
Note the output from the script. You need it to run the chat agent app. It should be similar to: node brStudioApp.mjs --question="Tell me about my documents".
Next step: Run a deployed Amazon Bedrock IDE app.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Export your app

Run a deployed app