Actions, resources, and condition keys for Amazon Bedrock
Amazon Bedrock (service prefix: bedrock
) provides the following service-specific resources, actions, and condition context keys for use in IAM permission policies.
References:
-
Learn how to configure this service.
-
View a list of the API operations available for this service.
-
Learn how to secure this service and its resources by using IAM permission policies.
Topics
Actions defined by Amazon Bedrock
You can specify the following actions in the Action
element of an IAM policy statement. Use policies to grant permissions to perform an operation in AWS. When you use an action in a policy, you usually allow or deny access to the API operation or CLI command with the same name. However, in some cases, a single action controls access to more than one operation. Alternatively, some operations require several different actions.
The Resource types column of the Actions table indicates whether each action supports resource-level permissions. If there is no value for this column, you must specify all resources ("*") to which the policy applies in the Resource
element of your policy statement. If the column includes a resource type, then you can specify an ARN of that type in a statement with that action. If the action has one or more required resources, the caller must have permission to use the action with those resources. Required resources are indicated in the table with an asterisk (*). If you limit resource access with the Resource
element in an IAM policy, you must include an ARN or pattern for each required resource type. Some actions support multiple resource types. If the resource type is optional (not indicated as required), then you can choose to use one of the optional resource types.
The Condition keys column of the Actions table includes keys that you can specify in a policy statement's Condition
element. For more information on the condition keys that are associated with resources for the service, see the Condition keys column of the Resource types table.
Note
Resource condition keys are listed in the Resource types table. You can find a link to the resource type that applies to an action in the Resource types (*required) column of the Actions table. The resource type in the Resource types table includes the Condition keys column, which are the resource condition keys that apply to an action in the Actions table.
For details about the columns in the following table, see Actions table.
Actions | Description | Access level | Resource types (*required) | Condition keys | Dependent actions |
---|---|---|---|---|---|
AllowVendedLogDeliveryForResource [permission only] | Grants permission to configure vended log delivery for a knowledge base | Permissions management | |||
ApplyGuardrail | Grants permission to apply a guardrail | Read | |||
AssociateAgentCollaborator | Grants permission to associate another existing agent as a collaborator to an existing agent | Write | |||
AssociateAgentKnowledgeBase | Grants permission to associate a knowledge base with an agent | Write | |||
AssociateThirdPartyKnowledgeBase [permission only] | Grants permission to use 3rd party platform to store knowledge data | Write | |||
BatchDeleteEvaluationJob | Grants permission to batch delete list of bedrock evaluation jobs | Write | |||
CreateAgent | Grants permission to create a new agent and a test agent alias pointing to the DRAFT agent version | Write | |||
CreateAgentActionGroup | Grants permission to create a new action group in an existing agent | Write | |||
CreateAgentAlias | Grants permission to create a new alias for an agent | Write | |||
CreateBlueprint | Grants permission to create a blueprint for custom output from data automation | Write | |||
CreateBlueprintVersion | Grants permission to create a new version for an existing blueprint | Write | |||
CreateDataAutomationProject | Grants permission to create a data automation project | Write | |||
CreateDataSource | Grants permission to create a data source | Write | |||
CreateEvaluationJob | Grants permission to create a job for evaluation foundation models or custom models | Write | |||
CreateFlow | Grants permission to create a prompt flow | Write | |||
CreateFlowAlias | Grants permission to create an alias of a prompt flow | Write | |||
CreateFlowVersion | Grants permission to create an immutable version of a prompt flow | Write | |||
CreateFoundationModelAgreement | Grants permission to create a new foundation model agreement | Write | |||
CreateGuardrail | Grants permission to create a new guardrail | Write | |||
CreateGuardrailVersion | Grants permission to create a new guardrail version | Write | |||
CreateInferenceProfile | Grants permission to create inference profiles | Write | |||
CreateKnowledgeBase | Grants permission to create a knowledge base | Write | |||
CreateMarketplaceModelEndpoint | Grants permission to create a marketplace model endpoint | Write | |||
CreateModelCopyJob | Grants permission to create a job for copying a custom model across region or across account | Write | |||
CreateModelCustomizationJob | Grants permission to create a job for customizing the model with your custom training data | Write | |||
CreateModelEvaluationJob | Grants permission to create a job for evaluation foundation models or custom models | Write | |||
CreateModelImportJob | Grants permission to create a job for importing model into Bedrock | Write | |||
CreateModelInvocationJob | Grants permission to create a new model invocation job | Write | |||
CreatePrompt | Grants permission to create a prompt | Write | |||
CreatePromptVersion | Grants permission to create a version of a prompt | Write | |||
CreateProvisionedModelThroughput | Grants permission to create a new provisioned model throughput | Write | |||
DeleteAgent | Grants permission to delete an Agent that you created earlier | Write | |||
DeleteAgentActionGroup | Grants permission to delete an actionGroup that you created earlier | Write | |||
DeleteAgentAlias | Grants permission to delete an AgentAlias that you created earlier | Write | |||
DeleteAgentMemory | Grants permission to delete existing memory for an alias | Write | |||
DeleteAgentVersion | Grants permission to delete an Agent Version that you created earlier | Write | |||
DeleteBlueprint | Grants permission to delete a blueprint for data automation | Write | |||
DeleteCustomModel | Grants permission to delete a custom model that you created earlier | Write | |||
DeleteDataAutomationProject | Grants permission to delete a data automation project | Write | |||
DeleteDataSource | Grants permission to delete a data source | Write | |||
DeleteFlow | Grants permission to delete a prompt flow | Write | |||
DeleteFlowAlias | Grants permission to delete an alias of a prompt flow | Write | |||
DeleteFlowVersion | Grants permission to delete a version of a prompt flow | Write | |||
DeleteFoundationModelAgreement | Grants permission to delete a foundation model agreement that you created earlier | Write | |||
DeleteGuardrail | Grants permission to delete a guardrail or its version | Write | |||
DeleteImportedModel | Grants permission to delete previously created Bedrock imported model | Write | |||
DeleteInferenceProfile | Grants permission to delete inference profiles | Write | |||
DeleteKnowledgeBase | Grants permission to delete a knowledge base | Write | |||
DeleteKnowledgeBaseDocuments | Grants permission to delete documents from a knowledge base | Write | |||
DeleteMarketplaceModelAgreement | Grants permission to unsubscribe from a bedrock marketplace enabled AWS marketplace model | Write | |||
DeleteMarketplaceModelEndpoint | Grants permission to delete a marketplace model endpoint | Write | |||
DeleteModelInvocationLoggingConfiguration | Grants permission to delete an existing Invocation logging configuration | Write | |||
DeletePrompt | Grants permission to delete a prompt or its version | Write | |||
DeleteProvisionedModelThroughput | Grants permission to delete a provisioned model throughput that you created earlier | Write | |||
DeleteResourcePolicy [permission only] | Deletes a previously created Bedrock resource policy | Write | |||
DeregisterMarketplaceModelEndpoint | Grants permission to deregister a marketplace model endpoint to make it unusable in Bedrock Marketplace | Write | |||
DetectGeneratedContent | Grants permission to detect if the provided content is generated using Amazon Bedrock | Read | |||
DisassociateAgentCollaborator | Grants permission to diassociate a collaborator that you associated earlier | Write | |||
DisassociateAgentKnowledgeBase | Grants permission to disassociate a knowledge base from the agent | Write | |||
GenerateQuery | Grants permission to generate queries associated with user input | Read | |||
GetAgent | Grants permission to retrieve an existing agent | Read | |||
GetAgentActionGroup | Grants permission to retrieve an existing action group | Read | |||
GetAgentAlias | Grants permission to retrieve an existing alias | Read | |||
GetAgentCollaborator | Grants permission to retrieve an existing collaborator | Read | |||
GetAgentKnowledgeBase | Grants permission to describe a knowledge base associated with an agent | Read | |||
GetAgentMemory | Grants permission to retrieve existing memory for an alias | Read | |||
GetAgentVersion | Grants permission to retrieve an existing version of an agent | Read | |||
GetAsyncInvoke | Grants permission to get the properties associated with an asynchronous invocation that you have submitted | Read | |||
GetBlueprint | Grants permission to retrieve an existing blueprint for data automation | Read | |||
GetBlueprintRecommendation [permission only] | Grants permission to retrieve blueprint recommendation | Read | |||
GetCustomModel | Grants permission to get the properties associated with a Bedrock custom model that you have created | Read | |||
GetDataAutomationProject | Grants permission to retrieve an existing data automation project | Read | |||
GetDataAutomationStatus | Grants permission to retrieve the status of a data automation invocation job | Read | |||
GetDataSource | Grants permission to retrieve an existing data source | Read | |||
GetEvaluationJob | Grants permission to get the properties associated with a evaluation job. Use this operation to get the status of a evaluation job | Read | |||
GetFlow | Grants permission to retrieve an existing prompt flow | Read | |||
GetFlowAlias | Grants permission to retrieve an existing alias of a prompt flow | Read | |||
GetFlowVersion | Grants permission to retrieve an existing version of a prompt flow | Read | |||
GetFoundationModel | Grants permission to get the properties associated with a Bedrock foundation model | Read | |||
GetFoundationModelAvailability | Grants permission to get the availability of a foundation model | Read | |||
GetGuardrail | Grants permission to retrieve a guardrail or its version | Read | |||
GetImportedModel | Grants permission to get the properties associated with Bedrock imported model | Read | |||
GetInferenceProfile | Grants permission to get the properties associated with an inference profile | Read | |||
GetIngestionJob | Grants permission to retrieve an existing ingestion job | Read | |||
GetKnowledgeBase | Grants permission to retrieve an existing knowledge base | Read | |||
GetKnowledgeBaseDocuments | Grants permission to get details for documents in a knowledge base | Read | |||
GetMarketplaceModelEndpoint | Grants permission to get the properties of a marketplace model endpoint | Read | |||
GetModelCopyJob | Grants permission to get the properties associated with a model-copy job. Use this operation to get the status of a model-copy job | Read | |||
GetModelCustomizationJob | Grants permission to get the properties associated with a model-customization job. Use this operation to get the status of a model-customization job | Read | |||
GetModelEvaluationJob | Grants permission to get the properties associated with a model-evaluation job. Use this operation to get the status of a model-evaluation job | Read | |||
GetModelImportJob | Grants permission to get the properties associated with a model import job and is used to get the status of a model import job | Read | |||
GetModelInvocationJob | Grants permission to retrieve a model invocation job | Read | |||
GetModelInvocationLoggingConfiguration | Grants permission to retrieve an existing Invocation logging configuration | Read | |||
GetPrompt | Grants permission to retrieve an existing prompt or its version | Read | |||
GetPromptRouter | Grants permission to get the properties associated with a prompt router | Read | |||
GetProvisionedModelThroughput | Grants permission to retrieve a provisioned model throughput | Read | |||
GetResourcePolicy [permission only] | Gets the resource policy document for a Bedrock resource | Read | |||
GetUseCaseForModelAccess | Grants permission to retrieve a use case for model access | Read | |||
IngestKnowledgeBaseDocuments | Grants permission to directly ingest documents into a knowledge base | Write | |||
InvokeAgent | Grants permission to send user input (text-only) to the alias of an agent for Bedrock | Read | |||
InvokeBlueprintRecommendationAsync [permission only] | Grants permission to invoke blueprint recommendations asynchronously | Write | |||
InvokeBuilder [permission only] | Grants permission to use the conversational builder which aids in building supported bedrock resources | Write | |||
InvokeDataAutomationAsync | Grants permission to invoke a Bedrock data automation job | Write | |||
InvokeFlow | Grants permission to invoke a prompt flow with user input | Read | |||
InvokeInlineAgent | Grants permission to send user input (text-only) to the inline agent for Bedrock | Read | |||
InvokeModel | Grants permission to invoke the specified Bedrock model to run inference using the input provided in the request body | Read | |||
InvokeModelWithResponseStream | Grants permission to invoke the specified Bedrock model to run inference using the input provided in the request body with streaming response | Read | |||
ListAgentActionGroups | Grants permission to list action groups in an agent | List | |||
ListAgentAliases | Grants permission to list aliases for an agent | List | |||
ListAgentCollaborators | Grants permission to list collaborators for an agent | List | |||
ListAgentKnowledgeBases | Grants permission to list knowledge bases associated with an agent | List | |||
ListAgentVersions | Grants permission to list existing versions of an agent | List | |||
ListAgents | Grants permission to list existing agents | List | |||
ListAsyncInvokes | Grants permission to get a list of asynchronous invocations that you have submitted | List | |||
ListBlueprints | Grants permission to list existing blueprints for data automation | List | |||
ListCustomModels | Grants permission to get a list of Bedrock custom models that you have created | List | |||
ListDataAutomationProjects | Grants permission to list existing data automation projects | List | |||
ListDataSources | Grants permission to list existing data sources in an knowledge base | List | |||
ListEvaluationJobs | Grants permission to get the list of evaluation jobs that you have submitted | List | |||
ListFlowAliases | Grants permission to list existing aliases of a prompt flow | List | |||
ListFlowVersions | Grants permission to list existing versions of a prompt flow | List | |||
ListFlows | Grants permission to list existing prompt flows | List | |||
ListFoundationModelAgreementOffers | Grants permission to get a list of foundation model agreement offers | List | |||
ListFoundationModels | Grants permission to list Bedrock foundation models that you can use | List | |||
ListGuardrails | Grants permission to list guardrails or its versions | List | |||
ListImportedModels | Grants permission to get list of Bedrock imported models | List | |||
ListInferenceProfiles | Grants permission to list inference profiles that you can use | List | |||
ListIngestionJobs | Grants permission to list ingestion jobs in a data source | List | |||
ListKnowledgeBaseDocuments | Grants permission to list documents in a knowledge base | List | |||
ListKnowledgeBases | Grants permission to list existing knowledge bases | List | |||
ListMarketplaceModelEndpoints | Grants permission to list marketplace model endpoints that you can use | Read | |||
ListModelCopyJobs | Grants permission to get the list of model copy jobs that you have submitted | List | |||
ListModelCustomizationJobs | Grants permission to get the list of model customization jobs that you have submitted | List | |||
ListModelEvaluationJobs | Grants permission to get the list of model evaluation jobs that you have submitted | List | |||
ListModelImportJobs | Grants permission to get list of model import jobs | List | |||
ListModelInvocationJobs | Grants permission to list model invocation jobs that you created earlier | List | |||
ListPromptRouters | Grants permission to list prompt routers that you can use | List | |||
ListPrompts | Grants permission to list existing prompts | List | |||
ListProvisionedModelThroughputs | Grants permission to list provisioned model throughputs that you created earlier | List | |||
ListTagsForResource | Grants permission to list tags for a Bedrock resource | Read | |||
OptimizePrompt | Grants permission to optimize a prompt with user input | Read | |||
PrepareAgent | Grants permission to prepare an existing agent to receive runtime requests | Write | |||
PrepareFlow | Grants permission to apply the latest changes made to a prompt flow, so that they are reflected at runtime | Write | |||
PutFoundationModelEntitlement | Grants permission to put entitlement to access a foundation model | Write | |||
PutModelInvocationLoggingConfiguration | Grants permission to create an existing Invocation logging configuration | Write | |||
PutResourcePolicy [permission only] | Adds a resource policy for a Bedrock resource | Write | |||
PutUseCaseForModelAccess | Grants permission to put a use case for model access | Write | |||
RegisterMarketplaceModelEndpoint | Grants permission to register a sagemaker endpoint as a marketplace model endpoint | Write | |||
RenderPrompt [permission only] | Grants permission to render an existing prompt or its version | Read | |||
Rerank | Grants permission to rank documents based on user input | Write | |||
Retrieve | Grants permission to retrieve ingested data from a knowledge base | Read | |||
RetrieveAndGenerate | Grants permission to send user input to perform retrieval and generation | Write | |||
StartIngestionJob | Grants permission to start an ingestion job | Write | |||
StopEvaluationJob | Grants permission to stop a evaluation job while in progress | Write | |||
StopIngestionJob | Grants permission to stop an ingestion job | Write | |||
StopModelCustomizationJob | Grants permission to stop a Bedrock model customization job while in progress | Write | |||
StopModelInvocationJob | Grants permission to stop a model invocation job that you started earlier | Write | |||
TagResource | Grants permission to Tag a Bedrock resource | Tagging | |||
UntagResource | Grants permission to Untag a Bedrock resource | Tagging | |||
UpdateAgent | Grants permission to update an existing agent | Write | |||
UpdateAgentActionGroup | Grants permission to update an existing action group | Write | |||
UpdateAgentAlias | Grants permission to update an existing alias | Write | |||
UpdateAgentCollaborator | Grants permission to update an existing collaborator | Write | |||
UpdateAgentKnowledgeBase | Grants permission to update a knowledge base associated with an agent | Write | |||
UpdateBlueprint | Grants permission to update a blueprint for data automation | Write | |||
UpdateDataAutomationProject | Grants permission to update a data automation project | Write | |||
UpdateDataSource | Grants permission to update a data source | Write | |||
UpdateFlow | Grants permission to update a prompt flow | Write | |||
UpdateFlowAlias | Grants permission to update the configuration of an alias of a prompt flow | Write | |||
UpdateGuardrail | Grants permission to update a guardrail | Write | |||
UpdateKnowledgeBase | Grants permission to update a knowledge base | Write | |||
UpdateMarketplaceModelEndpoint | Grants permission to update a marketplace model endpoint | Write | |||
UpdatePrompt | Grants permission to update a prompt | Write | |||
UpdateProvisionedModelThroughput | Grants permission to update a provisioned model throughput that you created earlier | Write | |||
ValidateFlowDefinition | Grants permission to validate prompt flow definitions | Read |
Resource types defined by Amazon Bedrock
The following resource types are defined by this service and can be used in the Resource
element of IAM permission policy statements. Each action in the Actions table identifies the resource types that can be specified with that action. A resource type can also define which condition keys you can include in a policy. These keys are displayed in the last column of the Resource types table. For details about the columns in the following table, see Resource types table.
Resource types | ARN | Condition keys |
---|---|---|
foundation-model |
arn:${Partition}:bedrock:${Region}::foundation-model/${ResourceId}
|
|
async-invoke |
arn:${Partition}:bedrock:${Region}:${Account}:async-invoke/${ResourceId}
|
|
inference-profile |
arn:${Partition}:bedrock:${Region}:${Account}:inference-profile/${ResourceId}
|
|
default-prompt-router |
arn:${Partition}:bedrock:${Region}:${Account}:default-prompt-router/${ResourceId}
|
|
application-inference-profile |
arn:${Partition}:bedrock:${Region}:${Account}:application-inference-profile/${ResourceId}
|
|
custom-model |
arn:${Partition}:bedrock:${Region}:${Account}:custom-model/${ResourceId}
|
|
provisioned-model |
arn:${Partition}:bedrock:${Region}:${Account}:provisioned-model/${ResourceId}
|
|
model-customization-job |
arn:${Partition}:bedrock:${Region}:${Account}:model-customization-job/${ResourceId}
|
|
agent |
arn:${Partition}:bedrock:${Region}:${Account}:agent/${AgentId}
|
|
agent-alias |
arn:${Partition}:bedrock:${Region}:${Account}:agent-alias/${AgentId}/${AgentAliasId}
|
|
knowledge-base |
arn:${Partition}:bedrock:${Region}:${Account}:knowledge-base/${KnowledgeBaseId}
|
|
model-evaluation-job |
arn:${Partition}:bedrock:${Region}:${Account}:model-evaluation-job/${ResourceId}
|
|
evaluation-job |
arn:${Partition}:bedrock:${Region}:${Account}:evaluation-job/${ResourceId}
|
|
model-invocation-job |
arn:${Partition}:bedrock:${Region}:${Account}:model-invocation-job/${JobIdentifier}
|
|
guardrail |
arn:${Partition}:bedrock:${Region}:${Account}:guardrail/${GuardrailId}
|
|
flow |
arn:${Partition}:bedrock:${Region}:${Account}:flow/${FlowId}
|
|
flow-alias |
arn:${Partition}:bedrock:${Region}:${Account}:flow/${FlowId}/alias/${FlowAliasId}
|
|
model-copy-job |
arn:${Partition}:bedrock:${Region}:${Account}:model-copy-job/${ResourceId}
|
|
prompt |
arn:${Partition}:bedrock:${Region}:${Account}:prompt/${PromptId}
|
|
prompt-version |
arn:${Partition}:bedrock:${Region}:${Account}:prompt/${PromptId}:${PromptVersion}
|
|
model-import-job |
arn:${Partition}:bedrock:${Region}:${Account}:model-import-job/${ResourceId}
|
|
imported-model |
arn:${Partition}:bedrock:${Region}:${Account}:imported-model/${ResourceId}
|
|
bedrock-marketplace-model-endpoint |
arn:${Partition}:bedrock:${Region}:${Account}:marketplace/model-endpoint/all-access
|
|
data-automation-project |
arn:${Partition}:bedrock:${Region}:${Account}:data-automation-project/${ProjectId}
|
|
blueprint |
arn:${Partition}:bedrock:${Region}:${Account}:blueprint/${BlueprintId}
|
|
data-automation-invocation-job |
arn:${Partition}:bedrock:${Region}:${Account}:data-automation-invocation/${JobId}
|
Condition keys for Amazon Bedrock
Amazon Bedrock defines the following condition keys that can be used in the Condition
element of an IAM policy. You can use these keys to further refine the conditions under which the policy statement applies. For details about the columns in the following table, see Condition keys table.
To view the global condition keys that are available to all services, see Available global condition keys.
Condition keys | Description | Type |
---|---|---|
aws:RequestTag/${TagKey} | Filters access by creating requests based on the allowed set of values for each of the mandatory tags | String |
aws:ResourceTag/${TagKey} | Filters access by having actions based on the tag value associated with the resource | String |
aws:TagKeys | Filters access by creating requests based on the presence of mandatory tags in the request | ArrayOfString |
bedrock:InferenceProfileArn | Filters access by the specified inference profile | ARN |
bedrock:PromptRouterArn | Filters access by the specified prompt router | ARN |
bedrock:ThirdPartyKnowledgeBaseCredentialsSecretArn | Filters access by the secretArn containing the credentials of the third party platform | ARN |