opencode icon indicating copy to clipboard operation
opencode copied to clipboard
Published 9 hours ago verified publisher icon anomalyco

feat(bedrock): config options and authentication precedence

Open wnkz opened this issue 1 week ago • 3 comments

Summary

Adds configuration file support for Amazon Bedrock provider with profile, region, and endpoint options. Documents authentication precedence to clarify that bearer tokens take priority over AWS credential chain methods.

Changes

Provider Configuration (provider.ts)

  • Added support for profile, region, and endpoint options in opencode.json
  • Implemented precedence logic: config file options override environment variables
  • Profile option now passed to fromNodeProviderChain() for proper credential resolution

Tests (amazon-bedrock.test.ts)

  • Added 4 tests covering config precedence scenarios
  • Tests verify profile precedence, endpoint configuration, and combined options

Documentation (config.mdx, providers.mdx)

  • Added "Provider-Specific Options" section to config docs
  • Added "Authentication Precedence" section to providers docs
  • Documents that bearer tokens (AWS_BEARER_TOKEN_BEDROCK or /connect) take precedence over credential chain

CLI (auth.ts)

  • Updated /connect amazon-bedrock help message to show clear credential priority order

Configuration Example

{
  "provider": {
    "amazon-bedrock": {
      "options": {
        "region": "us-east-1",
        "profile": "my-aws-profile",
        "endpoint": "https://bedrock-runtime.us-east-1.vpce-xxxxx.amazonaws.com"
      }
    }
  }
}

Authentication Precedence

  1. Bearer token (AWS_BEARER_TOKEN_BEDROCK or /connect)
  2. AWS credential chain (profile, access keys, IAM roles)

Notes:

  • Follows existing patterns for provider configuration
  • Maintains backward compatibility with environment variable configuration
  • Configuration file options take precedence over environment variables (except bearer tokens)

wnkz avatar Dec 29 '25 18:12 wnkz