aws-samples
AWS partition is hard coded. Can't deploy the stack in other paritions.
Describe the bug A clear and concise description of what the bug is. ProxyApiHandlerServiceRoleDefaultPolicy86681202 CREATE_FAILED
Partition "aws" is not valid for resource "arn:aws:bedrock:::foundation-model/". (Service: AmazonIdentityManagement; Status Code: 400; Error Code: MalformedPolicyDocument; Request ID: a86171f2-0161-4940-964a-435f5955935a; Proxy: null)
Please complete the following information:
- [ ] Which API you used: [e.g. /chat/completions]. N/A
- [ ] Which model you used: [e.g. anthropic.claude-3-sonnet-20240229-v1:0] N/A
To Reproduce Deploy the stack in a different partition.
Expected behavior Resources should be all be deployed
Screenshots
Additional context The CF template I used is: BedrockProxy.Template
Sorry, there is no plan to support other partitions for now. For other partitions that Bedrock supported, please manually change the ARNs in the CloudFormation template in the deployment folder in the current repo.
@sean-smith yes it is for govcloud.
@daixba it is just a matter of being consistent in string replacement and using cloudformation built in stuff to determine the partition and region. It is already being done in other parts of the template. BUT i understand. It is not a show stopper for us.
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/pseudo-parameter-reference.html#cfn-pseudo-param-partition
In the templates AWS::Region and AWS::URLSuffix are already used.
If no one beats me to it I can work on a PR to replace arn:aws with arn:{AWS::PARTITON}
There are already places where it uses AWS::PARTITON: https://github.com/aws-samples/bedrock-access-gateway/blob/b26ee3e9eaea5547a724bf37dd1e33017295cc8a/deployment/BedrockProxy.template#L135
