generative-ai-application-builder-on-aws icon indicating copy to clipboard operation
generative-ai-application-builder-on-aws copied to clipboard

Published 20 hours ago verified publisher icon aws-solutions

Add option to use Bedrock in a different AWS region

Open acere opened this issue 1 year ago • 3 comments

Is your feature request related to a problem? Please describe. Bedrock is not currently available in many AWS regions, and not all regions have access to all the models and variants. Currently the only way to use this solution is to deploy it in a region where bedrock is available, but it would be desirable to deploy it in region without Bedrock.

Describe the feature you'd like Add a VPC in a selected region where Bedrock is available and configure VPC peering with the VPC where the solution is deployed.

acere avatar Feb 16 '24 01:02 acere

Hi, thanks for your interest in the solution. While we don't support this functionality directly yet, I can provide you some guidance as to how you can enable this functionality yourself.

There are 2 small changes which can get you up and running:

  1. On this line, change the value to bedrock_client=get_service_client("bedrock-runtime", region_name=<your desired bedrock region>) . If you deployed from the template and not the source code, this change can be made in the AWS console on a use case deployment. Look for the lambda function with ChatLlmProviderLambda in the name, and make the code change there. If you do it this way however, the change will be temporary and will get overwritten if you update the use case.

  2. Modify the policy for the chat lambda to allow it access to bedrock in the suitable region. To do this in the source code, modify the region in this line. In the console, you can navigate to the "Configuration" > "Permissions" page in the lambda console and edit the policy “ChatLlmProviderLambdaRoleDefaultPolicyXXXXXXXX” within the role to include the suitable Bedrock region.

We have logged looking into how to support this more permanently as a backlog task.

Let me know if you have any issues with this approach.

jamesnixon-aws avatar Feb 20 '24 16:02 jamesnixon-aws

Thanks @jamesnixon-aws , unfortunately your suggestion doesn't address the need to maintain all communications within the AWS fabric, as mentioned in the request. An example of the setup is described here.

acere avatar Apr 19 '24 02:04 acere

Thanks for pointing this out. Were you able to solve the issue by creating VPC peering connections as described in the link, in combination with my suggestion?

jamesnixon-aws avatar Apr 19 '24 13:04 jamesnixon-aws