Knowledge Base creation error

0

I am trying to create a knowledge base with role bellow but i am receiving this error: Knowledge Base creation with a root user is not supported. Please sign-in with an IAM user or IAM role and try again.

Knowledge Base Role { "Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Principal": { "Service": "bedrock.amazonaws.com" }, "Action": "sts:AssumeRole", "Condition": { "StringEquals": { "aws:SourceAccount": "account-id" }, "ArnLike": { "AWS:SourceArn": "arn:aws:bedrock:region:account-id:knowledge-base/*" } } }] }

3 réponses
2

It says you cannot to KB from the root user. You need to create a IAM user or IAM role with enough bedrock permissions and give bedrock trust permissions. Then you sign in with that user or assume that role and recreate the KB

profile picture
EXPERT
répondu il y a 3 mois
profile picture
EXPERT
vérifié il y a 3 mois
profile pictureAWS
EXPERT
iBehr
vérifié il y a 3 mois
0

Hello Luiz,

The error you are getting is not about the service role you are specifying to create the Knowledge Base, but about the credentials you are using to perform the operation. It seems you are using the root user from your account, and you should be using an IAM user or assuming an IAM role.

You can follow the process described here to create an IAM user: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html Make sure you attach to the user the required permissions so it is able to perform the Knowledge Base create operation.

profile pictureAWS
Richard
répondu il y a 3 mois
profile picture
EXPERT
vérifié il y a 3 mois
profile pictureAWS
EXPERT
iBehr
vérifié il y a 3 mois
0

I am trying create an IAM role with bedrock permissions like this, but this role has root permissions. There is an option to create a role for commun user / not root? Knowledge Base Role { "Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Principal": { "Service": "bedrock.amazonaws.com" }, "Action": "sts:AssumeRole", "Condition": { "StringEquals": { "aws:SourceAccount": "account-id" }, "ArnLike": { "AWS:SourceArn": "arn:aws:bedrock:region:account-id:knowledge-base/*" } } }] }

répondu il y a 3 mois

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions