1 Answer
- Newest
- Most votes
- Most comments
0
Hello.
Since the error message states "no identity-based policy", I think that the IAM policy that executes "bedrock:ListFoundationModels" is not attached to the IAM role attached to EC2.
https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonbedrock.html
So, try attaching the IAM policy for operating Bedrock to the IAM role (s3_tammosta_p4) used in EC2.
If it is an AWS managed policy, I think you can use it by attaching "AmazonBedrockReadOnly".
https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AmazonBedrockReadOnly.html
If you want to allow only "bedrock:ListFoundationModels" with a custom policy, I think you should create an IAM policy like the one below.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "test",
"Effect": "Allow",
"Action": [
"bedrock:ListFoundationModels"
],
"Resource": "*"
}
]
}
Relevant content
- asked 4 months ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated a month ago