Knowledge Base creation error

0

I am trying to create a knowledge base with role bellow but i am receiving this error: Knowledge Base creation with a root user is not supported. Please sign-in with an IAM user or IAM role and try again.

Knowledge Base Role { "Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Principal": { "Service": "bedrock.amazonaws.com" }, "Action": "sts:AssumeRole", "Condition": { "StringEquals": { "aws:SourceAccount": "account-id" }, "ArnLike": { "AWS:SourceArn": "arn:aws:bedrock:region:account-id:knowledge-base/*" } } }] }

3 Answers
2

It says you cannot to KB from the root user. You need to create a IAM user or IAM role with enough bedrock permissions and give bedrock trust permissions. Then you sign in with that user or assume that role and recreate the KB

profile picture
EXPERT
answered 2 months ago
profile picture
EXPERT
reviewed 2 months ago
profile pictureAWS
EXPERT
iBehr
reviewed 2 months ago
0

Hello Luiz,

The error you are getting is not about the service role you are specifying to create the Knowledge Base, but about the credentials you are using to perform the operation. It seems you are using the root user from your account, and you should be using an IAM user or assuming an IAM role.

You can follow the process described here to create an IAM user: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html Make sure you attach to the user the required permissions so it is able to perform the Knowledge Base create operation.

profile pictureAWS
Richard
answered 2 months ago
profile picture
EXPERT
reviewed 2 months ago
profile pictureAWS
EXPERT
iBehr
reviewed 2 months ago
0

I am trying create an IAM role with bedrock permissions like this, but this role has root permissions. There is an option to create a role for commun user / not root? Knowledge Base Role { "Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Principal": { "Service": "bedrock.amazonaws.com" }, "Action": "sts:AssumeRole", "Condition": { "StringEquals": { "aws:SourceAccount": "account-id" }, "ArnLike": { "AWS:SourceArn": "arn:aws:bedrock:region:account-id:knowledge-base/*" } } }] }

answered 2 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions