Grant IAM permissions to request access to Amazon Bedrock foundation models with a product ID - Amazon Bedrock
Prevent an identity from requesting access to a model with a product IDPrevent an identity from using a model after access has already been granted

Grant IAM permissions to request access to Amazon Bedrock foundation models with a product ID

Access to Amazon Bedrock serverless foundation models with a product ID is controlled by the following IAM actions:

IAM action Description Applies to which models
aws-marketplace:Subscribe

Allows an IAM entity to subscribe to AWS Marketplace products, including Amazon Bedrock foundation models.

 Only Amazon Bedrock serverless models that have a product ID in AWS Marketplace.
aws-marketplace:Unsubscribe Allows an IAM identity to unsubscribe from AWS Marketplace products, including Amazon Bedrock foundation models. Only Amazon Bedrock serverless models that have a product ID in AWS Marketplace.
aws-marketplace:ViewSubscriptions Allows an IAM identity to return a list of AWS Marketplace products, including Amazon Bedrock foundation models. Only Amazon Bedrock serverless models that have a product ID in AWS Marketplace.
Note

For the aws-marketplace:Subscribe action only, you can use the aws-marketplace:ProductId condition key to restrict subscription to specific models.

For an IAM identity to request access to models with a product ID

The identity must have a policy attached that allows aws-marketplace:Subscribe.

Note

If an identity has already subscribed to a model in one AWS Region, the model becomes available for the identity to request access in all AWS Regions in which the model is available, even if aws-marketplace:Subscribe is denied for other Regions.

Select a section to see IAM policy examples for a specific use case:

Prevent an identity from requesting access to a model with a product ID

To prevent an IAM entity from requesting access to a specific model that has a product ID, attach an IAM policy to the user that denies the aws-marketplace:Subscribe action and scope the Condition field to the product ID of the model.

For example, you can attach the following policy to an identity to prevent it from subscribing to the Anthropic Claude 3.5 Sonnet model:

JSON
{
    "Version":"2012-10-17",		 	 	 
    "Statement": [
        {
            "Effect": "Deny",
            "Action": [
                "aws-marketplace:Subscribe"
            ],
            "Resource": "*",
            "Condition": {
                "ForAnyValue:StringEquals": {
                    "aws-marketplace:ProductId": [
                        "prod-m5ilt4siql27k"
                    ]
                }
            }
        }
    ]
}
Note

With this policy, the IAM entity will have access to any newly added models by default.

If the identity has already subscribed to the model in at least one Region, this policy doesn't prevent access in other Regions. Instead, you can prevent its usage by seeing the example in Prevent an identity from using a model after access has already been granted.

Prevent an identity from using a model after access has already been granted

If an IAM identity has already been granted access to a model, you can prevent usage of the model by denying all Amazon Bedrock actions and scoping the Resource field to the ARN of the foundation model.

For example, you can attach the following policy to an identity to prevent it from using the Anthropic Claude 3.5 Sonnet model in all AWS Regions:

JSON
{
    "Version":"2012-10-17",		 	 	 
    "Statement": [
        {
            "Effect": "Deny",
            "Action": [
                "bedrock:*"
            ],
            "Resource": [
                "arn:aws:bedrock:*::foundation-model/anthropic.claude-3-5-sonnet-20240620-v1:0"
            ]
        }
    ]
}