Connect to Amazon S3 for your knowledge base - Amazon Bedrock

Connect to Amazon S3 for your knowledge base

Amazon S3 is an object storage service that stores data as objects within buckets. You can connect to your Amazon S3 bucket for your Amazon Bedrock knowledge base by using either the AWS Management Console for Amazon Bedrock or the CreateDataSource API (see Amazon Bedrock supported SDKs and AWS CLI).

You can upload a small batch of files to an Amazon S3 bucket using the Amazon S3 console or API. You can alternatively use AWS DataSync to upload multiple files to S3 continuously, and transfer files on a schedule from on-premises, edge, other cloud, or AWS storage.

Currently only General Purpose S3 buckets are supported.

There are limits to how many files and MB per file that can be crawled. See Quotas for knowledge bases.

Supported features

  • Document metadata fields

  • Inclusion/exclusion content filters

  • Incremental content syncs for added, updated, deleted content

Prerequisites

In Amazon S3, make sure you:

  • Note the Amazon S3 bucket URI, Amazon Resource Name (ARN), and the AWS account ID for the owner of the bucket. You can find the URI and ARN in the properties section in the Amazon S3 console. Your bucket must be in the same region as your Amazon Bedrock knowledge base. You must have permission to access the bucket.

In your AWS account, make sure you:

  • Include the necessary permissions to connect to your data source in your AWS Identity and Access Management (IAM) role/permissions policy for your knowledge base. For information on the required permissions for this data source to add to your knowledge base IAM role, see Permissions to access data sources.

Note

If you use the console, the IAM role with all the required permissions can be created for you as part of the steps for creating a knowledge base. After you have configured your data source and other configurations, the IAM role with all the required permissions are applied to your specific knowledge base.

Connection configuration

To connect to your Amazon S3 bucket, you must provide the necessary configuration information so that Amazon Bedrock can access and crawl your data. You must also follow the Prerequisites.

An example of a configuration for this data source is included in this section.

For more information about inclusion/exclusion filters, document metadata fields, incremental syncing, and how these work, select the following:

You can include a separate file that specifies the document metadata fields/attributes for each file in your Amazon S3 data source and whether to include them in the embeddings when indexing the data source into the vector store. For example, you can create a file in the following format, name it example.metadata.json and upload it to your S3 bucket.

{ "metadataAttributes": { "company": { "value": { "type": "STRING", "stringValue": "BioPharm Innovations" }, "includeForEmbedding": true }, "created_date": { "value": { "type": "NUMBER", "numberValue": 20221205 }, "includeForEmbedding": true }, "author": { "value": { "type": "STRING", "stringValue": "Lisa Thompson" }, "includeForEmbedding": true }, "origin": { "value": { "type": "STRING", "stringValue": "Overview" }, "includeForEmbedding": true } } }

The metadata file must use the same name as its associated source document file, with .metadata.json appended onto the end of the file name. The metadata file must be stored in the same folder or location as the source file in your Amazon S3 bucket. The file must not exceed the limit of 10 KB. For information on the supported attribute/field data types and the filtering operators you can apply to your metadata fields, see Metadata and filtering.

You can include or exclude crawling certain content. For example, you can specify an exclusion prefix/regular expression pattern to skip crawling any file that contains “private” in the file name. You could also specify an inclusion prefix/regular expression pattern to include certain content entities or content types. If you specify an inclusion and exclusion filter and both match a document, the exclusion filter takes precedence and the document isn’t crawled.

An example of a filter pattern to include only PDF files: ".*\\.pdf"

The data source connector crawls new, modified, and deleted content each time your data source syncs with your knowledge base. Amazon Bedrock can use your data source’s mechanism for tracking content changes and crawl content that changed since the last sync. When you sync your data source with your knowledge base for the first time, all content is crawled by default.

To sync your data source with your knowledge base, use the StartIngestionJob API or select your knowledge base in the console and select Sync within the data source overview section.

Important

All data that you sync from your data source becomes available to anyone with bedrock:Retrieve permissions to retrieve the data. This can also include any data with controlled data source permissions. For more information, see Knowledge base permissions.

Console
To connect an Amazon S3 bucket to your knowledge base
  1. Follow the steps at Create a knowledge base by connecting to a data source in Amazon Bedrock Knowledge Bases and choose Amazon S3 as the data source.

  2. Provide a name for the data source.

  3. Specify whether the Amazon S3 bucket is in your current AWS account or another AWS account. Your bucket must be in the same region as the knowledge base.

  4. (Optional) If the Amazon S3 bucket is encrypted with a KMS key, include the key. For more information, see Permissions to decrypt your AWS KMS key for your data sources in Amazon S3.

  5. (Optional) In the Content parsing and chunking section, you can customize how to parse and chunk your data. Refer to the following resources to learn more about these customizations:

  6. In the Advanced settings section, you can optionally configure the following:

    • KMS key for transient data storage. – You can encrypt the transient data while converting your data into embeddings with the default AWS managed key or your own KMS key. For more information, see Encryption of transient data storage during data ingestion.

    • Data deletion policy – You can delete the vector embeddings for your data source that are stored in the vector store by default, or choose to retain the vector store data.

  7. Continue to choose an embeddings model and vector store. To see the remaining steps, return to Create a knowledge base by connecting to a data source in Amazon Bedrock Knowledge Bases and continue from the step after connecting your data source.

API

The following is an example of a configuration for connecting to Amazon S3 for your Amazon Bedrock knowledge base. You configure your data source using the API with the AWS CLI or supported SDK, such as Python. After you call CreateKnowledgeBase, you call CreateDataSource to create your data source with your connection information in dataSourceConfiguration.

To learn about customizations that you can apply to ingestion by including the optional vectorIngestionConfiguration field, see Customize ingestion for a data source.

AWS Command Line Interface

aws bedrock create-data-source \ --name "S3 connector" \ --description "S3 data source connector for Amazon Bedrock to use content in S3" \ --knowledge-base-id "your-knowledge-base-id" \ --data-source-configuration file://s3-bedrock-connector-configuration.json \ --data-deletion-policy "DELETE" \ --vector-ingestion-configuration '{"chunkingConfiguration":[{"chunkingStrategy":"FIXED_SIZE","fixedSizeChunkingConfiguration":[{"maxTokens":"100","overlapPercentage":"10"}]}]}' s3-bedrock-connector-configuration.json { "s3Configuration": { "bucketArn": "arn:aws:s3:::bucket-name", "bucketOwnerAccountId": "000000000000", "inclusionPrefixes": [ ".*\\.pdf" ] }, "type": "S3" }