Amazon Bedrock Construct Library
---
The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the Semantic Versioning model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package.
| Language | Package |
|---|---|
 TypeScript |
@aws-cdk/aws-bedrock-alpha |
Amazon Bedrock is a fully managed service that offers a choice of high-performing foundation models (FMs) from leading AI companies and Amazon through a single API, along with a broad set of capabilities you need to build generative AI applications with security, privacy, and responsible AI.
This construct library facilitates the deployment of Bedrock Agents, enabling you to create sophisticated AI applications that can interact with your systems and data sources.
Table of contents
Agents
Amazon Bedrock Agents allow generative AI applications to automate complex, multistep tasks by seamlessly integrating with your company’s systems, APIs, and data sources. It uses the reasoning of foundation models (FMs), APIs, and data to break down user requests, gather relevant information, and efficiently complete tasks.
Create an Agent
Building an agent is straightforward and fast. The following example creates an Agent with a simple instruction and default prompts:
agent = bedrock.Agent(self, "Agent",
foundation_model=bedrock.BedrockFoundationModel.ANTHROPIC_CLAUDE_HAIKU_V1_0,
instruction="You are a helpful and friendly agent that answers questions about literature."
)
You can also create an agent with a guardrail:
# Create a guardrail to filter inappropriate content
guardrail = bedrock.Guardrail(self, "bedrockGuardrails",
guardrail_name="my-BedrockGuardrails",
description="Legal ethical guardrails."
)
guardrail.add_content_filter(
type=bedrock.ContentFilterType.SEXUAL,
input_strength=bedrock.ContentFilterStrength.HIGH,
output_strength=bedrock.ContentFilterStrength.MEDIUM
)
# Create an agent with the guardrail
agent_with_guardrail = bedrock.Agent(self, "AgentWithGuardrail",
foundation_model=bedrock.BedrockFoundationModel.ANTHROPIC_CLAUDE_HAIKU_V1_0,
instruction="You are a helpful and friendly agent that answers questions about literature.",
guardrail=guardrail
)
Agent Properties
The Bedrock Agent class supports the following properties.
| Name | Type | Required | Description |
|---|---|---|---|
| name | string | No | The name of the agent. Defaults to a name generated by CDK |
| instruction | string | Yes | The instruction used by the agent that determines how it will perform its task. Must have a minimum of 40 characters |
| foundationModel | IBedrockInvokable | Yes | The foundation model used for orchestration by the agent |
| existingRole | iam.IRole | No | The existing IAM Role for the agent to use. Must have a trust policy allowing Bedrock service to assume the role. Defaults to a new created role |
| shouldPrepareAgent | boolean | No | Specifies whether to automatically update the DRAFT version of the agent after making changes. Defaults to false |
| idleSessionTTL | Duration | No | How long sessions should be kept open for the agent. Session expires if no conversation occurs during this time. Defaults to 1 hour |
| kmsKey | kms.IKey | No | The KMS key of the agent if custom encryption is configured. Defaults to AWS managed key |
| description | string | No | A description of the agent. Defaults to no description |
| actionGroups | AgentActionGroup[] | No | The Action Groups associated with the agent |
| guardrail | IGuardrail | No | The guardrail that will be associated with the agent. Defaults to no guardrail |
| memory | Memory | No | The type and configuration of the memory to maintain context across multiple sessions and recall past interactions. Defaults to no memory |
| promptOverrideConfiguration | PromptOverrideConfiguration | No | Overrides some prompt templates in different parts of an agent sequence configuration |
| userInputEnabled | boolean | No | Select whether the agent can prompt additional information from the user when it lacks enough information. Defaults to false |
| codeInterpreterEnabled | boolean | No | Select whether the agent can generate, run, and troubleshoot code when trying to complete a task. Defaults to false |
| forceDelete | boolean | No | Whether to delete the resource even if it's in use. Defaults to true |
| agentCollaboration | AgentCollaboration | No | Configuration for agent collaboration settings, including type and collaborators. This property allows you to define how the agent collaborates with other agents and what collaborators it can work with. Defaults to no agent collaboration configuration |
| customOrchestrationExecutor | CustomOrchestrationExecutor | No | The Lambda function to use for custom orchestration. If provided, orchestrationType is set to CUSTOM_ORCHESTRATION. If not provided, orchestrationType defaults to DEFAULT. Defaults to default orchestration |
Action Groups
An action group defines functions your agent can call. The functions are Lambda functions. The action group uses an OpenAPI schema to tell the agent what your functions do and how to call them.
Action Group Properties
The AgentActionGroup class supports the following properties.
| Name | Type | Required | Description |
|---|---|---|---|
| name | string | No | The name of the action group. Defaults to a name generated in the format 'action_group_quick_start_UUID' |
| description | string | No | A description of the action group |
| apiSchema | ApiSchema | No | The OpenAPI schema that defines the functions in the action group |
| executor | ActionGroupExecutor | No | The Lambda function that executes the actions in the group |
| enabled | boolean | No | Whether the action group is enabled. Defaults to true |
| forceDelete | boolean | No | Whether to delete the resource even if it's in use. Defaults to false |
| functionSchema | FunctionSchema | No | Defines functions that each define parameters that the agent needs to invoke from the user |
| parentActionGroupSignature | ParentActionGroupSignature | No | The AWS Defined signature for enabling certain capabilities in your agent |
There are three ways to provide an API schema for your action group:
From a local asset file (requires binding to scope):
action_group_function = lambda_.Function(self, "ActionGroupFunction",
runtime=lambda_.Runtime.PYTHON_3_12,
handler="index.handler",
code=lambda_.Code.from_asset(path.join(__dirname, "../lambda/action-group"))
)
# When using ApiSchema.fromLocalAsset, you must bind the schema to a scope
schema = bedrock.ApiSchema.from_local_asset(path.join(__dirname, "action-group.yaml"))
schema.bind(self)
action_group = bedrock.AgentActionGroup(
name="query-library",
description="Use these functions to get information about the books in the library.",
executor=bedrock.ActionGroupExecutor.from_lambda(action_group_function),
enabled=True,
api_schema=schema
)
agent = bedrock.Agent(self, "Agent",
foundation_model=bedrock.BedrockFoundationModel.ANTHROPIC_CLAUDE_HAIKU_V1_0,
instruction="You are a helpful and friendly agent that answers questions about literature."
)
agent.add_action_group(action_group)
From an inline OpenAPI schema:
inline_schema = bedrock.ApiSchema.from_inline("""
openapi: 3.0.3
info:
title: Library API
version: 1.0.0
paths:
/search:
get:
summary: Search for books
operationId: searchBooks
parameters:
- name: query
in: query
required: true
schema:
type: string
""")
action_group_function = lambda_.Function(self, "ActionGroupFunction",
runtime=lambda_.Runtime.PYTHON_3_12,
handler="index.handler",
code=lambda_.Code.from_asset(path.join(__dirname, "../lambda/action-group"))
)
action_group = bedrock.AgentActionGroup(
name="query-library",
description="Use these functions to get information about the books in the library.",
executor=bedrock.ActionGroupExecutor.from_lambda(action_group_function),
enabled=True,
api_schema=inline_schema
)
agent = bedrock.Agent(self, "Agent",
foundation_model=bedrock.BedrockFoundationModel.ANTHROPIC_CLAUDE_HAIKU_V1_0,
instruction="You are a helpful and friendly agent that answers questions about literature."
)
agent.add_action_group(action_group)
From an existing S3 file:
bucket = s3.Bucket.from_bucket_name(self, "ExistingBucket", "my-schema-bucket")
s3_schema = bedrock.ApiSchema.from_s3_file(bucket, "schemas/action-group.yaml")
action_group_function = lambda_.Function(self, "ActionGroupFunction",
runtime=lambda_.Runtime.PYTHON_3_12,
handler="index.handler",
code=lambda_.Code.from_asset(path.join(__dirname, "../lambda/action-group"))
)
action_group = bedrock.AgentActionGroup(
name="query-library",
description="Use these functions to get information about the books in the library.",
executor=bedrock.ActionGroupExecutor.from_lambda(action_group_function),
enabled=True,
api_schema=s3_schema
)
agent = bedrock.Agent(self, "Agent",
foundation_model=bedrock.BedrockFoundationModel.ANTHROPIC_CLAUDE_HAIKU_V1_0,
instruction="You are a helpful and friendly agent that answers questions about literature."
)
agent.add_action_group(action_group)
Using FunctionSchema with Action Groups
As an alternative to using OpenAPI schemas, you can define functions directly using the FunctionSchema class. This approach provides a more structured way to define the functions that your agent can call.
action_group_function = lambda_.Function(self, "ActionGroupFunction",
runtime=lambda_.Runtime.PYTHON_3_12,
handler="index.handler",
code=lambda_.Code.from_asset(path.join(__dirname, "../lambda/action-group"))
)
# Define a function schema with parameters
function_schema = bedrock.FunctionSchema(
functions=[bedrock.FunctionProps(
name="searchBooks",
description="Search for books in the library catalog",
parameters={
"query": bedrock.FunctionParameterProps(
type=bedrock.ParameterType.STRING,
required=True,
description="The search query string"
),
"maxResults": bedrock.FunctionParameterProps(
type=bedrock.ParameterType.INTEGER,
required=False,
description="Maximum number of results to return"
),
"includeOutOfPrint": bedrock.FunctionParameterProps(
type=bedrock.ParameterType.BOOLEAN,
required=False,
description="Whether to include out-of-print books"
)
},
require_confirmation=bedrock.RequireConfirmation.DISABLED
), bedrock.FunctionProps(
name="getBookDetails",
description="Get detailed information about a specific book",
parameters={
"bookId": bedrock.FunctionParameterProps(
type=bedrock.ParameterType.STRING,
required=True,
description="The unique identifier of the book"
)
},
require_confirmation=bedrock.RequireConfirmation.ENABLED
)
]
)
# Create an action group using the function schema
action_group = bedrock.AgentActionGroup(
name="library-functions",
description="Functions for interacting with the library catalog",
executor=bedrock.ActionGroupExecutor.from_lambda(action_group_function),
function_schema=function_schema,
enabled=True
)
agent = bedrock.Agent(self, "Agent",
foundation_model=bedrock.BedrockFoundationModel.ANTHROPIC_CLAUDE_HAIKU_V1_0,
instruction="You are a helpful and friendly agent that answers questions about literature.",
action_groups=[action_group]
)
The FunctionSchema approach offers several advantages:
Type-safe definition of functions and parameters
Built-in validation of parameter names, descriptions, and other properties
Clear structure that maps directly to the AWS Bedrock API
Support for parameter types including string, number, integer, boolean, array, and object
Option to require user confirmation before executing specific functions
If you chose to load your schema file from S3, the construct will provide the necessary permissions to your agent’s execution role to access the schema file from the specific bucket. Similar to performing the operation through the console, the agent execution role will get a permission like:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AmazonBedrockAgentS3PolicyProd",
"Effect": "Allow",
"Action": [
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::<BUCKET_NAME>/<OBJECT_KEY>"
],
"Condition": {
"StringEquals": {
"aws:ResourceAccount": "ACCOUNT_NUMBER"
}
}
}
]
}
# create a bucket containing the input schema
schema_bucket = s3.Bucket(self, "SchemaBucket",
enforce_sSL=True,
versioned=True,
public_read_access=False,
block_public_access=s3.BlockPublicAccess.BLOCK_ALL,
encryption=s3.BucketEncryption.S3_MANAGED,
removal_policy=RemovalPolicy.DESTROY,
auto_delete_objects=True
)
# deploy the local schema file to S3
deployement = aws_s3_deployment.BucketDeployment(self, "DeployWebsite",
sources=[aws_s3_deployment.Source.asset(path.join(__dirname, "../inputschema"))],
destination_bucket=schema_bucket,
destination_key_prefix="inputschema"
)
# create the agent
agent = bedrock.Agent(self, "Agent",
foundation_model=bedrock.BedrockFoundationModel.ANTHROPIC_CLAUDE_3_5_SONNET_V1_0,
instruction="You are a helpful and friendly agent that answers questions about literature.",
user_input_enabled=True,
should_prepare_agent=True
)
# create a lambda function
action_group_function = lambda_.Function(self, "ActionGroupFunction",
runtime=lambda_.Runtime.PYTHON_3_12,
handler="index.handler",
code=lambda_.Code.from_asset(path.join(__dirname, "../lambda/action-group"))
)
# create an action group and read the schema file from S3
action_group = bedrock.AgentActionGroup(
name="query-library",
description="Use these functions to get information about the books in the library.",
executor=bedrock.ActionGroupExecutor.from_lambda(action_group_function),
enabled=True,
api_schema=bedrock.ApiSchema.from_s3_file(schema_bucket, "inputschema/action-group.yaml")
)
# add the action group to the agent
agent.add_action_group(action_group)
# add dependency for the agent on the s3 deployment
agent.node.add_dependency(deployement)
Prepare the Agent
The Agent constructs take an optional parameter shouldPrepareAgent to indicate that the Agent should be prepared after any updates to an agent or action group. This may increase the time to create and update those resources. By default, this value is false.
Prepare Agent Properties
| Name | Type | Required | Description |
|---|---|---|---|
| shouldPrepareAgent | boolean | No | Whether to automatically update the DRAFT version of the agent after making changes. Defaults to false |
Creating an agent alias will not prepare the agent, so if you create an alias using the AgentAlias resource then you should set shouldPrepareAgent to true.
Prompt Override Configuration
Bedrock Agents allows you to customize the prompts and LLM configuration for different steps in the agent sequence. The implementation provides type-safe configurations for each step type, ensuring correct usage at compile time.
Prompt Override Configuration Properties
| Name | Type | Required | Description |
|---|---|---|---|
| steps | PromptStepConfiguration[] | Yes | Array of step configurations for different parts of the agent sequence |
| parser | lambda.IFunction | No | Lambda function for custom parsing of agent responses |
Prompt Step Configuration Properties
Each step in the steps array supports the following properties:
| Name | Type | Required | Description |
|---|---|---|---|
| stepType | AgentStepType | Yes | The type of step being configured (PRE_PROCESSING, ORCHESTRATION, POST_PROCESSING, ROUTING_CLASSIFIER, MEMORY_SUMMARIZATION, KNOWLEDGE_BASE_RESPONSE_GENERATION) |
| stepEnabled | boolean | No | Whether this step is enabled. Defaults to true |
| customPromptTemplate | string | No | Custom prompt template to use for this step |
| inferenceConfig | InferenceConfiguration | No | Configuration for model inference parameters |
| foundationModel | BedrockFoundationModel | No | Alternative foundation model to use for this step (only valid for ROUTING_CLASSIFIER step) |
| useCustomParser | boolean | No | Whether to use a custom parser for this step. Requires parser to be provided in PromptOverrideConfiguration |
Inference Configuration Properties
When providing inferenceConfig, the following properties are supported:
| Name | Type | Required | Description |
|---|---|---|---|
| temperature | number | No | Controls randomness in the model's output (0.0-1.0) |
| topP | number | No | Controls diversity via nucleus sampling (0.0-1.0) |
| topK | number | No | Controls diversity by limiting the cumulative probability |
| maximumLength | number | No | Maximum length of generated text |
| stopSequences | string[] | No | Sequences where the model should stop generating |
The following steps can be configured:
PRE_PROCESSING: Prepares the user input for orchestration
ORCHESTRATION: Main step that determines the agent’s actions
POST_PROCESSING: Refines the agent’s response
ROUTING_CLASSIFIER: Classifies and routes requests to appropriate collaborators
MEMORY_SUMMARIZATION: Summarizes conversation history for memory retention
KNOWLEDGE_BASE_RESPONSE_GENERATION: Generates responses using knowledge base content
Example with pre-processing configuration:
agent = bedrock.Agent(self, "Agent",
foundation_model=bedrock.BedrockFoundationModel.AMAZON_NOVA_LITE_V1,
instruction="You are a helpful assistant.",
prompt_override_configuration=bedrock.PromptOverrideConfiguration.from_steps([
step_type=bedrock.AgentStepType.PRE_PROCESSING,
step_enabled=True,
custom_prompt_template="Your custom prompt template here",
inference_config=bedrock.InferenceConfiguration(
temperature=0,
top_p=1,
top_k=250,
maximum_length=1,
stop_sequences=["\n\nHuman:"]
)
])
)
Example with routing classifier and foundation model:
agent = bedrock.Agent(self, "Agent",
foundation_model=bedrock.BedrockFoundationModel.AMAZON_NOVA_LITE_V1,
instruction="You are a helpful assistant.",
prompt_override_configuration=bedrock.PromptOverrideConfiguration.from_steps([
step_type=bedrock.AgentStepType.ROUTING_CLASSIFIER,
step_enabled=True,
custom_prompt_template="Your routing template here",
foundation_model=bedrock.BedrockFoundationModel.ANTHROPIC_CLAUDE_V2
])
)
Using a custom Lambda parser:
parser_function = lambda_.Function(self, "ParserFunction",
runtime=lambda_.Runtime.PYTHON_3_10,
handler="index.handler",
code=lambda_.Code.from_asset("lambda")
)
agent = bedrock.Agent(self, "Agent",
foundation_model=bedrock.BedrockFoundationModel.AMAZON_NOVA_LITE_V1,
instruction="You are a helpful assistant.",
prompt_override_configuration=bedrock.PromptOverrideConfiguration.with_custom_parser(
parser=parser_function,
pre_processing_step=bedrock.PromptPreProcessingConfigCustomParser(
step_type=bedrock.AgentStepType.PRE_PROCESSING,
use_custom_parser=True
)
)
)
Foundation models can only be specified for the ROUTING_CLASSIFIER step.
Memory Configuration
Agents can maintain context across multiple sessions and recall past interactions using memory. This feature is useful for creating a more coherent conversational experience.
Memory Configuration Properties
| Name | Type | Required | Description |
|---|---|---|---|
| maxRecentSessions | number | No | Maximum number of recent session summaries to retain |
| memoryDuration | Duration | No | How long to retain session summaries |
Example:
agent = bedrock.Agent(self, "MyAgent",
agent_name="MyAgent",
instruction="Your instruction here",
foundation_model=bedrock.BedrockFoundationModel.AMAZON_NOVA_LITE_V1,
memory=Memory.session_summary(
max_recent_sessions=10, # Keep the last 10 session summaries
memory_duration=Duration.days(20)
)
)
Agent Collaboration
Agent Collaboration enables multiple Bedrock Agents to work together on complex tasks. This feature allows agents to specialize in different areas and collaborate to provide more comprehensive responses to user queries.
Agent Collaboration Properties
| Name | Type | Required | Description |
|---|---|---|---|
| type | AgentCollaboratorType | Yes | Type of collaboration (SUPERVISOR or PEER) |
| collaborators | AgentCollaborator[] | Yes | List of agent collaborators |
Agent Collaborator Properties
| Name | Type | Required | Description |
|---|---|---|---|
| agentAlias | AgentAlias | Yes | The agent alias to collaborate with |
| collaborationInstruction | string | Yes | Instructions for how to collaborate with this agent |
| collaboratorName | string | Yes | Name of the collaborator |
| relayConversationHistory | boolean | No | Whether to relay conversation history to the collaborator. Defaults to false |
Example:
# Create a specialized agent
customer_support_agent = bedrock.Agent(self, "CustomerSupportAgent",
instruction="You specialize in answering customer support questions.",
foundation_model=bedrock.BedrockFoundationModel.AMAZON_NOVA_LITE_V1
)
# Create an agent alias
customer_support_alias = bedrock.AgentAlias(self, "CustomerSupportAlias",
agent=customer_support_agent,
agent_alias_name="production"
)
# Create a main agent that collaborates with the specialized agent
main_agent = bedrock.Agent(self, "MainAgent",
instruction="You route specialized questions to other agents.",
foundation_model=bedrock.BedrockFoundationModel.AMAZON_NOVA_LITE_V1,
agent_collaboration={
"type": bedrock.AgentCollaboratorType.SUPERVISOR,
"collaborators": [
bedrock.AgentCollaborator(
agent_alias=customer_support_alias,
collaboration_instruction="Route customer support questions to this agent.",
collaborator_name="CustomerSupport",
relay_conversation_history=True
)
]
}
)
Custom Orchestration
Custom Orchestration allows you to override the default agent orchestration flow with your own Lambda function. This enables more control over how the agent processes user inputs and invokes action groups.
When you provide a customOrchestrationExecutor, the agent’s orchestrationType is automatically set to CUSTOM_ORCHESTRATION. If no customOrchestrationExecutor is provided, the orchestrationType defaults to DEFAULT, using Amazon Bedrock’s built-in orchestration.
Custom Orchestration Properties
| Name | Type | Required | Description |
|---|---|---|---|
| function | lambda.IFunction | Yes | The Lambda function that implements the custom orchestration logic |
Example:
orchestration_function = lambda_.Function(self, "OrchestrationFunction",
runtime=lambda_.Runtime.PYTHON_3_10,
handler="index.handler",
code=lambda_.Code.from_asset("lambda/orchestration")
)
agent = bedrock.Agent(self, "CustomOrchestrationAgent",
instruction="You are a helpful assistant with custom orchestration logic.",
foundation_model=bedrock.BedrockFoundationModel.AMAZON_NOVA_LITE_V1,
custom_orchestration_executor=bedrock.CustomOrchestrationExecutor.from_lambda(orchestration_function)
)
Agent Alias
After you have sufficiently iterated on your working draft and are satisfied with the behavior of your agent, you can set it up for deployment and integration into your application by creating aliases.
To deploy your agent, you need to create an alias. During alias creation, Amazon Bedrock automatically creates a version of your agent. The alias points to this newly created version. You can point the alias to a previously created version if necessary. You then configure your application to make API calls to that alias.
By default, the Agent resource creates a test alias named ‘AgentTestAlias’ that points to the ‘DRAFT’ version. This test alias is accessible via the testAlias property of the agent. You can also create additional aliases for different environments using the AgentAlias construct.
Agent Alias Properties
| Name | Type | Required | Description |
|---|---|---|---|
| agent | Agent | Yes | The agent to create an alias for |
| agentAliasName | string | No | The name of the agent alias. Defaults to a name generated by CDK |
| description | string | No | A description of the agent alias. Defaults to no description |
| routingConfiguration | AgentAliasRoutingConfiguration | No | Configuration for routing traffic between agent versions |
| agentVersion | string | No | The version of the agent to use. If not specified, a new version is created |
When redeploying an agent with changes, you must ensure the agent version is updated to avoid deployment failures with “agent already exists” errors. The recommended way to handle this is to include the lastUpdated property in the agent’s description, which automatically updates whenever the agent is modified. This ensures a new version is created on each deployment.
Example:
agent = bedrock.Agent(self, "Agent",
foundation_model=bedrock.BedrockFoundationModel.ANTHROPIC_CLAUDE_HAIKU_V1_0,
instruction="You are a helpful and friendly agent that answers questions about literature."
)
agent_alias = bedrock.AgentAlias(self, "myAlias",
agent_alias_name="production",
agent=agent,
description=f"Production version of my agent. Created at {agent.lastUpdated}"
)
Guardrails
Amazon Bedrock’s Guardrails feature enables you to implement robust governance and control mechanisms for your generative AI applications, ensuring alignment with your specific use cases and responsible AI policies. Guardrails empowers you to create multiple tailored policy configurations, each designed to address the unique requirements and constraints of different use cases. These policy configurations can then be seamlessly applied across multiple foundation models (FMs) and Agents, ensuring a consistent user experience and standardizing safety, security, and privacy controls throughout your generative AI ecosystem.
With Guardrails, you can define and enforce granular, customizable policies to precisely govern the behavior of your generative AI applications. You can configure the following policies in a guardrail to avoid undesirable and harmful content and remove sensitive information for privacy protection.
Content filters – Adjust filter strengths to block input prompts or model responses containing harmful content. Denied topics – Define a set of topics that are undesirable in the context of your application. These topics will be blocked if detected in user queries or model responses. Word filters – Configure filters to block undesirable words, phrases, and profanity. Such words can include offensive terms, competitor names etc. Sensitive information filters – Block or mask sensitive information such as personally identifiable information (PII) or custom regex in user inputs and model responses. You can create a Guardrail with a minimum blockedInputMessaging, blockedOutputsMessaging and default content filter policy.
Basic Guardrail Creation
TypeScript
guardrail = bedrock.Guardrail(self, "bedrockGuardrails",
guardrail_name="my-BedrockGuardrails",
description="Legal ethical guardrails."
)
Guardrail Properties
| Property | Type | Required | Description |
|---|---|---|---|
| guardrailName | string | Yes | The name of the guardrail |
| description | string | No | The description of the guardrail |
| blockedInputMessaging | string | No | The message to return when the guardrail blocks a prompt. Default: "Sorry, your query violates our usage policy." |
| blockedOutputsMessaging | string | No | The message to return when the guardrail blocks a model response. Default: "Sorry, I am unable to answer your question because of our usage policy." |
| kmsKey | IKey | No | A custom KMS key to use for encrypting data. Default: Your data is encrypted by default with a key that AWS owns and manages for you. |
| crossRegionConfig | GuardrailCrossRegionConfigProperty | No | The cross-region configuration for the guardrail. This enables cross-region inference for enhanced language support and filtering capabilities. Default: No cross-region configuration |
| contentFilters | ContentFilter[] | No | The content filters to apply to the guardrail |
| contentFiltersTierConfig | TierConfig | No | The tier configuration to apply to content filters. Default: TierConfig.CLASSIC |
| deniedTopics | Topic[] | No | Up to 30 denied topics to block user inputs or model responses associated with the topic |
| topicsTierConfig | TierConfig | No | The tier configuration to apply to topic filters. Default: TierConfig.CLASSIC |
| wordFilters | string[] | No | The word filters to apply to the guardrail |
| managedWordListFilters | ManagedWordFilterType[] | No | The managed word filters to apply to the guardrail |
| piiFilters | PIIFilter[] | No | The PII filters to apply to the guardrail |
| regexFilters | RegexFilter[] | No | The regular expression (regex) filters to apply to the guardrail |
| contextualGroundingFilters | ContextualGroundingFilter[] | No | The contextual grounding filters to apply to the guardrail |
Filter Types
Content Filters
Content filters allow you to block input prompts or model responses containing harmful content. You can adjust the filter strength and configure separate actions for input and output.
Content Filter Configuration
guardrail = bedrock.Guardrail(self, "bedrockGuardrails",
guardrail_name="my-BedrockGuardrails",
# Configure tier for content filters (optional)
content_filters_tier_config=bedrock.TierConfig.STANDARD
)
guardrail.add_content_filter(
type=bedrock.ContentFilterType.SEXUAL,
input_strength=bedrock.ContentFilterStrength.HIGH,
output_strength=bedrock.ContentFilterStrength.MEDIUM,
# props below are optional
input_action=bedrock.GuardrailAction.BLOCK,
input_enabled=True,
output_action=bedrock.GuardrailAction.NONE,
output_enabled=True,
input_modalities=[bedrock.ModalityType.TEXT, bedrock.ModalityType.IMAGE],
output_modalities=[bedrock.ModalityType.TEXT]
)
Available content filter types:
SEXUAL: Describes input prompts and model responses that indicates sexual interest, activity, or arousalVIOLENCE: Describes input prompts and model responses that includes glorification of or threats to inflict physical painHATE: Describes input prompts and model responses that discriminate, criticize, insult, denounce, or dehumanize a person or groupINSULTS: Describes input prompts and model responses that includes demeaning, humiliating, mocking, insulting, or belittling languageMISCONDUCT: Describes input prompts and model responses that seeks or provides information about engaging in misconduct activityPROMPT_ATTACK: Enable to detect and block user inputs attempting to override system instructions
Available content filter strengths:
NONE: No filteringLOW: Light filteringMEDIUM: Moderate filteringHIGH: Strict filtering
Available guardrail actions:
BLOCK: Blocks the content from being processedANONYMIZE: Masks the content with an identifier tagNONE: Takes no action
Warning: the ANONYMIZE action is not available in all configurations. Please refer to the documentation of each filter to see which ones support
Available modality types:
TEXT: Text modality for content filtersIMAGE: Image modality for content filters
Tier Configuration
Guardrails support tier configurations that determine the level of language support and robustness for content and topic filters. You can configure separate tier settings for content filters and topic filters.
Tier Configuration Options
guardrail = bedrock.Guardrail(self, "bedrockGuardrails",
guardrail_name="my-BedrockGuardrails",
# Configure tier for content filters
content_filters_tier_config=bedrock.TierConfig.STANDARD,
# Configure tier for topic filters
topics_tier_config=bedrock.TierConfig.CLASSIC
)
Available tier configurations:
CLASSIC: Provides established guardrails functionality supporting English, French, and Spanish languagesSTANDARD: Provides a more robust solution than the CLASSIC tier and has more comprehensive language support. This tier requires that your guardrail use cross-Region inference
Note: The STANDARD tier provides enhanced language support and more comprehensive filtering capabilities, but requires cross-Region inference to be enabled for your guardrail.
Cross-Region Configuration
You can configure a system-defined guardrail profile to use with your guardrail. Guardrail profiles define the destination AWS Regions where guardrail inference requests can be automatically routed. Using guardrail profiles helps maintain guardrail performance and reliability when demand increases.
Cross-Region Configuration Properties
| Property | Type | Required | Description |
|---|---|---|---|
| guardrailProfileArn | string | Yes | The ARN of the system-defined guardrail profile that defines the destination AWS Regions where guardrail inference requests can be automatically routed |
Cross-Region Configuration Example
guardrail = bedrock.Guardrail(self, "bedrockGuardrails",
guardrail_name="my-BedrockGuardrails",
description="Guardrail with cross-region configuration for enhanced language support",
cross_region_config=bedrock.GuardrailCrossRegionConfigProperty(
guardrail_profile_arn="arn:aws:bedrock:us-east-1:123456789012:guardrail-profile/my-profile"
),
# Use STANDARD tier for enhanced capabilities
content_filters_tier_config=bedrock.TierConfig.STANDARD,
topics_tier_config=bedrock.TierConfig.STANDARD
)
Note: Cross-region configuration is required when using the STANDARD tier for content and topic filters. It helps maintain guardrail performance and reliability when demand increases by automatically routing inference requests to appropriate regions.
You will need to provide the necessary permissions for cross region: https://docs.aws.amazon.com/bedrock/latest/userguide/guardrail-profiles-permissions.html .
Denied Topics
Denied topics allow you to define a set of topics that are undesirable in the context of your application. These topics will be blocked if detected in user queries or model responses. You can configure separate actions for input and output.
Denied Topic Configuration
guardrail = bedrock.Guardrail(self, "bedrockGuardrails",
guardrail_name="my-BedrockGuardrails",
# Configure tier for topic filters (optional)
topics_tier_config=bedrock.TierConfig.STANDARD
)
# Use a predefined topic
guardrail.add_denied_topic_filter(bedrock.Topic.FINANCIAL_ADVICE)
# Create a custom topic with input/output actions
guardrail.add_denied_topic_filter(
bedrock.Topic.custom(
name="Legal_Advice",
definition="Offering guidance or suggestions on legal matters, legal actions, interpretation of laws, or legal rights and responsibilities.",
examples=["Can I sue someone for this?", "What are my legal rights in this situation?", "Is this action against the law?", "What should I do to file a legal complaint?", "Can you explain this law to me?"
],
# props below are optional
input_action=bedrock.GuardrailAction.BLOCK,
input_enabled=True,
output_action=bedrock.GuardrailAction.NONE,
output_enabled=True
))
Word Filters
Word filters allow you to block specific words, phrases, or profanity in user inputs and model responses. You can configure separate actions for input and output.
Word Filter Configuration
guardrail = bedrock.Guardrail(self, "bedrockGuardrails",
guardrail_name="my-BedrockGuardrails"
)
# Add managed word list with input/output actions
guardrail.add_managed_word_list_filter(
type=bedrock.ManagedWordFilterType.PROFANITY,
input_action=bedrock.GuardrailAction.BLOCK,
input_enabled=True,
output_action=bedrock.GuardrailAction.NONE,
output_enabled=True
)
# Add individual words
guardrail.add_word_filter(text="drugs")
guardrail.add_word_filter(text="competitor")
# Add words from a file
guardrail.add_word_filter_from_file("./scripts/wordsPolicy.csv")
PII Filters
PII filters allow you to detect and handle personally identifiable information in user inputs and model responses. You can configure separate actions for input and output.
The PII types are organized into enum-like classes for better type safety and transpilation compatibility:
GeneralPIIType: General PII types like addresses, emails, names, phone numbers
FinancePIIType: Financial information like credit card numbers, PINs, SWIFT codes
InformationTechnologyPIIType: IT-related data like URLs, IP addresses, AWS keys
USASpecificPIIType: US-specific identifiers like SSNs, passport numbers
CanadaSpecificPIIType: Canada-specific identifiers like health numbers, SINs
UKSpecificPIIType: UK-specific identifiers like NHS numbers, NI numbers
PII Filter Configuration
guardrail = bedrock.Guardrail(self, "bedrockGuardrails",
guardrail_name="my-BedrockGuardrails"
)
# Add PII filter for addresses with input/output actions
guardrail.add_pIIFilter(
type=bedrock.GeneralPIIType.ADDRESS,
action=bedrock.GuardrailAction.BLOCK,
# below props are optional
input_action=bedrock.GuardrailAction.BLOCK,
input_enabled=True,
output_action=bedrock.GuardrailAction.ANONYMIZE,
output_enabled=True
)
# Add PII filter for credit card numbers with input/output actions
guardrail.add_pIIFilter(
type=bedrock.FinancePIIType.CREDIT_DEBIT_CARD_NUMBER,
action=bedrock.GuardrailAction.BLOCK,
# below props are optional
input_action=bedrock.GuardrailAction.BLOCK,
input_enabled=True,
output_action=bedrock.GuardrailAction.ANONYMIZE,
output_enabled=True
)
# Add PII filter for email addresses
guardrail.add_pIIFilter(
type=bedrock.GeneralPIIType.EMAIL,
action=bedrock.GuardrailAction.ANONYMIZE
)
# Add PII filter for US Social Security Numbers
guardrail.add_pIIFilter(
type=bedrock.USASpecificPIIType.US_SOCIAL_SECURITY_NUMBER,
action=bedrock.GuardrailAction.BLOCK
)
# Add PII filter for IP addresses
guardrail.add_pIIFilter(
type=bedrock.InformationTechnologyPIIType.IP_ADDRESS,
action=bedrock.GuardrailAction.ANONYMIZE
)
Available PII Types
GeneralPIIType:
ADDRESS: Physical addressesAGE: Individual’s ageDRIVER_ID: Driver’s license numbersEMAIL: Email addressesLICENSE_PLATE: Vehicle license platesNAME: Individual namesPASSWORD: PasswordsPHONE: Phone numbersUSERNAME: User account namesVEHICLE_IDENTIFICATION_NUMBER: Vehicle VINs
FinancePIIType:
CREDIT_DEBIT_CARD_CVV: Card verification codesCREDIT_DEBIT_CARD_EXPIRY: Card expiration datesCREDIT_DEBIT_CARD_NUMBER: Credit/debit card numbersPIN: Personal identification numbersSWIFT_CODE: Bank SWIFT codesINTERNATIONAL_BANK_ACCOUNT_NUMBER: IBAN numbers
InformationTechnologyPIIType:
URL: Web addressesIP_ADDRESS: IPv4 addressesMAC_ADDRESS: Network interface MAC addressesAWS_ACCESS_KEY: AWS access key IDsAWS_SECRET_KEY: AWS secret access keys
USASpecificPIIType:
US_BANK_ACCOUNT_NUMBER: US bank account numbersUS_BANK_ROUTING_NUMBER: US bank routing numbersUS_INDIVIDUAL_TAX_IDENTIFICATION_NUMBER: US ITINsUS_PASSPORT_NUMBER: US passport numbersUS_SOCIAL_SECURITY_NUMBER: US Social Security Numbers
CanadaSpecificPIIType:
CA_HEALTH_NUMBER: Canadian Health Service NumbersCA_SOCIAL_INSURANCE_NUMBER: Canadian Social Insurance Numbers
UKSpecificPIIType:
UK_NATIONAL_HEALTH_SERVICE_NUMBER: UK NHS numbersUK_NATIONAL_INSURANCE_NUMBER: UK National Insurance numbersUK_UNIQUE_TAXPAYER_REFERENCE_NUMBER: UK UTR numbers
Regex Filters
Regex filters allow you to detect and handle custom patterns in user inputs and model responses. You can configure separate actions for input and output.
Regex Filter Configuration
guardrail = bedrock.Guardrail(self, "bedrockGuardrails",
guardrail_name="my-BedrockGuardrails"
)
# Add regex filter with input/output actions
guardrail.add_regex_filter(
name="TestRegexFilter",
pattern="test-pattern",
action=bedrock.GuardrailAction.ANONYMIZE,
# below props are optional
description="This is a test regex filter",
input_action=bedrock.GuardrailAction.BLOCK,
input_enabled=True,
output_action=bedrock.GuardrailAction.ANONYMIZE,
output_enabled=True
)
Contextual Grounding Filters
Contextual grounding filters allow you to ensure that model responses are factually correct and relevant to the user’s query. You can configure the action and enable/disable the filter.
Contextual Grounding Filter Configuration
guardrail = bedrock.Guardrail(self, "bedrockGuardrails",
guardrail_name="my-BedrockGuardrails"
)
# Add contextual grounding filter with action and enabled flag
guardrail.add_contextual_grounding_filter(
type=bedrock.ContextualGroundingFilterType.GROUNDING,
threshold=0.8,
# the properties below are optional
action=bedrock.GuardrailAction.BLOCK,
enabled=True
)
Guardrail Methods
| Method | Description |
|---|---|
addContentFilter() |
Adds a content filter to the guardrail |
addDeniedTopicFilter() |
Adds a denied topic filter to the guardrail |
addWordFilter() |
Adds a word filter to the guardrail |
addManagedWordListFilter() |
Adds a managed word list filter to the guardrail |
addWordFilterFromFile() |
Adds word filters from a file to the guardrail |
addPIIFilter() |
Adds a PII filter to the guardrail |
addRegexFilter() |
Adds a regex filter to the guardrail |
addContextualGroundingFilter() |
Adds a contextual grounding filter to the guardrail |
createVersion() |
Creates a new version of the guardrail |
Guardrail Permissions
Guardrails provide methods to grant permissions to other resources that need to interact with the guardrail.
Permission Methods
| Method | Description | Parameters |
|---|---|---|
grant(grantee, ...actions) |
Grants the given principal identity permissions to perform actions on this guardrail | grantee: The principal to grant permissions toactions: The actions to grant (e.g., bedrock:GetGuardrail, bedrock:ListGuardrails) |
grantApply(grantee) |
Grants the given identity permissions to apply the guardrail | grantee: The principal to grant permissions to |
Permission Examples
guardrail = bedrock.Guardrail(self, "bedrockGuardrails",
guardrail_name="my-BedrockGuardrails"
)
lambda_function = lambda_.Function(self, "testLambda",
runtime=lambda_.Runtime.PYTHON_3_12,
handler="index.handler",
code=lambda_.Code.from_asset(path.join(__dirname, "../lambda/my-code"))
)
# Grant specific permissions to a Lambda function
guardrail.grant(lambda_function, "bedrock:GetGuardrail", "bedrock:ListGuardrails")
# Grant permissions to apply the guardrail
guardrail.grant_apply(lambda_function)
Guardrail Metrics
Amazon Bedrock provides metrics for your guardrails, allowing you to monitor their effectiveness and usage. These metrics are available in CloudWatch and can be used to create dashboards and alarms.
Metrics Examples
import aws_cdk.aws_cloudwatch as cloudwatch
guardrail = bedrock.Guardrail(self, "bedrockGuardrails",
guardrail_name="my-BedrockGuardrails"
)
# Get a specific metric for this guardrail
invocations_metric = guardrail.metric_invocations(
statistic="Sum",
period=Duration.minutes(5)
)
# Create a CloudWatch alarm for high invocation latency
cloudwatch.Alarm(self, "HighLatencyAlarm",
metric=guardrail.metric_invocation_latency(),
threshold=1000, # 1 second
evaluation_periods=3
)
# Get metrics for all guardrails
all_invocations_metric = bedrock.Guardrail.metric_all_invocations()
Importing Guardrails
You can import existing guardrails using the fromGuardrailAttributes or fromCfnGuardrail methods.
Import Configuration
# stack: Stack
cmk = kms.Key(self, "cmk")
# Import an existing guardrail by ARN
imported_guardrail = bedrock.Guardrail.from_guardrail_attributes(stack, "TestGuardrail",
guardrail_arn="arn:aws:bedrock:us-east-1:123456789012:guardrail/oygh3o8g7rtl",
guardrail_version="1", # optional
kms_key=cmk
)
import aws_cdk.aws_bedrock as bedrockl1
# Import a guardrail created through the L1 CDK CfnGuardrail construct
l1guardrail = bedrockl1.CfnGuardrail(self, "MyCfnGuardrail",
blocked_input_messaging="blockedInputMessaging",
blocked_outputs_messaging="blockedOutputsMessaging",
name="namemycfnguardrails",
word_policy_config=bedrockl1.CfnGuardrail.WordPolicyConfigProperty(
words_config=[bedrockl1.CfnGuardrail.WordConfigProperty(
text="drugs"
)
]
)
)
imported_guardrail = bedrock.Guardrail.from_cfn_guardrail(l1guardrail)
Guardrail Versioning
Guardrails support versioning, allowing you to track changes and maintain multiple versions of your guardrail configurations.
Version Configuration
guardrail = bedrock.Guardrail(self, "bedrockGuardrails",
guardrail_name="my-BedrockGuardrails"
)
# Create a new version of the guardrail
guardrail.create_version("testversion")
Prompts
Amazon Bedrock provides the ability to create and save prompts using Prompt management so that you can save time by applying the same prompt to different workflows. You can include variables in the prompt so that you can adjust the prompt for different use case.
The Prompt resource allows you to create a new prompt.
Prompt Variants
Prompt variants in the context of Amazon Bedrock refer to alternative configurations of a prompt, including its message or the model and inference configurations used. Prompt variants are the building blocks of prompts - you must create at least one prompt variant to create a prompt. Prompt variants allow you to create different versions of a prompt, test them, and save the variant that works best for your use case.
There are three types of prompt variants:
Basic Text Prompt: Simple text-based prompts for straightforward interactions
Chat variant: Conversational prompts that support system messages, user/assistant message history, and tools
Agent variant: Prompts designed to work with Bedrock Agents
Basic Text Prompt
Text prompts are the simplest form of prompts, consisting of plain text instructions with optional variables. They are ideal for straightforward tasks like summarization, content generation, or question answering where you need a direct text-based interaction with the model.
cmk = kms.Key(self, "cmk")
claude_model = bedrock.BedrockFoundationModel.ANTHROPIC_CLAUDE_SONNET_V1_0
variant1 = bedrock.PromptVariant.text(
variant_name="variant1",
model=claude_model,
prompt_variables=["topic"],
prompt_text="This is my first text prompt. Please summarize our conversation on: {{topic}}.",
inference_configuration=bedrock.PromptInferenceConfiguration.text(
temperature=1,
top_p=0.999,
max_tokens=2000
)
)
prompt1 = bedrock.Prompt(self, "prompt1",
prompt_name="prompt1",
description="my first prompt",
default_variant=variant1,
variants=[variant1],
kms_key=cmk
)
Chat Prompt
Use this template type when the model supports the Converse API or the Anthropic Claude Messages API. This allows you to include a System prompt and previous User messages and Assistant messages for context.
cmk = kms.Key(self, "cmk")
variant_chat = bedrock.PromptVariant.chat(
variant_name="variant1",
model=bedrock.BedrockFoundationModel.ANTHROPIC_CLAUDE_3_5_SONNET_V1_0,
messages=[
bedrock.ChatMessage.user("From now on, you speak Japanese!"),
bedrock.ChatMessage.assistant("Konnichiwa!"),
bedrock.ChatMessage.user("From now on, you speak {{language}}!")
],
system="You are a helpful assistant that only speaks the language you`re told.",
prompt_variables=["language"],
tool_configuration=bedrock.ToolConfiguration(
tool_choice=bedrock.ToolChoice.AUTO,
tools=[
bedrock.Tool.function(
name="top_song",
description="Get the most popular song played on a radio station.",
input_schema={
"type": "object",
"properties": {
"sign": {
"type": "string",
"description": "The call sign for the radio station for which you want the most popular song. Example calls signs are WZPZ and WKR."
}
},
"required": ["sign"]
}
)
]
)
)
bedrock.Prompt(self, "prompt1",
prompt_name="prompt-chat",
description="my first chat prompt",
default_variant=variant_chat,
variants=[variant_chat],
kms_key=cmk
)
Agent Prompt
Agent prompts are designed to work with Bedrock Agents, allowing you to create prompts that can be used by agents to perform specific tasks. Agent prompts use text prompts as their foundation and can reference agent aliases and include custom instructions for how the agent should behave.
cmk = kms.Key(self, "cmk")
# Assuming you have an existing agent and alias
agent = bedrock.Agent.from_agent_attributes(self, "ImportedAgent",
agent_arn="arn:aws:bedrock:region:account:agent/agent-id",
role_arn="arn:aws:iam::account:role/agent-role"
)
agent_alias = bedrock.AgentAlias.from_attributes(self, "ImportedAlias",
alias_id="alias-id",
alias_name="my-alias",
agent_version="1",
agent=agent
)
agent_variant = bedrock.PromptVariant.agent(
variant_name="agent-variant",
model=bedrock.BedrockFoundationModel.ANTHROPIC_CLAUDE_3_5_SONNET_V1_0,
agent_alias=agent_alias,
prompt_text="Use the agent to help with: {{task}}. Please be thorough and provide detailed explanations.",
prompt_variables=["task"]
)
bedrock.Prompt(self, "agentPrompt",
prompt_name="agent-prompt",
description="Prompt for agent interactions",
default_variant=agent_variant,
variants=[agent_variant],
kms_key=cmk
)
Prompt Properties
| Property | Type | Required | Description |
|---|---|---|---|
| promptName | string | Yes | The name of the prompt |
| description | string | No | A description of the prompt |
| defaultVariant | PromptVariant | Yes | The default variant to use for the prompt |
| variants | PromptVariant[] | No | Additional variants for the prompt |
| kmsKey | kms.IKey | No | The KMS key to use for encrypting the prompt. Defaults to AWS managed key |
| tags | Record |
No | Tags to apply to the prompt |
Prompt Version
A prompt version is a snapshot of a prompt at a specific point in time that you create when you are satisfied with a set of configurations. Versions allow you to deploy your prompt and easily switch between different configurations for your prompt and update your application with the most appropriate version for your use-case.
You can create a Prompt version by using the PromptVersion class or by using the .createVersion(..) on a Prompt object. It is recommended to use the .createVersion(..) method. It uses a hash based mechanism to update the version whenever a certain configuration property changes.
cmk = kms.Key(self, "cmk")
claude_model = bedrock.BedrockFoundationModel.ANTHROPIC_CLAUDE_SONNET_V1_0
variant1 = bedrock.PromptVariant.text(
variant_name="variant1",
model=claude_model,
prompt_variables=["topic"],
prompt_text="This is my first text prompt. Please summarize our conversation on: {{topic}}.",
inference_configuration=bedrock.PromptInferenceConfiguration.text(
temperature=1,
top_p=0.999,
max_tokens=2000
)
)
prompt1 = bedrock.Prompt(self, "prompt1",
prompt_name="prompt1",
description="my first prompt",
default_variant=variant1,
variants=[variant1],
kms_key=cmk
)
prompt_version = bedrock.PromptVersion(self, "MyPromptVersion",
prompt=prompt1,
description="my first version"
)
# or alternatively:
# const promptVersion = prompt1.createVersion('my first version');
version_string = prompt_version.version
Import Methods
You can use the fromPromptAttributes method to import an existing Bedrock Prompt into your CDK application.
# Import an existing prompt by ARN
imported_prompt = bedrock.Prompt.from_prompt_attributes(self, "ImportedPrompt",
prompt_arn="arn:aws:bedrock:region:account:prompt/prompt-id",
kms_key=kms.Key.from_key_arn(self, "ImportedKey", "arn:aws:kms:region:account:key/key-id"), # optional
prompt_version="1"
)
Inference Profiles
Amazon Bedrock Inference Profiles provide a way to manage and optimize inference configurations for your foundation models. They allow you to define reusable configurations that can be applied across different prompts and agents.
Using Inference Profiles
Inference profiles can be used with prompts and agents to maintain consistent inference configurations across your application.
With Agents
# Create a cross-region inference profile
cross_region_profile = bedrock.CrossRegionInferenceProfile.from_config(
geo_region=bedrock.CrossRegionInferenceProfileRegion.US,
model=bedrock.BedrockFoundationModel.ANTHROPIC_CLAUDE_3_5_SONNET_V1_0
)
# Use the cross-region profile with an agent
agent = bedrock.Agent(self, "Agent",
foundation_model=cross_region_profile,
instruction="You are a helpful and friendly agent that answers questions about agriculture."
)
With Prompts
# Create a prompt router for intelligent model selection
prompt_router = bedrock.PromptRouter.from_default_id(bedrock.DefaultPromptRouterIdentifier.ANTHROPIC_CLAUDE_V1, "us-east-1")
# Use the prompt router with a prompt variant
variant = bedrock.PromptVariant.text(
variant_name="variant1",
prompt_text="What is the capital of France?",
model=prompt_router
)
bedrock.Prompt(self, "Prompt",
prompt_name="prompt-router-test",
variants=[variant]
)
Types of Inference Profiles
Amazon Bedrock offers two types of inference profiles:
Application Inference Profiles
Application inference profiles are user-defined profiles that help you track costs and model usage. They can be created for a single region or for multiple regions using a cross-region inference profile.
Single Region Application Profile
# Create an application inference profile for one Region
app_profile = bedrock.ApplicationInferenceProfile(self, "MyApplicationProfile",
application_inference_profile_name="claude-3-sonnet-v1",
model_source=bedrock.BedrockFoundationModel.ANTHROPIC_CLAUDE_SONNET_V1_0,
description="Application profile for cost tracking",
tags={
"Environment": "Production"
}
)
Multi-Region Application Profile
# Create a cross-region inference profile
cross_region_profile = bedrock.CrossRegionInferenceProfile.from_config(
geo_region=bedrock.CrossRegionInferenceProfileRegion.US,
model=bedrock.BedrockFoundationModel.ANTHROPIC_CLAUDE_3_5_SONNET_V2_0
)
# Create an application inference profile across regions
app_profile = bedrock.ApplicationInferenceProfile(self, "MyMultiRegionProfile",
application_inference_profile_name="claude-35-sonnet-v2-multi-region",
model_source=cross_region_profile,
description="Multi-region application profile for cost tracking"
)
System Defined Inference Profiles
Cross-region inference enables you to seamlessly manage unplanned traffic bursts by utilizing compute across different AWS Regions. With cross-region inference, you can distribute traffic across multiple AWS Regions, enabling higher throughput and enhanced resilience during periods of peak demands.
Before using a CrossRegionInferenceProfile, ensure that you have access to the models and regions defined in the inference profiles. For instance, if you use the system defined inference profile “us.anthropic.claude-3-5-sonnet-20241022-v2:0”, inference requests will be routed to US East (Virginia) us-east-1, US East (Ohio) us-east-2 and US West (Oregon) us-west-2. Thus, you need to have model access enabled in those regions for the model anthropic.claude-3-5-sonnet-20241022-v2:0.
System Defined Profile Configuration
cross_region_profile = bedrock.CrossRegionInferenceProfile.from_config(
geo_region=bedrock.CrossRegionInferenceProfileRegion.US,
model=bedrock.BedrockFoundationModel.ANTHROPIC_CLAUDE_3_5_SONNET_V2_0
)
Prompt Routers
Amazon Bedrock intelligent prompt routing provides a single serverless endpoint for efficiently routing requests between different foundational models within the same model family. It can help you optimize for response quality and cost. They offer a comprehensive solution for managing multiple AI models through a single serverless endpoint, simplifying the process for you. Intelligent prompt routing predicts the performance of each model for each request, and dynamically routes each request to the model that it predicts is most likely to give the desired response at the lowest cost.
Default and Custom Prompt Routers
# Use a default prompt router
variant = bedrock.PromptVariant.text(
variant_name="variant1",
prompt_text="What is the capital of France?",
model=bedrock.PromptRouter.from_default_id(bedrock.DefaultPromptRouterIdentifier.ANTHROPIC_CLAUDE_V1, "us-east-1")
)
bedrock.Prompt(self, "Prompt",
prompt_name="prompt-router-test",
variants=[variant]
)
Inference Profile Permissions
Use the grantProfileUsage method to grant appropriate permissions to resources that need to use the inference profile.
Granting Profile Usage Permissions
# Create an application inference profile
profile = bedrock.ApplicationInferenceProfile(self, "MyProfile",
application_inference_profile_name="my-profile",
model_source=bedrock.BedrockFoundationModel.ANTHROPIC_CLAUDE_3_5_SONNET_V1_0
)
# Create a Lambda function
lambda_function = lambda_.Function(self, "MyFunction",
runtime=lambda_.Runtime.PYTHON_3_11,
handler="index.handler",
code=lambda_.Code.from_inline("def handler(event, context): return \"Hello\"")
)
# Grant the Lambda function permission to use the inference profile
profile.grant_profile_usage(lambda_function)
# Use a system defined inference profile
cross_region_profile = bedrock.CrossRegionInferenceProfile.from_config(
geo_region=bedrock.CrossRegionInferenceProfileRegion.US,
model=bedrock.BedrockFoundationModel.ANTHROPIC_CLAUDE_3_5_SONNET_V1_0
)
# Grant permissions to use the cross-region inference profile
cross_region_profile.grant_profile_usage(lambda_function)
The grantProfileUsage method adds the necessary IAM permissions to the resource, allowing it to use the inference profile. This includes permissions to call bedrock:GetInferenceProfile and bedrock:ListInferenceProfiles actions on the inference profile resource.
Inference Profiles Import Methods
You can import existing application inference profiles using the following methods:
# Import an inference profile through attributes
imported_profile = bedrock.ApplicationInferenceProfile.from_application_inference_profile_attributes(self, "ImportedProfile",
inference_profile_arn="arn:aws:bedrock:us-east-1:123456789012:application-inference-profile/my-profile-id",
inference_profile_identifier="my-profile-id"
)
You can also import an application inference profile from an existing L1 CloudFormation construct:
# Create or reference an existing L1 CfnApplicationInferenceProfile
cfn_profile = aws_bedrock_cfn.CfnApplicationInferenceProfile(self, "CfnProfile",
inference_profile_name="my-cfn-profile",
model_source=aws_bedrock_cfn.CfnApplicationInferenceProfile.InferenceProfileModelSourceProperty(
copy_from=bedrock.BedrockFoundationModel.ANTHROPIC_CLAUDE_3_5_SONNET_V1_0.invokable_arn
),
description="Profile created via L1 construct"
)
# Import the L1 construct as an L2 ApplicationInferenceProfile
imported_from_cfn = bedrock.ApplicationInferenceProfile.from_cfn_application_inference_profile(cfn_profile)
# Grant permissions to use the imported profile
lambda_function = lambda_.Function(self, "MyFunction",
runtime=lambda_.Runtime.PYTHON_3_11,
handler="index.handler",
code=lambda_.Code.from_inline("def handler(event, context): return \"Hello\"")
)
imported_from_cfn.grant_profile_usage(lambda_function)