使用 AWS CloudFormation 管理專案 - Amazon Bedrock
AWS::BedrockMantle::Project範例搭配專案 API 使用 CloudFormation 輸出進一步了解

本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。

使用 AWS CloudFormation 管理專案

Amazon Bedrock 已與 AWS CloudFormation 整合,可讓您在基礎設施範本中定義和管理專案。您可以使用 JSON 或 YAML 範本,在多個 AWS 帳戶和區域中一致且重複地佈建專案。

AWS::BedrockMantle::Project

使用 AWS::BedrockMantle::Project 資源在 CloudFormation 範本中建立和管理 Bedrock 專案。透過 CloudFormation 建立的專案支援與透過 API 建立的相同功能,包括 IAM 政策連接、標記和可觀測性。

語法

若要在您的 CloudFormation 範本中宣告此實體,請使用下列語法:

範例 CloudFormation 語法
{
  "Type": "AWS::BedrockMantle::Project",
  "Properties": {
    "Name": String,
    "Tags": [
      { "Key": String, "Value": String },
      { "Key": String, "Value": String },
      { "Key": String, "Value": String },
      { "Key": String, "Value": String }
    ]
  }
}
Type: AWS::BedrockMantle::Project
Properties:
  Name: String
  Tags:
    Key: Value

Properties

名稱

必要. 專案的名稱。在您的 AWS 帳戶中必須是唯一的。

類型:字串

下限:1

上限:64

模式:^([0-9a-zA-Z][ _-]?)+$

更新要求:替換

Tags (標籤)

要與專案建立關聯的鍵值對映射,用於成本分配和存取控制。

類型:字串的映射

更新要求:不中斷

標籤更新注意事項

上的 CloudFormation 標籤更新會在內部AWS::BedrockMantle::Project使用個別的新增和移除操作。沒有原子完整標籤取代。如果堆疊更新在操作中失敗,專案的標籤集可能處於部分更新狀態。在修改標籤的堆疊更新之後,請務必驗證最終標籤狀態。

傳回值

Ref

當您將此資源的邏輯 ID 傳遞至內部 Ref函數時, 便會Ref傳回專案 ID (例如 proj_abc123)。

Fn::GetAtt

ProjectId

專案的唯一識別符 (例如 proj_abc123)。

ProjectArn

專案的 Amazon Resource Name (ARN) (例如 arn:aws:bedrock-mantle:us-east-1:123456789012:project/proj_abc123)。

狀態

專案的狀態。 ACTIVE表示專案已就緒可供使用。 ARCHIVED表示專案已封存,無法接受新的推論請求。

CreatedAt

建立專案的時間戳記。

UpdatedAt

上次更新專案的時間戳記。

範例

建立基本專案

下列範例會為生產聊天機器人應用程式建立專案:

範例基本專案
AWSTemplateFormatVersion: '2010-09-09'
Description: Amazon Bedrock Project for Production Chatbot

Resources:
  CustomerChatbotProject:
    Type: AWS::BedrockMantle::Project
    Properties:
      Name: CustomerChatbot-Production
      Tags:
        - Key: Project
          Value: CustomerChatbot
        - Key: Environment
          Value: Production
        - Key: Owner
          Value: TeamAlpha
        - Key: CostCenter
          Value: "21524"

Outputs:
  ProjectId:
    Description: The ID of the created project
    Value: !Ref CustomerChatbotProject

  ProjectArn:
    Description: The ARN of the created project
    Value: !GetAtt CustomerChatbotProject.ProjectArn
{
  "AWSTemplateFormatVersion": "2010-09-09",
  "Resources": {
    "CustomerChatbotProject": {
      "Type": "AWS::BedrockMantle::Project",
      "Properties": {
        "Name": "CustomerChatbot-Production",
        "Tags": [
          { "Key": "Project", "Value": "CustomerChatbot" },
          { "Key": "Environment", "Value": "Production" },
          { "Key": "Owner", "Value": "TeamAlpha" },
          { "Key": "CostCenter", "Value": "21524" }
        ]
      }
    }
  },
  "Outputs": {
    "ProjectId": {
      "Description": "The ID of the created project",
      "Value": { "Ref": "CustomerChatbotProject" }
    },
    "ProjectArn": {
      "Description": "The ARN of the created project",
      "Value": { "Fn::GetAtt": ["CustomerChatbotProject", "ProjectArn"] }
    }
  }
}

為不同的環境建立多個專案

下列範例為單一堆疊中的開發、預備和生產環境佈建個別專案:

AWSTemplateFormatVersion: '2010-09-09'
Description: Amazon Bedrock Projects for Multi-Environment Deployment

Parameters:
  ApplicationName:
    Type: String
    Default: InternalSearch
    Description: Name of the application

  CostCenter:
    Type: String
    Description: Cost center for billing allocation

Resources:
  DevelopmentProject:
    Type: AWS::BedrockMantle::Project
    Properties:
      Name: !Sub "${ApplicationName}-Development"
      Tags:
        - Key: Project
          Value: !Ref ApplicationName
        - Key: Environment
          Value: Development
        - Key: CostCenter
          Value: !Ref CostCenter

  StagingProject:
    Type: AWS::BedrockMantle::Project
    Properties:
      Name: !Sub "${ApplicationName}-Staging"
      Tags:
        - Key: Project
          Value: !Ref ApplicationName
        - Key: Environment
          Value: Staging
        - Key: CostCenter
          Value: !Ref CostCenter

  ProductionProject:
    Type: AWS::BedrockMantle::Project
    Properties:
      Name: !Sub "${ApplicationName}-Production"
      Tags:
        - Key: Project
          Value: !Ref ApplicationName
        - Key: Environment
          Value: Production
        - Key: CostCenter
          Value: !Ref CostCenter

Outputs:
  DevelopmentProjectArn:
    Value: !GetAtt DevelopmentProject.ProjectArn
    Export:
      Name: !Sub "${ApplicationName}-Dev-ProjectArn"

  StagingProjectArn:
    Value: !GetAtt StagingProject.ProjectArn
    Export:
      Name: !Sub "${ApplicationName}-Staging-ProjectArn"

  ProductionProjectArn:
    Value: !GetAtt ProductionProject.ProjectArn
    Export:
      Name: !Sub "${ApplicationName}-Prod-ProjectArn"

建立具有 IAM 角色存取權的專案

下列範例會建立專案並連接 IAM 政策,授予特定角色調用模型的存取權:

AWSTemplateFormatVersion: '2010-09-09'
Description: Amazon Bedrock Project with IAM Access Control

Resources:
  ProductionProject:
    Type: AWS::BedrockMantle::Project
    Properties:
      Name: CustomerChatbot-Production
      Tags:
        - Key: Environment
          Value: Production
        - Key: CostCenter
          Value: "21524"

  ProductionAppRole:
    Type: AWS::IAM::Role
    Properties:
      RoleName: BedrockProjectProductionRole
      AssumeRolePolicyDocument:
        Version: '2012-10-17'
        Statement:
          - Effect: Allow
            Principal:
              Service: lambda.amazonaws.com
            Action: sts:AssumeRole
      Policies:
        - PolicyName: BedrockProjectInvokeAccess
          PolicyDocument:
            Version: '2012-10-17'
            Statement:
              - Effect: Allow
                Action:
                  - bedrock-mantle:CreateInference
                  - bedrock-mantle:GetProject
                Resource: !GetAtt ProductionProject.ProjectArn

Outputs:
  ProjectArn:
    Value: !GetAtt ProductionProject.ProjectArn

  RoleArn:
    Value: !GetAtt ProductionAppRole.Arn

搭配專案 API 使用 CloudFormation 輸出

部署 CloudFormation 堆疊之後,您可以使用堆疊輸出在應用程式程式碼中參考專案 ARN 和 ID:

import boto3
from openai import OpenAI

# Retrieve project details from CloudFormation stack outputs
cfn = boto3.client('cloudformation', region_name='us-east-1')

response = cfn.describe_stacks(StackName='my-bedrock-projects-stack')
outputs = {o['OutputKey']: o['OutputValue'] for o in response['Stacks'][0]['Outputs']}

production_project_arn = outputs['ProductionProjectArn']

# Extract project ID from ARN
# ARN format: arn:aws:bedrock-mantle:us-east-1:123456789012:project/proj_abc123
project_id = production_project_arn.split('/')[-1]

print(f"Using project: {project_id}")

# Use the project for inference
client = OpenAI(project=project_id)

response = client.responses.create(
    model="openai.gpt-oss-120b",
    input="Hello from a CloudFormation-managed project!"
)

print(response)

進一步了解

如需搭配 Amazon Bedrock 資源使用 CloudFormation 的詳細資訊,請參閱: