Select Language:
If you’re seeing an error that says your IAM role doesn’t have permission to use the “bedrock:InvokeModelWithResponseStream” action on a specific inference profile, don’t worry. This usually means your role isn’t set up with the right permissions yet. Here’s a simple way to fix it and get you back on track.
First, check that your IAM role has permissions for two things: the ability to invoke Amazon Bedrock models and access to the specific inference profile you want to use. You need to add these permissions to your role’s policy.
The policy should include permissions to:
– Invoke foundation models.
– Access the particular inference profile you’re working with, which might look like “amazon.nova-lite-v1:0”.
Here’s an example of what the policy might look like. Note: this is a guideline, and you should adapt it based on your setup.
json
{
“Version”: “2012-10-17”,
“Statement”: [
{
“Effect”: “Allow”,
“Action”: [
“bedrock:InvokeModel”,
“bedrock:InvokeModelWithResponseStream”
],
“Resource”: [
“arn:aws:bedrock:us-east-1::foundation-model/amazon.nova-lite-v1:0”
],
“Condition”: {
“ArnLike”: {
“bedrock:InferenceProfileArn”: “arn:aws:bedrock:us-east-1:YOUR_ACCOUNT_ID:inference-profile/us.amazon.nova-lite-v1:0”
}
}
}
]
}
Since this is likely a lab or test environment, you should reach out to your lab administrator or the person managing your permissions. Tell them that you need the “bedrock:InvokeModelWithResponseStream” permission on the inference profile mentioned in the error message. They can update your role with the correct permissions.
For more details, you can review the official AWS documentation on model inference permissions, setting up access, and inference profiles. These resources will help you understand the specific requirements and guide your administrator if needed.
ChatGPT
Perplexity
Gemini AI
Grok AI
