Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso

Bedrock runtime REST API 403 error

0

Hello,

I‘m tring to invoke Titan model by REST API in java (It's hard to use SDK in our platform), but I got an 403 error: Server returned HTTP response code: 403 for URL: https://bedrock-runtime.eu-central-1.amazonaws.com/model/amazon.titan-text-express-v1/invoke

The headers I sent are:

X-Amz-Date: 20240131T121641Z

Host: bedrock-runtime.eu-central-1.amazonaws.com

X-Amz-Content-Sha256: [Hashed request body]

Authorization: AWS4-HMAC-SHA256 Credential=[My credential]/20240131/eu-central-1/bedrock-runtime/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=[My signature]

The request body includes:

"inputText": "User: my first user input",

"textGenerationConfig": ["maxTokenCount":4096,"stopSequences":["User:"],"temperature":0.7]

Anyone has idea about why it is not working?

preguntada hace 10 meses1,3 mil visualizaciones
1 Respuesta
0
Respuesta aceptada

Hi,

Http 403 is an authorization problem: your requester must be authorized to call the Bedrock API.

As you don't use the Java SDK but work at REST level , the probable source of your problem is an incorrect SigV4 signature of your request.

SigV4 is detailled here: https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html

Getting the code to sign right is not easy: I'll suggest you to copy / paste such code from the AWS Java SDK with is OSS.

Best,

Didier

profile pictureAWS
EXPERTO
respondido hace 10 meses
profile picture
EXPERTO
revisado hace 10 meses
  • Hi Didier,

    How can I check If I´m authorized to call the Bedrock API? I have Access granted for Titan Embeddings G1 - Text in Bedrock. As for the signature, we are using the same algorithm to calculate the signature for Amazon Connect API so I think our calculation algorithm is OK.

    Best,

    Chunlin

  • As I tried in Python i can connect to Bedrock without any problem. So I think I am authorized to call the Bedrock API.

  • Yes, you did the right thing by trying another channel (Python): same IAM policies will apply. So, if it works for Python, it should work for Java: make sure that you include the Bedrock query properly in your sigV4 signing to go through authorization,

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas