En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation

Bedrock runtime REST API 403 error

0

Hello,

I‘m tring to invoke Titan model by REST API in java (It's hard to use SDK in our platform), but I got an 403 error: Server returned HTTP response code: 403 for URL: https://bedrock-runtime.eu-central-1.amazonaws.com/model/amazon.titan-text-express-v1/invoke

The headers I sent are:

X-Amz-Date: 20240131T121641Z

Host: bedrock-runtime.eu-central-1.amazonaws.com

X-Amz-Content-Sha256: [Hashed request body]

Authorization: AWS4-HMAC-SHA256 Credential=[My credential]/20240131/eu-central-1/bedrock-runtime/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=[My signature]

The request body includes:

"inputText": "User: my first user input",

"textGenerationConfig": ["maxTokenCount":4096,"stopSequences":["User:"],"temperature":0.7]

Anyone has idea about why it is not working?

demandé il y a 10 mois1,2 k vues
1 réponse
0
Réponse acceptée

Hi,

Http 403 is an authorization problem: your requester must be authorized to call the Bedrock API.

As you don't use the Java SDK but work at REST level , the probable source of your problem is an incorrect SigV4 signature of your request.

SigV4 is detailled here: https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html

Getting the code to sign right is not easy: I'll suggest you to copy / paste such code from the AWS Java SDK with is OSS.

Best,

Didier

profile pictureAWS
EXPERT
répondu il y a 10 mois
profile picture
EXPERT
vérifié il y a 10 mois
  • Hi Didier,

    How can I check If I´m authorized to call the Bedrock API? I have Access granted for Titan Embeddings G1 - Text in Bedrock. As for the signature, we are using the same algorithm to calculate the signature for Amazon Connect API so I think our calculation algorithm is OK.

    Best,

    Chunlin

  • As I tried in Python i can connect to Bedrock without any problem. So I think I am authorized to call the Bedrock API.

  • Yes, you did the right thing by trying another channel (Python): same IAM policies will apply. So, if it works for Python, it should work for Java: make sure that you include the Bedrock query properly in your sigV4 signing to go through authorization,

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions