How do I give cross-account access to the Amazon Bedrock API?

Short description

When you use the Amazon Bedrock API across accounts, you manage permissions for the API client in one account and host your workloads in other accounts.

Before you set up cross-account access for your Amazon Bedrock API, make sure that you can access the foundation models. To request access, see Add model access.

Note: For information about cross-account best practices, see Security best practices in AWS Identity and Access Management (IAM).

Resolution

In the following resolution, Account A contains the foundation models. Account B contains the Amazon SageMaker notebook that invokes the Amazon Bedrock API in Account A to access the foundation models.

Account A

To create an IAM role that provides access to Amazon Bedrock, complete the following steps:

1. Open the IAM console.
2. Create an IAM role for Account A.
3. Make sure that the IAM role has the AmazonBedrockFullAccess policy to allow access to Amazon Bedrock.
4. Add the permissions to invoke the SageMaker notebook in Account B:

   
    {    
       "Version":"2012-10-17",  
       "Statement":[    
          {    
             "Effect":"Allow",  
             "Principal":{    
                "Service":[    
                   "sagemaker.amazonaws.com",  
                   "events.amazonaws.com",  
                   "bedrock.amazonaws.com"  
                ],  
                "AWS":[    
                   "arn:aws:iam::`<Account B ID>`:role/RoleB"  
                ]  
             },  
             "Action":"sts:AssumeRole"       
          }  
       ]  
    }  
   

Account B

To assume the role in Account A, complete the following steps:

1. Open the IAM console.
2. Create an IAM role for the SageMaker notebook to run in the account.
3. Make sure that the IAM policy allows the role in Account B to assume the role in Account A:

       {  
           "Version": "2012-10-17",  
               "Statement": [  
                   {  
                       "Effect": "Allow",  
                       "Action": [  
                           "sts:AssumeRole"  
                       ],  
                       "Resource": [  
                           "arn:aws:iam::`<Account A ID>`:role/RoleA"   
                       ]  
                   }  
               ]  
        }

After configuration, the role in Account B uses temporary Boto3 credentials to assume the role in Account A.

Test the setup from Account B 

Use the role that's attached to the IAM policy in Account B to run the following cell on any SageMaker notebook:

import boto3  
  
# ARN of Role A to assume  
role_to_assume = 'arn:aws:iam::`<Account A ID>`:role/RoleA'    
  
# Use STS to assume role  
credentials = boto3.client('sts').assume_role(  
    RoleArn=role_to_assume,  
    RoleSessionName='RoleBSession'  
)['Credentials']  
  
# Create Bedrock client with temporary credentials  
bedrock_session = boto3.session.Session(  
    aws_access_key_id=credentials['AccessKeyId'],  
    aws_secret_access_key=credentials['SecretAccessKey'],  
    aws_session_token=credentials['SessionToken']  
)  
  
bedrock = bedrock_session.client('bedrock-runtime')

The Amazon Bedrock client can now use the temporary credentials from the role in Account A to call APIs.

Best practices

When you use the Amazon Bedrock API across accounts, apply the following best practices:

• Check the AWS CloudTrail logs for errors and verification. The logs show the AWS Security Token Service (STS) AssumeRole events in Account B and the Amazon Bedrock events in Account A.
• The default duration of the assumed role is 1 hour. However, you can use the DurationSeconds parameter to modify the duration. The duration can't exceed the role's maximum session duration.