By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Bedrock Role Based Security IAM

0

I would like to create a KB of internal company information and make available to staff via chatbot in Bedrock. The challenge is that the information should not be equally accessible to all staff. For example if a junior staff member posted a question such as "What is the CEO's salary" the chatbot should respond with "Based on your role you do not have access to that information" . Alternatively if a VP HR asked the question, the response would be completed. While this is just an example and confidential information perhaps does not belong in the Company KB but how could i segregate access to specific content in the Bedrock based on roles. I have considered creating 3 KBs , an Exec KB , a Middle Mgmt KB and an AllStaff KB and creating agents that would route and validate authorization based on prompt . I think most of the data in the KB could be tagged as Exec, MM or AllStaff . I am not sure how the agent or FM could match the IAM role of the user requesting and the tagged data to determine if user should have access to the response. Can Bedrock manage security at this data level? What is best practice in this scenario?

Topics
Security, Identity, & ComplianceMachine Learning & AIGenerative AI on AWS
Tags
IAM PoliciesAmazon Bedrock
Language
English
Amevy
asked 14 days ago243 views
1 Answer
1
Accepted Answer

Hi,

Your use-case is a fine-grained access control to the application user accessing the KB+LLM solution. Since this is specific to the custom application you are developing, AWS offers you the building blocks for achieving this.

Since you are already using Bedrock KB, Agents for Amazon Bedrock could be a natural fit here. It can execute multi-step tasks based on natural language input and an organisation's data and policies. These managed agents orchestrate interactions between different components, including language models, API integrations, user conversations, and knowledge bases loaded with the organisation's data. You could also use the trace capability to follow the chain of thought reasoning used as the plan is carried out, to view the intermediate steps in the orchestration process and troubleshoot issues.

Please check this video to get an idea. For your use-case, if you could include an employee id (instead of customer id, as in the video) in the request and maintain the mapping between employee ids and knowledge bases (e.g. in a DynamoDB table), you should be able to restrict the employee to the right KB. Your approach of segregating KBs is correct.

Alternatively, you could create separate routes for an APIGW/Lambda functions and consider using (Amazon Verified Permissions)[https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/what-is-avp.html] which is a scalable, fine-grained centralised permissions management and authorisation service for custom applications. AVP integrates seamlessly with API GW and Cognito.

Thanks, Rama

profile pictureAWS
Rama
answered 14 days ago
  • Rama
    12 days ago

    In addition to this, you can optionally add metadata to files in your data source. Metadata allows for your data to be filtered during knowledge base query. Pls refer this. This could also be helpful in your use-case.

  • Amevy
    6 days ago

    Thanks Rama, i would assume that solution #2 still needs a mapping between employee ids and metadata (e.g. in a DynamoDB table) so that filtering could happen during query execution. I am interested in what the response would be from the LLM if the employee id didn't match to a metadata item (ie the employee did not have access) would it just return with "no information found" or "you do not have authorization the data request"

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content