BedRock Agent ignoring lambda provided to answer questions

Hi Fabio,

It seems like the Bedrock agent is unable to invoke your Lambda function due to missing permissions.

To allow the Bedrock agent to invoke the Lambda function, you need to add a permission to the Lambda function's resource-based policy. Specifically, you need to grant the lambda:InvokeFunction permission to the Bedrock agent IAM role.

Go to the configuration section of the lambda function -> Permissions -> Resource-based policy statements

You can check the resource-based policy on the Lambda function and add a statement like:

{ "Sid": "AllowBedrockAgentInvocation",

"Effect": "Allow",

"Principal": {"Service": "bedrock.amazonaws.com"},

"Action": "lambda:InvokeFunction",

"Resource": "arn:aws:lambda:region:account-id:function:function-name"

}

This will allow the Bedrock agent to invoke the Lambda function. Please replace the Resource with the Arn of the bedrock agent.

Let me know if this helps.

To configure a Bedrock Agent to invoke a Lambda function and use the returned data to generate the answer:

Define an Action Group in the agent configuration that targets the Lambda function.

Provide the OpenAPI 3.0 spec for the API Gateway endpoint used by the Lambda function.

In the prompt template configuration for the agent, enable the use of a Lambda function for parsing and select the function defined in the Action Group.

Attach permissions to allow the agent to invoke the Lambda function. For example, using an IAM role with a policy allowing lambda:InvokeFunction .

Test the agent and check the trace to verify the Lambda function is being called and the response parsed correctly. You may need to debug the Lambda function or parsing logic if errors occur.

https://docs.aws.amazon.com/bedrock/latest/userguide/advanced-prompts-configure.html