Skip to main content

remote::bedrock

Description

AWS Bedrock inference provider using OpenAI compatible endpoint.

Configuration

FieldTypeRequiredDefaultDescription
allowed_modelslist[str] | NoneNoList of models that should be registered with the model registry. If None, all models are allowed.
refresh_modelsboolNoFalseWhether to refresh models periodically from the provider
api_keySecretStr | NoneNoAuthentication credential for the provider
networkNetworkConfig | NoneNoNetwork configuration including TLS, proxy, and timeout settings.
network.tlsTLSConfig | NoneNoTLS/SSL configuration for secure connections.
network.tls.verifybool | PathNoTrueWhether to verify TLS certificates. Can be a boolean or a path to a CA certificate file.
network.tls.min_versionLiteral[TLSv1.2, TLSv1.3] | NoneNoMinimum TLS version to use. Defaults to system default if not specified.
network.tls.cipherslist[str] | NoneNoList of allowed cipher suites (e.g., ['ECDHE+AESGCM', 'DHE+AESGCM']).
network.tls.client_certPath | NoneNoPath to client certificate file for mTLS authentication.
network.tls.client_keyPath | NoneNoPath to client private key file for mTLS authentication.
network.proxyProxyConfig | NoneNoProxy configuration for HTTP connections.
network.proxy.urlHttpUrl | NoneNoSingle proxy URL for all connections (e.g., 'http://proxy.example.com:8080').
network.proxy.httpHttpUrl | NoneNoProxy URL for HTTP connections.
network.proxy.httpsHttpUrl | NoneNoProxy URL for HTTPS connections.
network.proxy.cacertPath | NoneNoPath to CA certificate file for verifying the proxy's certificate. Required for proxies in interception mode.
network.proxy.no_proxylist[str] | NoneNoList of hosts that should bypass the proxy (e.g., ['localhost', '127.0.0.1', '.internal.corp']).
network.timeoutfloat | TimeoutConfig | NoneNoTimeout configuration. Can be a float (for both connect and read) or a TimeoutConfig object with separate connect and read timeouts.
network.timeout.connectfloat | NoneNoConnection timeout in seconds.
network.timeout.readfloat | NoneNoRead timeout in seconds.
network.headersdict[str, str] | NoneNoAdditional HTTP headers to include in all requests.
aws_access_key_idSecretStr | NoneNoThe AWS access key to use. Default use environment variable: AWS_ACCESS_KEY_ID
aws_secret_access_keySecretStr | NoneNoThe AWS secret access key to use. Default use environment variable: AWS_SECRET_ACCESS_KEY
aws_session_tokenSecretStr | NoneNoThe AWS session token to use. Default use environment variable: AWS_SESSION_TOKEN
aws_role_arnstr | NoneNoThe AWS role ARN to assume. Default use environment variable: AWS_ROLE_ARN
aws_web_identity_token_filestr | NoneNoThe path to the web identity token file. Default use environment variable: AWS_WEB_IDENTITY_TOKEN_FILE
aws_role_session_namestr | NoneNoThe session name to use when assuming a role. Default use environment variable: AWS_ROLE_SESSION_NAME
region_namestr | NoneNous-east-2AWS Region for the Bedrock Runtime endpoint
profile_namestr | NoneNoThe profile name that contains credentials to use.Default use environment variable: AWS_PROFILE
total_max_attemptsint | NoneNoAn integer representing the maximum number of attempts that will be made for a single request, including the initial attempt. Default use environment variable: AWS_MAX_ATTEMPTS
retry_modestr | NoneNoA string representing the type of retries Boto3 will perform.Default use environment variable: AWS_RETRY_MODE
connect_timeoutfloat | NoneNo60.0The time in seconds till a timeout exception is thrown when attempting to make a connection. The default is 60 seconds.
read_timeoutfloat | NoneNo60.0The time in seconds till a timeout exception is thrown when attempting to read from a connection.The default is 60 seconds.
session_ttlint | NoneNo3600The time in seconds till a session expires. The default is 3600 seconds (1 hour).

Sample Configuration

api_key: ${env.AWS_BEARER_TOKEN_BEDROCK:=}
region_name: ${env.AWS_DEFAULT_REGION:=us-east-2}
aws_role_arn: ${env.AWS_ROLE_ARN:=}
aws_web_identity_token_file: ${env.AWS_WEB_IDENTITY_TOKEN_FILE:=}