Restricting Amazon Bedrock Regions with IAM
We're big fans of Amazon Bedrock. One extremely useful feature, is the ability to use AWS Identity and Access Management (IAM) to restrict what regions your requests can be processed in.
For example, if we want to restrict our IAM role for LiteLLM to only processing inference requests in Australia, Canada, New Zealand, the UK, and/or the US, the simple policy below will do the trick.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowBedrockModelInvocationInAUSCANNZUKUS",
"Effect": "Allow",
"Action": [
"bedrock:InvokeModel",
"bedrock:InvokeModelWithResponseStream"
],
"Condition": {
"StringEquals": {
"aws:RequestedRegion": [
"us-east-1",
"us-east-2",
"us-west-1",
"us-west-2",
"ca-central-1",
"ca-west-1",
"eu-west-2",
"ap-southeast-2",
"ap-southeast-4"
]
},
"StringLikeIfExists": {
"bedrock:InferenceProfileArn": "arn:aws:bedrock:*:*:inference-profile/us.*"
}
},
"Resource": [
"arn:aws:bedrock:*::foundation-model/*",
"arn:aws:bedrock:*:*:provisioned-model/*",
"arn:aws:bedrock:*:*:imported-model/*",
"arn:aws:bedrock:*:*:inference-profile/*"
]
}
]
}One important note is the bedrock:InferenceProfileArn check using StringLikeIfExists. This is required to safely allow cross-region inference, while ensuring cross-region inference requests don't leave the US. Without this, we could end up with a cross-region inference request to eu-west-2 (London) being processed in somewhere like eu-west-3 (Paris), and France isn't in the list of countries mentioned above. (Note: as of the time of writing, eu-west-2 doesn't support cross-region inference, but that will likely change in the future. You want to ensure your policies today account for new services in the future.)
If you don't want to allow cross-region requests at all, simply drop arn:aws:bedrock:*:*:inference-profile/* completely from the Resource array, and remove the StringLikeIfExists check. (We would really recommend you don't though.)