-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathtemplate.yaml
More file actions
120 lines (105 loc) · 3.94 KB
/
template.yaml
File metadata and controls
120 lines (105 loc) · 3.94 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
AWSTemplateFormatVersion: "2010-09-09"
#Define parameters
Parameters:
EmbeddingModel:
Type: String
Default: "arn:aws:bedrock:us-east-1::foundation-model/amazon.titan-embed-text-v2:0"
Description: "ARN of the embedding model to use. Defaults to Titan 2."
KnowledgeBaseName:
Type: String
Default: "knowledge-base"
Description: "Name of the knowledge base."
PineconeConnectionString:
Type: String
Description: "Pinecone connection string (e.g., 'https://your-pinecone-endpoint-url')."
Default: "https://xxx.xxx.xxx.pinecone.io"
PineconeApiKey:
Type: String
Description: "Pinecone API Key for authentication."
Default: "{\"apiKey\": \"xxxx_xxxxx_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\"}"
TextField:
Type: String
Default: "text"
Description: "Field name in Pinecone to store raw text data."
MetadataField:
Type: String
Default: "metadata"
Description: "Field name in Pinecone to store metadata associated with the text."
Resources:
# S3 bucket for storing knowledge base data
KnowledgeBaseS3Bucket:
Type: "AWS::S3::Bucket"
Properties:
BucketName: !Sub "${KnowledgeBaseName}-bucket"
# IAM Role for Amazon Bedrock
BedrockIAMRole:
Type: "AWS::IAM::Role"
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Principal:
Service: "bedrock.amazonaws.com"
Action: "sts:AssumeRole"
Policies:
- PolicyName: "BedrockAccessPolicy"
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Action:
- "s3:ListBucket"
Resource: !Sub "arn:aws:s3:::${KnowledgeBaseS3Bucket}"
- Effect: "Allow"
Action:
- "s3:GetObject"
- "s3:PutObject"
Resource: !Sub "arn:aws:s3:::${KnowledgeBaseName}-bucket/*"
- Effect: "Allow"
Action:
- "secretsmanager:GetSecretValue"
Resource: "*" # Adjust to the specific ARN of your Pinecone API key secret
# Add Bedrock permissions to invoke the Amazon Titan embedding model
- Effect: "Allow"
Action:
- "bedrock:InvokeModel"
Resource: "arn:aws:bedrock:us-east-1::foundation-model/amazon.titan-embed-text-v2:0"
# Pinecone API Key stored as plain text in AWS Secrets Manager
PineconeApiKeySecret:
Type: "AWS::SecretsManager::Secret"
Properties:
Name: !Sub "${KnowledgeBaseName}-PineconeApiKey"
Description: "Pinecone API Key for ${KnowledgeBaseName}"
SecretString: !Ref PineconeApiKey # Store the API key as plain text
# Amazon Bedrock Knowledge Base with Pinecone integration
KnowledgeBase:
Type: "AWS::Bedrock::KnowledgeBase"
Properties:
Name: !Ref KnowledgeBaseName
Description: "Knowledge base integrating Amazon Bedrock with Pinecone"
RoleArn: !GetAtt BedrockIAMRole.Arn
KnowledgeBaseConfiguration:
Type: "VECTOR"
VectorKnowledgeBaseConfiguration:
EmbeddingModelArn: !Ref EmbeddingModel
StorageConfiguration:
Type: "PINECONE"
PineconeConfiguration:
ConnectionString: !Ref PineconeConnectionString
CredentialsSecretArn: !Ref PineconeApiKeySecret
FieldMapping:
TextField: !Ref TextField
MetadataField: !Ref MetadataField
Namespace: !Sub "${KnowledgeBaseName}-namespace"
# Define the KB Data Source
KnowledgeBaseDataSource:
Type: "AWS::Bedrock::DataSource"
Properties:
KnowledgeBaseId: !Ref KnowledgeBase
Name: "S3DataSource"
Description: "S3 Data Source for Knowledge Base"
DataSourceConfiguration:
Type: "S3"
S3Configuration:
BucketArn: !Sub "arn:aws:s3:::${KnowledgeBaseS3Bucket}"