pulumi-aws-kotlin/com.pulumi.aws.bedrock.kotlin/AgentAgentAlias

AgentAgentAlias

class AgentAgentAlias : KotlinCustomResource

Resource for managing an AWS Agents for Amazon Bedrock Agent Alias.

Example Usage

Basic Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.AwsFunctions;
import com.pulumi.aws.inputs.GetCallerIdentityArgs;
import com.pulumi.aws.inputs.GetPartitionArgs;
import com.pulumi.aws.inputs.GetRegionArgs;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
import com.pulumi.aws.iam.Role;
import com.pulumi.aws.iam.RoleArgs;
import com.pulumi.aws.iam.RolePolicy;
import com.pulumi.aws.iam.RolePolicyArgs;
import com.pulumi.aws.bedrock.AgentAgent;
import com.pulumi.aws.bedrock.AgentAgentArgs;
import com.pulumi.aws.bedrock.AgentAgentAlias;
import com.pulumi.aws.bedrock.AgentAgentAliasArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var current = AwsFunctions.getCallerIdentity();
        final var currentGetPartition = AwsFunctions.getPartition();
        final var currentGetRegion = AwsFunctions.getRegion();
        final var exampleAgentTrust = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
            .statements(GetPolicyDocumentStatementArgs.builder()
                .actions("sts:AssumeRole")
                .principals(GetPolicyDocumentStatementPrincipalArgs.builder()
                    .identifiers("bedrock.amazonaws.com")
                    .type("Service")
                    .build())
                .conditions(
                    GetPolicyDocumentStatementConditionArgs.builder()
                        .test("StringEquals")
                        .values(current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId()))
                        .variable("aws:SourceAccount")
                        .build(),
                    GetPolicyDocumentStatementConditionArgs.builder()
                        .test("ArnLike")
                        .values(String.format("arn:%s:bedrock:%s:%s:agent/*", currentGetPartition.applyValue(getPartitionResult -> getPartitionResult.partition()),currentGetRegion.applyValue(getRegionResult -> getRegionResult.name()),current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.accountId())))
                        .variable("AWS:SourceArn")
                        .build())
                .build())
            .build());
        final var exampleAgentPermissions = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
            .statements(GetPolicyDocumentStatementArgs.builder()
                .actions("bedrock:InvokeModel")
                .resources(String.format("arn:%s:bedrock:%s::foundation-model/anthropic.claude-v2", currentGetPartition.applyValue(getPartitionResult -> getPartitionResult.partition()),currentGetRegion.applyValue(getRegionResult -> getRegionResult.name())))
                .build())
            .build());
        var example = new Role("example", RoleArgs.builder()
            .assumeRolePolicy(exampleAgentTrust.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
            .namePrefix("AmazonBedrockExecutionRoleForAgents_")
            .build());
        var exampleRolePolicy = new RolePolicy("exampleRolePolicy", RolePolicyArgs.builder()
            .policy(exampleAgentPermissions.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
            .role(example.id())
            .build());
        var exampleAgentAgent = new AgentAgent("exampleAgentAgent", AgentAgentArgs.builder()
            .agentName("my-agent-name")
            .agentResourceRoleArn(example.arn())
            .idleTtl(500)
            .foundationModel("anthropic.claude-v2")
            .build());
        var exampleAgentAgentAlias = new AgentAgentAlias("exampleAgentAgentAlias", AgentAgentAliasArgs.builder()
            .agentAliasName("my-agent-alias")
            .agentId(exampleAgentAgent.agentId())
            .description("Test Alias")
            .build());
    }
}

resources:
  example:
    type: aws:iam:Role
    properties:
      assumeRolePolicy: ${exampleAgentTrust.json}
      namePrefix: AmazonBedrockExecutionRoleForAgents_
  exampleRolePolicy:
    type: aws:iam:RolePolicy
    name: example
    properties:
      policy: ${exampleAgentPermissions.json}
      role: ${example.id}
  exampleAgentAgent:
    type: aws:bedrock:AgentAgent
    name: example
    properties:
      agentName: my-agent-name
      agentResourceRoleArn: ${example.arn}
      idleTtl: 500
      foundationModel: anthropic.claude-v2
  exampleAgentAgentAlias:
    type: aws:bedrock:AgentAgentAlias
    name: example
    properties:
      agentAliasName: my-agent-alias
      agentId: ${exampleAgentAgent.agentId}
      description: Test Alias
variables:
  current:
    fn::invoke:
      Function: aws:getCallerIdentity
      Arguments: {}
  currentGetPartition:
    fn::invoke:
      Function: aws:getPartition
      Arguments: {}
  currentGetRegion:
    fn::invoke:
      Function: aws:getRegion
      Arguments: {}
  exampleAgentTrust:
    fn::invoke:
      Function: aws:iam:getPolicyDocument
      Arguments:
        statements:
          - actions:
              - sts:AssumeRole
            principals:
              - identifiers:
                  - bedrock.amazonaws.com
                type: Service
            conditions:
              - test: StringEquals
                values:
                  - ${current.accountId}
                variable: aws:SourceAccount
              - test: ArnLike
                values:
                  - arn:${currentGetPartition.partition}:bedrock:${currentGetRegion.name}:${current.accountId}:agent/*
                variable: AWS:SourceArn
  exampleAgentPermissions:
    fn::invoke:
      Function: aws:iam:getPolicyDocument
      Arguments:
        statements:
          - actions:
              - bedrock:InvokeModel
            resources:
              - arn:${currentGetPartition.partition}:bedrock:${currentGetRegion.name}::foundation-model/anthropic.claude-v2

Import

Using pulumi import, import Agents for Amazon Bedrock Agent Alias using the alias ID and the agent ID separated by ,. For example:

$ pulumi import aws:bedrock/agentAgentAlias:AgentAgentAlias example 66IVY0GUTF,GGRRAED6JP

Properties

agentAliasArn

val agentAliasArn: Output<String>

ARN of the alias.

agentAliasId

val agentAliasId: Output<String>

Unique identifier of the alias.

agentAliasName

val agentAliasName: Output<String>

Name of the alias.

agentId

val agentId: Output<String>

Identifier of the agent to create an alias for. The following arguments are optional:

description

val description: Output<String>?

Description of the alias.

val id: Output<String>

pulumiChildResources

val pulumiChildResources: Set<KotlinResource>

pulumiResourceName

val pulumiResourceName: String

pulumiResourceType

val pulumiResourceType: String

routingConfigurations

val routingConfigurations: Output<List<AgentAgentAliasRoutingConfiguration>>

Details about the routing configuration of the alias. See routing_configuration block for details.