article thumbnail

Govern generative AI in the enterprise with Amazon SageMaker Canvas

AWS Machine Learning

To use a specific LLM from Amazon Bedrock, SageMaker Canvas uses the model ID of the chosen LLM as part of the API calls. Limit access to all Amazon Bedrock models To restrict access to all Amazon Bedrock models, you can modify the SageMaker role to explicitly deny these APIs. This way, users can only invoke the allowed models.

article thumbnail

Secure Amazon SageMaker Studio presigned URLs Part 2: Private API with JWT authentication

AWS Machine Learning

In this post, we will continue to build on top of the previous solution to demonstrate how to build a private API Gateway via Amazon API Gateway as a proxy interface to generate and access Amazon SageMaker presigned URLs. The user invokes createStudioPresignedUrl API on API Gateway along with a token in the header.

APIs 89
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trending Sources

article thumbnail

Use AWS PrivateLink to set up private access to Amazon Bedrock

AWS Machine Learning

It allows developers to build and scale generative AI applications using FMs through an API, without managing infrastructure. Customers are building innovative generative AI applications using Amazon Bedrock APIs using their own proprietary data.

APIs 137
article thumbnail

Architecture to AWS CloudFormation code using Anthropic’s Claude 3 on Amazon Bedrock

AWS Machine Learning

The workflow consists of the following steps: The user uploads an architecture image (JPEG or PNG) on the Streamlit application, invoking the Amazon Bedrock API to generate a step-by-step explanation of the architecture using the Anthropic’s Claude 3 Sonnet model. The following diagram illustrates the step-by-step process.

article thumbnail

Build a serverless voice-based contextual chatbot for people with disabilities using Amazon Bedrock

AWS Machine Learning

You only consume the services through their API. To understand better how Amazon Cognito allows external applications to invoke AWS services, refer to refer to Secure API Access with Amazon Cognito Federated Identities, Amazon Cognito User Pools, and Amazon API Gateway. We discuss this later in the post.

article thumbnail

Getting started with cross-region inference in Amazon Bedrock

AWS Machine Learning

Moreover, this capability prioritizes the connected Amazon Bedrock API source/primary region when possible, helping to minimize latency and improve responsiveness. Compatibility with existing Amazon Bedrock API No additional routing or data transfer cost and you pay the same price per token for models as in your source/primary region.

APIs 141
article thumbnail

Securing MLflow in AWS: Fine-grained access control with AWS native services

AWS Machine Learning

In this post, we address these limitations by implementing the access control outside of the MLflow server and offloading authentication and authorization tasks to Amazon API Gateway , where we implement fine-grained access control mechanisms at the resource level using Identity and Access Management (IAM). Adds an IAM authorizer.

APIs 78