Create Amazon Bedrock Knowledge Base and Data Source using Guide > Introduction to Create Amazon Bedrock Knowledge Base and Data Source using Guide recipe > Prerequisites
  

Prerequisites

To use the Create Amazon Bedrock Knowledge Base and Data Source using Guide recipe, the following prerequisites must be met:

Creating an index in Pinecone

To use the index in Amazon Bedrock, you must create an index in Pinecone and add text for the context.
  1. 1Open the Create a new index page in Pinecone.
  2. 2In the Default field, enter an index name and the dimensions as shown in the following image:
    3. The image shows the Create a new index page in Pinecone.
    Note: For the titan-embed-text-v2 model, the available dimensions are 256, 512, 1024. For the titan-embed-text-v1 model, the dimension is 1536. For the cohere models, dimension is 1024. The Create Amazon Bedrock Knowledge Base and Data Source using Guide recipe is preconfigured with model titan-embed-text-v1.
  3. 3Click Create index.
    4. You can save the index host value and API key for future use.
After creating the index, you can use the HOST value with https:// in the Index_Host input parameter as shown in the following image:
The image shows the Pinecone index host value.

Configuring AWS Secrets Manager

Configure the AWS secret manager and the secret ARN.
  1. 1Open the AWS console.
  2. 2Go to the AWS Secrets Manager service and click Store a new secret as shown in the following image:
    3. The image shows the Store a new secret button on the AWS Secrets Manager page.
  3. 3In the Choose secret type page, select the Other type of secret in the Secret type section, and set the key as apiKey and enter the Pinecone API key value that you created previously, and then click Next as shown in the following image:
    4. The image shows the secret type and the API Key value on the Choose secret type page.
  4. 4In the Configure secret page, set the secret manager name and click Next as shown in the following image:
    5. The image shows the secret manager name on the Configure secret page.
  5. 5Go to the secret manager that you created and save the Secret ARN as shown in the following image for future use:
    6. The image shows the secret ARN for the secret manager that you created.

Configure Amazon S3 bucket

To configure an Amazon S3 bucket, perform the following steps:
  1. 1Go to Amazon S3 > Buckets, and then click Create bucket as shown in the following image:
    2. The image shows the Create bucket button on the Amazon S3 Buckets page.
  2. 2Select the bucket type as General purpose and enter the S3 bucket name in the Bucket name field as shown in the following image:
    3. The image shows the bucket name field on the Create bucket page.
    The bucket name will be used as a BucketName variable.

Configure Role and Policy

Configure role and policy in AWS Identity and Access Management (IAM).
  1. 1Go to Amazon Identity and Access Management (IAM) > Policies > Create policy and create a new policy as shown in the following image:
    2. The image shows the Create policy button on the IAM Policies page.
  2. 2Specify the secret ARN, policy name, and model ID. The recipe is preconfigure to use amazon.titan-embed-text-v1. For the list of available models, see https://docs.aws.amazon.com/bedrock/latest/userguide/model-ids.html.
    3. The following image shows the secret ARN, policy name, and model ID in the Specify permissions page:
    The image shows the secret ARN, policy name, and model ID in the Policy editor on the Specify permissions page.
    Here is the sample of the secret ARN, policy name, and model ID to enter in the Policy editor :
    {
    "Version": "2012-10-17",
    "Statement": [
    {
    "Sid": "VisualEditor0",
    "Effect": "Allow",
    "Action": "s3:ListBucket",
    "Resource": "arn:aws:s3:::*"
    },
    {
    "Sid": "VisualEditor1",
    "Effect": "Allow",
    "Action": "s3:GetObject",
    "Resource": "arn:aws:s3:::*/*"
    },
    {
    "Sid": "BedrockInvokeModelStatement",
    "Effect": "Allow",
    "Action": [
    "bedrock:InvokeModel"
    ],
    "Resource": [
    "arn:aws:bedrock:us-east-1::foundation-model/amazon.titan-embed-text-v1"
    ]
    },
    {
    "Sid": "SecretsManagerGetStatement",
    "Effect": "Allow",
    "Action": [
    "secretsmanager:GetSecretValue"
    ],
    "Resource": [
    "{Secret ARN}"
    ]
    }
    ]
    }

  3. 3Go to Amazon Identity and Access Management (IAM) > Roles > Create role and create a new role as shown in the following image:
    4. The image shows the Create role button on the IAM Roles page.
  4. 4In the Select trusted entity page, select Custom trust policy in the Trusted entity type section, and configure the policy as shown in th efollowing example:
    5. The image shows the trusted entity type and snippet to configure the custom trust policy on the Select trusted entity page.
    Here is the sample to configure trust policy:
    {

    "Version": "2012-10-17",

    "Statement": [

    {

    "Sid": "AmazonBedrockKnowledgeBaseTrustPolicy",

    "Effect": "Allow",

    "Principal": {

    "Service": "bedrock.amazonaws.com"

    },

    "Action": "sts:AssumeRole"

    }

    ]

    }
  5. 5In the Add permissions page, add the created policy and set the role name, and then click Next as shown in the following image:
    6. The image shows the policy name on the Add permissions page.
  6. 6Go to the created role and save the role ARN for future use as shown in the following image:b
    7. The image shows the role ARN on the NewRole page.