-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
ec63032
commit cd5425f
Showing
10 changed files
with
263 additions
and
14 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
data "aws_caller_identity" "this" {} | ||
|
||
data "aws_region" "this" {} | ||
|
||
data "aws_iam_session_context" "this" { | ||
arn = data.aws_caller_identity.this.arn | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
# Example | ||
|
||
<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK --> | ||
## Requirements | ||
|
||
| Name | Version | | ||
|------|---------| | ||
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3 | | ||
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 5.73 | | ||
|
||
## Providers | ||
|
||
No providers. | ||
|
||
## Modules | ||
|
||
| Name | Source | Version | | ||
|------|--------|---------| | ||
| <a name="module_logging"></a> [logging](#module\_logging) | ../../ | n/a | | ||
|
||
## Resources | ||
|
||
No resources. | ||
|
||
## Inputs | ||
|
||
| Name | Description | Type | Default | Required | | ||
|------|-------------|------|---------|:--------:| | ||
| <a name="input_bucket"></a> [bucket](#input\_bucket) | The name of the S3 bucket to be created. | `string` | n/a | yes | | ||
| <a name="input_embedding_data_delivery_enabled"></a> [embedding\_data\_delivery\_enabled](#input\_embedding\_data\_delivery\_enabled) | Indicates whether embedding data delivery is enabled. | `bool` | `false` | no | | ||
| <a name="input_image_data_delivery_enabled"></a> [image\_data\_delivery\_enabled](#input\_image\_data\_delivery\_enabled) | Indicates whether image data delivery is enabled. | `bool` | `false` | no | | ||
| <a name="input_text_data_delivery_enabled"></a> [text\_data\_delivery\_enabled](#input\_text\_data\_delivery\_enabled) | Indicates whether text data delivery is enabled. | `bool` | `false` | no | | ||
| <a name="input_key_prefix"></a> [key\_prefix](#input\_key\_prefix) | The key prefix for logging configuration in S3. | `string` | `""` | no | | ||
|
||
## Outputs | ||
|
||
| Name | Description | | ||
|------|-------------| | ||
| <a name="output_resources"></a> [resources](#output\_resources) | Information about created resources | | ||
|
||
<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK --> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
module "logging" { | ||
source = "../../" | ||
bucket = "my-example-bucket" | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
output "resources" { | ||
description = "Information about created resources" | ||
value = module.logging | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
variable "bucket" { | ||
description = "The name of the S3 bucket to be created." | ||
type = string | ||
} | ||
|
||
variable "embedding_data_delivery_enabled" { | ||
description = "Indicates whether embedding data delivery is enabled." | ||
type = bool | ||
default = false | ||
} | ||
|
||
variable "image_data_delivery_enabled" { | ||
description = "Indicates whether image data delivery is enabled." | ||
type = bool | ||
default = false | ||
} | ||
|
||
variable "text_data_delivery_enabled" { | ||
description = "Indicates whether text data delivery is enabled." | ||
type = bool | ||
default = false | ||
} | ||
|
||
variable "key_prefix" { | ||
description = "The key prefix for logging configuration in S3." | ||
type = string | ||
default = "" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
terraform { | ||
required_version = ">= 1.3" | ||
required_providers { | ||
aws = { | ||
source = "hashicorp/aws" | ||
version = "~> 5.73" | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
resource "aws_s3_bucket" "this" { | ||
bucket = var.bucket | ||
force_destroy = true | ||
tags = var.tags | ||
} | ||
|
||
resource "aws_s3_bucket_policy" "this" { | ||
bucket = aws_s3_bucket.this.bucket | ||
|
||
policy = <<EOF | ||
{ | ||
"Version": "2012-10-17", | ||
"Statement": [ | ||
{ | ||
"Effect": "Allow", | ||
"Principal": { | ||
"Service": "bedrock.amazonaws.com" | ||
}, | ||
"Action": [ | ||
"s3:*" | ||
], | ||
"Resource": [ | ||
"${aws_s3_bucket.this.arn}/*" | ||
], | ||
"Condition": { | ||
"StringEquals": { | ||
"aws:SourceAccount": "${data.aws_caller_identity.this.account_id}" | ||
}, | ||
"ArnLike": { | ||
"aws:SourceArn": "arn:aws:bedrock:${data.aws_region.this.name}:${data.aws_caller_identity.this.account_id}:*" | ||
} | ||
} | ||
} | ||
] | ||
} | ||
EOF | ||
} | ||
|
||
resource "aws_bedrock_model_invocation_logging_configuration" "this" { | ||
depends_on = [ | ||
aws_s3_bucket_policy.this | ||
] | ||
|
||
logging_config { | ||
embedding_data_delivery_enabled = var.embedding_data_delivery_enabled | ||
image_data_delivery_enabled = var.image_data_delivery_enabled | ||
text_data_delivery_enabled = var.text_data_delivery_enabled | ||
s3_config { | ||
bucket_name = aws_s3_bucket.this.id | ||
key_prefix = var.key_prefix | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
output "bucket_name" { | ||
description = "The name of the created S3 bucket." | ||
value = aws_s3_bucket.this.bucket | ||
} | ||
|
||
output "bucket_arn" { | ||
description = "The ARN of the created S3 bucket." | ||
value = aws_s3_bucket.this.arn | ||
} | ||
|
||
output "bucket_policy_id" { | ||
description = "The ID of the S3 bucket policy." | ||
value = aws_s3_bucket_policy.this.id | ||
} | ||
|
||
output "logging_bucket_name" { | ||
description = "The name of the S3 bucket used for Bedrock model invocation logging." | ||
value = aws_s3_bucket.this.bucket | ||
} | ||
|
||
output "key_prefix" { | ||
description = "The key prefix used for the Bedrock logging configuration." | ||
value = var.key_prefix | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
variable "bucket" { | ||
description = "The name of the S3 bucket to be created." | ||
type = string | ||
} | ||
|
||
variable "embedding_data_delivery_enabled" { | ||
description = "Indicates whether embedding data delivery is enabled." | ||
type = bool | ||
default = false | ||
} | ||
|
||
variable "image_data_delivery_enabled" { | ||
description = "Indicates whether image data delivery is enabled." | ||
type = bool | ||
default = false | ||
} | ||
|
||
variable "text_data_delivery_enabled" { | ||
description = "Indicates whether text data delivery is enabled." | ||
type = bool | ||
default = false | ||
} | ||
|
||
variable "key_prefix" { | ||
description = "The key prefix for logging configuration in S3." | ||
type = string | ||
default = "" | ||
} | ||
|
||
variable "tags" { | ||
description = "A map of tags to assign to the customization job and custom model." | ||
type = map(string) | ||
default = {} | ||
} |