Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for Amazon Bedrock APIs Linting #3739

Open
2 tasks
omenking opened this issue Oct 10, 2024 · 2 comments
Open
2 tasks

Support for Amazon Bedrock APIs Linting #3739

omenking opened this issue Oct 10, 2024 · 2 comments

Comments

@omenking
Copy link

Is this feature request related to a new rule or cfn-lint capabilities?

New capability

Describe the feature you'd like to request

When working with Amazon Bedrock API resources in CFN I would like CFN-Lint to be properly updated.

Screenshot 2024-10-10 at 8 17 37 AM

Describe the solution you'd like

When attempting to deploy an agent CFN-Lint is throwing errors even though cross-referencing CFN says my documentation is correct and when I deploy my CFN it works.

Additional context

No response

Is this something that you'd be interested in working on?

  • 👋 I may be able to implement this feature request

Would this feature include a breaking change?

  • ⚠️ This feature might incur a breaking change
@omenking
Copy link
Author

Okay so this is really odd. I'm trying to write CFN for Amazon Bedrock Agent.
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrock-agent-apischema.html

The API shows that this is the structure for SchemaAPI

{
  "Payload" : String,
  "S3" : S3Identifier
}

And so in my code I follow that structure:

      ActionGroups:
        # https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-bedrock-agent-agentactiongroup.html
        - ActionGroupName: 'LambdaActionGroup'
          Description: 'Action group for Lambda integration'
          ApiSchema:
            Payload: yaml
            S3: !Sub 's3://${PromptBucket}/api-schema.yaml'
          ActionGroupExecutor:
            CustomControl: RETURN_CONTROL
            LambdaArn: !GetAtt LambdaFunction.Arn

However.... CFN Lint is telling me nope, thats not right

E3002 Additional properties are not allowed ('Payload' was unexpected)
template.yaml:79:13

And If I attempt to deploy CFN says nope this Payload key doesn't exist

Properties validation failed for resource BedrockAgent with message: #/ActionGroups/0/ApiSchema: #: 0 subschemas matched instead of one #/ActionGroups/0/ApiSchema: extraneous key [Payload] is not permitted 
#/ActionGroups/0/ApiSchema/S3: expected type: JSONObject, found: String #/ActionGroups/0/ApiSchema: extraneous key [S3] is not permitted #/ActionGroups/0/ActionGroupExecutor: #: 0 subschemas matched instead of one #/ActionGroups/0/ActionGroupExecutor: required key [Lambda] not found #/ActionGroups/0/ActionGroupExecutor: extraneous key [LambdaArn] is not permitted #/ActionGroups/0/ActionGroupExecutor: extraneous key [CustomControl] is not permitted #/ActionGroups/0/ActionGroupExecutor: extraneous key [LambdaArn] is not permitted

This is confusing because the docs are telling me the expected structure, so I am not to believe the docs and cfn-lint and cfn is correct?

@kddejong
Copy link
Contributor

service side validation and cfn-lint use the resource schemas.. These schemas are the source of truth for this. A lot of the docs should be autogenerated from these schemas. You can submit feedback and it will get redirected to the correct team for resolution.

I would trust the schema files (so cfn-lint and validation). Those schemas the payloads to the resource handler code.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@omenking @kddejong