From 70772e6e3cd3e20051e3869328449fccc69fb958 Mon Sep 17 00:00:00 2001 From: Leonardo Gama <51037424+Leo10Gama@users.noreply.github.com> Date: Tue, 3 Sep 2024 15:24:12 -0700 Subject: [PATCH] revert(stepfunctions-tasks): "feat(stepfunctions-tasks): allow BedrockInvokeModel to use JsonPath" (#31308) Reverts aws/aws-cdk#30298 to resolve https://github.com/aws/aws-cdk/issues/31302 BREAKING CHANGE: Reverting the original PR will come with the following breaking changes * **stepfunctions-tasks:** The `BedrockInvokeModel.outputPath` parameter will no longer be an S3Uri --- ...efaultTestDeployAssert9C0D2DFC.assets.json | 2 +- ...sks-bedrock-invoke-model-integ.assets.json | 6 +- ...s-bedrock-invoke-model-integ.template.json | 35 +----- .../integ.invoke-model.js.snapshot/cdk.out | 2 +- .../integ.invoke-model.js.snapshot/integ.json | 2 +- .../manifest.json | 4 +- .../integ.invoke-model.js.snapshot/tree.json | 43 +------ .../test/bedrock/integ.invoke-model.ts | 8 +- .../aws-stepfunctions-tasks/README.md | 21 ---- .../lib/bedrock/invoke-model.ts | 43 +------ .../test/bedrock/invoke-model.test.ts | 108 ------------------ 11 files changed, 19 insertions(+), 255 deletions(-) diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/InvokeModelDefaultTestDeployAssert9C0D2DFC.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/InvokeModelDefaultTestDeployAssert9C0D2DFC.assets.json index 62c1eb1585be8..ec22c34fcf613 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/InvokeModelDefaultTestDeployAssert9C0D2DFC.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/InvokeModelDefaultTestDeployAssert9C0D2DFC.assets.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "35.0.0", "files": { "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { "source": { diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/aws-stepfunctions-tasks-bedrock-invoke-model-integ.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/aws-stepfunctions-tasks-bedrock-invoke-model-integ.assets.json index ea5387a06b82c..2d7004e16caf5 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/aws-stepfunctions-tasks-bedrock-invoke-model-integ.assets.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/aws-stepfunctions-tasks-bedrock-invoke-model-integ.assets.json @@ -1,7 +1,7 @@ { - "version": "36.0.0", + "version": "35.0.0", "files": { - "e9d946bbac52fb88d3fc7c9ea4f26da0e6a6965417c8ae9fb5464e5342269444": { + "19db222d8d51351d1127c4b099aa6545a4c1ddd9425a2e0f78c328f39ff74edf": { "source": { "path": "aws-stepfunctions-tasks-bedrock-invoke-model-integ.template.json", "packaging": "file" @@ -9,7 +9,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "e9d946bbac52fb88d3fc7c9ea4f26da0e6a6965417c8ae9fb5464e5342269444.json", + "objectKey": "19db222d8d51351d1127c4b099aa6545a4c1ddd9425a2e0f78c328f39ff74edf.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/aws-stepfunctions-tasks-bedrock-invoke-model-integ.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/aws-stepfunctions-tasks-bedrock-invoke-model-integ.template.json index a67f72f4ea158..ce41a5e96cc20 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/aws-stepfunctions-tasks-bedrock-invoke-model-integ.template.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/aws-stepfunctions-tasks-bedrock-invoke-model-integ.template.json @@ -41,25 +41,6 @@ ] ] } - }, - { - "Action": [ - "s3:GetObject", - "s3:PutObject" - ], - "Effect": "Allow", - "Resource": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":s3:::*" - ] - ] - } } ], "Version": "2012-10-17" @@ -91,19 +72,7 @@ { "Ref": "AWS::Region" }, - "::foundation-model/amazon.titan-text-express-v1\",\"Body\":{\"inputText\":\"Generate a list of five first names.\",\"textGenerationConfig\":{\"maxTokenCount\":100,\"temperature\":1}}}},\"Prompt2\":{\"Next\":\"Prompt3\",\"Type\":\"Task\",\"ResultPath\":\"$\",\"ResultSelector\":{\"names.$\":\"$.Body.results[0].outputText\"},\"Resource\":\"arn:", - { - "Ref": "AWS::Partition" - }, - ":states:::bedrock:invokeModel\",\"Parameters\":{\"ModelId\":\"arn:", - { - "Ref": "AWS::Partition" - }, - ":bedrock:", - { - "Ref": "AWS::Region" - }, - "::foundation-model/amazon.titan-text-express-v1\",\"Body\":{\"inputText.$\":\"States.Format('Alphabetize this list of first names:\\n{}', $.names)\",\"textGenerationConfig\":{\"maxTokenCount\":100,\"temperature\":1}}}},\"Prompt3\":{\"End\":true,\"Type\":\"Task\",\"InputPath\":\"$.names\",\"OutputPath\":\"$.names\",\"Resource\":\"arn:", + "::foundation-model/amazon.titan-text-express-v1\",\"Body\":{\"inputText\":\"Generate a list of five first names.\",\"textGenerationConfig\":{\"maxTokenCount\":100,\"temperature\":1}}}},\"Prompt2\":{\"End\":true,\"Type\":\"Task\",\"ResultPath\":\"$\",\"ResultSelector\":{\"names.$\":\"$.Body.results[0].outputText\"},\"Resource\":\"arn:", { "Ref": "AWS::Partition" }, @@ -115,7 +84,7 @@ { "Ref": "AWS::Region" }, - "::foundation-model/amazon.titan-text-express-v1\",\"Input\":{\"S3Uri.$\":\"$.names\"},\"Output\":{\"S3Uri.$\":\"$.names\"}}}},\"TimeoutSeconds\":30}" + "::foundation-model/amazon.titan-text-express-v1\",\"Body\":{\"inputText.$\":\"States.Format('Alphabetize this list of first names:\\n{}', $.names)\",\"textGenerationConfig\":{\"maxTokenCount\":100,\"temperature\":1}}}}},\"TimeoutSeconds\":30}" ] ] }, diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/cdk.out index 1f0068d32659a..c5cb2e5de6344 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/cdk.out +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/cdk.out @@ -1 +1 @@ -{"version":"36.0.0"} \ No newline at end of file +{"version":"35.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/integ.json index 36143be21ab57..5eb622d1d7b82 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/integ.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/integ.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "35.0.0", "testCases": { "InvokeModel/DefaultTest": { "stacks": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/manifest.json index 677092f63b132..60de1b8de8ab7 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/manifest.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/manifest.json @@ -1,5 +1,5 @@ { - "version": "36.0.0", + "version": "35.0.0", "artifacts": { "aws-stepfunctions-tasks-bedrock-invoke-model-integ.assets": { "type": "cdk:asset-manifest", @@ -18,7 +18,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/e9d946bbac52fb88d3fc7c9ea4f26da0e6a6965417c8ae9fb5464e5342269444.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/19db222d8d51351d1127c4b099aa6545a4c1ddd9425a2e0f78c328f39ff74edf.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/tree.json index 17b23007671bd..b3a2882dbd6fb 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/tree.json +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.js.snapshot/tree.json @@ -24,14 +24,6 @@ "version": "0.0.0" } }, - "Prompt3": { - "id": "Prompt3", - "path": "aws-stepfunctions-tasks-bedrock-invoke-model-integ/Prompt3", - "constructInfo": { - "fqn": "aws-cdk-lib.aws_stepfunctions_tasks.BedrockInvokeModel", - "version": "0.0.0" - } - }, "StateMachine": { "id": "StateMachine", "path": "aws-stepfunctions-tasks-bedrock-invoke-model-integ/StateMachine", @@ -104,25 +96,6 @@ ] ] } - }, - { - "Action": [ - "s3:GetObject", - "s3:PutObject" - ], - "Effect": "Allow", - "Resource": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":s3:::*" - ] - ] - } } ], "Version": "2012-10-17" @@ -174,19 +147,7 @@ { "Ref": "AWS::Region" }, - "::foundation-model/amazon.titan-text-express-v1\",\"Body\":{\"inputText\":\"Generate a list of five first names.\",\"textGenerationConfig\":{\"maxTokenCount\":100,\"temperature\":1}}}},\"Prompt2\":{\"Next\":\"Prompt3\",\"Type\":\"Task\",\"ResultPath\":\"$\",\"ResultSelector\":{\"names.$\":\"$.Body.results[0].outputText\"},\"Resource\":\"arn:", - { - "Ref": "AWS::Partition" - }, - ":states:::bedrock:invokeModel\",\"Parameters\":{\"ModelId\":\"arn:", - { - "Ref": "AWS::Partition" - }, - ":bedrock:", - { - "Ref": "AWS::Region" - }, - "::foundation-model/amazon.titan-text-express-v1\",\"Body\":{\"inputText.$\":\"States.Format('Alphabetize this list of first names:\\n{}', $.names)\",\"textGenerationConfig\":{\"maxTokenCount\":100,\"temperature\":1}}}},\"Prompt3\":{\"End\":true,\"Type\":\"Task\",\"InputPath\":\"$.names\",\"OutputPath\":\"$.names\",\"Resource\":\"arn:", + "::foundation-model/amazon.titan-text-express-v1\",\"Body\":{\"inputText\":\"Generate a list of five first names.\",\"textGenerationConfig\":{\"maxTokenCount\":100,\"temperature\":1}}}},\"Prompt2\":{\"End\":true,\"Type\":\"Task\",\"ResultPath\":\"$\",\"ResultSelector\":{\"names.$\":\"$.Body.results[0].outputText\"},\"Resource\":\"arn:", { "Ref": "AWS::Partition" }, @@ -198,7 +159,7 @@ { "Ref": "AWS::Region" }, - "::foundation-model/amazon.titan-text-express-v1\",\"Input\":{\"S3Uri.$\":\"$.names\"},\"Output\":{\"S3Uri.$\":\"$.names\"}}}},\"TimeoutSeconds\":30}" + "::foundation-model/amazon.titan-text-express-v1\",\"Body\":{\"inputText.$\":\"States.Format('Alphabetize this list of first names:\\n{}', $.names)\",\"textGenerationConfig\":{\"maxTokenCount\":100,\"temperature\":1}}}}},\"TimeoutSeconds\":30}" ] ] }, diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.ts index 2d98f804b4475..95860f09e624e 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-stepfunctions-tasks/test/bedrock/integ.invoke-model.ts @@ -52,13 +52,7 @@ const prompt2 = new BedrockInvokeModel(stack, 'Prompt2', { resultPath: '$', }); -const prompt3 = new BedrockInvokeModel(stack, 'Prompt3', { - model, - inputPath: sfn.JsonPath.stringAt('$.names'), - outputPath: sfn.JsonPath.stringAt('$.names'), -}); - -const chain = sfn.Chain.start(prompt1).next(prompt2).next(prompt3); +const chain = sfn.Chain.start(prompt1).next(prompt2); new sfn.StateMachine(stack, 'StateMachine', { definitionBody: sfn.DefinitionBody.fromChainable(chain), diff --git a/packages/aws-cdk-lib/aws-stepfunctions-tasks/README.md b/packages/aws-cdk-lib/aws-stepfunctions-tasks/README.md index a8175c94cc8ff..038ae9ef9c041 100644 --- a/packages/aws-cdk-lib/aws-stepfunctions-tasks/README.md +++ b/packages/aws-cdk-lib/aws-stepfunctions-tasks/README.md @@ -398,27 +398,6 @@ const task = new tasks.BedrockInvokeModel(this, 'Prompt Model', { names: sfn.JsonPath.stringAt('$.Body.results[0].outputText'), }, }); -``` -### Using Input Path - -Provide S3 URI as an input or output path to invoke a model - -```ts - -import * as bedrock from 'aws-cdk-lib/aws-bedrock'; - -const model = bedrock.FoundationModel.fromFoundationModelId( - this, - 'Model', - bedrock.FoundationModelIdentifier.AMAZON_TITAN_TEXT_G1_EXPRESS_V1, -); - -const task = new tasks.BedrockInvokeModel(this, 'Prompt Model', { - model, - inputPath: sfn.JsonPath.stringAt('$.prompt'), - outputPath: sfn.JsonPath.stringAt('$.prompt'), -}); - ``` You can apply a guardrail to the invocation by setting `guardrail`. diff --git a/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/bedrock/invoke-model.ts b/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/bedrock/invoke-model.ts index 3abc7338cab8c..f831cf606c8c5 100644 --- a/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/bedrock/invoke-model.ts +++ b/packages/aws-cdk-lib/aws-stepfunctions-tasks/lib/bedrock/invoke-model.ts @@ -140,14 +140,12 @@ export class BedrockInvokeModel extends sfn.TaskStateBase { constructor(scope: Construct, id: string, private readonly props: BedrockInvokeModelProps) { super(scope, id, props); - this.integrationPattern = props.integrationPattern ?? sfn.IntegrationPattern.REQUEST_RESPONSE; validatePatternSupported(this.integrationPattern, BedrockInvokeModel.SUPPORTED_INTEGRATION_PATTERNS); const isBodySpecified = props.body !== undefined; - //Either specific props.input with bucket name and object key or input s3 path - const isInputSpecified = (props.input !== undefined && props.input.s3Location !== undefined) || (props.inputPath !== undefined); + const isInputSpecified = props.input !== undefined && props.input.s3Location !== undefined; if (isBodySpecified && isInputSpecified) { throw new Error('Either `body` or `input` must be specified, but not both.'); @@ -173,21 +171,7 @@ export class BedrockInvokeModel extends sfn.TaskStateBase { }), ]; - if (this.props.inputPath !== undefined) { - policyStatements.push( - new iam.PolicyStatement({ - actions: ['s3:GetObject'], - resources: [ - Stack.of(this).formatArn({ - region: '', - account: '', - service: 's3', - resource: '*', - }), - ], - }), - ); - } else if (this.props.input !== undefined && this.props.input.s3Location !== undefined) { + if (this.props.input !== undefined && this.props.input.s3Location !== undefined) { policyStatements.push( new iam.PolicyStatement({ actions: ['s3:GetObject'], @@ -204,21 +188,7 @@ export class BedrockInvokeModel extends sfn.TaskStateBase { ); } - if (this.props.outputPath !== undefined) { - policyStatements.push( - new iam.PolicyStatement({ - actions: ['s3:PutObject'], - resources: [ - Stack.of(this).formatArn({ - region: '', - account: '', - service: 's3', - resource: '*', - }), - ], - }), - ); - } else if (this.props.output !== undefined && this.props.output.s3Location !== undefined) { + if (this.props.output !== undefined && this.props.output.s3Location !== undefined) { policyStatements.push( new iam.PolicyStatement({ actions: ['s3:PutObject'], @@ -271,10 +241,10 @@ export class BedrockInvokeModel extends sfn.TaskStateBase { Body: this.props.body?.value, Input: this.props.input?.s3Location ? { S3Uri: `s3://${this.props.input.s3Location.bucketName}/${this.props.input.s3Location.objectKey}`, - } : this.props.inputPath ? { S3Uri: this.props.inputPath } : undefined, + } : undefined, Output: this.props.output?.s3Location ? { S3Uri: `s3://${this.props.output.s3Location.bucketName}/${this.props.output.s3Location.objectKey}`, - } : this.props.outputPath ? { S3Uri: this.props.outputPath }: undefined, + } : undefined, GuardrailIdentifier: this.props.guardrail?.guardrailIdentifier, GuardrailVersion: this.props.guardrail?.guardrailVersion, Trace: this.props.traceEnabled === undefined @@ -284,6 +254,5 @@ export class BedrockInvokeModel extends sfn.TaskStateBase { : 'DISABLED', }), }; - }; + } } - diff --git a/packages/aws-cdk-lib/aws-stepfunctions-tasks/test/bedrock/invoke-model.test.ts b/packages/aws-cdk-lib/aws-stepfunctions-tasks/test/bedrock/invoke-model.test.ts index 02fa2737bb2b8..3c480ea1638a3 100644 --- a/packages/aws-cdk-lib/aws-stepfunctions-tasks/test/bedrock/invoke-model.test.ts +++ b/packages/aws-cdk-lib/aws-stepfunctions-tasks/test/bedrock/invoke-model.test.ts @@ -204,52 +204,6 @@ describe('Invoke Model', () => { }); }); - test('invoke model allows input and output json path', () => { - const stack = new cdk.Stack(); - const model = bedrock.ProvisionedModel.fromProvisionedModelArn(stack, 'Imported', 'arn:aws:bedrock:us-turbo-2:123456789012:provisioned-model/abc-123'); - - const task = new BedrockInvokeModel(stack, 'Invoke', { - model, - inputPath: sfn.JsonPath.stringAt('$.prompt'), - outputPath: sfn.JsonPath.stringAt('$.prompt'), - }); - - new sfn.StateMachine(stack, 'StateMachine', { - definitionBody: sfn.DefinitionBody.fromChainable(task), - }); - - // THEN - expect(stack.resolve(task.toStateJson())).toEqual({ - Type: 'Task', - Resource: { - 'Fn::Join': [ - '', - [ - 'arn:', - { - Ref: 'AWS::Partition', - }, - ':states:::bedrock:invokeModel', - ], - ], - }, - End: true, - InputPath: '$.prompt', - OutputPath: '$.prompt', - Parameters: { - ModelId: 'arn:aws:bedrock:us-turbo-2:123456789012:provisioned-model/abc-123', - Input: { - //Expected key modified from S3Uri to S3Uri.$ as per the State Machine context key field transformation - //Reference: https://docs.aws.amazon.com/step-functions/latest/dg/input-output-example.html - 'S3Uri.$': '$.prompt', - }, - Output: { - 'S3Uri.$': '$.prompt', - }, - }, - }); - }); - test('S3 permissions are created in generated policy when input and output locations are specified', () => { // GIVEN const stack = new cdk.Stack(); @@ -322,68 +276,6 @@ describe('Invoke Model', () => { }); }); - test('S3 permissions are created in generated policy when input and output path are specified', () => { - // GIVEN - const stack = new cdk.Stack(); - const model = bedrock.ProvisionedModel.fromProvisionedModelArn(stack, 'Imported', 'arn:aws:bedrock:us-turbo-2:123456789012:provisioned-model/abc-123'); - - // WHEN - const task = new BedrockInvokeModel(stack, 'Invoke', { - model, - inputPath: sfn.JsonPath.stringAt('$.prompt'), - outputPath: sfn.JsonPath.stringAt('$.prompt'), - }); - - new sfn.StateMachine(stack, 'StateMachine', { - definitionBody: sfn.DefinitionBody.fromChainable(task), - }); - - // THEN - Template.fromStack(stack).hasResourceProperties('AWS::IAM::Policy', { - PolicyDocument: Match.objectLike({ - Statement: Match.arrayWith([ - { - Action: 'bedrock:InvokeModel', - Effect: 'Allow', - Resource: 'arn:aws:bedrock:us-turbo-2:123456789012:provisioned-model/abc-123', - }, - { - Action: 's3:GetObject', - Effect: 'Allow', - Resource: { - 'Fn::Join': [ - '', - [ - 'arn:', - { - Ref: 'AWS::Partition', - }, - ':s3:::*', - ], - ], - }, - }, - { - Action: 's3:PutObject', - Effect: 'Allow', - Resource: { - 'Fn::Join': [ - '', - [ - 'arn:', - { - Ref: 'AWS::Partition', - }, - ':s3:::*', - ], - ], - }, - }, - ]), - }), - }); - }); - test('fails on neither input nor body set', () => { // GIVEN const stack = new cdk.Stack();