Required steps prior to creating your first automatic model evaluation job
Automatic model evaluation jobs require access to the following service level resources. Use the linked topics to learn more about getting setting up.
Cross Origin Resource Sharing (CORS) permission requirements
All console-based model evaluation jobs require Cross Origin Resource Sharing (CORS) permissions to be enabled on any Amazon S3 buckets specified in the model evaluation job. To learn more, see Required Cross Origin Resource Sharing (CORS) permissions on S3 buckets
Required service level resources to start an automatic model evaluation job
-
To start a automatic model evaluation job, you need access to at least one Amazon Bedrock foundation model. To learn more, see Access Amazon Bedrock foundation models.
-
To create an automatic model evaluation job you need access to the https://console.aws.amazon.com/bedrock/
, AWS Command Line Interface, or a supported AWS SDK. To learn more about the required IAM actions and resources, see Required console permissions to create an automatic model evaluation job. -
When the model evaluation job starts, a service role is used to perform actions on your behalf. To learn more about required IAM actions and the trust policy requirements, see Service role requirements for automatic model evaluation jobs.
-
Amazon Simple Storage Service – All data used and generated must be placed in an Amazon S3 bucket that is in the same AWS Region in an automatic model evaluation job.
-
Cross Origin Resource Sharing (CORS) – Automatic model evaluations jobs that are created using the Amazon Bedrock console require that you specify a CORS configuration on the S3 bucket. To learn more, see Required Cross Origin Resource Sharing (CORS) permissions on S3 buckets.
-
An IAM service role – To run an automatic model evaluation job you must create a service role. The service role allows Amazon Bedrock to perform actions on your behalf in your AWS account. To learn more, see Service role requirements for automatic model evaluation jobs.
Required console permissions to create an automatic model evaluation job
The following policy contains the minimum set of IAM actions and resources in Amazon Bedrock and Amazon S3 that are required to create an automatic model evaluation job using the Amazon Bedrock console.
In the policy, we recommend using the IAM JSON policy element Resource to limit access to only the models and buckets required for the IAM user, group, or role.
