本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
使用 AWS 管理项目 CloudFormation
Amazon Bedrock 与 AWS 集成 CloudFormation,允许您在基础设施模板中定义和管理项目。您可以使用 JSON 或 YAML 模板在多个 AWS 账户和区域中一致且重复地配置项目。
AWS::BedrockMantle::Project
使用该AWS::BedrockMantle::Project资源在 CloudFormation 模板中创建和管理基岩项目。通过创建的项目 CloudFormation 支持与通过 API 创建的项目相同的功能,包括 IAM 策略附件、标记和可观察性。
语法
要在 CloudFormation 模板中声明此实体,请使用以下语法:
例 CloudFormation 语法
{ "Type": "AWS::BedrockMantle::Project", "Properties": { "Name": String, "Tags": [ { "Key": String, "Value": String }, { "Key": String, "Value": String }, { "Key": String, "Value": String }, { "Key": String, "Value": String } ] } }
Type: AWS::BedrockMantle::Project Properties: Name: String Tags: Key: Value
Properties
- Name
-
必需。项目的名称。在您的 AWS 账户中必须是唯一的。
类型:字符串
最小值:1
最大值:64
模式:
^([0-9a-zA-Z][ _-]?)+$更新要求:替换
- 标签
-
与项目关联的键值对地图,用于成本分配和访问控制。
类型:字符串的映射
更新要求:没有中断
关于标签更新的注意事项
CloudFormation 标签更新在内部AWS::BedrockMantle::Project使用单独的添加和删除操作。没有原子全标签替换。如果堆栈更新在操作中失败,则项目的标签集可能处于部分更新的状态。在修改标签的堆栈更新后,请务必验证最终的标签状态。
返回值
Ref
当您将此资源的逻辑 ID 传递给内部Ref函数时,会Ref返回项目 ID(例如)。proj_abc123
Fn:: GetAtt
- ProjectId
-
项目的唯一标识符(例如
proj_abc123)。 - ProjectArn
-
项目的亚马逊资源名称 (ARN)(例如)。
arn:aws:bedrock-mantle:us-east-1:123456789012:project/proj_abc123 - Status
-
项目的状态。
ACTIVE表示该项目已准备就绪,可以使用。ARCHIVED表示项目已存档,无法接受新的推理请求。 - CreatedAt
-
项目创建的时间戳。
- UpdatedAt
-
项目上次更新的时间戳。
示例
创建基础项目
以下示例为生产聊天机器人应用程序创建了一个项目:
例基础 项目
AWSTemplateFormatVersion: '2010-09-09' Description: Amazon Bedrock Project for Production Chatbot Resources: CustomerChatbotProject: Type: AWS::BedrockMantle::Project Properties: Name: CustomerChatbot-Production Tags: - Key: Project Value: CustomerChatbot - Key: Environment Value: Production - Key: Owner Value: TeamAlpha - Key: CostCenter Value: "21524" Outputs: ProjectId: Description: The ID of the created project Value: !Ref CustomerChatbotProject ProjectArn: Description: The ARN of the created project Value: !GetAtt CustomerChatbotProject.ProjectArn
{ "AWSTemplateFormatVersion": "2010-09-09", "Resources": { "CustomerChatbotProject": { "Type": "AWS::BedrockMantle::Project", "Properties": { "Name": "CustomerChatbot-Production", "Tags": [ { "Key": "Project", "Value": "CustomerChatbot" }, { "Key": "Environment", "Value": "Production" }, { "Key": "Owner", "Value": "TeamAlpha" }, { "Key": "CostCenter", "Value": "21524" } ] } } }, "Outputs": { "ProjectId": { "Description": "The ID of the created project", "Value": { "Ref": "CustomerChatbotProject" } }, "ProjectArn": { "Description": "The ARN of the created project", "Value": { "Fn::GetAtt": ["CustomerChatbotProject", "ProjectArn"] } } } }
为不同的环境创建多个项目
以下示例在单个堆栈中为开发、暂存和生产环境预置了单独的项目:
AWSTemplateFormatVersion: '2010-09-09' Description: Amazon Bedrock Projects for Multi-Environment Deployment Parameters: ApplicationName: Type: String Default: InternalSearch Description: Name of the application CostCenter: Type: String Description: Cost center for billing allocation Resources: DevelopmentProject: Type: AWS::BedrockMantle::Project Properties: Name: !Sub "${ApplicationName}-Development" Tags: - Key: Project Value: !Ref ApplicationName - Key: Environment Value: Development - Key: CostCenter Value: !Ref CostCenter StagingProject: Type: AWS::BedrockMantle::Project Properties: Name: !Sub "${ApplicationName}-Staging" Tags: - Key: Project Value: !Ref ApplicationName - Key: Environment Value: Staging - Key: CostCenter Value: !Ref CostCenter ProductionProject: Type: AWS::BedrockMantle::Project Properties: Name: !Sub "${ApplicationName}-Production" Tags: - Key: Project Value: !Ref ApplicationName - Key: Environment Value: Production - Key: CostCenter Value: !Ref CostCenter Outputs: DevelopmentProjectArn: Value: !GetAtt DevelopmentProject.ProjectArn Export: Name: !Sub "${ApplicationName}-Dev-ProjectArn" StagingProjectArn: Value: !GetAtt StagingProject.ProjectArn Export: Name: !Sub "${ApplicationName}-Staging-ProjectArn" ProductionProjectArn: Value: !GetAtt ProductionProject.ProjectArn Export: Name: !Sub "${ApplicationName}-Prod-ProjectArn"
创建具有 IAM 角色访问权限的项目
以下示例创建一个项目并附加一个 IAM 策略,授予特定角色调用模型的访问权限:
AWSTemplateFormatVersion: '2010-09-09' Description: Amazon Bedrock Project with IAM Access Control Resources: ProductionProject: Type: AWS::BedrockMantle::Project Properties: Name: CustomerChatbot-Production Tags: - Key: Environment Value: Production - Key: CostCenter Value: "21524" ProductionAppRole: Type: AWS::IAM::Role Properties: RoleName: BedrockProjectProductionRole AssumeRolePolicyDocument: Version: '2012-10-17' Statement: - Effect: Allow Principal: Service: lambda.amazonaws.com Action: sts:AssumeRole Policies: - PolicyName: BedrockProjectInvokeAccess PolicyDocument: Version: '2012-10-17' Statement: - Effect: Allow Action: - bedrock-mantle:CreateInference - bedrock-mantle:GetProject Resource: !GetAtt ProductionProject.ProjectArn Outputs: ProjectArn: Value: !GetAtt ProductionProject.ProjectArn RoleArn: Value: !GetAtt ProductionAppRole.Arn
在项目 API 中使用 CloudFormation 输出
部署 CloudFormation 堆栈后,您可以使用堆栈输出在应用程序代码中引用项目 ARN 和 ID:
import boto3 from openai import OpenAI # Retrieve project details from CloudFormation stack outputs cfn = boto3.client('cloudformation', region_name='us-east-1') response = cfn.describe_stacks(StackName='my-bedrock-projects-stack') outputs = {o['OutputKey']: o['OutputValue'] for o in response['Stacks'][0]['Outputs']} production_project_arn = outputs['ProductionProjectArn'] # Extract project ID from ARN # ARN format: arn:aws:bedrock-mantle:us-east-1:123456789012:project/proj_abc123 project_id = production_project_arn.split('/')[-1] print(f"Using project: {project_id}") # Use the project for inference client = OpenAI(project=project_id) response = client.responses.create( model="openai.gpt-oss-120b", input="Hello from a CloudFormation-managed project!" ) print(response)
了解更多
有关 CloudFormation 与 Amazon Bedrock 资源搭配使用的更多信息,请参阅:
