Amazon Bedrock Connector
The Amazon Bedrock Connector is an outbound Connector that allows you to interact with Amazon Bedrock from your BPMN process.
Prerequisites
To use the Amazon Bedrock Connector, you need to have an AWS account with an access key and secret key to
execute InvokeModel
or
Converse
actions.
The necessary models must be enabled beforehand on the region you are operating from. See more about this in the Amazon Bedrock user guide.
Learn more about Amazon bedrock in the official Bedrock documentation.
Use Camunda secrets to store credentials and avoid exposing sensitive information directly from the process. Refer to managing secrets to learn more.
Create an Amazon Bedrock Connector task
You can apply a Connector to a task or event via the append menu. For example:
- From the canvas: Select an element and click the Change element icon to change an existing element, or use the append feature to add a new element to the diagram.
- From the properties panel: Navigate to the Template section and click Select.
- From the side palette: Click the Create element icon.
After you have applied a Connector to your element, follow the configuration steps or see using Connectors to learn more.
Authentication
Choose an applicable authentication type from the Authentication dropdown. Learn more about authentication types in the related appendix entry.
There are two options to authenticate the Connector with AWS:
- Choose Credentials in the Authentication dropdown if you have a valid pair of access and secret keys provided by your AWS account administrator. This option is applicable for both SaaS and Self-Managed users.
- Choose Default Credentials Chain (Hybrid/Self-Managed only) in the Authentication dropdown if your system is configured as an implicit authentication mechanism, such as role-based authentication, credentials supplied via environment variables, or files on target host. This option is applicable only for Self-Managed or hybrid distributions. This approach uses the Default Credential Provider Chain to resolve required credentials.
If you select Credentials to access the Amazon Bedrock Connector, the Connector requires the appropriate credentials. The following authentication options are available:
- Access key: Provide an access key of a user with permissions to the Amazon SageMaker
InvokeModel
and/orConverse
actions. - Secret key: Provide the secret key of the user with the access key provided above.
The Access key and the Secret key are required properties and must be provided to use the Connector.
For more information on authentication and security in Amazon Bedrock, refer to the Amazon Bedrock security and privacy documentation.
Region
In the Region field write the region of the deployed endpoint.
Action
There are two possible actions with the Amazon Bedrock Connector: InvokeModel
and Converse
.
InvokeModel
This action is meant to invoke a model with a raw payload.
A model ID must be specified. Find all the available options for Amazon Bedrock in the model ID documentation.
Ensure the model is available in your region, that your model can invoke the Invoke Model
action, and you are a user with adequate rights.
The payload is dependent on the model used, and you can find the different payloads in the model parameters documentation.
- Use Result Variable to store the response in a process variable. For example,
myResultVariable
. - Use Result Expression to map fields from the response into process variables.
The response is dependent on the model used, and you can find the different responses in the model parameters documentation.
Example
If using the model Jamba-instruct
with model ID ai21.jamba-instruct-v1:0
, and looking at the model parameters Jamba documentation, the payload could be as follows:
{
"messages": [{ "role": "user", "content": "Hello" }],
"max_tokens": 256,
"top_p": 0.8,
"temperature": 0.7
}
The FEEL mapping could be as follows:
{ response : body.choices.message.content[1] }
Converse
This action is meant to start or continue a conversation with a model.
A model ID must be specified. Find all available model IDs for Amazon Bedrock in the model ID documentation.
Ensure the model is available in your region, that your model can invoke the Converse
action, and you are a user with adequate rights.
New Message
is either the first message (to start a conversation) or is the next message from an already started conversation.Message History
is the history of the conversation that should always be passed. If not set, this will be a new conversation.
- Use Result Variable to store the response in a process variable. For example,
myResultVariable
. - Use Result Expression to map fields from the response into process variables.
The response contains two elements:
messageHistory
is the full history of the previous message, from user and assistant, including the latest message written by the assistant.newMessage
is the latest message written by the assistant.
Ideally, the message's history must transit within the process and be the input of this Converse
task with the new message.