search

anthropics / anthropic-quickstarts

A collection of projects designed to help developers quickly get started with building deployable applications using the Anthropic API
MIT License
7.01k stars 1.06k forks source link

Unable to create knowledge base due to permission errors and free tier limitations #10

Open blackthorns opened 2 months ago

blackthorns commented 2 months ago

Hello,

I'm encountering significant difficulties while trying to create a knowledge base using Amazon Bedrock and OpenSearch Serverless. Despite multiple attempts to resolve permission issues, I'm still unable to successfully create the knowledge base.

Current situation:

  1. I've been receiving various "AccessDeniedException" errors related to different AWS services (IAM, Lambda, AOSS, etc.).
  2. I've progressively added more permissions to my IAM user to resolve these issues.
  3. After adding numerous permissions, I've now reached the limit of what's allowed in the AWS free tier plan.

Steps taken:

  1. Started with basic permissions for Bedrock and S3.
  2. Gradually added permissions for Lambda, IAM, EC2, CloudWatch, etc.
  3. Added specific permissions for Amazon OpenSearch Serverless (AOSS).

Current blocker: The latest error I'm receiving is: "Impossible de créer la collection Amazon OpenSearch sans serveur. User: arn:aws:iam::xxxxxxxxxxxx:user/xxxxxx is not authorized to perform: aoss:CreateSecurityPolicy on resource: aoss:collection/bedrock-knowledge-base-v6jduq because no identity-based policy allows the aoss:CreateSecurityPolicy action"

Questions:

  1. Is it possible to create a knowledge base within the constraints of the AWS free tier?
  2. If so, what is the minimal set of permissions required to achieve this?
  3. Are there any known issues or limitations with creating knowledge bases that I should be aware of?

Any guidance or documentation that could help resolve this issue would be greatly appreciated. Thank you for your time and assistance.

carlos2martinize commented 2 months ago

}

< import=xmlns: //canada federal "(https://federal canada.com)" \ "(https://atholville.net)" \ "(https://baie-durfe.qc.ca)" \ "(https://becancour.net)" \ "(https://bellisland.net)" \ "(https://bonista.net)" \ "(http://bouctpouche.org)" "(https://wavebrowser.net)"/.`@,'NEWS "(https://gitkraken.com/)" srt: < xml=import: https://www.wavebrowser.net /> src: < import=? https://www.chucknetwork.com /> "Clair W. Bates Jr." <p> dick's a bigger word than than just dick. Rich' hurd "STOMPPED OUT"</p> </body> <p>{</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/callyogi"><img src="https://avatars.githubusercontent.com/u/159614557?v=4" />callyogi</a> commented <strong> 2 months ago</strong> </div> <div class="markdown-body"> <p>give admin access to the user ... then it will work. </p> </div> </div> <div class="page-bar-simple"> </div> <div class="footer"> <ul class="body"> <li>© <script> document.write(new Date().getFullYear()) </script> Githubissues.</li> <li>Githubissues is a development platform for aggregating issues.</li> </ul> </div> <script src="https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js"></script> <script src="/githubissues/assets/js.js"></script> <script src="/githubissues/assets/markdown.js"></script> <script src="https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@11.4.0/build/highlight.min.js"></script> <script src="https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@11.4.0/build/languages/go.min.js"></script> <script> hljs.highlightAll(); </script> </body> </html>