How to resolve Authorizations errors when running lab 03_QuestionAnswering/02_qa_w_rag_claude_opensearch

[GAcharyaOS]

When running this lab, you will encounter permissions error in the following steps :

1. The cell trying to create vector store using Opensearch serverless
2. Step / cell to inject the documents into vector store.
3. Clean-up step

To resolve permission issue # 1 and # 3 above, attach following inline policy to the IAM SageMaker execution role you used to launch the SageMaker studio and re-run the cells.

{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "aoss:CreateSecurityPolicy", "aoss:UpdateSecurityPolicy", "aoss:CreateCollection", "aoss:ListCollections", "aoss:CreateAccessPolicy", "aoss:APIAccessAll", "aoss:DeleteSecurityPolicy", "aoss:DeleteCollection", "aoss:DeleteAccessPolicy" ], "Resource": "" }, { "Effect": "Allow", "Action": "iam:CreateServiceLinkedRole", "Resource": "arn:aws:iam:::role/aws-service-role/observability.aoss.amazonaws.com/AWSServiceRoleForAmazonOpenSearchServerless" } ] }

The permission error in the # 2 above ("Step / cell to inject the documents into vector store. ") is more of a sporadic and timing issue. It is caused because its executed before the index creation is completed in the OpenSearch cluster. Re-run this after a min or two delay, and it should run without error.

[w601sxs]

will test - cc: @mani-aiml

[w601sxs]

I think this should be fixed by now, can you confirm @mani-aiml