search

opensearch-project / flow-framework

OpenSearch plugin that enables builders to innovate AI apps on OpenSearch
Apache License 2.0
32 stars 35 forks source link

[BUG] roleArn is being checked at create time instead of provision time #957

Open derrike opened 2 days ago

derrike commented 2 days ago

What is the bug?

I am trying to setup a Workflow using the Flow Framework to connect to Claude using the create_connector provision type. I am setting up a variable for the roleArn so that I can inject the actual role when the workflow gets provisioned. Example:

"credential": {
    "roleArn": "${{ AWS_BEDROCK_ROLE_ARN }}"
}

When I go to CREATE the workflow using POST _plugins/_flow_framework/workflow, I receive a 502 error. If I replace just the variable placeholder with an actual invalid IAM Role, I get an error that says I'm not authorized to pass that role. This error tells me there the CREATE process is trying to pass a role at CREATE time. This shouldn't be happening, because the Flow Framework template wouldn't know what the role actually is at CREATE time. In this example, the Flow Framework would only know the actual role arn at PROVISION time (_provision). That is when the AWS_BEDROCK_ROLE_ARN would get injected, and would be available to be passed / validated.

How can one reproduce the bug?

You can run the following example workflow in DevTools. This will generate a 502 error because it tries to pass the placeholder variable at CREATE time. Then you can substitute it for an actual AWS Role Arn, like: arn:aws:iam::123456789012:role/MyCoolRole. This will generate a Pass Role error, demonstrating that something is happening at CREATE time that shouldn't be happening. Finally, if you want you can substitute in an actual role that has permissions.

POST _plugins/_flow_framework/workflow
{
    "name": "Deploy Claude Model",
    "description": "Deploy a model using a connector to Claude",
    "use_case": "PROVISION",
    "version": {
        "template": "1.0.0",
        "compatibility": [
            "2.12.0",
            "3.0.0"
        ]
    },
    "workflows": {
        "provision": {
            "nodes": [
                {
                    "id": "create_claude_connector",
                    "type": "create_connector",
                    "user_inputs": {
                        "name": "Claude Instant Runtime Connector",
                        "version": "1",
                        "protocol": "aws_sigv4",
                        "description": "The connector to BedRock service for Claude model",
                        "actions": [
                            {
                                "headers": {
                                    "x-amz-content-sha256": "required",
                                    "content-type": "application/json"
                                },
                                "method": "POST",
                                "request_body": "{ \"prompt\":\"${parameters.prompt}\", \"max_tokens_to_sample\":${parameters.max_tokens_to_sample}, \"temperature\":${parameters.temperature},  \"anthropic_version\":\"${parameters.anthropic_version}\" }",
                                "action_type": "predict",
                                "url": "https://bedrock-runtime.us-east-1.amazonaws.com/model/anthropic.claude-instant-v1/invoke"
                            }
                        ],
                        "credential": {
                            "roleArn": "${{ AWS_BEDROCK_ROLE_ARN }}"
                        },
                        "parameters": {
                            "endpoint": "https://bedrock-runtime.us-east-1.amazonaws.com/",
                            "content_type": "application/json",
                            "auth": "Sig_V4",
                            "max_tokens_to_sample": "8000",
                            "service_name": "bedrock",
                            "temperature": "0.0001",
                            "response_filter": "$.completion",
                            "region": "us-east-1",
                            "anthropic_version": "bedrock-2023-05-31"
                        }
                    }
                }
            ]
        }
    }
}

What is the expected behavior?

The workflow can be provisioned with a placeholder variable in the roleArn section.

What is your host/environment?

Managed OpenSearch 2.13. User that is making the call is configured as an AWS IAM Role in backend security.

Do you have any screenshots?

image

Do you have any additional context?

n/a

dbwiddis commented 2 days ago

Attempted to reproduce this with a local cluster and it works fine; something must be different on AOS with this. Also, nothing in Flow Framework would produce a 502 error.

Placeholders work elsewhere in the template so it's possibly related to the fact that the credentials are encrypted.

@amitgalitz @owaiskazi19 do you have any ideas here?