# Set Up AWS Bedrock as an LLM Provider

> For the complete documentation index, see [llms.txt](https://docs.redpanda.com/llms.txt). Component-specific: [agentic-data-plane-full.txt](https://docs.redpanda.com/agentic-data-plane-full.txt)

---
title: Set Up AWS Bedrock as an LLM Provider
latest-operator-version: v26.1.5
latest-console-tag: v3.7.4
latest-connect-version: 4.96.1
latest-redpanda-tag: v26.1.10
docname: bedrock-setup
page-component-name: agentic-data-plane
page-version: master
page-component-version: master
page-component-title: Agentic Data Plane
page-relative-src-path: bedrock-setup.adoc
page-edit-url: https://github.com/redpanda-data/adp-docs/edit/main/modules/gateway/pages/bedrock-setup.adoc
description: Create the IAM user, policy, and access keys required for AI Gateway to invoke Amazon Bedrock models, then register the provider in ADP.
page-topic-type: how-to
personas: platform_engineer
learning-objective-1: Create an IAM policy that grants AI Gateway permission to invoke Bedrock foundation models and cross-region inference profiles
learning-objective-2: Create a dedicated IAM user, attach the policy, and generate access keys for AI Gateway
learning-objective-3: Register Bedrock as an LLM provider in ADP and select the models you want to expose
page-git-created-date: "2026-05-28"
page-git-modified-date: "2026-06-15"
---

<!-- Source: https://docs.redpanda.com/agentic-data-plane/gateway/bedrock-setup.md -->

This guide walks you through the AWS-side setup AI Gateway needs to invoke Amazon Bedrock, then through the Redpanda ADP flow that registers Bedrock as an LLM provider. For background on how Bedrock foundation models, cross-region inference profiles, and IAM patterns map to the provider form, see [AWS Bedrock: Inference profiles and IAM](https://docs.redpanda.com/agentic-data-plane/gateway/configure-provider/#bedrock-inference-profiles) on the main provider configuration page.

After completing this guide, you will be able to:

-   Create an IAM policy that grants AI Gateway permission to invoke Bedrock foundation models and cross-region inference profiles

-   Create a dedicated IAM user, attach the policy, and generate access keys for AI Gateway

-   Register Bedrock as an LLM provider in ADP and select the models you want to expose


## [](#prerequisites)Prerequisites

-   An AWS account with Bedrock model access enabled in the region you plan to call. Model availability varies by region; see [Bedrock models by region](https://docs.aws.amazon.com/bedrock/latest/userguide/models-regions.html).

-   Access to the AWS CLI configured with credentials that can create IAM users, policies, and access keys.

-   Access to the Redpanda UI.


## [](#create-the-iam-policy)Create the IAM policy

Create a policy that grants the two Bedrock invoke actions on both foundation-model ARNs and cross-region inference-profile ARNs:

```bash
aws iam create-policy \
  --policy-name RedpandaBedrockInvoke \
  --policy-document '{
    "Version": "2012-10-17",
    "Statement": [
      {
        "Sid": "BedrockInvoke",
        "Effect": "Allow",
        "Action": [
          "bedrock:InvokeModel",
          "bedrock:InvokeModelWithResponseStream"
        ],
        "Resource": [
          "arn:aws:bedrock:*::foundation-model/*",
          "arn:aws:bedrock:*:*:inference-profile/*"
        ]
      }
    ]
  }'
```

The second resource entry enables cross-region inference profiles such as `us.anthropic.claude-sonnet-4-6`, which AI Gateway uses when the model identifier carries a geography prefix. See [AWS Bedrock: Inference profiles and IAM](https://docs.redpanda.com/agentic-data-plane/gateway/configure-provider/#bedrock-inference-profiles) for the full prefix list and pricing implications.

> 📝 **NOTE**
>
> Anthropic Claude 4.6 and later models cannot be invoked with the bare foundation-model ID and require an inference profile. Without the second `Resource` entry, those calls fail with `AccessDenied`.

To restrict the policy to specific models and regions for production, replace the wildcard resources with explicit ARNs. For example:

```json
{
  "Resource": [
    "arn:aws:bedrock:us-east-1::foundation-model/anthropic.claude-sonnet-4-6",
    "arn:aws:bedrock:us-east-1::foundation-model/anthropic.claude-haiku-4-5-20251001"
  ]
}
```

## [](#create-the-iam-user)Create the IAM user

Create a dedicated IAM user for AI Gateway and attach the policy:

```bash
aws iam create-user --user-name redpanda-bedrock-invoker

aws iam attach-user-policy \
  --user-name redpanda-bedrock-invoker \
  --policy-arn arn:aws:iam::<account-id>:policy/RedpandaBedrockInvoke
```

Replace `<account-id>` with the account ID returned in the `create-policy` output (visible in the policy ARN).

> 💡 **TIP**
>
> Don’t reuse an existing IAM user. A dedicated user makes it easy to rotate credentials or revoke access without affecting other AWS workloads.

## [](#generate-access-keys)Generate access keys

Generate the access keys AI Gateway uses:

```bash
aws iam create-access-key --user-name redpanda-bedrock-invoker
```

Save the `AccessKeyId` and `SecretAccessKey` from the output. You need both in the next section to register them as Redpanda secrets.

> ⚠️ **CAUTION**
>
> AWS displays the secret access key only at creation. Store it in a password manager or pass it directly into the secret-creation flow in the next section.

## [](#verify-bedrock-access-optional)Verify Bedrock access (optional)

Confirm the IAM user can invoke Bedrock before moving to the UI:

```bash
aws bedrock-runtime invoke-model \
  --model-id us.anthropic.claude-haiku-4-5-20251001-v1:0 \
  --region us-east-1 \
  --content-type application/json \
  --accept application/json \
  --body "$(echo -n '{"anthropic_version":"bedrock-2023-05-31","max_tokens":32,"messages":[{"role":"user","content":"Hello"}]}' | base64)" \
  /tmp/bedrock-test.json \
  && jq . /tmp/bedrock-test.json && rm /tmp/bedrock-test.json
```

A successful model response confirms the IAM policy, region, and credentials are correct. If you see `AccessDenied`, check the policy resource list and confirm Bedrock model access is enabled in the target region.

## [](#register-bedrock-as-an-llm-provider)Register Bedrock as an LLM provider

1.  Open **LLM Providers** in the sidebar and click **Create provider**.

2.  Select **AWS Bedrock** as the provider type.

3.  Enter a Name such as `my-bedrock`. Use lowercase letters, digits, and hyphens. The name is immutable and appears in the proxy URL.

4.  Select the Region where you want to invoke Bedrock, such as `us-east-1`.

5.  For Credential type, select **Static keys**. (This guide uses the access keys you created above. For the default-chain and assume-role options, see [Configure an LLM provider](https://docs.redpanda.com/agentic-data-plane/gateway/configure-provider/).)

6.  Configure the credentials:

    1.  In the Access key ID ref dropdown, type a secret name such as `AWS_ACCESS_KEY_ID`.

    2.  Paste the `AccessKeyId` value from the IAM user setup and click **Create**. The secret is stored in the ADP secret store, scoped to AI Gateway.

    3.  Repeat for Secret access key ref. Use a name such as `AWS_SECRET_ACCESS_KEY` and paste the `SecretAccessKey` value.

        Secret names are normalized to `UPPER_SNAKE_CASE` automatically and get the AI Gateway scope, which makes them usable across the platform: LLM providers, MCP servers, and agents.


7.  Select the models you want to expose through this provider, for example:

    -   `anthropic.claude-sonnet-4-6`

    -   `anthropic.claude-haiku-4-5-20251001`

    -   `amazon.nova-pro-v1:0`

        For Anthropic Claude 4.6 and later, pick the inference profile (for example, `us.anthropic.claude-sonnet-4-6`) rather than the bare foundation-model ID.


8.  Click **Create provider**.

9.  On the provider detail page, scroll to the Verify connection section, pick a model, and click **Test Connection**. A successful response confirms that the credentials, region, and IAM policy are correctly configured.


## [](#cross-region-inference-profile-billing)Cross-region inference profile billing

When you call a cross-region inference profile (any model identifier with a `us.`, `eu.`, `apac.`, `au.`, `jp.`, or `global.` prefix), AI Gateway bills at the regional rate for that profile. The regional prefix is preserved end to end so usage on the **Cost & Usage** page under **Governance** reflects the correct per-region price.

For example, requests to `eu.anthropic.claude-haiku-4-5` bill at the EU Haiku rate, not the headline foundation-model rate. The `global.` profile shares the headline rate; the geography-specific profiles (`us.`, `eu.`, `apac.`, `au.`, `jp.`) carry approximately a 10% cross-region inference premium.

## [](#troubleshooting)Troubleshooting

| Symptom | What to check |
| --- | --- |
| AccessDenied from Bedrock | Confirm the IAM policy includes both bedrock:InvokeModel and bedrock:InvokeModelWithResponseStream, and that the resource list covers the model or inference profile you’re calling. For Claude 4.6 and later, the policy must include arn:aws:bedrock:*:*:inference-profile/* or an explicit inference-profile ARN. |
| secret "<NAME>" not found | Confirm the secret exists in the cloud secret store and the reference in the provider configuration matches exactly. Secret names are UPPER_SNAKE_CASE. |
| ValidationException: model ID not supported | The model isn’t enabled in the region you chose. Open the AWS Bedrock console, switch to the target region, and enable model access for the foundation models you want to expose. |
| Invocation of model ID … with on-demand throughput isn’t supported | You called a Claude 4.6 or later model with a bare foundation-model ID. Switch to an inference profile, for example us.anthropic.claude-sonnet-4-6 instead of anthropic.claude-sonnet-4-6. See AWS Bedrock: Inference profiles and IAM. |

## [](#next-steps)Next steps

-   [Configure an LLM provider](https://docs.redpanda.com/agentic-data-plane/gateway/configure-provider/)

-   [Connect your app to AI Gateway](https://docs.redpanda.com/agentic-data-plane/gateway/connect-agent/)