bedrock:*AWS Amazon Bedrock IAM Actions
235 IAM actions for bedrock:*
Actions
235 actions available. Filter by access level or search by name.
Filter:
| Action | Access Level |
|---|---|
bedrock:AllowVendedLogDeliveryForResource | Read |
bedrock:ApplyGuardrail | Read |
bedrock:AssociateAgentCollaborator | Write |
bedrock:AssociateAgentKnowledgeBase | Write |
bedrock:AssociateThirdPartyKnowledgeBase | Write |
bedrock:BatchDeleteEvaluationJob | Write |
bedrock:CallWithBearerToken | Read |
bedrock:CancelAutomatedReasoningPolicyBuildWorkflow | Permissions |
bedrock:CopyBlueprintStage | Tagging |
bedrock:CountTokens | Read |
bedrock:CreateAgent | Write |
bedrock:CreateAgentActionGroup | Write |
bedrock:CreateAgentAlias | Write |
bedrock:CreateAutomatedReasoningPolicy | Permissions |
bedrock:CreateAutomatedReasoningPolicyTestCase | Permissions |
bedrock:CreateAutomatedReasoningPolicyVersion | Permissions |
bedrock:CreateBlueprint | Write |
bedrock:CreateBlueprintVersion | Write |
bedrock:CreateCustomModel | Write |
bedrock:CreateCustomModelDeployment | Write |
bedrock:CreateDataAutomationProject | Write |
bedrock:CreateDataSource | Write |
bedrock:CreateEvaluationJob | Write |
bedrock:CreateFlow | Write |
bedrock:CreateFlowAlias | Write |
bedrock:CreateFlowVersion | Write |
bedrock:CreateFoundationModelAgreement | Write |
bedrock:CreateGuardrail | Write |
bedrock:CreateGuardrailVersion | Write |
bedrock:CreateInferenceProfile | Write |
bedrock:CreateInvocation | Write |
bedrock:CreateKnowledgeBase | Write |
bedrock:CreateMarketplaceModelEndpoint | Write |
bedrock:CreateModelCopyJob | Write |
bedrock:CreateModelCustomizationJob | Write |
bedrock:CreateModelEvaluationJob | Write |
bedrock:CreateModelImportJob | Write |
bedrock:CreateModelInvocationJob | Write |
bedrock:CreatePrompt | Write |
bedrock:CreatePromptRouter | Write |
bedrock:CreatePromptVersion | Write |
bedrock:CreateProvisionedModelThroughput | Write |
bedrock:CreateSession | Write |
bedrock:DeleteAgent | Write |
bedrock:DeleteAgentActionGroup | Write |
bedrock:DeleteAgentAlias | Write |
bedrock:DeleteAgentMemory | Write |
bedrock:DeleteAgentVersion | Write |
bedrock:DeleteAutomatedReasoningPolicy | Permissions |
bedrock:DeleteAutomatedReasoningPolicyBuildWorkflow | Permissions |
bedrock:DeleteAutomatedReasoningPolicyTestCase | Permissions |
bedrock:DeleteBlueprint | Write |
bedrock:DeleteCustomModel | Write |
bedrock:DeleteCustomModelDeployment | Write |
bedrock:DeleteDataAutomationProject | Write |
bedrock:DeleteDataSource | Write |
bedrock:DeleteEnforcedGuardrailConfiguration | Write |
bedrock:DeleteFlow | Write |
bedrock:DeleteFlowAlias | Write |
bedrock:DeleteFlowVersion | Write |
bedrock:DeleteFoundationModelAgreement | Write |
bedrock:DeleteGuardrail | Write |
bedrock:DeleteImportedModel | Write |
bedrock:DeleteInferenceProfile | Write |
bedrock:DeleteKnowledgeBase | Write |
bedrock:DeleteKnowledgeBaseDocuments | Write |
bedrock:DeleteMarketplaceModelAgreement | Write |
bedrock:DeleteMarketplaceModelEndpoint | Write |
bedrock:DeleteModelInvocationLoggingConfiguration | Write |
bedrock:DeletePrompt | Write |
bedrock:DeletePromptRouter | Write |
bedrock:DeleteProvisionedModelThroughput | Write |
bedrock:DeleteResourcePolicy | Permissions |
bedrock:DeleteSession | Write |
bedrock:DeregisterMarketplaceModelEndpoint | Write |
bedrock:DetectGeneratedContent | Read |
bedrock:DisassociateAgentCollaborator | Write |
bedrock:DisassociateAgentKnowledgeBase | Write |
bedrock:EndSession | Read |
bedrock:ExportAutomatedReasoningPolicyVersion | Permissions |
bedrock:GenerateQuery | Read |
bedrock:GetAgent | Tagging |
bedrock:GetAgentActionGroup | Tagging |
bedrock:GetAgentAlias | Tagging |
bedrock:GetAgentCollaborator | Tagging |
bedrock:GetAgentKnowledgeBase | Tagging |
bedrock:GetAgentMemory | Tagging |
bedrock:GetAgentVersion | Tagging |
bedrock:GetAsyncInvoke | Read |
bedrock:GetAutomatedReasoningPolicy | Permissions |
bedrock:GetAutomatedReasoningPolicyAnnotations | Permissions |
bedrock:GetAutomatedReasoningPolicyBuildWorkflow | Permissions |
bedrock:GetAutomatedReasoningPolicyBuildWorkflowResultAssets | Permissions |
bedrock:GetAutomatedReasoningPolicyNextScenario | Permissions |
bedrock:GetAutomatedReasoningPolicyTestCase | Permissions |
bedrock:GetAutomatedReasoningPolicyTestResult | Permissions |
bedrock:GetBlueprint | Read |
bedrock:GetBlueprintOptimizationStatus | Read |
bedrock:GetBlueprintRecommendation | Read |
bedrock:GetCustomModel | Read |
bedrock:GetCustomModelDeployment | Read |
bedrock:GetDataAutomationProject | Read |
bedrock:GetDataAutomationStatus | Read |
bedrock:GetDataSource | Read |
bedrock:GetEvaluationJob | Read |
bedrock:GetExecutionFlowSnapshot | Read |
bedrock:GetFlow | Read |
bedrock:GetFlowAlias | Read |
bedrock:GetFlowExecution | Read |
bedrock:GetFlowVersion | Read |
bedrock:GetFoundationModel | Read |
bedrock:GetFoundationModelAvailability | Read |
bedrock:GetGuardrail | Read |
bedrock:GetImportedModel | Read |
bedrock:GetInferenceProfile | Read |
bedrock:GetIngestionJob | Read |
bedrock:GetInvocationStep | Read |
bedrock:GetKnowledgeBase | Read |
bedrock:GetKnowledgeBaseDocuments | Read |
bedrock:GetMarketplaceModelEndpoint | Read |
bedrock:GetModelCopyJob | Read |
bedrock:GetModelCustomizationJob | Read |
bedrock:GetModelEvaluationJob | Read |
bedrock:GetModelImportJob | Read |
bedrock:GetModelInvocationJob | Read |
bedrock:GetModelInvocationLoggingConfiguration | Read |
bedrock:GetPrompt | Read |
bedrock:GetPromptRouter | Read |
bedrock:GetProvisionedModelThroughput | Read |
bedrock:GetResourcePolicy | Permissions |
bedrock:GetSession | Read |
bedrock:GetUseCaseForModelAccess | Read |
bedrock:IngestKnowledgeBaseDocuments | Read |
bedrock:InvokeAgent | Write |
bedrock:InvokeAutomatedReasoningPolicy | Permissions |
bedrock:InvokeBlueprintOptimizationAsync | Write |
bedrock:InvokeBlueprintRecommendationAsync | Write |
bedrock:InvokeBuilder | Write |
bedrock:InvokeDataAutomation | Write |
bedrock:InvokeDataAutomationAsync | Write |
bedrock:InvokeFlow | Write |
bedrock:InvokeInlineAgent | Write |
bedrock:InvokeModel | Write |
bedrock:InvokeModelWithResponseStream | Write |
bedrock:InvokeTool | Write |
bedrock:ListAgentActionGroups | Tagging |
bedrock:ListAgentAliases | Tagging |
bedrock:ListAgentCollaborators | Tagging |
bedrock:ListAgentKnowledgeBases | Tagging |
bedrock:ListAgents | Tagging |
bedrock:ListAgentVersions | Tagging |
bedrock:ListAsyncInvokes | List |
bedrock:ListAutomatedReasoningPolicies | List |
bedrock:ListAutomatedReasoningPolicyBuildWorkflows | Permissions |
bedrock:ListAutomatedReasoningPolicyTestCases | Permissions |
bedrock:ListAutomatedReasoningPolicyTestResults | Permissions |
bedrock:ListBlueprints | List |
bedrock:ListCustomModelDeployments | List |
bedrock:ListCustomModels | List |
bedrock:ListDataAutomationProjects | List |
bedrock:ListDataSources | List |
bedrock:ListEnforcedGuardrailsConfiguration | List |
bedrock:ListEvaluationJobs | List |
bedrock:ListFlowAliases | List |
bedrock:ListFlowExecutionEvents | List |
bedrock:ListFlowExecutions | List |
bedrock:ListFlows | List |
bedrock:ListFlowVersions | List |
bedrock:ListFoundationModelAgreementOffers | List |
bedrock:ListFoundationModels | List |
bedrock:ListGuardrails | List |
bedrock:ListImportedModels | List |
bedrock:ListInferenceProfiles | List |
bedrock:ListIngestionJobs | List |
bedrock:ListInvocations | List |
bedrock:ListInvocationSteps | List |
bedrock:ListKnowledgeBaseDocuments | List |
bedrock:ListKnowledgeBases | List |
bedrock:ListMarketplaceModelEndpoints | List |
bedrock:ListModelCopyJobs | List |
bedrock:ListModelCustomizationJobs | List |
bedrock:ListModelEvaluationJobs | List |
bedrock:ListModelImportJobs | List |
bedrock:ListModelInvocationJobs | List |
bedrock:ListPromptRouters | List |
bedrock:ListPrompts | List |
bedrock:ListProvisionedModelThroughputs | List |
bedrock:ListSessions | List |
bedrock:ListTagsForResource | Tagging |
bedrock:OptimizePrompt | Read |
bedrock:PrepareAgent | Read |
bedrock:PrepareFlow | Read |
bedrock:PutEnforcedGuardrailConfiguration | Write |
bedrock:PutFoundationModelEntitlement | Write |
bedrock:PutInvocationStep | Write |
bedrock:PutModelInvocationLoggingConfiguration | Write |
bedrock:PutResourcePolicy | Permissions |
bedrock:PutUseCaseForModelAccess | Write |
bedrock:RegisterMarketplaceModelEndpoint | Write |
bedrock:RenderPrompt | Read |
bedrock:Rerank | Read |
bedrock:Retrieve | Read |
bedrock:RetrieveAndGenerate | Read |
bedrock:StartAutomatedReasoningPolicyBuildWorkflow | Permissions |
bedrock:StartAutomatedReasoningPolicyTestWorkflow | Permissions |
bedrock:StartFlowExecution | Write |
bedrock:StartIngestionJob | Write |
bedrock:StopEvaluationJob | Write |
bedrock:StopFlowExecution | Write |
bedrock:StopIngestionJob | Write |
bedrock:StopModelCustomizationJob | Write |
bedrock:StopModelInvocationJob | Write |
bedrock:TagResource | Tagging |
bedrock:UntagResource | Tagging |
bedrock:UpdateAgent | Write |
bedrock:UpdateAgentActionGroup | Write |
bedrock:UpdateAgentAlias | Write |
bedrock:UpdateAgentCollaborator | Write |
bedrock:UpdateAgentKnowledgeBase | Write |
bedrock:UpdateAutomatedReasoningPolicy | Permissions |
bedrock:UpdateAutomatedReasoningPolicyAnnotations | Permissions |
bedrock:UpdateAutomatedReasoningPolicyTestCase | Permissions |
bedrock:UpdateBlueprint | Write |
bedrock:UpdateCustomModelDeployment | Write |
bedrock:UpdateDataAutomationProject | Write |
bedrock:UpdateDataSource | Write |
bedrock:UpdateFlow | Write |
bedrock:UpdateFlowAlias | Write |
bedrock:UpdateGuardrail | Write |
bedrock:UpdateKnowledgeBase | Write |
bedrock:UpdateMarketplaceModelEndpoint | Write |
bedrock:UpdatePrompt | Write |
bedrock:UpdateProvisionedModelThroughput | Write |
bedrock:UpdateSession | Write |
bedrock:ValidateFlowDefinition | Read |
Resource Types
ARN patterns for resources in this service.
| Resource | ARN Pattern |
|---|---|
${ResourceType} | arn:aws:bedrock:${Region}:${Account}:${ResourceType}/${ResourceId} |
Condition Keys
Condition keys you can use in IAM policy conditions for this service.
aws:RequestTag/${TagKey}aws:ResourceTag/${TagKey}aws:TagKeysbedrock:BearerTokenTypebedrock:GuardrailIdentifierbedrock:InferenceProfileArnbedrock:InlineAgentNamebedrock:PromptRouterArnbedrock:ServiceTierbedrock:ThirdPartyKnowledgeBaseCredentialsSecretArnLearn AWS the Practical Way
Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.
Subscribe to NewsletterLearn AWS the Practical Way
Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.
Subscribe to NewsletterQuick Facts
Total Actions235
Prefix
bedrockResource Types1
Condition Keys10
Access Level Breakdown
Read52
Write105
List34
Permissions27
Tagging17