> For the complete documentation index, see [llms.txt](https://modelmesh.gitbook.io/cline-zhong-wen-ban-docs/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://modelmesh.gitbook.io/cline-zhong-wen-ban-docs/custom-model-configs/aws-bedrock-w-credentials-authentication.md).

# AWS Bedrock w/ Credentials Authentication

#### Overview <a href="#overview" id="overview"></a>

* **AWS Bedrock:** A fully managed service that offers access to leading generative AI models (e.g., Anthropic Claude, Amazon Titan) through AWS. [Learn more about AWS Bedrock](https://docs.aws.amazon.com/bedrock/latest/userguide/what-is-bedrock.html).
* **Cline:** A VS Code extension that acts as a coding assistant by integrating with AI models—empowering developers to generate code, debug, and analyze data.
* **Enterprise Focus:** This guide is tailored for organizations with established AWS environments (using IAM roles, AWS SSO, AWS Organizations, etc.) to ensure secure and compliant usage.

***

#### Step 1: Prepare Your AWS Environment <a href="#step-1-prepare-your-aws-environment" id="step-1-prepare-your-aws-environment"></a>

**1.1 Create or Use an IAM Role/User**

1. **Sign in to the AWS Management Console:** [AWS Console](https://aws.amazon.com/console/)
2. **Access IAM:**
   * Search for **IAM (Identity and Access Management)** in the AWS Console.
   * Either create a new IAM user or use your enterprise’s AWS SSO to assume a dedicated role for Bedrock access.
   * [AWS IAM User Guide](https://docs.aws.amazon.com/IAM/latest/UserGuide/introduction.html)

**1.2 Attach the Required Policies**

1. **Attach the Managed Policy:**
   * Attach the **`AmazonBedrockFullAccess`** managed policy to your user/role. [View AmazonBedrockFullAccess Policy Details](https://docs.aws.amazon.com/bedrock/latest/userguide/security-iam.html)
2. **Confirm Additional Permissions:**
   * Ensure your policy includes permissions for model invocation (e.g., `bedrock:InvokeModel` and `bedrock:InvokeModelWithResponseStream`), model listing, and AWS Marketplace actions (like `aws-marketplace:Subscribe`).
   * *Enterprise Tip:* Apply least-privilege practices by scoping resource ARNs and using [Service Control Policies (SCPs)](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html) to restrict access where necessary.

***

#### Step 2: Verify Regional and Model Access <a href="#step-2-verify-regional-and-model-access" id="step-2-verify-regional-and-model-access"></a>

**2.1 Choose and Confirm a Region**

1. **Select a Region:** AWS Bedrock is available in multiple regions (e.g., US East, Europe, Asia Pacific). Choose the region that meets your latency and compliance needs. [AWS Global Infrastructure](https://aws.amazon.com/about-aws/global-infrastructure/regions_az/)
2. **Verify Model Access:**
   * In the AWS Bedrock console, confirm that the models your team requires (e.g., Anthropic Claude, Amazon Titan) are marked as “Access granted.”
   * **Note:** Some advanced models might require an [Inference Profile](https://docs.aws.amazon.com/bedrock/latest/userguide/inference-profiles-prereq.html) if not available on-demand.

**2.2 Set Up AWS Marketplace Subscriptions (if needed)**

1. **Subscribe to Third-Party Models:**
   * Navigate to the AWS Bedrock console and locate the model subscription section.
   * For models from third-party providers (e.g., Anthropic), accept the terms to subscribe.
   * [AWS Marketplace](https://aws.amazon.com/marketplace/)
2. **Enterprise Tip:**
   * Model subscriptions are often managed centrally. Confirm with your cloud team if a standard subscription process is in place.

***

#### Step 3: Configure the Cline VS Code Extension <a href="#step-3-configure-the-cline-vs-code-extension" id="step-3-configure-the-cline-vs-code-extension"></a>

**3.1 Install and Open Cline**

1. **Install VS Code:** Download from the [VS Code website](https://code.visualstudio.com/).
2. **Install the Cline Extension:**
   * Open VS Code.
   * Go to the Extensions Marketplace (`Ctrl+Shift+X` or `Cmd+Shift+X`).
   * Search for **Cline** and install it.

**3.2 Configure Cline Settings**

1. **Open Cline Settings:**
   * Click on the settings ⚙️ to select your API Provider.
2. **Select AWS Bedrock as the API Provider:**
   * From the API Provider dropdown, choose **AWS Bedrock**.
3. **Enter Your AWS Credentials:**
   * Input your **Access Key** and **Secret Key** (or use temporary credentials if using AWS SSO).
   * Specify the correct **AWS Region** (e.g., `us-east-1` or your enterprise-approved region).
4. **Select a Model:**
   * Choose an on-demand model (e.g., **anthropic.claude-3-5-sonnet-20241022-v2:0**).
5. **Save and Test:**
   * Click **Done/Save** to apply your settings.
   * Test the integration by sending a simple prompt (e.g., “Generate a Python function to check if a number is prime.”).

***

#### Step 4: Security, Monitoring, and Best Practices <a href="#step-4-security-monitoring-and-best-practices" id="step-4-security-monitoring-and-best-practices"></a>

1. **Secure Access:**
   * Prefer AWS SSO/federated roles over long-lived IAM credentials.
   * [AWS IAM Best Practices](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html)
2. **Enhance Network Security:**
   * Consider setting up [AWS PrivateLink](https://docs.aws.amazon.com/vpc/latest/userguide/endpoint-services-overview.html) to securely connect to Bedrock.
3. **Monitor and Log Activity:**
   * Enable AWS CloudTrail to log Bedrock API calls.
   * Use CloudWatch to monitor metrics like invocation count, latency, and token usage.
   * Set up alerts for abnormal activity.
4. **Handle Errors and Manage Costs:**
   * Implement exponential backoff for throttling errors.
   * Use AWS Cost Explorer and set billing alerts to track usage. [AWS Cost Management](https://docs.aws.amazon.com/cost-management/latest/userguide/what-is-aws-cost-management.html)
5. **Regular Audits and Compliance:**
   * Periodically review IAM roles and CloudTrail logs.
   * Follow internal data privacy and governance policies.

***

#### Conclusion <a href="#conclusion" id="conclusion"></a>

By following these steps, your enterprise team can securely integrate AWS Bedrock with the Cline VS Code extension to accelerate development:

1. **Prepare Your AWS Environment:** Create or use a secure IAM role/user, attach the `AmazonBedrockFullAccess` policy, and ensure necessary permissions.
2. **Verify Region and Model Access:** Confirm that your selected region supports your required models and subscribe via AWS Marketplace if needed.
3. **Configure Cline in VS Code:** Install and set up Cline with your AWS credentials and choose an appropriate model.
4. **Implement Security and Monitoring:** Use best practices for IAM, network security, monitoring, and cost management.

For further details, consult the [AWS Bedrock Documentation](https://docs.aws.amazon.com/bedrock/latest/userguide/what-is-bedrock.html) and coordinate with your internal cloud team. Happy coding!

***

*This guide will be updated as AWS Bedrock and Cline evolve. Always refer to the latest documentation and internal policies for up-to-date practices.*
