add bedrock distribution code (#358)

* add bedrock distribution code * fix linter error * add bedrock shields support * linter fixes * working bedrock safety * change to return only one violation * remove env var reading * refereshable boto credentials * remove env vars * address raghu's feedback * fix session_ttl passing --------- Co-authored-by: Dinesh Yeduguru <dineshyv@fb.com>
2025-06-28 02:53:30 +00:00 · 2024-11-06 14:39:11 -08:00 · 2024-11-06 14:39:11 -08:00 · 093c9f1987
commit 093c9f1987
parent 6ebd553da5
16 changed files with 429 additions and 135 deletions
--- a/llama_stack/providers/adapters/safety/bedrock/bedrock.py
+++ b/llama_stack/providers/adapters/safety/bedrock/bedrock.py
@ -9,11 +9,10 @@ import logging

 from typing import Any, Dict, List

-import boto3
-
 from llama_stack.apis.safety import *  # noqa
 from llama_models.llama3.api.datatypes import *  # noqa: F403
 from llama_stack.providers.datatypes import ShieldsProtocolPrivate
+from llama_stack.providers.utils.bedrock.client import create_bedrock_client

 from .config import BedrockSafetyConfig

@ -28,17 +27,13 @@ BEDROCK_SUPPORTED_SHIELDS = [

 class BedrockSafetyAdapter(Safety, ShieldsProtocolPrivate):
    def __init__(self, config: BedrockSafetyConfig) -> None:
-        if not config.aws_profile:
-            raise ValueError(f"Missing boto_client aws_profile in model info::{config}")
        self.config = config
        self.registered_shields = []

    async def initialize(self) -> None:
        try:
-            print(f"initializing with profile --- > {self.config}")
-            self.boto_client = boto3.Session(
-                profile_name=self.config.aws_profile
-            ).client("bedrock-runtime")
+            self.bedrock_runtime_client = create_bedrock_client(self.config)
+            self.bedrock_client = create_bedrock_client(self.config, "bedrock")
        except Exception as e:
            raise RuntimeError("Error initializing BedrockSafetyAdapter") from e

@ -49,19 +44,28 @@ class BedrockSafetyAdapter(Safety, ShieldsProtocolPrivate):
        raise ValueError("Registering dynamic shields is not supported")

    async def list_shields(self) -> List[ShieldDef]:
-        raise NotImplementedError(
-            """
-            `list_shields` not implemented; this should read all guardrails from
-            bedrock and populate guardrailId and guardrailVersion in the ShieldDef.
-        """
-        )
+        response = self.bedrock_client.list_guardrails()
+        shields = []
+        for guardrail in response["guardrails"]:
+            # populate the shield def with the guardrail id and version
+            shield_def = ShieldDef(
+                identifier=guardrail["id"],
+                shield_type=ShieldType.generic_content_shield.value,
+                params={
+                    "guardrailIdentifier": guardrail["id"],
+                    "guardrailVersion": guardrail["version"],
+                },
+            )
+            self.registered_shields.append(shield_def)
+            shields.append(shield_def)
+        return shields

    async def run_shield(
-        self, shield_type: str, messages: List[Message], params: Dict[str, Any] = None
+        self, identifier: str, messages: List[Message], params: Dict[str, Any] = None
    ) -> RunShieldResponse:
-        shield_def = await self.shield_store.get_shield(shield_type)
+        shield_def = await self.shield_store.get_shield(identifier)
        if not shield_def:
-            raise ValueError(f"Unknown shield {shield_type}")
+            raise ValueError(f"Unknown shield {identifier}")

        """This is the implementation for the bedrock guardrails. The input to the guardrails is to be of this format
        ```content = [
@ -88,7 +92,7 @@ class BedrockSafetyAdapter(Safety, ShieldsProtocolPrivate):
            f"run_shield::final:messages::{json.dumps(content_messages, indent=2)}:"
        )

-        response = self.boto_client.apply_guardrail(
+        response = self.bedrock_runtime_client.apply_guardrail(
            guardrailIdentifier=shield_params["guardrailIdentifier"],
            guardrailVersion=shield_params["guardrailVersion"],
            source="OUTPUT",  # or 'INPUT' depending on your use case
@ -104,10 +108,12 @@ class BedrockSafetyAdapter(Safety, ShieldsProtocolPrivate):
                # guardrails returns a list - however for this implementation we will leverage the last values
                metadata = dict(assessment)

-            return SafetyViolation(
-                user_message=user_message,
-                violation_level=ViolationLevel.ERROR,
-                metadata=metadata,
+            return RunShieldResponse(
+                violation=SafetyViolation(
+                    user_message=user_message,
+                    violation_level=ViolationLevel.ERROR,
+                    metadata=metadata,
+                )
            )

-        return None
+        return RunShieldResponse()