I'm curious to hear how different teams are handling their Bedrock setups. Specifically, I'm looking for insights on several areas:
- How do you manage costs and figure out cost attribution?
- Are teams centralizing their Bedrock infrastructure and model management, or are you deploying models in various accounts?
- What security measures are being put in place? What kind of governance and guardrails have you established?
- For those using AgentCore, how are you managing that?
- Lastly, what tools are you using to manage changes? I've heard mixed things about Terraform support, and I'm wondering if there are better options.
2 Answers
We built an API using ECS and Lambda to control user access based on tokens. Admins can manage users and bots leveraging Bedrock, limiting direct access to AWS IAM roles. This way, we can monitor costs and usage as we learn how different users and tools impact expenses. It's been a solid start for us!
Would love to see your setup—could you share? I'm calling ours an Alpha release!
I’m really struggling with cost attribution myself! Right now, the only way I've found is to have separate accounts for each team or environment.
I haven't tried it yet, but does using application inference profiles for Bedrock help with your needs?
I really admire that approach! I've implemented a similar method to give internal users controlled access to vendor APIs without compromising actual credentials. It's worked out really well for us.