Skip to content

fix(llm): escape path when using bedrock inference profiles #14310

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 4 commits into from
+35 −2
Closed

fix(llm): escape path when using bedrock inference profiles #14310

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
55100b4
Add escape to parsed path, and unescape for sigv4 signature
muscionig Feb 25, 2025
282f46d
Build and pass the escaped canonicalURI to the signer
muscionig Mar 18, 2025
fbb5f78
Add comments
muscionig Mar 18, 2025
459cc09
Escape only when the model.name is an ARN, fix operation in configure…
muscionig Apr 26, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
37 changes: 35 additions & 2 deletions kong/llm/drivers/bedrock.lua
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -459,13 +459,21 @@ function _M.subrequest(body, conf, http_opts, return_res_table, identity_interfa
return nil, nil, "body must be table or string"
end

local model_name_processed = conf.model.name

local is_arn = conf.model.name:find("^arn:aws:bedrock")
if is_arn then
-- if the model name is an ARN, we need to escape it for the URL
model_name_processed = ngx.escape_uri(conf.model.name)
end

-- may be overridden
local f_url = conf.model.options and conf.model.options.upstream_url
if not f_url then -- upstream_url override is not set
local uri = fmt(ai_shared.upstream_url_format[DRIVER_NAME], identity_interface.interface.config.region)
local path = fmt(
ai_shared.operation_map[DRIVER_NAME][conf.route_type].path,
conf.model.name,
model_name_processed,
"converse")

f_url = uri ..path
Expand All @@ -487,6 +495,14 @@ function _M.subrequest(body, conf, http_opts, return_res_table, identity_interfa
body = body_string,
}

if is_arn then
-- sigv4 requires the canonical URI to be escaped twice
r.canonicalURI = fmt(
ai_shared.operation_map[DRIVER_NAME][conf.route_type].path,
ngx.escape_uri(model_name_processed),
"converse")
end

local signature, err = signer(identity_interface.interface.config, r)
if not signature then
return nil, "failed to sign AWS request: " .. (err or "NONE")
Expand Down Expand Up @@ -550,11 +566,20 @@ function _M.configure_request(conf, aws_sdk)
or "converse"

local f_url = conf.model.options and conf.model.options.upstream_url

local model_name_processed = conf.model.name

local is_arn = conf.model.name:find("^arn:aws:bedrock")
if is_arn then
-- if the model name is an ARN, we need to escape it for the URL
model_name_processed = ngx.escape_uri(conf.model.name)
end

if not f_url then -- upstream_url override is not set
local uri = fmt(ai_shared.upstream_url_format[DRIVER_NAME], aws_sdk.config.region)
local path = fmt(
ai_shared.operation_map[DRIVER_NAME][conf.route_type].path,
conf.model.name,
model_name_processed,
operation)

f_url = uri ..path
Expand Down Expand Up @@ -589,6 +614,14 @@ function _M.configure_request(conf, aws_sdk)
body = kong.request.get_raw_body()
}

if is_arn then
-- sigv4 requires the canonical URI to be escaped twice
r.canonicalURI = fmt(
ai_shared.operation_map[DRIVER_NAME][conf.route_type].path,
ngx.escape_uri(model_name_processed),
operation)
end

local signature, err = signer(aws_sdk.config, r)
if not signature then
return nil, "failed to sign AWS request: " .. (err or "NONE")
Expand Down