Introduction
Amazon Bedrock Flows enables you to build and orchestrate AI workflows using a visual builder, seamlessly integrating with Amazon Bedrock services like foundational models, knowledge bases, and prompt management. It also connects with other AWS services, such as AWS Lambda and Amazon S3.
In this article, you will learn how to build an Amazon Bedrock Prompt Flow to automate the retrieval and summarization of content from SharePoint Online using the AWS CLI. I have set up a SharePoint site that contains sample documents related to auto insurance, and this site will serve as the data source for provisioning the Amazon Bedrock Knowledge Base. By connecting SharePoint Online to Amazon Bedrock, you will be able to use Prompt Flow to automatically retrieve relevant information or summarize key points related to auto insurance.
SharePoint Site
![Auto Insurance]()
Flow design
![Flow design]()
Pre-requisites
- AWS account and the required permissions to access Amazon Bedrock.
- Access to Amazon Bedrock foundation model to validate the prompt flow.
- Install or update to the latest version of the AWS CLI.
- Get credentials to grant programmatic access.
- Create an Amazon Bedrock Knowledge Base with SharePoint Online. Note down the Knowledge Base ID, which will be used when defining the flow in Amazon Bedrock.
Create a service role to create and manage a flow in Amazon Bedrock
Perform the following steps to create a service role for Amazon Bedrock flows.
Create a service role
Create a JSON file with the following content and save it as trust-policy.json. Replace the <region> and <account-id> with the actual values.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "bedrock.amazonaws.com"
},
"Action": "sts:AssumeRole",
"Condition": {
"StringEquals": {
"aws:SourceAccount": "<account-id>"
},
"ArnLike": {
"aws:SourceArn": "arn:aws:bedrock:<region>:<account-id>:flow/*"
}
}
}
]
}
Open Windows Prompt and execute the following command to create a service role.
aws iam create-role --role-name AmazonBedrockFlowServiceRole --assume-role-policy-document file://trust-policy.json
Create the permission policy
Create a JSON file with the following content and save it as flow-permission-policy.json. Replace the <region>, <account-id> and <knowledge-base-id> with the actual values.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "InvokeModel",
"Effect": "Allow",
"Action": "bedrock:InvokeModel",
"Resource": [
"arn:aws:bedrock:<region>::foundation-model/anthropic.claude-3-5-sonnet-20240620-v1:0"
]
},
{
"Sid": "InvokeProvisionedThroughput",
"Effect": "Allow",
"Action": [
"bedrock:GetFlow"
],
"Resource": [
"arn:aws:bedrock:<region>:<account-id>:flow/*"
]
},
{
"Sid": "AmazonBedrockFlowRetrieveAndGenerateKnowledgeBasePolicy",
"Effect": "Allow",
"Action": [
"bedrock:Retrieve",
"bedrock:RetrieveAndGenerate"
],
"Resource": [
"arn:aws:bedrock:<region>:<account-id>:knowledge-base/<knowledge-base-id>"
]
}
]
}
Open Windows Prompt and execute the following command to create a policy.
aws iam create-policy --policy-name AmazonBedrockFlowServicePolicy --policy-document file://flow-permission-policy.json
Attach the permission policy
Open Windows Prompt and execute the following command to attach the policy to the service role. Replace the <account-id> with the actual value.
aws iam attach-role-policy --role-name AmazonBedrockFlowServiceRole --policy-arn arn:aws:iam::<account-id>:policy/AmazonBedrockFlowServicePolicy
Create a prompt flow
Perform the following steps to create a flow in Amazon Bedrock.
Create a JSON file with the following content and save it as flow-definition.json. Refer to this Create Flow request syntax documentation to prepare the flow definition. Note: Alternatively, you can use the Amazon Bedrock console to create the flow based on your requirements in the visual builder. Once you've created the flow, you can use the get-flow CLI command to retrieve the flow definition. Replace the <knowledgebaseid> with the actual value.
{
"nodes": [
{
"configuration": {
"input": {}
},
"name": "FlowInputNode",
"outputs": [
{
"name": "document",
"type": "String"
}
],
"type": "Input"
},
{
"configuration": {
"output": {}
},
"inputs": [
{
"expression": "$.data",
"name": "document",
"type": "String"
}
],
"name": "FlowOutputNode",
"type": "Output"
},
{
"configuration": {
"knowledgeBase": {
"knowledgeBaseId": "<knowledgebaseid>",
"modelId": "anthropic.claude-3-5-sonnet-20240620-v1:0"
}
},
"inputs": [
{
"expression": "$.data",
"name": "retrievalQuery",
"type": "String"
}
],
"name": "KnowledgeBaseNode_SPO",
"outputs": [
{
"name": "outputText",
"type": "String"
}
],
"type": "KnowledgeBase"
}
],
"connections": [
{
"configuration": {
"data": {
"sourceOutput": "document",
"targetInput": "retrievalQuery"
}
},
"name": "FlowInputNodeFlowInputNode0ToKnowledgeBaseNode_SPOKnowledgeBaseNode0",
"source": "FlowInputNode",
"target": "KnowledgeBaseNode_SPO",
"type": "Data"
},
{
"configuration": {
"data": {
"sourceOutput": "outputText",
"targetInput": "document"
}
},
"name": "KnowledgeBaseNode_SPOKnowledgeBaseNode0ToFlowOutputNodeFlowOutputNode0",
"source": "KnowledgeBaseNode_SPO",
"target": "FlowOutputNode",
"type": "Data"
}
]
}
Execute the following command to create a new flow. Replace the <account-id> with the actual value.
aws bedrock-agent create-flow ^
--name "AutoInsuranceFAQFlow" ^
--description "Flow designed to retrieve and summarize auto insurance-related information from SPO." ^
--execution-role-arn "arn:aws:iam::<account-id>:role/AmazonBedrockFlowServiceRole" ^
--definition file://flow-definition.json
Execute the following command to prepare the DRAFT version of a flow so that it can be invoked. Replace the <flow-id> with the actual value.
aws bedrock-agent prepare-flow --flow-identifier <flow-id>
Execute the following command to create a version of the flow. Replace the <flow-id> with the actual value.
aws bedrock-agent create-flow-version --flow-identifier <flow-id>
Execute the following command to create an alias of a flow. Replace the <flow-id> with the actual value.
aws bedrock-agent create-flow-alias --flow-identifier <flow-id> --name dev --routing-configuration flowVersion="1"
Validate the flow
Navigate to the Amazon Bedrock service in the AWS Console. In the left-hand navigation pane, under the Builder Tools section, click Flows and select the newly created flow. Click Edit in Flow Builder. In the Test flow section, enter the following prompt to view the response and the trace.
Can I file an insurance claim due to flood damage?
References
https://docs.aws.amazon.com/bedrock/latest/userguide/flows.html
Summary
This article describes how to build an Amazon Bedrock Prompt Flow to automate the retrieval and summarization of knowledge from SharePoint Online using the AWS CLI.