Bedrock: CDK / Cloudformation no support for Datasource / KnowledgeBase in Stockholm region eu-north-1

[zipon]

Describe the bug

I can synth the stack in Stockholm region (eu-north-1) but when I deploy it I get the following:
ValidationError: Template format error: Unrecognized resource types: [AWS::Bedrock::DataSource, AWS::Bedrock::KnowledgeBase].

I can deploy the stack in eu-west-1, looks like the issue #29966 But it did not get fixed when bedrock got available in Stockholm (eu-north-1).

I'm using the latest cdk version 2.118.0 for java/kotlin. implementation("software.amazon.awscdk:aws-cdk-lib:2.188.0").

Is there a solution for this now? Or do I have to wait until another update?

Regression Issue

• Select this option if this issue appears to be a regression.

Last Known Working CDK Version

2.118.0

Expected Behavior

Expected to be able to deploy the cdk/cloudformation stack as in eu-west-1 (Irland)

Current Behavior

Not able to deploy a cdk/cloudfromation stack in eu-north-1 that contains [AWS::Bedrock::DataSource, AWS::Bedrock::KnowledgeBase]

Reproduction Steps

This code will fail on the storage configuration but it gets deployed beyond cdk synth in eu-north-1.
import software.amazon.awscdk.RemovalPolicy
import software.amazon.awscdk.Stack
import software.amazon.awscdk.StackProps
import software.amazon.awscdk.services.bedrock.CfnDataSource
import software.amazon.awscdk.services.bedrock.CfnKnowledgeBase
import software.amazon.awscdk.services.iam.ManagedPolicy
import software.amazon.awscdk.services.iam.Role
import software.amazon.awscdk.services.iam.RoleProps
import software.amazon.awscdk.services.iam.ServicePrincipal

import software.amazon.awscdk.services.s3.Bucket
import software.constructs.Construct

class BedrockKnowledgeBaseStack(scope: Construct, id: String, props: StackProps? = null) : Stack(scope, id, props) {
init {

    // Create a new S3 bucket
    val s3Bucket = Bucket.Builder.create(this, "Destroy")
        .removalPolicy(RemovalPolicy.DESTROY)
        .autoDeleteObjects(true)
        .build()

    // Create an IAM Role for Bedrock to access other AWS resources
    val bedrockRole = Role(this, "BedrockRole", RoleProps.builder()
        .assumedBy(ServicePrincipal("bedrock.amazonaws.com"))
        .managedPolicies(listOf(
            ManagedPolicy.fromAwsManagedPolicyName("AmazonBedrockFullAccess"),
            ManagedPolicy.fromAwsManagedPolicyName("AmazonS3ReadOnlyAccess")
        ))
        .build())

    // Create a Bedrock Knowledge Base
    val knowledgeBase = CfnKnowledgeBase.Builder.create(this, "MyKnowledgeBase")
        .name("MyBedrockKnowledgeBase")
        .roleArn(bedrockRole.roleArn)
        .knowledgeBaseConfiguration(
            CfnKnowledgeBase.KnowledgeBaseConfigurationProperty.builder()
                .type("VECTOR")
                .vectorKnowledgeBaseConfiguration(
                    CfnKnowledgeBase.VectorKnowledgeBaseConfigurationProperty.builder()
                        .embeddingModelArn("arn:aws:bedrock:${this.region}::foundation-model/amazon.titan-embed-text-v2")
                        .build()
                )
                .build()
        )
        .build()

    // Create the S3 DataSource for Bedrock KnowledgeBase
    val dataSource = CfnDataSource.Builder.create(this, "MyS3DataSource")
        .knowledgeBaseId(knowledgeBase.attrKnowledgeBaseId)
        .name("S3DataSource")
        .dataSourceConfiguration(
            CfnDataSource.DataSourceConfigurationProperty.builder()
                .type("S3")
                .s3Configuration(
                    CfnDataSource.S3DataSourceConfigurationProperty.builder()
                        .bucketArn(s3Bucket.bucketArn)
                        .build()
                )
                .build()
        )
        .build()

    // Grant Bedrock access to the S3 bucket
    s3Bucket.grantRead(bedrockRole)

}

}

Possible Solution

Add the missing support to Stockholm eu-north-1 as you have in the other regions that have Bedrock support like eu-west-1 Irland.

Additional Information/Context

No response

CDK CLI Version

2.1005.0

Framework Version

No response

Node.js Version

23.10.0

OS

MacOS

Language

Java

Language Version

Kotlin 2.1.10

Other information

No response

[zipon]

You can create this manually in the console in eu-north-1, but not with IAC.

[pahud]

It is very likely AWS::Bedrock::DataSource, AWS::Bedrock::KnowledgeBase is not yet supported in eu-north-1.

You can find the CFN spec JSON for eu-north-1 https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-resource-specification.html

or just click https://diy8iv58sj6ba.cloudfront.net/latest/gzip/CloudFormationResourceSpecification.json

Search AWS::Bedrock::DataSource or AWS::Bedrock::KnowledgeBase. If you can't find it, it's not supported in that region and you can callout in https://github.com/aws-cloudformation/cloudformation-coverage-roadmap/issues to bring it up to CFN team's attention.

[zipon]

Hi thanks for the reply. This seams like a bug as the resource in EU-north-1 Stockholm has "AWS::Bedrock::Agent.AgentKnowledgeBase" but no way of creating the KnowledgeBase before. Like you have in eu-west-1 Irland "AWS::Bedrock::KnowledgeBase.KnowledgeBaseConfiguration".

Doc Irland: https://d3teyb21fexa9r.cloudfront.net/latest/gzip/CloudFormationResourceSpecification.json

Doc Stockholm : https://diy8iv58sj6ba.cloudfront.net/latest/gzip/CloudFormationResourceSpecification.json

Feels like a bug as it is supported in the console in Stockholm but not in cloudformation / cdk for Stockholm.
Ireland has support for AWS::Bedrock::KnowledgeBase.KnowledgeBaseConfiguration in console and cloudformation/cdk.

Expected result: Same support in cloudformation/cdk in eu-north-1 as in the console for eu-north-1.

[zipon]

@pahud any update on this?