[HOTFIX] Add IAM Role / Instance Profile auth mode to AWS Bedrock adapter

[pk-zipstack]

What

Adds an Authentication Type selector to the AWS Bedrock LLM and embedding adapter forms with two options:

• Access Keys (default): existing flow — provide aws_access_key_id and aws_secret_access_key
• IAM Role / Instance Profile (on-prem AWS only): no fields; relies on boto3's default credential chain

When the IAM Role mode is selected, the form-only auth_type field is stripped before LiteLLM validation, and any empty access keys are dropped from the validated kwargs so boto3 falls through to its default credential chain (IRSA on EKS, task role on ECS, instance profile on EC2, AWS Profile, env vars).

Why

Customers running Unstract on AWS infrastructure (specifically EKS with IRSA) cannot — and don't want to — paste long-lived AWS access keys into the adapter form. The pod's service account already has a federated identity that boto3 can use to call Bedrock; the adapter form just needs to accept blank credentials so the ambient identity takes over.

The S3/MinIO connector at unstract/connectors/src/unstract/connectors/filesystems/minio/minio.py already implements this idiom for S3:

if key and secret:
    creds["key"] = key
    creds["secret"] = secret

This PR applies the same pattern to the Bedrock adapter, with the addition of an explicit auth_type selector to make the user's choice clear in the UI.

How

unstract/sdk1/src/unstract/sdk1/adapters/llm1/static/bedrock.json

Adds an auth_type enum with two options (access_keys default, iam_role) and a dependencies/oneOf block that:

• Renders aws_access_key_id + aws_secret_access_key (both required) when auth_type == access_keys
• Renders nothing extra when auth_type == iam_role

The selector's description explicitly notes the IRSA / instance-profile mode is for AWS-hosted Unstract deployments only.

unstract/sdk1/src/unstract/sdk1/adapters/embedding1/static/bedrock.json

Same restructure. Drops aws_access_key_id and aws_secret_access_key from top-level required. Adds aws_profile_name for parity with the LLM form.

unstract/sdk1/src/unstract/sdk1/adapters/base1.py

In both AWSBedrockLLMParameters.validate() and AWSBedrockEmbeddingParameters.validate():

• Strip the form-only auth_type field from validation metadata before Pydantic dump
• Strip empty aws_access_key_id / aws_secret_access_key from the validated kwargs so boto3's default chain takes over (mirrors the S3/MinIO connector idiom)

AWSBedrockEmbeddingParameters fields gain explicit None defaults so the access-key fields are truly optional in either mode (parity with AWSBedrockLLMParameters which already had this from earlier work).

Can this PR break any existing features?

No. Backward-compatible across every scenario:

Scenario	Behavior
Existing adapter with access keys filled in (no auth_type field stored)	auth_type defaults to access_keys; keys forwarded to boto3 unchanged
New adapter, Access Keys mode	Keys forwarded to boto3
New adapter, IAM Role mode	No keys submitted; empty values stripped → boto3 default credential chain takes over
Existing adapter with aws_profile_name set	Forwarded unchanged (not part of auth_type)
Bedrock enable_thinking / model_id (Application Inference Profile)	Unchanged — these continue to work in both auth modes

End-to-end verified against real AWS Bedrock during development:

• aws_role_name=arn:...:role/BedrockInvokeRole with bootstrap creds in env: STS:AssumeRole succeeds, Bedrock InvokeModel succeeds with temp creds (token usage returned).
• auth_type=iam_role with no keys + ambient creds in env: boto3 default chain picks up the env vars; Bedrock call signs and routes correctly.

Relevant Docs

• LiteLLM Bedrock provider parameters: https://docs.litellm.ai/docs/providers/bedrock
• AWS IRSA (IAM roles for EKS service accounts): https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html
• Pattern reference: unstract/connectors/src/unstract/connectors/filesystems/minio/minio.py

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 846b5f8b-0a78-4d81-bc8a-93e7bb3e5825

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/bedrock-iam-role-auth-v0.163.2

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[greptile-apps]

Greptile Summary

This PR adds an Authentication Type selector (access_keys / iam_role) to the AWS Bedrock LLM and embedding adapter forms, allowing customers running Unstract on AWS infrastructure (EKS/IRSA, ECS task roles, EC2 instance profiles) to authenticate via boto3's default credential chain instead of long-lived access keys. It also addresses a previously identified bug where switching a saved adapter from Access Keys to IAM Role mode would silently leak stale stored credentials.

• base1.py: Extracts a shared _resolve_bedrock_aws_credentials helper that unconditionally drops access keys in iam_role mode, enforces non-blank values in access_keys mode, and preserves lenient legacy behaviour when auth_type is absent. Both AWSBedrockLLMParameters.validate() and AWSBedrockEmbeddingParameters.validate() are updated symmetrically.
• bedrock.json (LLM + Embedding): Introduces the auth_type enum and a dependencies/oneOf block that conditionally renders credential fields only when access_keys is selected.
• test_bedrock_adapter.py: New test file covering all auth matrix permutations for both adapters, including the stale-key regression, whitespace-only keys, unknown auth_type, and backwards-compatible legacy configs.

Confidence Score: 5/5

This PR is safe to merge — the auth logic is backward-compatible, the previously identified stale-key bug is correctly resolved, and the test matrix covers all four auth scenarios for both adapters.

The credential-stripping logic is applied unconditionally in iam_role mode regardless of what is stored, closing the stale-key leakage path. The access_keys mode enforces non-blank values rather than silently falling through to ambient credentials, and legacy adapters without auth_type continue to behave exactly as before. The JSON schema changes use a standard dependencies/oneOf pattern with a safe default (access_keys), so no existing stored configuration will be affected. Test coverage is thorough across both adapters.

No files require special attention — all four changed files implement the same well-reasoned pattern consistently.

Important Files Changed

Filename	Overview
unstract/sdk1/src/unstract/sdk1/adapters/base1.py	Adds shared _resolve_bedrock_aws_credentials helper; correctly unconditionally drops keys in iam_role mode, enforces non-blank in access_keys mode, and preserves legacy leniency — fixes the previously flagged stale-key bug.
unstract/sdk1/src/unstract/sdk1/adapters/embedding1/static/bedrock.json	Removes access key fields from top-level required, adds auth_type enum with dependencies/oneOf block that conditionally renders credentials; structure mirrors the LLM schema correctly.
unstract/sdk1/src/unstract/sdk1/adapters/llm1/static/bedrock.json	Moves access key fields into dependencies/oneOf under auth_type; auth_type defaults to access_keys preserving existing form behaviour for all existing adapter configurations.
unstract/sdk1/tests/test_bedrock_adapter.py	Comprehensive new test file covering all auth matrix permutations (iam_role, access_keys, legacy) for both LLM and embedding adapters, including whitespace-key rejection and stale-key regression.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[adapter_metadata submitted] --> B{auth_type present?}
    B -- No / null --> C[Legacy mode: strip blank/None keys only]
    B -- access_keys --> D{aws_access_key_id & aws_secret_access_key non-blank?}
    B -- iam_role --> E[Unconditionally drop aws_access_key_id & aws_secret_access_key]
    B -- other --> F[Raise ValueError: Unknown auth_type]
    D -- Yes --> G[Forward keys to LiteLLM]
    D -- No --> H[Raise ValueError: key is required]
    C --> I[boto3 default credential chain takes over for missing keys]
    E --> I
    G --> J[LiteLLM / boto3 Authenticate with explicit keys]
    I --> K[boto3: IRSA / task role / instance profile / env vars / profile]

Loading

_{Reviews (2): Last reviewed commit: "[pre-commit.ci] auto fixes from pre-comm..." | Re-trigger Greptile}

[jaseemjaskp]

Comprehensive PR review via PR Review Toolkit (Comment Analyzer, PR Test Analyzer, Silent Failure Hunter, Type Design Analyzer, Code Reviewer, Code Simplifier). The greptile P1 on base1.py:548 is acknowledged and not duplicated; the findings below extend it (embedding-side parity) and surface separate concerns.

Priority distribution: 4 P0 (silent-failure / correctness), 3 P1 (structural / coverage), 4 P2 (style / docs).

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud