DownloadsDocumentationAPI ReferenceChangelogOpen A TicketContact
Guides

AWS Bedrock

1. Overview

This guide walks you through connecting Amazon Web Services Bedrock to SearchBlox running on an EC2 instance. Once integrated, SearchBlox will use Bedrock's hosted AI models to power features such as chat, document enrichment, smart FAQ, knowledge graphs, and other AI-assisted search capabilities — without needing to run any AI models locally on your server.

2. IAM Role Configuration
2.1 Option A — Managed Policy
For full Bedrock access, attach the AWS-managed policy to your IAM role:
Policy: AmazonBedrockFullAccess
2.2 Option B — Least-Privilege Custom Policy
For production environments, use a least-privilege inline policy or customize
access based on your requirements

{
  "Version": "2012-10-17",
  "Statement": [
	{
  	"Effect": "Allow",
  	"Action": [
    	"bedrock:InvokeModel",
        "bedrock:InvokeModelWithResponseStream",
        "bedrock:ListFoundationModels",
        "bedrock:GetFoundationModel"
  	],
  	"Resource": "*"
	}
  ]
}

3. Attach the Role to Your EC2 Instance

Step 1 — Create or Update an IAM Role

  • Navigate to IAM → Roles → Create Role.

  • Select "AWS service" as the trusted entity type, then choose "EC2".

  • Attach the inline policy from Section 3.2 or AmazonBedrockFullAccess.

  • Name the role (e.g., SearchBlox-EC2-BedrockRole) and click Create Role.

Step 2 — Attach the Role to the EC2 Instance

  • Go to the EC2 Console and select your SearchBlox instance.

  • Click Actions → Security → Modify IAM Role.

  • Select SearchBlox-EC2-BedrockRole from the dropdown.

  • Click Update IAM Role. The role is active immediately.

Model Selection
Choose a model in AWS Bedrock that supports both text and image inputs. The recommended model for this integration is:
Example:

FieldValue/Description
Model IDqwen.qwen3-vl-235b-a22b
ProviderQwen (via AWS Bedrock)
ModalitiesText + Image
Use CaseAll SearchBlox AI task types

Note: You can verify model availability in your AWS region from the Bedrock Console under Model section.

Configuration File Location
All LLM provider and model settings are managed in the SearchBlox AI configuration file located at: /opt/searchblox/webapps/ROOT/WEB-INF/searchai-config.yml

LLM Provider Configuration
Update the llm-providers section of searchai-config.yml model assignments. All task types should point to the same multimodel model ID.

active-llm-provider: bedrock
task-providers:
  chat: bedrock
  document-enrichment: bedrock
  smart-faq: bedrock
  searchai-assist-text: bedrock
  searchai-assist-image: bedrock
  recommendations: bedrock
  knowledge-graph: bedrock
  document-query-decomposition: bedrock
  product-query-decomposition: bedrock
  product-kg-extraction: bedrock
  analytics: bedrock
  testing: bedrock
  admin: bedrock
  analysis: bedrock
  extraction: bedrock
  log-analysis: bedrock
  agent-chat: bedrock
  agent-analytics: bedrock
  agent-testing: bedrock
  agent-analysis: bedrock
  agent-admin: bedrock
  agent-extraction: bedrock


llm-providers:
  bedrock:
	platform: bedrock
	#region: us-east-1    
            # access-key-id: YOUR_AWS_ACCESS_KEY_ID
            # secret-access-key: YOUR_AWS_SECRET_ACCESS_KEy
	models:
  	chat: qwen.qwen3-vl-235b-a22b
  	document-enrichment: qwen.qwen3-vl-235b-a22b
  	smart-faq: qwen.qwen3-vl-235b-a22b
  	searchai-assist-text: qwen.qwen3-vl-235b-a22b
  	searchai-assist-image: qwen.qwen3-vl-235b-a22b
  	recommendations: qwen.qwen3-vl-235b-a22b
  	knowledge-graph: qwen.qwen3-vl-235b-a22b
  	document-query-decomposition: qwen.qwen3-vl-235b-a22b
  	product-query-decomposition: qwen.qwen3-vl-235b-a22b


  	product-kg-extraction: qwen.qwen3-vl-235b-a22b
  	analytics: qwen.qwen3-vl-235b-a22b
  	testing: qwen.qwen3-vl-235b-a22b
  	admin: qwen.qwen3-vl-235b-a22b
  	analysis: qwen.qwen3-vl-235b-a22b
  	extraction: qwen.qwen3-vl-235b-a22b
  	log-analysis: qwen.qwen3-vl-235b-a22b
  	agent-chat: qwen.qwen3-vl-235b-a22b
  	agent-analytics: qwen.qwen3-vl-235b-a22b
  	agent-testing: qwen.qwen3-vl-235b-a22b
  	agent-analysis: qwen.qwen3-vl-235b-a22b
  	agent-admin: qwen.qwen3-vl-235b-a22b
  	agent-extraction: qwen.qwen3-vl-235b-a22b

Step 3 — Verify the Role from the Instance
 SSH into your EC2 instance and run the two commands below — the
first confirms the IAM role is attached, and the second tests whether the
instance can successfully connect to AWS Bedrock:

4. Check the attached IAM role:curl -s http://169.254.169.254/latest/meta-data/iam/info

Test Bedrock connectivity (requires AWS CLI): aws bedrock list-foundation-models --region us-east-1

Troubleshooting
If you get an Access Denied error, check three things-
1. Confirm the IAM role is attached to the EC2 instance
2. Verify the policy includes the bedrock:ListFoundationModels permission
3. Make sure the regoin in the command matches the regoin your EC2
instance is running in.

5. Restart SearchBlox
After saving all configuration changes, restart the SearchBlox service to apply them:

Stop SearchBlox: systemctl stop searchblox

Start SearchBlox systemctl start searchblox

(Optional) Check service status systemctl status searchblox

After Restart

Allow 30–60 seconds for SearchBlox to fully initialize. Check the service logs at /opt/searchblox/logs/searchblox.log
if any issues arise. The AI features will connect to Bedrock automatically using the configured IAM role and model IDs.

Updated 3 days ago