Skip to content

Add AWS credential provider support for Bedrock #454

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add AWS credential provider support for Bedrock #454

wants to merge 1 commit into from

Conversation

@jscheid
Copy link

@jscheid jscheid commented Oct 8, 2025

What this does

Allows passing Aws::CredentialProvider objects (instance profile, assume role, etc.) instead of static credentials. Provider takes precedence when both are configured. This is a solution to the problem of authenticating with e.g. role-based permissions, as discussed here.

Type of change

  • Bug fix
  • New feature
  • Breaking change
  • Documentation
  • Performance improvement

Scope check

  • I read the Contributing Guide
  • This aligns with RubyLLM's focus on LLM communication
  • This isn't application-specific logic that belongs in user code
  • This benefits most users, not just my specific use case

Quality check

  • I ran overcommit --install and all hooks pass
  • I tested my changes thoroughly
    • For provider changes: Re-recorded VCR cassettes with bundle exec rake vcr:record[provider_name]
    • All tests pass: bundle exec rspec
  • I updated documentation if needed
  • I didn't modify auto-generated files manually (models.json, aliases.json)

API changes

  • Breaking change
  • New public methods/classes
  • Changed method signatures
  • No API changes

Related issues

Related to #16

@jscheid
Add AWS credential provider support for Bedrock
efdbfd1 
Allows passing Aws::CredentialProvider objects (instance profile,
assume role, etc.) instead of static credentials. Provider takes
precedence when both are configured.
@jscheid
Copy link
Author

jscheid commented Oct 8, 2025

@tpaulshippy here's a PR as discussed, please let me know what you think?

@tpaulshippy
Copy link
Contributor

tpaulshippy commented Oct 8, 2025

Looks great! Much nicer than the approach I'm using.

@deivinsontejeda
Copy link

deivinsontejeda commented Oct 13, 2025

Great... Looking forward how this PR progress.

@juanviamonte
Copy link

juanviamonte commented Oct 28, 2025

We have big need for this now. Thank you !

@jscheid jscheid mentioned this pull request Oct 30, 2025
Open
3 tasks
@nickgalantowicz
Copy link

nickgalantowicz commented Nov 20, 2025

For apps running in aws this feature enables best practice for service to service auth. We shouldnt need to create new iam users and manage creds. Please prioritize this PR!

@tpaulshippy
Copy link
Contributor

tpaulshippy commented Nov 20, 2025

For apps running in aws this feature enables best practice for service to service auth. We shouldnt need to create new iam users and manage creds. Please prioritize this PR!

FYI - this is achievable now. See #16 (comment) - this PR just makes it easier.

@nickgalantowicz
Copy link

nickgalantowicz commented Nov 20, 2025

For apps running in aws this feature enables best practice for service to service auth. We shouldnt need to create new iam users and manage creds. Please prioritize this PR!

FYI - this is achievable now. See #16 (comment) - this PR just makes it easier.

Thank you 🙏

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@jscheid @tpaulshippy @deivinsontejeda @juanviamonte @nickgalantowicz