CLI Profile (SSO)

Introduction

Sypha provides the capability to leverage AWS credentials or AWS profiles for AWS Bedrock service access. SSO/Federated roles are recommended over Legacy IAM setup; this documentation details how to configure your environment to utilize SSO roles for authentication with Sypha.

---

Setup Procedures

1. Deploy the latest version of AWS CLI

   • Consult the AWS documentation to install your platform-specific AWS CLI version

2. Establish IAM authentication with the AWS CLI

   • Should you lack AWS access through the IAM Identity Center, consult the IAM User Guide to establish IAM users and roles. Verify you possess a PowerUserAccess role.
   • If you possess AWS access via your organization, launch your AWS access portal and identify the relevant account. Verify you have PowerUserAccess permissions.
   • Access the Access keys link and record the SSO start URL and SSO region, which are required in subsequent steps

3. Proceed with profile configuration using the aws configure sso CLI wizard

   • After configuration, employ the following command to authenticate the AWS CLI: aws sso login --profile <AWS-profile-name>
   • Record which profile name you associate with your AWS account, this is required to configure Sypha in the following procedures

4. If not previously completed, deploy VSCode and the Sypha extension. Reference the Getting Started page for instructions.

5. Launch the Sypha extension, then select the settings button ⚙️ to designate your API Provider.

   • Within the API Provider selector, choose AWS Bedrock
   • Pick the AWS Profile radio button, then input the AWS Profile Name from step 3
   • Choose your AWS Region from the selector menu
   • Activating the cross-region inference checkbox is necessary for certain models