> ## Documentation Index
> Fetch the complete documentation index at: https://braintrust.dev/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Bedrock Nova 2 inference-profile IAM and custom provider setup

export const plans_0 = "Any"

export const deployments_0 = "Any"

export const data_plane_version_0 = undefined

export const use_case_0 = "Use case - AWS Bedrock Nova 2 (nova-2-lite, nova-2-pro) cross-region inference profile setup when seeing AccessDeniedException or 'No API keys found' errors"

<Note>
  **Applies to:**

  * Plan - {plans_0}
  * Deployment - {deployments_0}
  * {data_plane_version_0}
  * {use_case_0}
</Note>

## Summary

**Issue:** Invoking Amazon Nova models from Braintrust fails with an `AccessDeniedException` even when the IAM policy allows `bedrock:InvokeModel` and `bedrock:InvokeModelWithResponseStream` on the foundation model:

```text theme={"theme":{"light":"github-light","dark":"github-dark-dimmed"}}
AccessDeniedException: User: arn:aws:iam::XXXXXXXXXXXX:user/<user> is not authorized to perform: bedrock:InvokeModelWithResponseStream on resource: arn:aws:bedrock:us-east-1:XXXXXXXXXXXX:inference-profile/us.amazon.nova-2-lite-v1:0 because no identity-based policy allows the bedrock:InvokeModelWithResponseStream action
```

**Cause:** Nova models are invoked through cross-region inference profiles (for example, `us.amazon.nova-2-lite-v1:0` or `global.amazon.nova-pro-v1:0`), not directly against the foundation model ARN. The IAM policy attached to your Bedrock credentials must grant invocation permissions on the inference profile resource in addition to the foundation model resource.

**Resolution:** Update the IAM policy to include both resource types, then configure a Custom Bedrock provider in Braintrust with the exact inference-profile model identifier.

## Resolution steps

### Step 1: Update the IAM policy to cover both resources

Add both the foundation model and inference profile ARNs to the `Resource` list, and include `bedrock:UseInferenceProfile` so the principal can route through the inference profile.

```text theme={"theme":{"light":"github-light","dark":"github-dark-dimmed"}}
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "BraintrustNovaInvoke",
      "Effect": "Allow",
      "Action": [
        "bedrock:InvokeModel",
        "bedrock:InvokeModelWithResponseStream",
        "bedrock:UseInferenceProfile",
        "bedrock:GetFoundationModel"
      ],
      "Resource": [
        "arn:aws:bedrock:us-east-1::foundation-model/amazon.nova-2-lite-v1:0",
        "arn:aws:bedrock:us-east-1::foundation-model/amazon.nova-pro-v1:0",
        "arn:aws:bedrock:us-east-1:XXXXXXXXXXXX:inference-profile/us.amazon.nova-2-lite-v1:0",
        "arn:aws:bedrock:us-east-1:XXXXXXXXXXXX:inference-profile/us.amazon.nova-pro-v1:0",
        "arn:aws:bedrock:us-east-1:XXXXXXXXXXXX:inference-profile/global.amazon.nova-2-lite-v1:0"
      ]
    }
  ]
}
```

<Note>
  The policies above are examples. Always validate the [AWS Bedrock IAM documentation](https://docs.aws.amazon.com/bedrock/latest/userguide/security_iam_id-based-policy-examples.html) and/or your AWS admin for guidance on scoping permissions to your environment.
</Note>

Replace `XXXXXXXXXXXX` with your AWS account ID, and add or remove inference profile ARNs to match the regions and Nova variants you plan to use.

### Step 2: Match the inference profile prefix to the model identifier

Nova inference profiles are prefixed by routing scope:

* `us.amazon.nova-*` — routes within US regions.
* `eu.amazon.nova-*` — routes within EU regions.
* `global.amazon.nova-*` — routes globally.

The model identifier configured in Braintrust must use the same prefix as the inference profile ARN granted in the policy. If you grant only `us.amazon.nova-2-lite-v1:0` but call `global.amazon.nova-2-lite-v1:0`, the request fails with the same `AccessDeniedException`.

### Step 3: Verify with a test invocation

After applying the policy, invoke the Nova model from Braintrust (playground or SDK). A successful response confirms the inference profile permissions are in place. If the request still fails, confirm the IAM principal in the error message matches the one you updated, and that the region in the inference profile ARN matches the region configured on the Braintrust AI provider.

## Relevant links

* [AWS Bedrock IAM policy examples](https://docs.aws.amazon.com/bedrock/latest/userguide/security_iam_id-based-policy-examples.html)
* [Cross-region inference in Amazon Bedrock](https://docs.aws.amazon.com/bedrock/latest/userguide/cross-region-inference.html)