feat(ai-gateway): support AWS Bedrock SigV4 auth for custom LLMs#3097
Open
kilo-code-bot[bot] wants to merge 3 commits intomainfrom
Open
feat(ai-gateway): support AWS Bedrock SigV4 auth for custom LLMs#3097kilo-code-bot[bot] wants to merge 3 commits intomainfrom
kilo-code-bot[bot] wants to merge 3 commits intomainfrom
Conversation
Add an optional aws_bedrock block to CustomLlmDefinitionSchema with access_key_id, secret_access_key and region. When present, upstream requests are SigV4-signed against the bedrock service (and the URL is rewritten to /model/<internal_id>/invoke[-with-response-stream]) instead of using Authorization: Bearer. This is wired through a new optional signRequest hook on Provider that runs in upstream-request.ts; Bearer auth is still the default for all other providers.
![kilo-code-bot[bot]](https://avatars.githubusercontent.com/in/2193792?s=60&v=4){kind=small}
Contributor
Author
Code Review SummaryStatus: No Issues Found | Recommendation: Merge Files Reviewed (2 files)
Reviewed by gpt-5.5-2026-04-23 · 387,699 tokens |
Addresses review: non-Bedrock custom LLMs with omitted api_key no longer send 'Authorization: Bearer undefined'.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
aws_bedrockblock (access_key_id,secret_access_key,region) toCustomLlmDefinitionSchema. When present, the custom LLM provider uses AWS SigV4 signing against thebedrockservice instead of anAuthorization: Bearerheader.signRequesthook onProvider;upstream-request.tsinvokes it to compute auth headers (and optionally rewrite the target URL) before fetch. Non-Bedrock providers keep the existing Bearer flow unchanged.bedrock-signer.tsrewrites the URL tohttps://bedrock-runtime.<region>.amazonaws.com/model/<internal_id>/invoke(orinvoke-with-response-streamwhenbody.stream === true) and signs with@aws-sdk/signature-v4+@aws-crypto/sha256-js.Admins configure a Bedrock-backed custom LLM via the existing JSON editor, e.g.:
{ "internal_id": "anthropic.claude-sonnet-4-20250514-v1:0", "base_url": "https://bedrock-runtime.us-east-1.amazonaws.com", "api_key": "", "aws_bedrock": { "access_key_id": "...", "secret_access_key": "...", "region": "us-east-1" }, "remove_from_body": ["model"], "extra_body": { "anthropic_version": "bedrock-2023-05-31" }, "openclaw_settings": { "api_adapter": "anthropic-messages" } }Verification
Manually inspected the diff; the Bedrock path is only exercised when
aws_bedrockis set on a custom LLM definition, otherwiseupstream-request.tsfalls through to the existing Bearer auth. Did not runpnpm typecheck/pnpm test/pnpm formatlocally before pushing per user instruction — please verify in CI.Visual Changes
N/A — no UI changes; the admin JSON editor already accepts the new
aws_bedrockfield.Reviewer Notes
@aws-sdk/signature-v4and@aws-crypto/sha256-jsadded toapps/web/package.json;pnpm installrequired.custom_llm2.definitionjsonb, matching the existingapi_keystorage model for custom LLMs (admin-only,kilo-internal/*). If we want envelope-encrypted storage likebyok_api_keys, that's a separate follow-up.parseStreamFlaginbedrock-signer.tsreadsstreamfrom the already-serialized body; admins should NOT include"stream"inremove_from_body, otherwise streaming requests will be routed to the non-streaming endpoint.