Create connector is failing with 502 and permission error for openai embedding

jigar.parekh · March 14, 2024, 11:45am

I am following below blueprint for creating openai embedding connector with opensearch 2.11

opensearch-project/ml-commons/blob/2.x/docs/remote_inference_blueprints/openai_connector_embedding_blueprint.md

# OpenAI connector blueprint example for embedding model

## 1. Create connector for OpenAI embedding model:

Refer to OpenAI [official doc](https://platform.openai.com/docs/guides/embeddings).

If you are using self-managed Opensearch, you should supply OpenAI API key:

```json
POST /_plugins/_ml/connectors/_create
{
  "name": "<YOUR CONNECTOR NAME>",
  "description": "<YOUR CONNECTOR DESCRIPTION>",
  "version": "<YOUR CONNECTOR VERSION>",
  "protocol": "http",
  "parameters": {
    "model": "text-embedding-ada-002"
  },
  "credential": {
    "openAI_key": "<PLEASE ADD YOUR OPENAI API KEY HERE>"

This file has been truncated. show original

when I execute below request it error out with “Request failed to get to the server (status code: 502)”

POST /_plugins/_ml/connectors/_create
{
  "name": "text-embedding-3-small",
  "description": "text-embedding-3-small",
  "version": "1",
  "protocol": "https",
  "parameters": {
    "model": "text-embedding-3-small",
    "endpoint": "api.openai.com"
  },
  "credential": {
    "openAI_key": "api-key"
  },
  "actions": [
    {
      "action_type": "predict",
      "method": "POST",
      "url": "${parameters.endpoint}/v1/embeddings",
      "headers": {
        "Authorization": "Bearer ${credential.openAI_key}"
      },
      "request_body": "{ \"input\": ${parameters.input}, \"model\": \"${parameters.model}\" }",
      "pre_process_function": "connector.pre_process.openai.embedding",
      "post_process_function": "connector.post_process.openai.embedding"
    }
  ]
}

jigar.parekh · March 14, 2024, 1:04pm

It seems that in case of AWS Opensearch Service we have to provide role and secretto api-key

Now payload has been changed to

{
  "name": "text-embedding-3-small",
  "description": "text-embedding-3-small",
  "version": "1",
  "protocol": "https",
  "parameters": {
    "model": "text-embedding-3-small"
  },
  "credential": {
    "secretArn": "arn:aws:secretsmanager:ap-northeast-1:xxxx:secret:openapikey-bRLaNi",
    "roleArn": "arn:aws:iam::xxxx:role/opensearch-secretmanager-role"
  },
  "actions": [
    {
      "action_type": "predict",
      "method": "POST",
      "url": "https://api.openai.com/v1/embeddings",
      "headers": {
        "Authorization": "Bearer ${credential.secretArn.key}"
      },
      "request_body": "{ \"input\": ${parameters.input}, \"model\": \"${parameters.model}\" }",
      "pre_process_function": "connector.pre_process.openai.embedding",
      "post_process_function": "connector.post_process.openai.embedding"
    }
  ]
}

But now it is erroring out with

no permissions for [cluster:admin/opensearch/ml/create_connector] and User [name=arn:aws:iam::xxxx:user/opensearch-user, backend_roles=, requestedTenant=null]

Topic		Replies	Views
Create a connector in order to Connecting to remote models OpenSearch	7	852	April 27, 2024
Debugging remote connectors HTTP calls Machine Learning	3	16	November 28, 2024
Can I use external embedding model API that only accepts single text as request Machine Learning	0	7	December 2, 2024
Connector for vertex ai models in conversational search Machine Learning discuss , configure	4	326	April 20, 2024
Unable to register a new model - error 'Invalid arguments in credential body' Machine Learning troubleshoot	1	20	November 13, 2024

Create connector is failing with 502 and permission error for openai embedding

Related topics