diff --git a/registry/coder/modules/claude-code/README.md b/registry/coder/modules/claude-code/README.md index 772f20b8..9aa0a12f 100644 --- a/registry/coder/modules/claude-code/README.md +++ b/registry/coder/modules/claude-code/README.md @@ -124,51 +124,26 @@ AWS account with Bedrock access, Claude models enabled in Bedrock console, appro Configure Claude Code to use AWS Bedrock for accessing Claude models through your AWS infrastructure. ```tf -resource "coder_env" "bedrock_use" { - agent_id = coder_agent.example.id - name = "CLAUDE_CODE_USE_BEDROCK" - value = "1" -} - -resource "coder_env" "aws_region" { - agent_id = coder_agent.example.id - name = "AWS_REGION" - value = "us-east-1" # Choose your preferred region -} - -# Option 1: Using AWS credentials -resource "coder_env" "aws_access_key" { - agent_id = coder_agent.example.id - name = "AWS_ACCESS_KEY_ID" - value = "your-access-key-id" -} - -resource "coder_env" "aws_secret_key" { - agent_id = coder_agent.example.id - name = "AWS_SECRET_ACCESS_KEY" - value = "your-secret-access-key" - sensitive = true -} - -# Option 2: Using Bedrock API key (simpler) -resource "coder_env" "bedrock_api_key" { - agent_id = coder_agent.example.id - name = "AWS_BEARER_TOKEN_BEDROCK" - value = "your-bedrock-api-key" - sensitive = true -} - module "claude-code" { - source = "registry.coder.com/coder/claude-code/coder" - version = "3.0.1" - agent_id = coder_agent.example.id - workdir = "/home/coder/project" - model = "us.anthropic.claude-3-7-sonnet-20250219-v1:0" + source = "registry.coder.com/coder/claude-code/coder" + version = "3.0.1" + agent_id = coder_agent.example.id + workdir = "/home/coder/project" + model = "anthropic.claude-3-5-sonnet-20241022-v2:0" # Bedrock model ID + use_bedrock = true + aws_region = "us-west-2" + + # Option 1: Using AWS credentials + aws_access_key_id = "AKIA..." + aws_secret_access_key = "your-secret-key" + + # Option 2: Using Bedrock API key (alternative to AWS credentials) + # aws_bearer_token_bedrock = "your-bedrock-api-key" } ``` > [!NOTE] -> For additional Bedrock configuration options (model selection, token limits, region overrides, etc.), see the [Claude Code Bedrock documentation](https://docs.claude.com/en/docs/claude-code/amazon-bedrock). +> For model IDs and available models in your region, refer to the [AWS Bedrock documentation](https://docs.aws.amazon.com/bedrock/latest/userguide/models-supported.html). For additional Bedrock configuration options (model selection, token limits, region overrides, etc.), see the [Claude Code Bedrock documentation](https://docs.claude.com/en/docs/claude-code/amazon-bedrock). ### Usage with Google Vertex AI @@ -179,33 +154,28 @@ GCP project with Vertex AI API enabled, Claude models enabled through Model Gard Configure Claude Code to use Google Vertex AI for accessing Claude models through Google Cloud Platform. ```tf -resource "coder_env" "vertex_use" { - agent_id = coder_agent.example.id - name = "CLAUDE_CODE_USE_VERTEX" - value = "1" -} - -resource "coder_env" "vertex_project_id" { - agent_id = coder_agent.example.id - name = "ANTHROPIC_VERTEX_PROJECT_ID" - value = "your-gcp-project-id" -} - -resource "coder_env" "cloud_ml_region" { - agent_id = coder_agent.example.id - name = "CLOUD_ML_REGION" - value = "global" -} - module "claude-code" { - source = "registry.coder.com/coder/claude-code/coder" - version = "3.0.1" - agent_id = coder_agent.example.id - workdir = "/home/coder/project" - model = "claude-sonnet-4@20250514" + source = "registry.coder.com/coder/claude-code/coder" + version = "3.0.1" + agent_id = coder_agent.example.id + workdir = "/home/coder/project" + model = "claude-3-5-sonnet@20241022" # Vertex AI model name + use_vertex = true + vertex_project_id = "your-gcp-project-id" + vertex_region = "us-central1" # or "global" } ``` +**Authentication** + +Vertex AI uses Google Cloud authentication. Ensure your workspace has access to Google Cloud credentials through one of these methods: + +1. **Application Default Credentials (ADC)**: Set up through `gcloud auth application-default login` +2. **Service Account**: Configure `GOOGLE_APPLICATION_CREDENTIALS` environment variable +3. **Workload Identity**: For GKE deployments + +Refer to the [Google Cloud authentication documentation](https://cloud.google.com/docs/authentication/application-default-credentials) for detailed setup instructions. + > [!NOTE] > For additional Vertex AI configuration options (model selection, token limits, region overrides, etc.), see the [Claude Code Vertex AI documentation](https://docs.claude.com/en/docs/claude-code/google-vertex-ai). diff --git a/registry/coder/modules/claude-code/main.tf b/registry/coder/modules/claude-code/main.tf index d391e479..b01d484f 100644 --- a/registry/coder/modules/claude-code/main.tf +++ b/registry/coder/modules/claude-code/main.tf @@ -192,6 +192,57 @@ variable "claude_md_path" { default = "$HOME/.claude/CLAUDE.md" } +variable "use_bedrock" { + type = bool + description = "Whether to use AWS Bedrock for Claude Code." + default = false +} + +variable "aws_region" { + type = string + description = "AWS region for Bedrock." + default = "" +} + +variable "aws_access_key_id" { + type = string + description = "AWS access key ID for Bedrock authentication." + default = "" + sensitive = true +} + +variable "aws_secret_access_key" { + type = string + description = "AWS secret access key for Bedrock authentication." + default = "" + sensitive = true +} + +variable "aws_bearer_token_bedrock" { + type = string + description = "AWS Bedrock API key for simplified authentication." + default = "" + sensitive = true +} + +variable "use_vertex" { + type = bool + description = "Whether to use Google Vertex AI for Claude Code." + default = false +} + +variable "vertex_project_id" { + type = string + description = "Google Cloud project ID for Vertex AI." + default = "" +} + +variable "vertex_region" { + type = string + description = "Google Cloud region for Vertex AI." + default = "global" +} + resource "coder_env" "claude_code_md_path" { count = var.claude_md_path == "" ? 0 : 1 @@ -221,6 +272,61 @@ resource "coder_env" "claude_api_key" { name = "CLAUDE_API_KEY" value = var.claude_api_key } +resource "coder_env" "use_bedrock" { + count = var.use_bedrock ? 1 : 0 + agent_id = var.agent_id + name = "CLAUDE_CODE_USE_BEDROCK" + value = "1" +} + +resource "coder_env" "aws_region" { + count = var.use_bedrock && var.aws_region != "" ? 1 : 0 + agent_id = var.agent_id + name = "AWS_REGION" + value = var.aws_region +} + +resource "coder_env" "aws_access_key_id" { + count = var.use_bedrock && var.aws_access_key_id != "" ? 1 : 0 + agent_id = var.agent_id + name = "AWS_ACCESS_KEY_ID" + value = var.aws_access_key_id +} + +resource "coder_env" "aws_secret_access_key" { + count = var.use_bedrock && var.aws_secret_access_key != "" ? 1 : 0 + agent_id = var.agent_id + name = "AWS_SECRET_ACCESS_KEY" + value = var.aws_secret_access_key +} + +resource "coder_env" "aws_bearer_token_bedrock" { + count = var.use_bedrock && var.aws_bearer_token_bedrock != "" ? 1 : 0 + agent_id = var.agent_id + name = "AWS_BEARER_TOKEN_BEDROCK" + value = var.aws_bearer_token_bedrock +} + +resource "coder_env" "use_vertex" { + count = var.use_vertex ? 1 : 0 + agent_id = var.agent_id + name = "CLAUDE_CODE_USE_VERTEX" + value = "1" +} + +resource "coder_env" "vertex_project_id" { + count = var.use_vertex && var.vertex_project_id != "" ? 1 : 0 + agent_id = var.agent_id + name = "ANTHROPIC_VERTEX_PROJECT_ID" + value = var.vertex_project_id +} + +resource "coder_env" "vertex_region" { + count = var.use_vertex ? 1 : 0 + agent_id = var.agent_id + name = "CLOUD_ML_REGION" + value = var.vertex_region +} locals { # we have to trim the slash because otherwise coder exp mcp will