docs(dotAI): document Bedrock model ID forms, credentials, and error mapping

[sfreudenthaler]

Stacked PR 3/3 into #35242 — base is dot-ai-bedrock-timeout-retries (#36024). Offered as optional help, @ihoffmann-dot.

Proposed Changes

• Class-level javadoc on BedrockModelProviderStrategy + extended ProviderConfig Bedrock block. Every claim verified by live invocations against real Bedrock models (R&D account, today):
  • Model ID forms: inference-profile-prefixed (us.deepseek.r1-v1:0 — bare ID rejected) vs bare on-demand (openai.gpt-oss-120b-1:0, amazon.titan-embed-text-v2:0 — no profile exists; prefix would fail)
  • Error decoder: on-demand throughput isn't supported → use profile prefix · This model doesn't support the stopSequences field → langchain4j-bedrock < 1.16.0 limitation (see below) · AccessDeniedException → model access not enabled
  • Credential model (both-or-neither, default-chain/IRSA fallback), embedding families, image unsupported

⚠️ Finding for the broader PR (not fixed here — your call @ihoffmann-dot)

The pinned langchain4j BOM 1.0.0 resolves langchain4j-bedrock:1.0.0-beta5, which unconditionally sends stopSequences in the Converse request. Live-verified: the gpt-oss family fails with ValidationException on every chat AND streaming call, regardless of request params — while DeepSeek R1 works (and beta5 already filters its reasoning blocks correctly; no reasoning leak in either mode). Re-tested on langchain4j-bedrock:1.16.0: gpt-oss works cleanly in both modes. If gpt-oss support matters, the BOM needs a bump — left out of this stack since it affects all providers.

Checklist

• Tests: 22/22 strategy, 38/38 factory (docs-only change)
• No translations needed
• No security implications

🤖 Generated with Claude Code

[github-actions]

❌ Issue Linking Required

This PR could not be linked to an issue. All PRs must be linked to an issue for tracking purposes.

How to fix this:

Option 1: Add keyword to PR body (Recommended - auto-removes this comment)
Edit this PR description and add one of these lines:

• This PR fixes #123 or Fixes: #123

• This PR closes #123 or Closes: #123

• This PR resolves #123 or Resolves: #123

• Other supported keywords: fix, fixed, close, closed, resolve, resolved
  Option 2: Link via GitHub UI (Note: won't clear the failed check)

1. Go to the PR → Development section (right sidebar)

2. Click "Link issue" and select an existing issue

3. Push a new commit or re-run the workflow to clear the failed check
   Option 3: Use branch naming
   Create a new branch with one of these patterns:

• 123-feature-description (number at start)

• issue-123-feature-description (issue-number at start)

• feature-issue-123 (issue-number anywhere)

Why is this required?

Issue linking ensures proper tracking, documentation, and helps maintain project history. It connects your code changes to the problem they solve.---

This comment was automatically generated by the issue linking workflow

[claude]

Claude finished @sfreudenthaler's task in 50s —— View job

---

Rollback Safety Analysis

• Read rollback-unsafe categories reference
• Get PR diff
• Analyze changes against unsafe categories
• Apply label

Result: ✅ Safe To Rollback

This PR contains documentation-only changes — javadoc additions to two Java files:

• BedrockModelProviderStrategy.java: New class-level Javadoc (52 lines of comments added)
• ProviderConfig.java: Extended existing Javadoc for the Bedrock block (10 lines of comments added/modified)

No database migrations, Elasticsearch mapping changes, data model changes, API contract changes, schema alterations, or any other structural modifications were made. The changes do not touch any category in the rollback-unsafe reference (C-1 through M-4).

Label AI: Safe To Rollback has been applied.