Forem: Subhash Bohra

Building a Serverless GenAI Chatbot using Amazon Bedrock & Amazon Kendra (Hands-on RAG Workshop)

Subhash Bohra — Wed, 14 Jan 2026 09:18:35 +0000

🚀 Building a Serverless GenAI Chatbot using Amazon Bedrock & Amazon Kendra

Generative AI becomes truly powerful when combined with enterprise knowledge.

In this hands-on workshop, I built a fully serverless chatbot using Amazon Bedrock, Amazon Kendra, and Retrieval-Augmented Generation (RAG).

❓ Why RAG?

LLMs are powerful — but they don’t know your data.

Retrieval-Augmented Generation (RAG) bridges this gap by:

Retrieving relevant enterprise documents
Injecting context into prompts
Producing accurate, grounded responses

🧠 Architecture Breakdown

Core Components:

Frontend: AWS Amplify (Vue.js)
API Layer: Amazon API Gateway
Compute: AWS Lambda
AI Models: Amazon Bedrock (Claude 3, Mistral, Llama)
Search: Amazon Kendra
Storage: Amazon S3
Security: Amazon Cognito

🔄 End-to-End Flow

User submits a query
Lambda retrieves relevant documents
Prompt is augmented with context
Bedrock generates a grounded response
UI displays the result

🛠️ What I Implemented

✔ CloudFormation-based infrastructure

✔ AWS SAM backend deployment

✔ Bedrock LLM integration

✔ Kendra document indexing

✔ Secure authentication via Cognito

✔ Serverless frontend with Amplify

💡 Real-World Applications

Internal enterprise assistants
Compliance & policy search
Technical documentation bots
Customer support automation
Knowledge discovery platforms

📌 Key Learnings

RAG dramatically improves LLM accuracy
Bedrock abstracts LLM complexity
Kendra simplifies enterprise search
Serverless = scale + cost efficiency

🔜 What’s Next?

Multi-tenant SaaS architecture
Agent-based workflows
Streaming token responses
Cost & latency optimization

🔗 Resources

GitHub Repo: https://github.com/subhashbohra/aws-serverless-labs/tree/main/01-bedrock-kendra-chatbot
AWS Workshops: https://workshops.aws.com
Blog: https://acloudresume.com

Thanks for reading!

If you’re exploring AWS Serverless + GenAI, let’s connect 🚀

I Was Overpaying for AWS EC2 (Here’s What I Learned)

Subhash Bohra — Wed, 31 Dec 2025 05:28:46 +0000

Ever felt that uncomfortable pause before opening your AWS bill?

That moment where you know something is off, but you still hope it’s just a rounding error.

I’ve been there.

For years, EC2 felt like the safest option. Familiar. Predictable.

But in 2025, while managing a few internal services, I realized something uncomfortable:

I wasn’t paying for performance.

I was paying for idle compute.

The Moment It Clicked

Above: Real-world AWS cost dashboard highlighting idle EC2 capacity and fixed infrastructure costs.

Our setup looked reasonable on paper:

A small API service
A scheduled batch job
A webhook listener

All running on:

EC2
Application Load Balancer
Auto Scaling Groups

Traffic was unpredictable — short bursts, long quiet periods.

But the bill?

Consistently loud.

The Hidden Cost of “Always On”

When I dug deeper, a pattern emerged:

Instances were idle over 70% of the time
ALB and NAT Gateway costs never stopped
Nights, weekends, and off-hours were pure waste

That’s when it hit me:

EC2 wasn’t expensive.

Idle EC2 was.

STAR Breakdown (Interview-Ready)

⭐ Situation

Three internal services were running on EC2 with Auto Scaling, despite highly bursty traffic patterns.

⭐ Task

Reduce AWS infrastructure cost without sacrificing reliability or performance.

⭐ Action

Identified the least complex service
Refactored it into AWS Lambda
Exposed it using API Gateway
Implemented proper monitoring and secrets management

⭐ Result

Significant monthly cost reduction
No server patching or scaling rules
Cold starts consistently under 200ms
Fewer operational alerts and cleaner observability

This one change justified the entire experiment.

The Migration (What I Actually Did)

Above: Transition from EC2 + ALB + ASG to Lambda + API Gateway for bursty workloads.

Step 1: Break the Service Apart

Each Lambda function had a single responsibility.

Step 2: API Gateway as the Front Door

Clear request/response contracts, proper routing, and throttling.

Step 3: Observability from Day One

CloudWatch logs, metrics, and alarms were mandatory.

Step 4: Secrets Stayed Out of Code

Used SSM Parameter Store / Secrets Manager.

Step 5: Cold Start Control

Provisioned Concurrency only where latency truly mattered.

Sample Lambda Function (Node.js)


js
export const handler = async (event) => {
  console.log("Incoming request:", JSON.stringify(event));

  return {
    statusCode: 200,
    body: JSON.stringify({
      message: "Hello from Lambda!",
      requestId: event.requestContext?.requestId
    })
  };
};

What Is Serverless? A Beginner’s Guide to AWS Lambda & Event-Driven Architectures

Subhash Bohra — Tue, 04 Nov 2025 10:13:39 +0000

This post tackles that question by exploring the concept of serverless, focusing in particular on AWS Lambda and event-driven architectures on Amazon Web Services (AWS). I’ll use the STAR format (Situation → Task → Action → Results) to structure this discussion, combining conceptual clarity with practical guidance and insights from more than 10 references.

⭐ Situation

In the modern cloud era, developers are under pressure to build applications which are scalable, agile, cost-efficient, and resilient, while avoiding the overhead of provisioning and managing infrastructure. Traditional server-based architectures (think virtual machines, heavy provisioning, fixed capacity) no longer always serve these demands.
At the same time, new application patterns – especially those driven by real-time events, asynchronous workflows, integration with many services – are emerging. As a university research student fascinated by cloud architecture, I found myself asking:

“How do I build applications where I don't manage servers, yet they respond to events and scale seamlessly?”

🎯 Task

My goal is to produce a beginner-friendly yet technically sound guide that:

Explains what serverless computing is, and why it matters.
Introduces AWS Lambda as the canonical serverless compute service.
Explains event-driven architecture (EDA): what it is, how it works, why it pairs so well with serverless.
Shows how AWS Lambda fits into EDA, with typical workflow patterns and architecture blocks.
Gives practical tips, best practices and pitfalls for someone starting with serverless + event-driven on AWS.
Provides a research-aware lens: referencing academic and practitioner literature, linking to more advanced reading.

🧠 Action

1. What is “Serverless”?

The term “serverless” is often used loosely, so it’s helpful to define it precisely.

According to AWS:

“Serverless applications start with AWS Lambda, an event-driven compute service natively integrated with more than 200 AWS services.”
Amazon Web Services, Inc.
In other words: you don’t provision/maintain servers, you write code/functions, and the underlying infrastructure is abstracted away.

From a broader viewpoint:

“Serverless computing is a cloud service category where the customer can use different cloud capability types without having to provision, deploy and manage either hardware or software resources, other than providing customer application code or providing customer data.”
Wikipedia

Major characteristics include:
No server management: developers focus on code, not infrastructure.
Event-driven / on-demand execution: the code runs in response to triggers.
Automatic scaling: the platform handles resource allocation.
Pay-per-use (fine-grained billing): you pay for execution time or resource consumption, not for idle capacity.
Tighter integration with managed services: serverless often leverages “database as a service”, “messaging as a service”, etc.

Hence: serverless is not about “no servers” (servers still exist), but about no server management by you.

2. Enter AWS Lambda

AWS Lambda is a flagship serverless compute service:

- Definition:

“AWS Lambda is a serverless compute service for running code without having to provision or manage servers. You pay only for the compute time you consume.”
Amazon Web Services, Inc.

Features & integration:
- It supports many languages and runtimes.
- It can be triggered by numerous event sources (S3 uploads, DynamoDB streams, API Gateway HTTP calls, scheduled tasks).
- It auto-scales, handles concurrency, and you focus on the function logic rather than provisioning.
Why Lambda matters: It’s the core “function as a service” (FaaS) building block that makes serverless practical. Many serverless architectures rely on Lambda as the compute backbone.
What is Event-Driven Architecture (EDA)?

Event-driven architecture is a design paradigm that aligns very well with serverless:

Definition:

“An event-driven architecture uses events to trigger and communicate between decoupled services and is common in modern applications built with microservices.”
Amazon Web Services, Inc.

Core components (from AWS documentation):
- Event producer: Something that emits an event, e.g., “file uploaded”, “order placed”.
- Event router: A mechanism that receives events, filters/rules them, and routes to appropriate consumers.
- Event consumer: The service that reacts to the event (processes it).
Why use EDA? Benefits:
- Loose coupling between components → easier to modify, scale, extend. AWS Documentation
- Asynchronous processing → better scalability and responsiveness. Amazon Web Services, Inc.
- Improved resilience: one part of the system fails yet others can continue.
- Fan-out and parallel processing are easier to achieve. Amazon Web Services, Inc.
However: EDA has its complexities – latency, debugging distributed flows, event ordering, etc. For example:

“Unlike monolithic applications … event‐driven applications communicate across networks. This design introduces variable latency.”
AWS Documentation

4. How Lambda and EDA come together: Serverless + Event-Driven

Let’s bring together the prior two into a cohesive picture.

Why Lambda is a natural fit for EDA:

Lambda is inherently event-driven: you configure it to trigger based on events.
You don’t worry about servers; you just respond to events. Good for asynchronous workflows.
You can build decoupled systems where events flow through a bus/queue and Lambda functions consume them.

Typical architecture flow (high-level):

Event producer (e.g., user request, file upload to S3)
Event router (e.g., Amazon EventBridge, SNS, SQS)
Lambda function triggered by the event → business logic
Optionally publish another event or store data (in DynamoDB, etc)
Other consumers pick up events, process further, maybe fan-out.

Example scenario:

A file is uploaded to S3 → S3 emits an “ObjectCreated” event → Lambda triggered → the function processes the file (e.g., image thumbnail) → once done publishes a “ThumbnailReady” event → another Lambda sends notification to user.
Decoupled: uploader doesn’t need to know about processing; multiple consumers can subscribe to the same event; scaling happens automatically.

Design patterns & best practices (summary):

Use queues or event buses to decouple producers and consumers. For example: “If a downstream process is slower than an upstream process, the queue durably persists messages and decouples the two functions.”
Make Lambda functions idempotent, because event source mappings may deliver events more than once.
Use monitoring/tracing (CloudWatch, X-Ray) to track end-to-end flows.
Avoid the “Lambda Pinball” anti-pattern where many small functions invoke each other in a chaotic way. (See Wikipedia on serverless anti-patterns)

5. Practical Tips for Beginners

Since this is a beginner’s guide, here are actionable tips:

- Start small: Build a simple Lambda-triggered by an S3 upload. Make sure you understand triggers, IAM permissions, event format.
- Use built-in integrations: AWS services like S3, DynamoDB Streams, EventBridge, SNS, SQS integrate directly with Lambda. Leverage them.
- Think in events: Instead of “user calls service → service does everything”, think “user triggers event → service/s consume event → maybe emit next event”.
- Design for failure: Since asynchronous flows may fail silently, consider dead-letter queues, retries, error handling, idempotency.
- Consider cold starts / latency: While Lambda abstracts servers, there is still latency when functions start. For high-performance use cases evaluate provisioned concurrency, etc.
- Observe cost model: You pay per invocation and compute time. Use efficient code, minimize idle time within functions.
- Beware coupling: Just because functions are small and decoupled doesn’t mean they’re independent. Keep domain boundaries clear, avoid functions that know too much.
- Use infrastructure as code (IaC): Tools like AWS CloudFormation, Serverless Framework reduce manual work and enforce best practices.
- Monitor, trace end-to-end: In an event-driven world you may have many moving parts. Use tools to trace events across functions.
- Document event payloads and contracts: Because producers and consumers are loosely coupled, clearly define event schemas, versioning, backward-compatibility.

6. Results & Why This Matters

Building serverless, event-driven architectures offers real benefits:

Increased developer agility: fewer servers to manage, faster iterations.
Better scalability: automatic scaling based on event load.
Cost-efficiency: you pay only when your code runs, not for idle servers.
Decoupled, extensible systems: you can add new consumers or extend workflows without rewriting large parts.
Alignment with modern application patterns (microservices, real-time, IoT, mobile backends) where events are natural.

✅ Summary

Serverless computing means you write code, not manage servers; your infrastructure is abstracted.
AWS Lambda is the compute workhorse of the AWS serverless ecosystem.
Event-driven architecture (EDA) is a design paradigm where decoupled services respond to events (state changes).
Combining serverless + EDA means building responsive, elastic, loosely-coupled systems: many modern cloud apps follow this pattern.
For beginners: start simple, think in events, design for failure, monitor your flows, and adopt infrastructure as code.

Latest DevOps Tools and Trends: A Comprehensive Guide

Subhash Bohra — Wed, 23 Oct 2024 12:10:03 +0000

As businesses accelerate their digital transformations, the demand for seamless, efficient, and reliable software delivery processes is more pressing than ever. Enter DevOps—a blend of development and operations that streamlines collaboration, automation, and feedback across the software development lifecycle (SDLC). The continual growth of cloud platforms and microservices has resulted in the emergence of innovative DevOps tools and practices. Based on insights from the AWS Marketplace DevOps Workshop Series, let’s explore the latest DevOps tools and trends shaping the industry.

Key DevOps Tools Dominating the Industry

1. Continuous Integration/Continuous Deployment (CI/CD) Tools Continuous integration and delivery are critical components of DevOps. These practices ensure that code is regularly integrated, tested, and deployed with minimal manual intervention. The trend is toward fully automated pipelines that allow organizations to deliver features faster while maintaining high code quality.

- Jenkins: Jenkins is an open-source automation server often used to orchestrate CI/CD pipelines. Its wide plugin ecosystem supports numerous third-party tools, making it versatile for automating a wide variety of tasks.
- GitLab CI: An all-in-one platform offering version control, CI/CD, and automation. GitLab’s integrated CI pipeline allows for easy code review, version management, and security checks, aligning well with a DevSecOps approach.
- AWS CodePipeline: A cloud-based CI/CD service offered by AWS, designed to automate the build, test, and deployment processes. It seamlessly integrates with other AWS services, making it ideal for organizations running their workloads in the cloud.

Here is the Periodic Table of DevOps tool by digital.ai, you can see the live version over here - DevSecOps Tools Periodic Table

2. Infrastructure as Code (IaC) Infrastructure as Code (IaC) revolutionizes the way infrastructure is managed by treating infrastructure configurations as code. This allows teams to automate the setup and management of their infrastructure.

- Terraform: Terraform by HashiCorp enables the creation of reusable infrastructure templates, promoting consistency across environments. Its cloud-agnostic nature allows teams to manage resources across multiple providers.
- AWS CloudFormation: AWS’s infrastructure-as-code solution offers predefined templates for setting up and managing AWS resources. It integrates seamlessly into AWS environments, ensuring quick deployments of complex architectures.
- Ansible: A popular tool for configuration management and automation, Ansible is lightweight and agentless. Its declarative language makes it easy to automate configuration changes across environments.

3. Containerization and Orchestration Tools As microservices and containerization grow in popularity, orchestration platforms like Kubernetes ensure that these lightweight containers are efficiently managed and scaled.

- Docker: Docker is the go-to tool for containerization. It allows developers to package their applications and dependencies into isolated environments that are portable across systems.
- Kubernetes: Kubernetes (K8s) is an open-source orchestration platform that automates the deployment, scaling, and management of containerized applications. Kubernetes helps manage hundreds or thousands of containers, ensuring they are highly available and resilient(AWS-Marketplace-DevOps-…).
- Amazon ECS (Elastic Container Service): AWS’s managed container service, ECS simplifies the running of Docker containers across the cloud and integrates closely with other AWS services for monitoring, scaling, and management.

*4. Monitoring and Observability Tools * Monitoring is essential for ensuring that applications are performant, secure, and reliable. The modern approach involves observability, which offers greater insights into application behavior, failures, and performance through metrics, logs, and traces.

- Prometheus: A leading open-source monitoring tool, Prometheus specializes in event monitoring and alerting. It collects real-time metrics and enables powerful queries for data visualization and alerting.
- Grafana: Grafana is a popular tool for visualizing data from Prometheus and other sources, offering rich, interactive dashboards for monitoring and analytics.
- Amazon CloudWatch: Amazon CloudWatch is a fully managed monitoring service for AWS resources. It collects and tracks metrics, monitors log files, and sets alarms to provide a comprehensive overview of infrastructure health.

DevOps Trends to Watch in 2024

1. Shift-Left Testing and Continuous Testing Shift-left testing is a trend where testing processes are moved earlier into the SDLC, enabling faster feedback and identifying defects early. Continuous testing is a natural extension of this approach, integrating automated tests at every stage of the CI/CD pipeline.

Automated tests are now being implemented not only for unit and integration testing but also for security, compliance, and performance testing.
Tools like Selenium, Cypress, and AWS Device Farm enable continuous testing of applications across multiple environments and devices, ensuring that code meets the highest quality standards before it reaches production.

2. AI/ML Integration in DevOps (AIOps) Artificial Intelligence for IT Operations (AIOps) is gaining traction as a way to enhance monitoring, alerting, and performance optimization. By integrating AI/ML models, DevOps teams can predict infrastructure issues before they happen and implement automated fixes.

Tools like Splunk, Datadog, and Moogsoft are incorporating AI/ML to provide predictive insights, allowing teams to automate remediation of common incidents and improve application uptime.

3. DevSecOps – Security as Code Security is no longer an afterthought; it’s embedded into every stage of the DevOps lifecycle. DevSecOps extends DevOps by integrating security practices from the outset, ensuring secure code delivery without slowing down the development process.

Tools like SonarQube (for static code analysis) and Aqua Security (for securing containers) ensure vulnerabilities are detected and mitigated early in the pipeline.
Compliance-as-Code practices are being adopted, with tools like HashiCorp Sentinel enabling policy enforcement within CI/CD pipelines

4. Value Stream Management (VSM) Organizations are now focusing on optimizing the flow of work through their DevOps pipelines to deliver more value to the customer. Value Stream Management (VSM) involves mapping and optimizing all the activities involved in delivering a product from idea to production.

Tools like Plutora and Tasktop are helping organizations visualize and optimize their value streams, aligning business objectives with IT goals.

5. Serverless Computing Serverless computing is becoming a key trend, allowing teams to focus on code and business logic while the cloud provider manages infrastructure. This shift allows faster releases with less operational overhead.

AWS Lambda is the most widely adopted serverless service, enabling organizations to run code in response to events without provisioning or managing servers. As the ecosystem matures, more DevOps pipelines will incorporate serverless architectures to improve scalability and reduce costs.

Conclusion: The Future of DevOps

The rapid evolution of DevOps tools and practices is enabling businesses to innovate faster while maintaining quality and security. Trends like AIOps, DevSecOps, and value stream management are pushing the boundaries of what DevOps can achieve, ensuring that software delivery is faster, safer, and more reliable than ever before.

As companies move to the cloud and adopt microservices, the ability to continuously deliver value to customers will depend on choosing the right DevOps tools and practices. By staying ahead of the trends and investing in automation, observability, and security, organizations can thrive in an increasingly competitive and digital-first world.

For businesses looking to stay ahead, platforms like the AWS Marketplace provide access to a wide variety of DevOps tools, offering hands-on labs and resources to help teams adopt the latest technologies and practices.

Reference for this blog is from AWS DevOps Workshop Series

Exploring the AWS Well-Architected Tool: A Beginner's Guide

Subhash Bohra — Sat, 19 Oct 2024 09:45:11 +0000

Introduction

Cloud computing has become a foundational skill in today’s tech landscape, and Amazon Web Services (AWS) is at the forefront of this revolution. For college students or beginners venturing into cloud technologies, understanding how to build, maintain, and improve cloud infrastructure is key. One tool that simplifies this process is the AWS Well-Architected Tool (AWS WA Tool).

This blog will walk you through the AWS Well-Architected Tool, its importance, and practical use cases. By the end, you’ll know how this tool can help you design better, scalable, and secure systems, even if you're just starting out in the world of cloud computing.

What is the AWS Well-Architected Tool?

The AWS Well-Architected Tool is a free service that helps you evaluate and improve your cloud architecture based on AWS’s best practices. It revolves around the AWS Well-Architected Framework, which provides a structured approach to assess and optimize workloads. This tool guides you through architectural decisions by examining your workloads against five key pillars:

- Operational Excellence: Focuses on operations, monitoring, and automation.
- Security: Ensures data protection, managing risks, and securing workloads.
- Reliability: Ensures workloads can recover from failures and meet customer demands.
- Performance Efficiency: Optimizes resources for performance.
- Cost Optimization: Helps reduce unnecessary expenses.

The AWS Well-Architected Tool provides you with actionable insights to address risks and make improvements, all based on these pillars.

How it works

reference

Why is this Tool Important for Beginners?
As a college student or someone new to cloud computing, building a strong foundation in cloud architecture is crucial. However, cloud environments can become complex. Without proper guidelines, you might unknowingly create systems that are costly, insecure, or inefficient. AWS’s Well-Architected Tool simplifies this process by offering:

- Free access: The tool is included with any AWS account.
- Comprehensive Reviews: It identifies weaknesses and provides recommendations to fix them.
- Guided Learning: By using the tool, you’ll naturally gain deeper insights into AWS best practices.

Key Features of the AWS Well-Architected Tool
Here’s a closer look at the tool’s standout features:

1. Architectural Guidance
The tool offers comprehensive guidance tailored to your specific cloud workloads. You’ll receive suggestions that ensure your architecture adheres to AWS best practices. For students, this guidance acts like a mentor, walking you through your cloud decisions step by step.

2. In-Workflow Best Practices
Using APIs, you can extend the tool to integrate directly into your workflows. This is a game-changer for teams or organizations that want to regularly check their architecture as part of their ongoing processes.

3. Milestone Tracking
The tool allows you to save points-in-time snapshots of your architecture. This lets you track changes and improvements over time, making it easy to measure how your workload improves after making the recommended adjustments.

4. Collaboration & Customization
With the AWS Well-Architected Tool, you can collaborate with multiple users and share custom “lenses” to evaluate the health of your architecture. For example, you can add a sustainability lens to assess environmental impact, making the tool adaptable to different projects and goals.

Use Cases and Examples
Let’s explore how the AWS Well-Architected Tool can be used in various scenarios that may be relevant to you as a student or beginner.

1. Learning and Experimentation
Imagine you’re working on a project in a cloud computing course where you’ve been asked to deploy a small application on AWS. You set up a basic infrastructure—EC2 instances, S3 storage, and maybe a database using RDS. The architecture works, but how can you be sure it’s reliable or cost-efficient?

Here’s where the AWS Well-Architected Tool steps in:

- Run a Review: After setting up your infrastructure, run a Well-Architected review. The tool will assess your architecture against AWS best practices.
- Identify Improvements: You may find that your application isn’t fully utilizing its EC2 instances, suggesting a switch to a cheaper pricing plan. Or it might flag a security concern regarding your S3 bucket permissions.
- Action Plan: The tool provides recommendations to improve efficiency, security, and cost optimization, helping you build more reliable and secure systems while you learn.

2. Startup or Side Projects
As a student, you might be working on a side project—perhaps developing an app that needs to scale as your user base grows. Initially, everything works fine, but as your app scales, you begin to encounter performance and reliability issues. You also notice your AWS bills creeping up.

The AWS Well-Architected Tool helps you:

- Optimize Resources: By reviewing your architecture, the tool can suggest ways to improve performance and reduce costs. For example, it may recommend using AWS Lambda for some operations instead of EC2 instances to reduce costs for infrequent but bursty workloads.
- Automate Monitoring: It can point out opportunities for automation and monitoring, ensuring that you’re notified early if things go wrong, allowing you to act before your app’s users are impacted.

3. University Research Projects
For university students involved in research that uses large datasets or computation-heavy tasks, optimizing your AWS environment is crucial. Let’s say you’re using AWS to process large genomic datasets for a research project.

The AWS Well-Architected Tool can:

- Evaluate Performance Efficiency: It will assess your use of storage (S3), compute (EC2, Lambda), and database services (RDS or DynamoDB) to ensure that you are processing your data as efficiently as possible.
- Reduce Costs: Since research projects often work within tight budgets, the cost optimization pillar will provide insights into how you can reduce costs, for instance, by using Spot Instances for large batch processing jobs or choosing the most cost-effective storage class for archival data.

4. Team Projects and Collaboration
In a group project where you and several peers are tasked with building a cloud-based solution, collaboration is key. The AWS Well-Architected Tool supports collaborative features, allowing all team members to review and refine your architecture together.

- Shared Visibility: Team members can easily access the architecture review and see areas that need improvement.
- Collaborative Action: Everyone can contribute to addressing the high-risk issues identified, whether it’s enhancing security or optimizing for cost-efficiency.

5. Preparing for AWS Certifications
If you're working toward an AWS certification, such as AWS Certified Solutions Architect – Associate, using the AWS Well-Architected Tool offers hands-on experience in real-world cloud architecture scenarios. You'll get insights into the kinds of architectural decisions that AWS architects face daily, which can significantly boost your understanding and help you prepare for certification exams.

Getting Started: How to Use the AWS Well-Architected Tool
Now that you understand the value of the AWS Well-Architected Tool, here’s how you can start using it.

1. Create an AWS Account: If you don’t already have one, sign up for a free AWS account. This will give you access to the AWS Management Console.
2. Access the AWS Well-Architected Tool: Once inside the AWS Management Console, navigate to the Well-Architected Tool, which is under “Management & Governance.”
3. Select a Workload: Begin by choosing or creating a workload. This could be any application or set of services running in AWS.
4. Run a Review: You’ll be asked a series of questions about your workload, which the tool uses to assess your architecture against the five pillars.
5. Review Results: After answering the questions, you’ll receive a detailed report outlining risks and recommendations for improvement.
6. Implement Recommendations: Using the feedback from the tool, make the necessary changes to your architecture.

Conclusion
The AWS Well-Architected Tool is an invaluable resource for anyone entering the world of cloud computing. Whether you’re a college student just starting out, working on a side project, or preparing for AWS certifications, the tool provides guided, actionable insights to help you build more reliable, secure, and efficient architectures.

The best part? It’s free and easy to use. By integrating it into your learning or projects, you’ll not only enhance your cloud skills but also be well-prepared to tackle real-world cloud challenges.

So, if you haven’t already, sign up for AWS, and start experimenting with the Well-Architected Tool today!

AWS Well-Architected Framework: Building Efficient and Secure Cloud Applications

Subhash Bohra — Fri, 18 Oct 2024 10:47:53 +0000

Introduction

The AWS Well-Architected Framework is designed to help cloud architects build secure, high-performing, and efficient infrastructures on AWS. By aligning with the six core pillars—operational excellence, security, reliability, performance efficiency, cost optimization, and sustainability—this framework provides clear guidelines and best practices for creating scalable and resilient systems.

In this blog post, we’ll dive into each of the pillars and explore how they contribute to robust cloud architecture, with diagrams and insights to help your organization optimize its AWS environment.

The Six Pillars of AWS Well-Architected Framework

1. Operational Excellence
This pillar emphasizes how you run, monitor, and continuously improve your systems. It includes automating processes, setting operational priorities, and efficiently responding to operational events.

Key Strategies:

- Automation: Streamline operations by automating common tasks like deployments, patch management, and backups.
- Proactive Monitoring: Use AWS tools like CloudWatch for real-time monitoring and responding to system health metrics.

2. Security
Security is critical in cloud architecture. This pillar focuses on the protection of data, the implementation of security controls, and monitoring of security breaches.

Core Areas:

- Data Protection: Encrypt data at rest and in transit using AWS services like AWS Key Management Service (KMS).
- Access Management: Implement the principle of least privilege using Identity and Access Management (IAM) roles.

3. Reliability
Reliability ensures your systems can recover from failures and scale based on demand. This pillar includes fault tolerance, disaster recovery, and ensuring resource availability.

Best Practices:

- Redundancy: Use multiple AWS Availability Zones (AZs) to create resilient infrastructures.
- Recovery Mechanisms: Set up automated backups and disaster recovery plans using AWS Elastic Disaster Recovery.

4. Performance Efficiency
This pillar is all about optimizing the performance of your workloads by selecting the appropriate resource types and ensuring system efficiency.

Optimization Tips:

- Right-sizing: Use AWS Auto Scaling to adjust resources based on workload demands, ensuring efficiency.
- Monitoring and Optimization: Leverage AWS CloudFormation and AWS Trusted Advisor to ensure resources are optimized.

AWS Well-Architected Tools and Lenses
AWS offers tools like the Well-Architected Tool that allow you to review and improve your workloads. Additionally, AWS Lenses provide more specialized frameworks for industries like machine learning, IoT, and high-performance computing (HPC).

Conclusion
By following the six pillars of AWS Well-Architected, organizations can ensure their applications are secure, efficient, and cost-effective. AWS provides the tools and services to maintain and improve your architecture over time, ensuring adaptability and resilience in a dynamic cloud environment.

For more details, explore the official AWS Well-Architected page.

Choosing a Generative AI service

Subhash Bohra — Fri, 18 Oct 2024 10:36:53 +0000

Introduction to Generative AI

Generative AI refers to a class of artificial intelligence systems and models that can produce various types of content, including text, code, images, music, and more. These systems learn from existing data and generate new outputs based on recognized patterns. Today, businesses and organizations are increasingly leveraging generative AI to:

Automate creative processes: Speed up time-intensive tasks like writing, designing, and creating images or videos by automating them through AI-driven services.
Personalize content: Tailor content and recommendations based on audience needs and preferences.
Enhance data: Generate large datasets to train machine learning models, especially in cases where human-labeled data is limited.
Reduce costs: Use AI to create content and assets, potentially lowering operational costs.
Enable faster experimentation: Generate and test multiple content versions or creative ideas quickly, which is often impractical through manual efforts. This guide is designed to help you explore AWS’s range of generative AI tools and services to find the best fit for your business needs.

AWS Generative AI Solutions
Amazon provides various generative AI tools and services, each suited to different tasks. The specific tools you use will depend on several factors, including:

Your intended outcomes
The variety of foundational models you want to leverage
The level of customization required
Your team's expertise in AI applications

Amazon Q – Pre-built Applications for Specific Use Cases
Amazon Q is part of AWS’s generative AI offerings, providing applications powered by large language models (LLMs) and other foundational models without requiring users to choose or configure models themselves. These pre-built tools are tailored to different business needs and are supported by Amazon Bedrock. Below are a few notable Amazon Q applications:

Amazon Q Business: Designed for enterprise use, this application helps businesses manage and utilize data by answering questions, summarizing content, and generating insights. It can also integrate lightweight custom applications through Amazon Q Apps, built into your subscription.
Amazon Q Developer: This tool aids developers by assisting with tasks such as coding, testing, and optimizing AWS applications. It integrates with AWS services like Amazon CodeCatalyst and VPC Reachability Analyzer, streamlining workflows and supporting advanced problem-solving.
Amazon Q in QuickSight: This version of Amazon Q focuses on business intelligence, offering users the ability to build visualizations, extract insights, and develop data stories using natural language queries.
Amazon Q in Connect: Aimed at customer service, this application integrates with Amazon Connect to provide agents with real-time insights and recommended actions based on customer interactions, improving service efficiency.

Amazon Bedrock – Customizable AI Model Access
If you need more control over AI applications, Amazon Bedrock offers a managed service with access to multiple foundation models like Anthropic Claude, AI21 Labs Jurassic, and Amazon Titan. Bedrock allows users to customize models and outputs based on their specific needs.

Key Features of Amazon Bedrock:

Model Customization: Bedrock supports the fine-tuning of foundation models (FMs) using your own data to create customized applications. It also allows ongoing updates with minimal code changes.
Bedrock Agents: These help automate tasks by integrating your AI models with your enterprise systems, providing accurate and contextual responses to user queries.
Guardrails for Safety: Guardrails are in place to ensure responsible AI use, filtering out inappropriate content and enhancing the reliability of AI outputs, particularly for applications involving retrieval-augmented generation (RAG).
Knowledge Bases: Amazon Bedrock also supports comprehensive RAG workflows, making it easier to pull relevant information from various sources, like Amazon Aurora and Salesforce, to improve the model’s responses.
Conversational APIs: You can develop chatbots and other conversational applications using the Bedrock Converse API, maintaining ongoing dialogue while adjusting the conversation’s tone or personality.
Tool Integration: Amazon Bedrock’s function-calling feature allows the AI to interact with external tools to provide real-time data or insights, making it suitable for dynamic applications like radio stations or e-commerce platforms.
Bedrock Studio: A collaborative environment where developers can experiment with models and AI applications in a streamlined workflow, offering a visual interface for rapid prototyping.
Prompt Management: Bedrock also enables prompt management, allowing you to store and reuse prompts across different workflows for increased efficiency.
Prompt Flows: This feature offers a visual builder to help users create complex AI workflows, combining models, prompts, and other AWS services
.

Conclusion
Whether you need ready-to-use AI applications or the flexibility to build custom solutions, AWS offers a wide range of generative AI tools through Amazon Q and Amazon Bedrock. These services enable organizations to automate workflows, personalize content, enhance data, and improve operational efficiency, all while keeping security, privacy, and scalability in mind.
Reference Article : https://docs.aws.amazon.com/decision-guides/latest/generative-ai-on-aws-how-to-choose/guide.html

Best Practices for Amazon SageMaker Studio: A Guide for ML Platform Admins

Subhash Bohra — Wed, 16 Oct 2024 09:04:31 +0000

Amazon SageMaker Studio provides a unified, web-based interface that streamlines every step of machine learning (ML) development, boosting productivity for data science teams. With SageMaker Studio, you gain full control, visibility, and access to each phase of building, training, and evaluating ML models.

In this post, we'll cover best practices for managing key areas such as operating models, identity and permissions management, network configuration, logging, monitoring, and customization. These practices are tailored for enterprise-scale SageMaker Studio deployments, including multi-tenant environments. Whether you're an ML platform administrator, engineer, or architect, this guide will help you optimize your setup.

Are You Well-Architected?

The AWS Well-Architected Framework is designed to help you evaluate the strengths and weaknesses of your cloud architecture. Through its six pillars, you can learn best practices for building reliable, secure, efficient, cost-effective, and sustainable systems.

Using the AWS Well-Architected Tool (available for free in the AWS Management Console), you can assess your workloads by answering specific questions aligned with each pillar.

The Machine Learning Lens of the Well-Architected Framework provides additional guidance for designing and deploying ML workloads on AWS. It builds upon the core principles of the framework and focuses on ML-specific challenges.

SageMaker Studio Administration: Key Considerations

When managing SageMaker Studio as your ML platform, it's crucial to adopt best practices that enable scalability and efficiency as your workloads expand. Below are some key factors to keep in mind:

1. Operating Model Selection
Choose an operating model that aligns with your business goals and properly structures your ML environments to support those objectives.

2. Domain Authentication
Set up domain authentication for SageMaker Studio users, taking into account domain-level restrictions and limitations that may affect your deployment.

3. Identity and Access Management
Implement fine-grained access controls and auditing by federating user identity and authorization across the ML platform. This ensures secure access and tracking of user activities.

4. Permissions and Guardrails
Define permissions and security guardrails tailored to the roles of different ML users (e.g., data scientists, engineers, admins).

5. Network Topology
Design your VPC network with careful consideration of your ML workload's sensitivity, the number of users, instance types, and the apps or jobs they will run.

6. Data Protection
Ensure data encryption both at rest and in transit to safeguard your sensitive ML workloads.

7. Logging and Monitoring
Set up comprehensive logging and monitoring for APIs and user activities to meet compliance and operational requirements.

8. Customizing the Notebook Environment
Enhance the SageMaker Studio experience by customizing notebooks with your own container images and lifecycle configuration scripts, tailored to your team’s needs.

Learn Python with AWS - Day 2

Subhash Bohra — Mon, 12 Aug 2024 08:19:44 +0000

Virtual Environments

Today we will learn about virtual environments. A virtual environment in python is a container in which all your code and other python packages reside. It allows you to keep your python configuration separate from other versions on your system. It is a good idea to always use a virtual environment when developing python code.

To create a virtual environment we will use the command:

python -m venv my_venv

Once the virtual environment has been created, you need to activate it. Once activated, your code runs inside the environment, including any packages you install. To activate the environment use one of the following commands:

Linus/mac OS:

source my_venv/bin/activate

Windows (Git-Bash):

source my_venv/Scripts/activate

To know you are inside the virtual environment your command prompt will have the prefix (my_venv). Now any packages you use will be stored in a folder structure inside your virtual environment.

To exit from the virtual environment, you type deactivate and the command prompt will no longer be prefixed by (my_venv).

Learn Python with AWS - Day 1

Subhash Bohra — Thu, 08 Aug 2024 07:31:29 +0000

In my last post I have mentioned one AWS workshop related to Python i.e. Learn Python on AWS Workshop.

Thought to create a series of post showcasing all the hands on labs and a python tutorial for beginners.

Step 1 - Login to your AWS Console and make sure you have Cloud9 IDE

Follow the steps mentioned in the cloud9 section as is while you setup the environment

Once you open the Cloud9 IDE first thing first check the Python Version by typing python in the IDE, you will see this

ec2-user:~/environment $ python
Python 3.8.16 (default, May 21 2024, 18:54:47) 
[GCC 7.3.1 20180712 (Red Hat 7.3.1-17)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>>

Pro Tip: If you select other that Amazon Linux 2 in Platform dropdown and create your environment then you might not get python environment.

Interactive Mode

This is the interactive python environment. You can enter python commands directly into this and they will run as python. This is a great tool for quickly testing python commands.

Try that now using an example. Type or copy the following into the python interactive environment after the >>>

some_string = "Hello Python"
print(some_string)

This should return the following:

some_string = "Hello Python"
print(some_string)
Hello Python

Congratulations!

You have just created your first python variable called some_string and given it a value "Hello Python".

You then printed the value of the variable using the built in print function.

Exit Interactive Mode

To exit the python environment use crtl + d or by typing exit().

Rest we will learn on Day 2 and in next post.

How to get AWS hands on Cloud Experience

Subhash Bohra — Wed, 07 Aug 2024 05:25:31 +0000

We all are running after get Cloud Certification specially AWS Cloud Certification, because we think by getting certification and putting it on our resume will get us good high paying job (which is correct in a way) however, we forget that with certification we need hands on experience with cloud and I will suggest you from where to start your journey.

AWS Workshops has more than 400 workshops, if you do all of them then you will be a cloud ninja !!

Below are the five workshops I believe are your stepping stones to understand Cloud and get decent hands on experience about cloud

Highly available web app on AWS workshop - In this workshop, you will explore how to configure Amazon VPC, Amazon RDS, Amazon EC2 and Amazon EFS to build a highly available, auto-scaling multi-tier web application.
AWS Application Migration Workshop - In this workshop you will focus on Migrate & Modernize phase, you will learn how to migrate a fictional application to AWS cloud.
Learn Python on AWS Workshop - This workshop will teach you the basics of the python programming language using Amazon Web Services (AWS). It is aimed at beginners who have never programmed in python and it uses similar methods of explaining the basics as other books and tutorials on the python programming language. It differs in that all the examples aim to get you started building on AWS rather than learning how to build a game, website, manipulate or visualize data.
AWS Cloudformation Workshop - Learn Infra-as-code (IaC) to automate AWS resource provisioning.
Iterative App Modernization Workshop - In this workshop, learn how to use AWS modernization pathways to quickly convert monolithic workload to a loosely coupled distributed microservices architecture. Experience how this modern architecture enables rapid development and the use of different development stacks based on workload requirements.

These workshops are suggested by Prasad Rao in a LinkedIn Post and I have done these workshops.

Lastly, Take Cloud Resume Challenge from Forrest Brazeal and build your own cloud Resume.

Here is My Cloud Resume.

Happy Learning !!!

AWS Solution Architect Associate Exam

Subhash Bohra — Tue, 06 Aug 2024 10:39:19 +0000

I have cleared the AWS Solutions Architect Associate Exam by doing hands on labs as well as learning from below resources.

I Created different Timetables and failed those time tables due to many reasons, but the point is I keep on making timetables and never gave up. I started my preparation from 31st January 2024 and cleared exam on 08th April 2024. Got distracted many a times, gave up on preparation but pick that up again.

I would say I am not strictly disciplined but I am hard working, I am that guy who even get up after all the beatings in a fight and ready for next round.
I followed time table and kept the log of it by maintaining a excel sheet along with a fulltime job and cleared the exam. I followed Prasad Rao and joined BeSA program