aws-samples
diff --git a/‎README.md‎
Lines changed: 149 additions & 6 deletions b/‎README.md‎
Lines changed: 149 additions & 6 deletions
diff --git a/‎app.py‎
Lines changed: 12 additions & 0 deletions b/‎app.py‎
Lines changed: 12 additions & 0 deletions
diff --git a/‎aws_bedrock_langchain_python_cdk/aws_bedrock_langchain_python_cdk_stack.py‎
Lines changed: 99 additions & 0 deletions b/‎aws_bedrock_langchain_python_cdk/aws_bedrock_langchain_python_cdk_stack.py‎
Lines changed: 99 additions & 0 deletions
diff --git a/‎aws_bedrock_langchain_python_cdk/lambda/code/boto3_example/helper.py‎
Lines changed: 107 additions & 0 deletions b/‎aws_bedrock_langchain_python_cdk/lambda/code/boto3_example/helper.py‎
Lines changed: 107 additions & 0 deletions
@@ -1,17 +1,160 @@
-## My Project
+# AWS Bedrock Langchain Python CDK Stack
 
-TODO: Fill this README out!
+## Overview
+Optimize AWS Lambda functions with Boto3 by adding the latest packages and creating Lambda layers using `aws-cdk.aws-lambda-python-alpha`. Avoid common errors, like the numpy module issue, by following the guide. Use provided code and insights to enhance performance across various development environments.
 
-Be sure to:
 
-* Change the title in this README
-* Edit your repository description on GitHub
+This AWS Cloud Development Kit (CDK) stack, named `AwsBedrockLangchainPythonCdkStack`, is designed to deploy AWS Lambda functions along with the necessary AWS Identity and Access Management (IAM) roles and policies. The stack includes the following components:
 
+1. **IAM Roles and Policies:**
+   - A Lambda execution role (`LambdaRole`) is created with permissions to access S3 buckets and the Bedrock service. It is associated with the `AWSLambdaBasicExecutionRole` managed policy and a custom policy (`bedrock_policy`) allowing specific Bedrock actions.
+
+2. **Lambda Layers:**
+   - Two Lambda layers, `boto3_lambda_layer` and `langchain_lambda_layer`, are defined with specific configurations for architecture and runtime. These layers contain Python dependencies for the Lambda functions.
+
+3. **Lambda Functions:**
+   - The stack deploys two Lambda functions, `boto3_bedrock_example_lambda` and `langchain_bedrock_example_lambda`, each with its own code, runtime settings, and associated layers.
+
+4. **CDK NAG Suppressions:**
+   - CDK NAG (Not a Good Idea) suppressions are applied to address specific warnings related to IAM policies. These suppressions ensure that the Lambda execution policy and associated resources comply with the intended access patterns.
+
+---
+
+### Installing the Latest Boto3 Package
+
+To ensure you have the latest version of the Boto3 package, follow these steps:
+
+1. **Create a Lambda Layer:**
+
+   Use the `aws-cdk.aws-lambda-python-alpha` package to define a Lambda layer containing the latest Boto3 package.
+
+   ```python
+   boto3_lambda_layer = _alambda.PythonLayerVersion(self, 
+              'boto3-lambda-layer',
+              entry = './aws_bedrock_langchain_python_cdk/lambda/layer/boto3_latest/',
+              compatible_architectures=[_lambda.Architecture.ARM_64],
+              compatible_runtimes=[_lambda.Runtime.PYTHON_3_11],
+   )
+   ```
+
+2. **Attach the Layer to Your Lambda Function:**
+
+   Once the layer is created, attach it to your Lambda function to ensure access to the latest Boto3 package and its bedrock API calls.
+
+   ```python
+   boto3_bedrock_example_lambda = _lambda.Function(
+              self,
+              "boto3_bedrock_example_lambda",
+              handler="index.lambda_handler",
+              code=_lambda.Code.from_asset("./aws_bedrock_langchain_python_cdk/lambda/code/boto3_example/"),
+              runtime=_lambda.Runtime.PYTHON_3_11,
+              architecture=_lambda.Architecture.ARM_64,
+              role=lambda_role,
+              layers=[
+                    boto3_lambda_layer
+                  ],
+              timeout=Duration.seconds(300),
+              memory_size=1024,
+   )
+   ```
+
+### Langchain Package Integration
+
+Similarly, optimize your Lambda functions by installing the Langchain package. Follow the same process of creating a Lambda layer as with Boto3, replacing "boto3" in the `requirements.txt` file with "langchain," and then attach it to your function to leverage Langchain's capabilities.
+
+1. **Create a Lambda Layer:**
+
+   ```python
+   langchain_lambda_layer = _alambda.PythonLayerVersion(self, 
+              'langchain-lambda-layer',
+              entry = './aws_bedrock_langchain_python_cdk/lambda/layer/langchain_latest/',
+              compatible_architectures=[_lambda.Architecture.ARM_64],
+              compatible_runtimes=[_lambda.Runtime.PYTHON_3_11],
+   )
+   ```
+
+2. **Attach the Layer to Your Lambda Function:**
+
+   ```python
+   langchain_bedrock_example_lambda = _lambda.Function(
+              self,
+              "langchain-bedrock-example-lambda",
+              handler="index.lambda_handler",
+              code=_lambda.Code.from_asset("./aws_bedrock_langchain_python_cdk/lambda/code/langchain_example/"),
+              runtime=_lambda.Runtime.PYTHON_3_11,
+              architecture=_lambda.Architecture.ARM_64,
+              role=lambda_role,
+              layers=[
+                      boto3_lambda_layer,
+                      langchain_lambda_layer
+                  ],
+              timeout=Duration.seconds(300),
+              memory_size=1024,
+      )
+   ```
+
+### Avoiding Common Pitfalls
+
+When creating Lambda layers, be mindful of specifying the compatible architecture, either ARM_64 or X86_64. Failure to define this may result in container image errors, such as the numpy module error. This error can manifest as:
+
+```json
+{
+  "errorMessage": "Unable to import module 'index': Error importing numpy: you should not try to import numpy from its source directory; please exit the numpy source tree, and relaunch your python interpreter from there.",
+  "errorType": "Runtime.ImportModuleError",
+  "requestId": "977004a7-f205-481a-8b53-7a4b5bf48d2b",
+  "stackTrace": []
+}
+```
+
+To prevent this issue, **explicitly mention** the compatible architectures during the layer creation process.
+
+
+## Useful commands
+
+To manually create a virtualenv on MacOS and Linux:
+
+```
+$ python3 -m venv .venv
+```
+
+After the init process completes and the virtualenv is created, you can use the following
+step to activate your virtualenv.
+
+```
+$ source .venv/bin/activate
+```
+
+If you are a Windows platform, you would activate the virtualenv like this:
+
+```
+% .venv\Scripts\activate.bat
+```
+
+Once the virtualenv is activated, you can install the required dependencies.
+
+```
+$ pip install -r requirements.txt
+```
+
+At this point you can now synthesize the CloudFormation template for this code.
+
+```
+$ cdk synth
+```
+
+To add additional dependencies, for example other CDK libraries, just add
+them to your `setup.py` file and rerun the `pip install -r requirements.txt`
+command.
+
+ * `cdk ls`          list all stacks in the app
+ * `cdk synth`       emits the synthesized CloudFormation template
+ * `cdk deploy`      deploy this stack to your default AWS account/region
+ * `cdk diff`        compare deployed stack with current state
+ * `cdk docs`        open CDK documentation
 ## Security
 
 See [CONTRIBUTING](CONTRIBUTING.md#security-issue-notifications) for more information.
 
 ## License
 
 This library is licensed under the MIT-0 License. See the LICENSE file.
-
 
@@ -0,0 +1,12 @@
+#!/usr/bin/env python3
+import cdk_nag
+from aws_cdk import Aspects
+import aws_cdk as cdk
+from aws_bedrock_langchain_python_cdk.aws_bedrock_langchain_python_cdk_stack import AwsBedrockLangchainPythonCdkStack
+
+app = cdk.App()
+aws_bedrock_langchain_stack = AwsBedrockLangchainPythonCdkStack(app, "AwsBedrockLangchainPythonCdkStack",)
+
+Aspects.of(app).add(cdk_nag.AwsSolutionsChecks(reports=True, verbose=True))
+
+app.synth()
@@ -0,0 +1,99 @@
+from aws_cdk import (
+    Stack,
+    Duration,
+    aws_iam as iam,
+    aws_lambda as _lambda,
+    aws_lambda_python_alpha as _alambda,
+    aws_iam as iam,
+    Stack,
+    Duration
+)
+from constructs import Construct
+from cdk_nag import NagSuppressions
+
+class AwsBedrockLangchainPythonCdkStack(Stack):
+
+    def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None:
+        super().__init__(scope, construct_id, **kwargs)
+
+        bedrock_policy = iam.PolicyStatement(
+            effect= iam.Effect.ALLOW,
+            actions= [
+                "bedrock:*",   
+            ],
+            resources= ["*"]
+        )
+
+        lambda_role = iam.Role(
+            self,
+            "LambdaRole",
+            assumed_by=iam.ServicePrincipal('lambda.amazonaws.com'),
+            description="Role to access s3 buckets and Bedrock service by lambda",
+            managed_policies=[iam.ManagedPolicy.from_aws_managed_policy_name(
+                                    'service-role/AWSLambdaBasicExecutionRole'),
+                                ]
+        )
+        lambda_role.add_to_principal_policy(bedrock_policy)
+
+        boto3_lambda_layer = _alambda.PythonLayerVersion(self, 
+                                                    'boto3-lambda-layer',
+                                                    entry = './aws_bedrock_langchain_python_cdk/lambda/layer/boto3_latest/',
+                                                    compatible_architectures=[_lambda.Architecture.ARM_64],
+                                                    compatible_runtimes=[_lambda.Runtime.PYTHON_3_11],
+        )
+
+        langchain_lambda_layer = _alambda.PythonLayerVersion(self, 
+                                                    'langchain-lambda-layer',
+                                                    entry = './aws_bedrock_langchain_python_cdk/lambda/layer/langchain_latest/',
+                                                    compatible_architectures=[_lambda.Architecture.ARM_64],
+                                                    compatible_runtimes=[_lambda.Runtime.PYTHON_3_11 ],
+        )
+
+        boto3_bedrock_example_lambda = _lambda.Function(
+            self,
+            "boto3_bedrock_example_lambda",
+            handler="index.lambda_handler",
+            code=_lambda.Code.from_asset("./aws_bedrock_langchain_python_cdk/lambda/code/boto3_example/"),
+            runtime=_lambda.Runtime.PYTHON_3_11,
+            architecture=_lambda.Architecture.ARM_64,
+            role=lambda_role,
+            layers=[
+                boto3_lambda_layer
+            ],
+            timeout=Duration.seconds(300),
+            memory_size=1024,
+        )
+
+        langchain_bedrock_example_lambda = _lambda.Function(
+            self,
+            "langchain-bedrock-example-lambda",
+            handler="index.lambda_handler",
+            code=_lambda.Code.from_asset("./aws_bedrock_langchain_python_cdk/lambda/code/langchain_example/"),
+            runtime=_lambda.Runtime.PYTHON_3_11,
+            architecture=_lambda.Architecture.ARM_64,
+            role=lambda_role,
+            layers=[
+                boto3_lambda_layer,
+                langchain_lambda_layer
+            ],
+            timeout=Duration.seconds(300),
+            memory_size=1024,
+        )
+
+        # CDK NAG suppression
+        NagSuppressions.add_stack_suppressions(self, [
+                                            {
+                                                "id": 'AwsSolutions-IAM4',
+                                                "reason": 'Lambda execution policy for custom resources created by higher level CDK constructs',
+                                                "appliesTo": [
+                                                        'Policy::arn:<AWS::Partition>:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole',
+                                                    ],
+                                            }])
+        
+        NagSuppressions.add_resource_suppressions(lambda_role,
+                            suppressions=[{
+                                            "id": "AwsSolutions-IAM5",
+                                            "reason": "Lambda needs * access to all objects inside S3 bucket. And Bedrock all actions are allowed",
+                                            }
+                                        ],
+                            apply_to_children=True)
@@ -0,0 +1,107 @@
+import json
+import boto3
+
+'''
+Parameters: 
+    model_name - From list below or "list_foundation_models"
+    prompt - Input to the model, string accepted, no default
+    max_tokens - Configures the maximum number of tokens in the generated response
+    temperature - 0-1, highest probability (least creative) to lowest probability (most creative)
+    top_p - defines a cut off based on the sum of probabilities of the potential choices.
+    top_k - Top K defines the cut off where the model no longer selects the words
+
+Models currently supported:
+    amazon.titan-tg1-large
+    ai21.j2-grande-instruct
+    ai21.j2-jumbo-instruct
+    anthropic.claude-instant-v1
+    anthropic.claude-v1
+    anthropic.claude-v1-100k
+    anthropic.claude-v2
+    anthropic.claude-v2-100k
+
+Notes:
+    I needed to add a bedrock VPC endpoint to avoid timeouts.
+    Some endpoints take 10-15 seconds to respond, set lambda timeout accordingly.
+    Expects an environment variable called "secret_name".  This is a Secrets Manager
+        secret that contains AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, and AWS_DEFAULT_REGION
+        If your setup calls bedrock locally, make sure your Lambda permissions include bedrock access
+        and remove the cross-account settings in the bedrock client calls.
+    Youll need a layer for requests and one for the private version of boto3 that includes bedrock.
+        https://towardsdatascience.com/building-custom-layers-on-aws-lambda-35d17bd9abbb
+
+Working On:
+    Better error handling, logging, and status responses
+    Cohere (when its available)
+'''
+
+bedrock_client = boto3.client('bedrock')
+bedrock_runtime_client = boto3.client('bedrock-runtime')
+
+def call_list_models():
+
+    model_list = bedrock_client.list_foundation_models()
+    response = []
+    for model in model_list['modelSummaries']:
+        print(model['modelId'])
+        response.append(model['modelId'])
+    
+    return response
+
+
+def call_bedrock_titan(prompt_text, model_name="amazon.titan-text-lite-v1", max_token_count=512, temperature=1, top_p=1, stop_sequences=[]):
+
+    body = json.dumps({
+        "inputText": prompt_text
+        })
+
+    response = bedrock_runtime_client.invoke_model(
+        body=body, 
+        modelId=model_name, 
+        accept="application/json", 
+        contentType="application/json"
+    )
+        
+    response_body = json.loads(response.get("body").read())
+    return response_body.get("results")[0].get("outputText")
+
+
+def call_bedrock_anthropic(prompt_text, model_name = "anthropic.claude-instant-v1", max_tokens=300, temperature=0.5, top_k=250, top_p=1):
+    
+    body = json.dumps({
+        "prompt": f"Human: {prompt_text} \n Assistant:",
+        "max_tokens_to_sample": int(max_tokens),
+        "temperature": float(temperature),
+        "top_k": int(top_k),
+        "top_p": float(top_p)
+        })
+        
+    response = bedrock_runtime_client.invoke_model(
+        body=body, 
+        modelId=model_name, 
+        accept="application/json", 
+        contentType="application/json"
+    )
+            
+    response_body = json.loads(response.get("body").read())    
+    
+    return response_body.get("completion")
+
+
+def call_bedrock_jurassic(prompt_text, model_name="ai21.j2-ultra-v1", max_tokens=200, temperature=0.5, top_p=0.5):
+
+    body = json.dumps({
+        "prompt": prompt_text, 
+        "maxTokens": int(max_tokens)
+    })
+
+    response = bedrock_runtime_client.invoke_model(
+        body=body, 
+        modelId=model_name, 
+        accept="application/json", 
+        contentType="application/json"
+    )
+    
+    response_body = json.loads(response.get("body").read())
+
+    return response_body.get("completions")[0].get("data").get("text")