This repo contains some proof of concepts for creating Amazon Web Services (AWS) infrastructure using generative AI.
pip install -r requirements.txt
PoC 1 requires both of these keys, whereas PoC 2 only requires the OpenAI API key.
Before running the program, create a .env
file containing the following key/values,
# OpenAI
OPEN_AI_KEY=<your OpenAI API key>
TEMPERATURE="0.2"
# AWS
SKIP_AWS=True
AWS_ACCESS_KEY_ID=<your access key>
AWS_SECRET_ACCESS_KEY=<your secret access key>
AWS_REGION_NAME=<your preferred region>
The low TEMPERATURE
setting makes the responses from GPT more focused and deterministic.
Set SKIP_AWS
to False
if you want the PoC 1 program to actually create EC2 instances for you. Leave it as True
if you just want to test the program (see what kind of EC2 it would have launched).
This PoC creates AWS infrastructure using natural language interpreted using the OpenAI GPT language model. Rather than Infrastructure as Code (IaC), I refer to this as Infrastructure as Natural Language (IaNL).
Current scope is limited to,
- Amazon Elastic Compute Cloud (EC2) only
- A limited range of T3 instance types.
It uses the function calling capability in the Chat Completions API. For a great description of how this capability works, I recommend this video.
In this case, the GPT engine is told about a subset of the parameters that are available to the boto3 run_instances method.
For demonstration purposes, the program has a hardcoded GPT prompt, as follows,
Please create a new EC2 instance for me. I want to use it as a Minecraft Bedrock server for up to 25 concurrent players. Please balance performance and cost. I'd also like it to have a 1/4 TB of storage. After its created, I want to be able to easily get rid of this instance using the AWS console.
This automatically creates an EC2 instance with the following configuration,
Setting | Value | Comment |
---|---|---|
InstanceType | t3.medium | This instance type has 2 vCPUs and 4 GB of RAM. Advice online is that 4 GB is the minimum for 25 users on a Bedrock server - so this instance type seems like a good choice. |
VolumeSize | 250 | Good, because we asked for 1/4 TB of storage. |
DisableApiTermination | False | Good, because we said we wanted it to be easy to get rid of. |
If the prompt is changed to say that there will only be 5 players, then it usually chooses a t3.micro instance type (which has less capacity).
Then to run the program do,
python nl_to_aws.py
This PoC is currently configured to use the gpt-3.5-turbo model, which (at time of writing) has a cost of about $0.002 per 1,000 tokens. In testing, typical conversations use about 250 tokens, which is a negligible cost. Note, new OpenAI accounts usually come with some token credits.
If you set SKIP_AWS=False
in the .env
file it also starts AWS EC2 instances. These will incur ongoing costs. You should ensure that you use the AWS console to terminate any un-needed instances.
This PoC use the gpt-4-vision-preview model. It is given this prompt,
Here is a high level architecture diagram for a system. The system will be deployed to Amazon Web Services (AWS). You must generate an AWS CloudFormation template for the system. I will then use your CloudFormation code to generate the infrastructure. Ensure that your CloudFormation template is valid. If in doubt about correct configurations to use for AWS services, please follow AWS Well Architected guidelines.
It is also given this image in the prompt,
Then to run the program do,
python hla_to_iac.py
And here is the response from GPT,
Creating an AWS CloudFormation template from a high-level architecture diagram involves detailing AWS resource declarations in YAML or JSON format. The diagram you have provided includes a VPC, a Lambda Function, an API Gateway, and a DynamoDB table.
Please remember that an actual CloudFormation template would need much more detailed configuration parameters, resource properties, and possible additional resources such as IAM roles for permissions, depending on the specific use case. Since I don't have the option to code directly, I'll provide you with a pseudo CloudFormation YAML template to illustrate what components you would start with.
Below is a simplified template example in YAML that corresponds to the architecture diagram you've provided:
AWSTemplateFormatVersion: '2010-09-09'
Resources:
MyVPC:
Type: AWS::EC2::VPC
Properties:
# Specify VPC configuration such as CIDR Block, enableDnsSupport, etc.
MyLambdaFunction:
Type: AWS::Lambda::Function
Properties:
Handler: index.handler
Role: !GetAtt LambdaExecutionRole.Arn
Code:
# Define the source code location
Runtime: nodejs12.x
VpcConfig:
SecurityGroupIds: [!Ref LambdaSecurityGroup]
SubnetIds: [!Ref SubnetA, !Ref SubnetB]
# Configure the Subnet and security groups as needed
LambdaExecutionRole:
Type: AWS::IAM::Role
Properties:
# Define the IAM Role and its policies that allows Lambda to manage resources
LambdaSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
# Define security group rules and VPC association
MyDynamoDBTable:
Type: AWS::DynamoDB::Table
Properties:
AttributeDefinitions:
- AttributeName: "id"
AttributeType: "S"
KeySchema:
- AttributeName: "id"
KeyType: "HASH"
BillingMode: PAY_PER_REQUEST
TableName: "Customers"
MyApiGateway:
Type: AWS::ApiGateway::RestApi
Properties:
Name: "CustomerDetailsAPI"
# Additional API Gateway configuration
MyLambdaApiGatewayIntegration:
Type: AWS::ApiGateway::Method
Properties:
RestApiId: !Ref MyApiGateway
ResourceId: !GetAtt MyApiGateway.RootResourceId
HttpMethod: ANY
Integration:
Type: AWS_PROXY
IntegrationHttpMethod: POST
Uri: !Sub
- "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${MyLambdaFunction.Arn}/invocations"
- {}
IntegrationResponses:
- StatusCode: 200
Outputs:
ApiGatewayUrl:
Description: "URL of the API Gateway"
Value: !Sub
- "https://${MyApiGateway}.execute-api.${AWS::Region}.amazonaws.com/Prod/"
- {}
This is a basic template and doesn't represent a fully-fledged AWS infrastructure deployment. Here's a checklist you'll need to consider for a complete setup:
- Define the VPC CIDR block and other VPC properties.
- Define Lambda Function details such as execution role, source code (S3 bucket or inline), environment variables, etc.
- Specify the IAM role and policy for Lambda execution.
- Specify Lambda security group details, and any specific rules needed.
- Define DynamoDB table properties such as attribute definitions, key schema, indexes, and any required throughputs or billing mode.
- Define the API Gateway resources, methods, stages, and integration with Lambda.
- Insert Lambda permission to allow the API Gateway to invoke the Lambda function.
- Optionally define outputs for endpoints, ARNs, etc.
- Consider any necessary security measures such as encryption, logging, and monitoring.
Keep in mind, creating a stacked architecture in an actual AWS account will require a lot of security and design considerations, which are beyond the scope of this simplified example.