Aaron VanSledright

Category: Amazon Web Services

  • Building out a reusable Terraform framework for Flask Applications

    I find myself utilizing the same architecture for deploying demo applications on the great Python library Flask. I’ve been using the same Terraform files over and over again to build out the infrastructure.

    Last weekend I decided it was time to build a reusable framework for deploying these applications. So, I began building out the repository. The purpose of this repository is to give myself a jumping off point to quickly deploy applications for demonstrations or live environments.

    Let’s take a look at the features:

    • Customizable Environments within Terraform for managing the infrastructure across your development and production environments
    • Modules for:
      • Application Load Balancer
      • Elastic Container registry
      • Elastic Container Service
      • VPC & Networking components
    • Dockerfile and Docker Compose file for launching and building the application
    • Demo code for the Flask application
    • Automated build and deploy for the container upon code changes

    This module is built for any developer who wants to get started quickly and deploy applications fast. Using this framework will allow you to speed up your development time by being able to focus solely on the application rather than the infrastructure.

    Upcoming features:

    • CI/CD features using either GitHub Actions or Amazon Web Services like CodePipeline and Codebuild
    • Custom Domain Name support for your application

    If there are other features you would like to see me add shoot me a message anytime!

    Check out the repository here:
    https://github.com/avansledright/terraform-flask-module

  • Create an Image Labeling Application using Artificial Intelligence

    I have a PowerPoint party to go to soon. Yes you read that right. At this party everyone is required to present a short presentation about any topic they want. Last year I made a really cute presentation about a day in the life of my dog.

    This year I have decided that I want to bore everyone to death and talk about technology, Python, Terraform and Artificial Intelligence. Specifically, I built an application that allows a user to upload an image and have it return to them a renamed file that is labeled based on the object or scene in the image.

    The architecture is fairly simple. We have a user connecting to a load balancer which routes traffic to our containers. The containers connect Bedrock and S3 for image.

    If you want to try it out the site is hosted at https://image-labeler.vansledright.com It will be up for some time, I haven’t decided how long I will host it for but at least through this weekend!

    Here is the code that interacts with Bedrock and S3 to process the image:

    def process_image():
    if not request.is_json:
        return jsonify({'error': 'Content-Type must be application/json'}), 400

    data = request.json
    file_key = data.get('fileKey')

    if not file_key:
        return jsonify({'error': 'fileKey is required'}), 400

    try:
        # Get the image from S3
        response = s3.get_object(Bucket=app.config['S3_BUCKET_NAME'], Key=file_key)
        image_data = response['Body'].read()

        # Check if image is larger than 5MB
        if len(image_data) > 5 * 1024 * 1024:
            logger.info("File size to large. Compressing image")
            image_data = compress_image(image_data)

        # Convert image to base64
        base64_image = base64.b64encode(image_data).decode('utf-8')

        
        
        # Prepare prompt for Claude
        prompt = """Please analyze the image and identify the main object or subject. 
        Respond with just the object name in lowercase, hyphenated format. For example: 'coca-cola-can' or 'golden-retriever'."""
        
        # Call Bedrock with Claude
        response = bedrock.invoke_model(
            modelId='anthropic.claude-3-sonnet-20240229-v1:0',
            body=json.dumps({
                "anthropic_version": "bedrock-2023-05-31",
                "max_tokens": 100,
                "messages": [
                    {
                        "role": "user",
                        "content": [
                            {
                                "type": "text",
                                "text": prompt
                            },
                            {
                                "type": "image",
                                "source": {
                                    "type": "base64",
                                    "media_type": response['ContentType'],
                                    "data": base64_image
                                }
                            }
                        ]
                    }
                ]
            })
        )
        
        response_body = json.loads(response['body'].read())
        object_name = response_body['content'][0]['text'].strip()
        logging.info(f"Object found is: {object_name}")
        
        if not object_name:
            return jsonify({'error': 'Could not identify object in image'}), 422

        # Get file extension and create new filename
        _, ext = os.path.splitext(unquote(file_key))
        new_file_name = f"{object_name}{ext}"
        new_file_key = f'processed/{new_file_name}'
        
        # Copy object to new location
        s3.copy_object(
            Bucket=app.config['S3_BUCKET_NAME'],
            CopySource={'Bucket': app.config['S3_BUCKET_NAME'], 'Key': file_key},
            Key=new_file_key
        )
        
        # Generate download URL
        download_url = s3.generate_presigned_url(
            'get_object',
            Params={
                'Bucket': app.config['S3_BUCKET_NAME'],
                'Key': new_file_key
            },
            ExpiresIn=3600
        )
        
        return jsonify({
            'downloadUrl': download_url,
            'newFileName': new_file_name
        })
        
    except json.JSONDecodeError as e:
        logger.error(f"Error decoding Bedrock response: {str(e)}")
        return jsonify({'error': 'Invalid response from AI service'}), 500
    except Exception as e:
        logger.error(f"Error processing image: {str(e)}")
        return jsonify({'error': 'Error processing image'}), 500

    If you think this project is interesting, feel free to share it with your friends or message me if you want all of the code!

  • Converting DrawIO Diagrams to Terraform

    I’m going to start this post of by saying that I need testers. People to test this process from an interface perspective as well as a data perspective. I’m limited on the amount of test data that I have to put through the process.

    With that said, I spent my Thanksgiving Holiday writing code, building this project and putting in way more time that I thought I would but boy is it cool.

    If you’re like me and working in a Cloud Engineering capacity then you probably have built a DrawIO diagram at some point in your life to describe or define your AWS architecture. Then you have spent countless hours using that diagram to write your Terraform. I’ve built something that will save you those hours and get you started on your cloud journey.

    Enter https://drawiototerraform.com. My new tool that allows you to convert your DrawIO AWS Architecture diagrams to Terraform just by uploading them. The process uses a combination of Python and LLM’s to identify the components in your diagram and their relationships, write the base Terraform, analyze the initial Terraform for syntax errors and ultimately test the Terraform by generating a Terraform plan.

    All this is then delivered to you as a ZIP file for you to review, modify and ultimately deploy to your environment. By no means is it perfect yet and that is why I am looking for people to test the platform.

    If you, or someone you know, is interested in helping me test have them reach out to me on through the website’s support page and I will get them some free credits so that they can test out the platform with their own diagrams.

    If you are interested in learning more about the project in any capacity do not hesitate to reach out to me at anytime.

    Website: https://drawiototerraform.com

  • API For Pre-signed URLs

    Pre-signed URL’s are used for downloading objects from AWS S3 buckets. I’ve used them many times in the past for various reasons but this idea was a new one. A proof of concept for an API that would create the pre-signed URL and return it to the user.

    This solution utilizes an API Gateway and an AWS Lambda function. The API Gateway takes two parameters “key” and “expiration”. Ultimately, you could add another parameter for “bucket” if you wanted the gateway to be able to get objects from multiple buckets.

    I used Terraform to create the infrastructure and Python to program the Lambda.

    Take a look at the Lambda code below:

    import boto3
import json
import os
from botocore.exceptions import ClientError

def lambda_handler(event, context):
    # Get the query parameters
    query_params = event.get('queryStringParameters', {})
    if not query_params or 'key' not in query_params:
        return {
            'statusCode': 400,
            'body': json.dumps({'error': 'Missing required parameter: key'})
        }
    
    object_key = query_params['key']
    expiration = int(query_params.get('expiration', 3600))  # Default 1 hour
    
    # Initialize S3 client
    s3_client = boto3.client('s3')
    bucket_name = os.environ['BUCKET_NAME']
    
    try:
        # Generate presigned URL
        url = s3_client.generate_presigned_url(
            'get_object',
            Params={
                'Bucket': bucket_name,
                'Key': object_key
            },
            ExpiresIn=expiration
        )
        
        return {
            'statusCode': 200,
            'headers': {
                'Access-Control-Allow-Origin': '*',
                'Content-Type': 'application/json'
            },
            'body': json.dumps({
                'url': url,
                'expires_in': expiration
            })
        }
        
    except ClientError as e:
        return {
            'statusCode': 500,
            'body': json.dumps({'error': str(e)})
        }

    The Terraform will also output a Postman collection JSON file so that you can immediately import it for testing. If this code and pattern is useful for you check it out on my GitHub below.

    Github

  • The Discord Bot Framework

    I’m happy to announce the release of my Discord Bot Framework. A tool that I’ve spent a considerable amount of time working on to help people build and deploy Discord Bots quickly within AWS.

    Let me first start off by saying I’ve never released a product. I’ve run a service business and I’m a consultant but I’ve never been a product developer. This release marks my first codebase that I’ve packaged and put together for developers and hobbyists to utilize.

    So let’s talk about what this framework does. First and foremost it is not a fully working bot. There are pre-requisites that you must accomplish. The framework holds some example code for commands and message context responses which should be enough to get any Python developer started on building their bot. The framework also includes all of the required Terraform to deploy the bot within AWS.

    When you launch the Terraform it will build a Docker image for you and deploy that image to ECR as well as launch the container within AWS Fargate. All of this lives behind a load balancer so that you can scale your bot’s resources as needed although I haven’t seen a Discord bot ever require that many resources!

    I plan on supporting this project personally and providing support via email for the time being for anyone who purchases the framework.

    Roadmap:
    – GitHub Actions template for CI/CD
    – More Bot example code for commands
    – Bolt on packages for new functionality

    I hope that this framework helps people get started on building bots for Discord. If you have any questions feel free to reach out to me at anytime!

    The Discord Bot Framework Product Page

  • Product Name Detection with AWS Bedrock & Anthropic Claude

    Well, my AWS bill me a bit larger than normal this month due to testing this script. I thoroughly enjoy utilizing Generative AI to do work for me and I had some spare time to tackle this problem this week.

    A client sent me a bunch of product images that were not named properly. All of the files were named something like “IMG_123.jpeg”. There was 63 total files so I decided rather than going through them one by one I would see if I could get one of Anthropic’s models to handle it for me and low and behold it was very successful!

    I scripted out the workflow in Python and utilized AWS Bedrock’s platform to execute the interactions with the Claude 3 Haiku model. Take a look at the code below to see how this was executed.

    if __name__ == "__main__":
    print("Processing images")
    files = os.listdir("photos")
    print(len(files))
    for file in files:
        if file.endswith(".jpeg"):
            print(f"Sending {file} to Bedrock")
            with open(f"photos/{file}", "rb") as photo:

                prompt = f"""
                    Looking at the image included, find and return the name of the product. 
                    Rules: 
                    1. Return only the product name that has been determined.
                    2. Do not include any other text in your response like "the product determined..."
                    """
                model_response = bedrock_actions.converse(
                    prompt, 
                    image_format="jpeg",
                    encoded_image=photo.read(),
                    max_tokens="2000",
                    temperature=.01,
                    top_p=0.999
                    )
                print(model_response['output'])
                product_name = modify_product_name(model_response['output']['message']['content'][0]['text'])
                
                photo.close()
                if os.system(f"cp photos/{file} renamed_photos/{product_name}.jpeg") != 0:
                    print("failed to move file")
                else:
                    os.system(f"mv photos/{file} finished/{file}")
    sys.exit(0)

    The code will loop through all the files in a folder called “photos” passing each one to Bedrock and getting a response. There was a lot of characters that were returned that would either break the script or that are just not needed so I also wrote a function to handle those.

    Ultimately, the script will copy the photo to a file named after the product and then move the original file into a folder called “finished”.

    I’ve uploaded the code to GitHub and you can utilize it however you want!

  • Streamline Your S3 Management: How to Count Small Files Locally with Python

    I recently came across a need to count objects in an S3 bucket that were of particular size. There isn’t a native way to do this within the S3 console so I decided to script it out using Python and the AWS SDK. You can see all of the code on my GitHub.

    The script is very easy to utilize. The logic is as follows:

    Step 1: Setup

    First, the script initializes a client for the S3 service using Boto3. This setup requires your AWS credentials configured, which the script uses to authenticate requests to your S3 buckets.

    Step 2: Input Parameters

    The script accepts two command-line arguments:

    • The name of the S3 bucket.
    • The maximum file size (in bytes) for which you want to count the files.

    Step 3: List and Count

    Using Boto3’s paginator, the script efficiently handles large datasets by fetching lists of objects in batches. It iterates through each object in the specified bucket:

    • It checks if the object’s size is less than or equal to the size limit you specified.
    • It increments a count for each file that meets the criteria.

    Step 4: Error Handling

    If the script encounters issues accessing the bucket or if an API call fails, it catches the exception and prints an error message. This helps in debugging and ensures you understand why a particular operation failed.

    Step 5: Output

    Finally, the script outputs the total count of files that meet the size criteria. This result can be used directly in reports, further automation scripts, or just for informational purposes.

    Usage:

    python count_small_files.py my-example-bucket 1048576

    Replace my-example-bucket with your bucket name and 1048576 with the maximum file size in bytes (1 MB in this example). This command will tell you how many files in my-example-bucket are 1 MB or smaller.

    This Python script is a practical tool for anyone looking to manage S3 storage more efficiently. By running this script, you can quickly gather insights into your data distribution, helping you make informed decisions about storage management and optimization.

    Stay tuned for more insights on managing cloud services and enhancing your productivity through automation. Don’t forget to subscribe for more updates and tutorials!

  • Securing AWS S3 Objects with Python: Implementing SSE-S3 Encryption

    In the cloud-native world, data security is paramount, and securing Amazon Web Services (AWS) S3 storage is a critical task for any developer. In this article, we dive into a Python script designed to ensure that all your S3 objects are encrypted using Server-Side Encryption with S3-Managed Keys (SSE-S3). This method provides robust security by encrypting S3 objects at the server level using keys managed by S3.

    Understanding the Python Script

    Using the code located at: https://github.com/avansledright/s3-object-re-encryption we have a good framework for re-encrypting our objects.

    The script utilizes the boto3 library, a Python SDK for AWS, enabling developers to integrate their applications with AWS services directly. It includes functions to list objects in an S3 bucket, check their encryption status, and apply SSE-S3 encryption if necessary.

    Key Functions:

    1. Listing Objects: Retrieves all objects within a specified bucket and prefix, managing pagination to handle large datasets.
    2. Checking Encryption: Examines if each object is encrypted with SSE-S3 by accessing its metadata.
    3. Applying Encryption: Updates objects not encrypted with SSE-S3, ensuring all data is securely encrypted using copy_object with the ServerSideEncryption parameter.

    Why Encrypt with SSE-S3?

    Encrypting your S3 objects with SSE-S3 ensures that data is automatically encrypted before being saved to disk and decrypted when accessed. This happens transparently, allowing you to secure your data without modifying your application code.

    Running the Script

    The script is executed via the command line, where users specify the S3 bucket and prefix. It then processes each object, ensuring encryption standards meet organizational and compliance requirements.

    Expanding the Script

    While this script provides a basic framework for S3 encryption, it can be expanded with additional error handling, logging, and perhaps integration into a larger AWS security auditing tool.

    AWS developers looking to enhance their application security will find this script a valuable starting point for implementing standard security practices within their S3 environments. By automating the encryption process, developers can ensure consistency and security across all stored data.

    For those who manage sensitive or regulated data in AWS, applying SSE-S3 encryption programmatically can help meet legal and compliance obligations while providing peace of mind about data security.

    If you find this article helpful please share it with your friends!

  • Building a Generative AI Workflow with AWS Bedrock

    I’ve finally been tasked with a Generative AI project to work on. I’ve done this workflow manually with ChatGPT in the past and it works quite well but, for this project, the requirement was to use Amazon Web Services’ new product “AWS Bedrock”.

    The workflow takes in some code and writes a technical document to support a clear English understanding of what the code is going to accomplish. Using AWS Bedrock, the AI will write the document and output it to an S3 bucket.

    The architecture involves uploading the initial code to an S3 Bucket which will then send the request to an SQS queue and ultimately trigger a Lambda to prompt the AI and fulfill the output upload to a separate S3 bucket. Because this was a proof of concept, the Lambda function was a significant compute resource however going forward I am going to look at placing this code into a Docker container so that it can scale for larger code inputs.

    Here is the architecture diagram:

    Let’s take a look at some of the important code. First is the prompt management. I wrote a function that will take input of the code as well as a parameter of “prompt_type”. This will allow the function to be scalable to accommodate other prompts in the future.

    def return_prompt(code, prompt_type):
    if prompt_type == "testPrompt":
        prompt1 = f"Human: <your prompt>. Assistant:"
        return prompt1

    The important thing to look at here is the format of the message. You have to include the “Human:” and the “Assistant:”. Without this formatting, your API call will error.

    The next bit of code is what we use to prompt the Bedrock AI.

     prompt_to_send = prompts.return_prompt(report_file, "testPrompt")
        body = {
            "prompt": prompt_to_send,
            "max_tokens_to_sample": 300,
            "temperature": 0.1,
            "top_p": 0.9
        }
        accept = 'application/json'
        contentType = 'application/json'


        # Return Psuedo code
        bedrock_response = h.bedrock_actions.invoke_model(json.dumps(body, indent=2).encode('utf-8'), contentType, accept, modelId=modelid)
        def invoke_model(body, contentType, accept, modelId):
        print(f"Body being sent: {body}")
        try:
            response = bedrock_runtime.invoke_model(
                body=body,
                contentType=contentType,
                accept=accept,
                modelId=modelId
            )
            return response
        except ClientError as e:
            print("Failed to invoke Bedrock model")
            print(e)
            return False

    The body of our request is what configures Bedrock to run and create a response. These values can be tweaked as follows:

    max_tokens_to_sample: This specifies the number of tokens to sample in your request. Amazon recommends setting this to 4000
    TopP: Use a lower value to ignore less probable options.
    Top K: Specify the number of token choices the model uses to generate the next token.
    Temperature: Use a lower value to decrease randomness in the response.

    You can read more about the inputs here.

    If you want to see more of this code take a look at my GitHub repository below. Feel free to use it wherever you want. If you have any questions be sure to reach out to me!

    GitHub: https://github.com/avansledright/bedrock-poc-public

  • Automated Lambda Testing

    Look, I know there are a bunch of test frameworks that you could use for your Lambda functions. But what if you wanted something simple? I spent an afternoon putting together what I would want in a testing pipeline that returns a simple “Success/Fail” type response to me via Email.

    An architecture diagram for your eyes:

    The idea is to create a JSON object with a key and value pair of the name of the Lambda function and the test event to pass to the lambda. Once the file is uploaded to the S3 bucket the pipeline can be triggered where a Codebuild job will iterate through the Lambdas and their events. The Lambdas will be tested with the event and return whether or not they are successful. The results are then sent to an SNS topic to be distributed to the developers.

    Going forward, I hope to automate adding new Lambda functions to the JSON file so that testing can also be scheduled.

    I spent time packaging this solution up with all the appropriate Terraform files and code. If you are interested in this solution feel free to reach out and I can deliver the packaged application to you!

    Sample Code: GitHub