RisiAi Logo

RisiAi Consulting

AI Strategy & Implementation Expert

← Back to Architectures
Intermediate Level Interactive

AWS Bedrock Architecture

Enterprise AI solution architecture using Amazon Bedrock for generative AI workloads

Services

AWS Bedrock Lambda API Gateway DynamoDB

Use Case

Generative AI Integration

AWS Bedrock Architecture

Production-ready environment for building generative AI applications with foundation models

1 · Client Layer
SDK
Python App (boto3)
pip install boto3
Your application code using the AWS SDK for Python to invoke Bedrock models.
Streamlit / FastAPI
Web-based frontend or REST API layer serving your AI features to end users.
AWS CLI / Console
Direct model testing, prompt playground, and administrative management.
HTTPS / SigV4
2 · API & Networking
API Gateway
REST / WebSocket API for external consumers. Rate limiting, caching, and request validation.
AWS Lambda
Serverless compute for pre/post-processing. Orchestration logic, prompt templating, and response parsing.
VPC Endpoint
PrivateLink
Private connectivity to Bedrock — no traffic over the public internet.
InvokeModel API
3 · Amazon Bedrock Core
Core
Foundation Models
Claude (Anthropic)Titan (Amazon)Llama (Meta)MistralCohereStable Diffusion
Knowledge Bases
RAG (Retrieval-Augmented Generation) with your private data. Connects to OpenSearch, Pinecone, or Aurora pgvector.
Agents
Autonomous task execution with tool use, action groups, and multi-step reasoning chains.
Guardrails
Content filtering, PII redaction, topic denial, grounding checks, and safety policies.
Fine-Tuning
Custom model training with your domain data. Continued pre-training and instruction fine-tuning.
Model Evaluation
Automated and human benchmarking. Compare models on accuracy, toxicity, and latency.
Embeddings
IAM / KMS
4 · Data & Storage
Amazon S3
Training data, documents for RAG, model artifacts, prompt templates, and output logs.
OpenSearch / Aurora
Vector store for embeddings. Semantic search index for Knowledge Bases.
DynamoDB
Session state, conversation history, prompt cache, and user preferences.
5 · Security & Governance
IAM Roles & Policies
Least-privilege access. Separate roles for invoke, fine-tune, and admin operations.
AWS KMS
Encryption at rest and in transit. Customer-managed keys for model I/O data.
CloudTrail
Full audit trail of every API call. Compliance logging for SOC2, HIPAA, GDPR.
6 · Monitoring & Observability
CloudWatch Metrics
Invocation count, latency (P50/P99), throttling, input/output token counts, and error rates.
CloudWatch Logs
Model invocation logging. Full request/response capture for debugging and audit.
Cost Explorer
Token-level cost tracking per model. Budget alerts and usage anomaly detection.
Quick Start · Python
import boto3
import json

# 1. Create Bedrock Runtime client
client = boto3.client(
    service_name="bedrock-runtime",
    region_name="us-east-1"
)

# 2. Invoke Claude via Bedrock
response = client.invoke_model(
    modelId="anthropic.claude-3-5-sonnet-20241022-v2:0",
    body=json.dumps({)
        "anthropic_version": "bedrock-2023-05-31",
        "max_tokens": 1024,
        "messages": [{
            "role": "user",
            "content": "Explain AWS Bedrock in one sentence."
        }{]}
    })
)

# 3. Parse response
result = json.loads(response["body"].read())
print(result["content"][0]["text"])
Setup Checklist
1
Enable Model Access
AWS Console → Bedrock → Model access → Request access to desired foundation models
2
Configure IAM
Create role with bedrock:InvokeModel permission. Attach to Lambda / EC2 / ECS task role
3
Set Up VPC Endpoint
Create PrivateLink endpoint for com.amazonaws.{region}.bedrock-runtime in your VPC
4
Create Knowledge Base
Upload docs to S3 → Create KB in Bedrock → Select embedding model → Choose vector store
5
Enable Guardrails
Configure content filters, PII detection, denied topics, and word filters for production safety
6
Set Up Monitoring
Enable invocation logging → Configure CloudWatch alarms → Set up billing alerts
AWS Bedrock Environment · Production Architecture Reference

Ready to Build?

This architecture can be customized for your specific needs. Let's discuss how to implement this pattern for your organization, or explore variations that better match your requirements.

Start a Project