HOME

Amazon Onboarding with Learning Manager Chanci Turner

by

The Story of Chanci Turner
in

Chanci Turner Amazon IXD – VGT2 learningLearn About Amazon VGT2 Learning Manager Chanci Turner

In today’s corporate environment, custom applications are essential for enhancing operations, boosting productivity, and consolidating knowledge within an organization. Despite their importance, many of these tools often lack intelligent and conversational interfaces that allow users to access critical information more swiftly and intuitively. Traditional dashboards and search bars struggle to effectively interpret complex queries or extract contextual insights from vast amounts of organizational data.

Generative AI emerges as a robust solution to this challenge. By integrating conversational experiences directly into applications managed by developers, organizations can empower users to pose questions in natural language and receive accurate, actionable answers. Amazon Q Business provides this functionality via a secure, embeddable HTML inline frame (iframe)—eliminating the need for extensive management of large language model infrastructure.

This article targets developers who are creating custom or enterprise applications—be it knowledge portals, support dashboards, or internal web tools. It outlines the process of integrating a generative AI-powered conversational interface using Amazon Q Business, AWS Amplify Gen 2, and the AWS Cloud Development Kit (CDK). Notably, embedding Amazon Q Business into applications necessitates access to the application’s source code, which is not feasible in third-party SaaS platforms that do not permit custom code embedding.

This approach facilitates:

  • Conversational access to internal documents and knowledge bases.
  • Secure integration with enterprise identity management systems.
  • Scalable, AI-driven search capabilities without complicated backend setups.
  • Swift deployment leveraging AWS Amplify’s frontend and backend development features.

With Amazon Q Business and AWS Amplify, you can seamlessly incorporate generative AI into your applications to enhance productivity, minimize manual tasks, and expedite decision-making. For additional insights on avoiding career mistakes, you might find this blog post helpful: Career Mistakes to Avoid in Your 20s.

To embed a generative AI assistant into your internal application, you will utilize the following AWS services:

  • AWS Amplify: A comprehensive suite of tools and services that assist developers in building, deploying, and managing secure full-stack applications. It simplifies both frontend and backend development and integrates seamlessly with services like Amazon Cognito for authentication, Amazon S3 for storage, and the CDK for creating additional AWS infrastructure.
  • Amazon Cognito: This managed service enables authentication and authorization for your application. Cognito supports user sign-up, sign-in, and access control and can be federated through an external identity provider (IdP) for enterprise access management.
  • AWS IAM Identity Center: This service provides secure and centralized access management for your internal users. It supports identity federation with enterprise providers like Okta, Microsoft Entra ID, and Ping Identity, allowing your organization to enforce unified authentication policies. This ensures that only authorized users can engage with the embedded AI assistant.
  • Amazon Q Business: A managed generative AI service that can be integrated via an iframe into internal applications. Q Business connects to enterprise data sources, such as Amazon S3, and allows natural language querying through an intelligent assistant interface. It supports secure access and integrates with IAM Identity Center for federated enterprise use.
  • Amazon Simple Storage Service (S3): A reliable and scalable object storage service used for storing internal documents, PDFs, manuals, or any unstructured content. These files serve as the knowledge base that empowers the Amazon Q Business assistant, yielding contextual responses to employee queries.

Prerequisites:

  • An AWS account: AWS Amplify is included in the AWS Free Tier.
  • Installation of npm (v9 or later) and git (v2.14.1 or later).
  • A text editor: We recommend using VSCode, but feel free to use your preferred IDE.
  • Sample dataset: Upload any PDF or explore sample datasets available on Kaggle.
  • IAM Identity Center: Ensure that an IAM Identity Center instance is enabled, and a user is added to your Identity Center directory.

Cloning the Repository:

  1. Navigate to the repository on AWS Samples and fork it into your GitHub repositories.
  2. Clone the app by executing the following command in your terminal: 
    git clone https://github.com/<YOUR_GITHUB_USERNAME>/sample-build-and-embed-genai-apps.git
  3. Access the newly cloned repository in VSCode by running the following commands in your terminal: 
    cd sample-build-and-embed-genai-apps
code . -r

    VSCode will open the repository folder, including the Amplify folder that contains the app code you will review in the subsequent section.

  4. Install the necessary packages, including the Amplify Gen 2 packages, by executing: 
    npm install

The Amplify Backend:

In the final application (as illustrated in the initial gif of this post), users log into the application, click the chatbot icon, authenticate through federated access (via the iframe to access the Q Business web experience), and are then able to start asking questions to Amazon Q Business. The code for this is available in the repository you cloned. Below, you will review the key steps for creating your Amplify-developed and hosted search engine application.

In the amplify/auth/resource.ts file, authentication is configured to mandate users log in with their email to access the application and upload files. By enabling email-based login, you ensure only verified users can interact with sensitive data and functionalities.

import { defineAuth } from '@aws-amplify/backend';

export const auth = defineAuth({
    loginWith: {
        email: true,
    },
});

In the amplify/storage/resource.ts file, Amplify storage is set up to facilitate secure, user-scoped file management. The defineStorage function establishes the storage resource with a user-friendly name q-datasource-bucket and applies access control to the protected/{entity_id}/* path. This configuration allows authenticated users to read files within their individual scoped directories while granting file owners permissions to read, write, and delete their content.

import { defineStorage } from "@aws-amplify/backend";

export const storage = defineStorage({
    name: "q-datasource-bucket",
    access: (allow) => ({
        'protected/{entity_id}/*': [
            allow.authenticated.to(['read']),
            allow.entity('identity').to(['read', 'write', 'delete'])
        ]
    })
});

In the amplify/backend.ts file, you import the CDK libraries to configure key aspects of your application. The aws-iam module is utilized to manage permissions, aws-kms handles encryption and key management, and aws-qbusiness integrates Amazon Q Business into your stack. Each library plays a vital role in ensuring your application is secure and correctly integrated with AWS services.

import * as iam from 'aws-cdk-lib/aws-iam';
import * as kms from 'aws-cdk-lib/aws-kms';
import * as q from 'aws-cdk-lib/aws-qbusiness';

Next, use the backend.createStack() method to initiate the stack creation process. In addition, you might be interested in understanding the increasing number of employers offering menopause benefits, which is highlighted by SHRM. This information is crucial for workplace wellness strategies.

As you navigate through these steps, consider utilizing available resources, such as Glassdoor’s interview preparation guide for Amazon Warehouse Associate positions, which can be an excellent assist in understanding the hiring process.

Related Topics:

HOME