Skip to main content

AWS Setup

AWS is used for the following features:

  • Bedrock, for the LLMs and Text embeddings
  • Transcribe, for generating text transcription of audio files
  • Polly, for generating audio files from text
  • S3, for saving transcription results from Transcribe service.
  • SES, for sending emails [not required when run locally]

Env variables

Once the above setup and iam user with the mentioned policy setup is complete, create a IAM AccessKey/SecretKey for the IAM user and setup the following env variables for the backend api

apps/api/.env
AWS_REGION=...
AWS_ACCESS_KEY=...
AWS_SECRET_ACCESS_KEY=...
AWS_S3_BUCKET_NAME=...

IAM user and access

A single IAM user could be setup (without console access) and attach permissions to provide access to the above mentioned features.

danger

Please review and update the IAM roles and permission to the minimum required access when deploying to server. InHouse AI starter template provides the following permission which are required for all the features in the starter template for development purposes ONLY.

AWS Bedrock permission

Required to invoke the LLMs enabled in AWS Bedrock

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "bedrock:InvokeModel",
                "bedrock:InvokeModelWithResponseStream"
            ],
            "Resource": "*"
        }
    ]
}

AWS Transcrible permission

Audio summarize feature uses Transcribe and S3 bucket to save transcription results.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:ListBucket"
            ],
            "Resource": [
                "arn:aws:s3:::REPLACE_WITH_YOUR_BUCKET_NAME/*",
                "arn:aws:s3:::REPLACE_WITH_YOUR_BUCKET_NAME"
            ]
        },
        {
            "Sid": "VisualEditor1",
            "Effect": "Allow",
            "Action": [
                "transcribe:GetTranscriptionJob",
                "transcribe:StartTranscriptionJob"
            ],
            "Resource": "*"
        }
    ]
}

AWS Polly permission

Text to speech feature uses AWS polly which requires the following permission

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": "polly:SynthesizeSpeech",
            "Resource": "*"
        }
    ]
}

AWS Bedrock models to enable

A number of LLMs are used from AWS Bedrock. You will need to enable access to the below models. If not, you will get 403 response for the respective model api calls from AWS Bedrock.

Models to request access:

  • Titan Text Embeddings V2
  • Llama 3 8B Instruct
  • Llama 3 70B Instruct
  • Claude 3 Sonnet
  • Claude 3.5 Sonnet
  • Nova Canvas
  • Titan Image Generator G1 v2
  • SDXL 1.0