# FinOps Copilot - Complete Deployment and Testing Guide

This notebook provides comprehensive documentation for deploying and testing the FinOps Copilot solution, including:
- Lambda Functions
- AWS Bedrock Agents
- MCP Servers
- Streamlit Frontend
- Testing Framework


## Table of Contents

1. [Architecture Overview](#architecture-overview)
2. [Lambda Functions](#lambda-functions)
3. [AWS Bedrock Agents](#bedrock-agents)
4. [MCP Servers](#mcp-servers)
5. [Streamlit Frontend](#streamlit-frontend)
6. [Deployment with AWS CLI](#deployment)
7. [Testing](#testing)


## 1. Architecture Overview <a id='architecture-overview'></a>

FinOps Copilot is a comprehensive AWS cost optimization solution that combines:

- **Lambda Functions**: Service-specific cost analyzers (EC2, S3, RDS, etc.)
- **Bedrock Agents**: AI-powered orchestration and recommendations
- **MCP Servers**: Model Context Protocol servers for data integration
- **Streamlit Frontend**: Interactive dashboard for visualization


## 2. Lambda Functions <a id='lambda-functions'></a>

### 2.1 EC2 Agent

The EC2 Agent analyzes EC2 instance utilization and provides optimization recommendations.

In [None]:
# EC2 Agent Lambda Handler
# File: lambda-functions/ec2_agent.py

import json
import boto3
from datetime import datetime, timedelta

class EC2CostAnalyzer:
    """Analyzes EC2 costs and provides optimization recommendations"""
    
    def __init__(self):
        self.ec2_client = boto3.client('ec2')
        self.cloudwatch_client = boto3.client('cloudwatch')
        self.cost_explorer_client = boto3.client('ce')
    
    def analyze_instance_utilization(self, instance_ids, days=30):
        """Analyze CPU utilization for specified instances"""
        # Implementation details in the actual file
        pass
    
    def identify_optimization_opportunities(self, utilization_data, instance_details, cost_data):
        """Identify cost optimization opportunities based on utilization"""
        # Implementation details in the actual file
        pass

def lambda_handler(event, context):
    """AWS Lambda handler for EC2 cost analysis"""
    analyzer = EC2CostAnalyzer()
    action = event.get('action', 'analyze_all')
    
    if action == 'analyze_all':
        # Comprehensive analysis of all instances
        pass
    elif action == 'analyze_utilization':
        # Analyze utilization only
        pass
    elif action == 'get_recommendations':
        # Get optimization recommendations
        pass
    
    return {
        'statusCode': 200,
        'body': json.dumps(result)
    }

### 2.2 S3 Agent

The S3 Agent analyzes S3 bucket usage and provides storage optimization recommendations.

In [None]:
# S3 Agent Lambda Handler
# File: lambda-functions/s3_agent.py

class S3CostAnalyzer:
    """Analyzes S3 costs and provides optimization recommendations"""
    
    def analyze_bucket_storage(self):
        """Analyze storage usage across all buckets"""
        pass
    
    def analyze_storage_classes(self, bucket_name):
        """Analyze storage class distribution"""
        pass
    
    def identify_optimization_opportunities(self, bucket_analysis, cost_data):
        """Identify S3 optimization opportunities"""
        pass

### 2.3 Orchestrator Agent

The Orchestrator Agent coordinates between different service agents and provides comprehensive analysis.

In [None]:
# Orchestrator Agent Lambda Handler
# File: lambda-functions/orchestrator_agent.py

class FinOpsOrchestrator:
    """Orchestrates cost optimization across AWS services"""
    
    def process_query(self, query):
        """Process natural language queries about cost optimization"""
        # Use Bedrock to understand intent
        # Call appropriate service agents
        # Aggregate and format results
        pass

## 3. AWS Bedrock Agents <a id='bedrock-agents'></a>

### 3.1 Bedrock Agent Configuration

Bedrock Agents provide AI-powered analysis and recommendations.

In [None]:
# Bedrock Agent Configuration
# File: bedrock-agents/orchestrator_agent_config.json

orchestrator_config = {
    "agentName": "FinOpsOrchestratorAgent",
    "description": "Orchestrates cost optimization analysis across AWS services",
    "foundationModel": "anthropic.claude-v2",
    "instructions": """You are a FinOps expert assistant that helps users optimize 
                       their AWS costs. Analyze user queries and coordinate with 
                       service-specific agents to provide comprehensive recommendations.""",
    "actionGroups": [
        {
            "actionGroupName": "EC2Actions",
            "description": "Actions for EC2 cost analysis",
            "lambdaFunction": "finops-ec2-agent"
        },
        {
            "actionGroupName": "S3Actions",
            "description": "Actions for S3 cost analysis",
            "lambdaFunction": "finops-s3-agent"
        }
    ]
}

### 3.2 Action Group API Schema

Define the API schema for Bedrock agent action groups.

In [None]:
# Action Group API Schema
# File: bedrock-agents/service-agent-api-schema.yaml

api_schema = """
openapi: 3.0.0
info:
  title: FinOps Service Agent API
  version: 1.0.0
paths:
  /analyze:
    post:
      summary: Analyze service costs
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              properties:
                action:
                  type: string
                  enum: [analyze_all, analyze_utilization, get_recommendations]
                days:
                  type: integer
                  default: 30
                instance_ids:
                  type: array
                  items:
                    type: string
"""

## 4. MCP Servers <a id='mcp-servers'></a>

### 4.1 Cost Explorer MCP Server

MCP server for AWS Cost Explorer integration.

In [None]:
# Cost Explorer MCP Server
# File: mcp-servers/cost_explorer_mcp.py

class CostExplorerMCPServer:
    """MCP server for AWS Cost Explorer data"""
    
    async def process_mcp_request(self, request):
        """Process incoming MCP requests"""
        method = request.get('method')
        
        if method == 'cost_explorer.get_cost_and_usage':
            return await self.get_cost_and_usage(
                request['params']['timePeriod'],
                request['params']['granularity'],
                request['params']['metrics'],
                request['params'].get('groupBy')
            )
        # Additional methods...

class MCPProtocolHandler:
    """Handles MCP protocol communication"""
    
    async def handle_request(self, request_data):
        """Handle incoming MCP request following JSON-RPC 2.0"""
        # Parse request, route to appropriate handler, format response
        pass

## 5. Streamlit Frontend <a id='streamlit-frontend'></a>

### 5.1 Main Application

The Streamlit frontend provides an interactive dashboard for cost analysis.

In [None]:
# Streamlit Frontend Application
# File: frontend/app.py

import streamlit as st
import pandas as pd
import plotly.express as px
import boto3

def main():
    st.set_page_config(
        page_title="FinOps Copilot",
        page_icon="💰",
        layout="wide"
    )
    
    st.title("FinOps Copilot - AWS Cost Optimization Dashboard")
    
    # Sidebar for navigation
    page = st.sidebar.selectbox(
        "Navigation",
        ["Overview", "EC2 Analysis", "S3 Analysis", "Recommendations"]
    )
    
    if page == "Overview":
        show_overview()
    elif page == "EC2 Analysis":
        show_ec2_analysis()
    # Additional pages...

def show_overview():
    """Display cost overview dashboard"""
    col1, col2, col3, col4 = st.columns(4)
    
    with col1:
        st.metric("Total Monthly Cost", "$12,450", "+5%")
    with col2:
        st.metric("Potential Savings", "$2,890", "-23%")
    # Additional metrics...

if __name__ == "__main__":
    main()

## 6. Deployment with AWS CLI <a id='deployment'></a>

### 6.1 Prerequisites

Ensure you have the following installed:
- AWS CLI (v2.x)
- Python 3.8+
- Docker (for Lambda container images)


In [None]:
%%bash
# Check AWS CLI version
aws --version

# Configure AWS credentials if not already done
# aws configure

### 6.2 Deploy Lambda Functions

In [None]:
%%bash
# Set environment variables
export ACCOUNT_ID=$(aws sts get-caller-identity --query Account --output text)
export REGION="us-east-1"
export LAMBDA_ROLE_NAME="finops-lambda-role"

# Create IAM role for Lambda functions
cat > trust-policy.json << EOF
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "Service": "lambda.amazonaws.com"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}
EOF

aws iam create-role \
  --role-name $LAMBDA_ROLE_NAME \
  --assume-role-policy-document file://trust-policy.json

In [None]:
%%bash
# Attach necessary policies to the Lambda role
aws iam attach-role-policy \
  --role-name $LAMBDA_ROLE_NAME \
  --policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole

aws iam attach-role-policy \
  --role-name $LAMBDA_ROLE_NAME \
  --policy-arn arn:aws:iam::aws:policy/AWSCostExplorerReadOnlyAccess

aws iam attach-role-policy \
  --role-name $LAMBDA_ROLE_NAME \
  --policy-arn arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess

aws iam attach-role-policy \
  --role-name $LAMBDA_ROLE_NAME \
  --policy-arn arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess

aws iam attach-role-policy \
  --role-name $LAMBDA_ROLE_NAME \
  --policy-arn arn:aws:iam::aws:policy/CloudWatchReadOnlyAccess

In [None]:
%%bash
# Package and deploy EC2 Agent Lambda
cd lambda-functions

# Create deployment package
zip -r ec2-agent.zip ec2_agent.py

# Create Lambda function
aws lambda create-function \
  --function-name finops-ec2-agent \
  --runtime python3.9 \
  --role arn:aws:iam::${ACCOUNT_ID}:role/${LAMBDA_ROLE_NAME} \
  --handler ec2_agent.lambda_handler \
  --zip-file fileb://ec2-agent.zip \
  --timeout 300 \
  --memory-size 512 \
  --environment Variables='{"LOG_LEVEL":"INFO"}'

In [None]:
%%bash
# Deploy S3 Agent Lambda
zip -r s3-agent.zip s3_agent.py

aws lambda create-function \
  --function-name finops-s3-agent \
  --runtime python3.9 \
  --role arn:aws:iam::${ACCOUNT_ID}:role/${LAMBDA_ROLE_NAME} \
  --handler s3_agent.lambda_handler \
  --zip-file fileb://s3-agent.zip \
  --timeout 300 \
  --memory-size 512

In [None]:
%%bash
# Deploy Orchestrator Agent Lambda
zip -r orchestrator-agent.zip orchestrator_agent.py

aws lambda create-function \
  --function-name finops-orchestrator-agent \
  --runtime python3.9 \
  --role arn:aws:iam::${ACCOUNT_ID}:role/${LAMBDA_ROLE_NAME} \
  --handler orchestrator_agent.lambda_handler \
  --zip-file fileb://orchestrator-agent.zip \
  --timeout 300 \
  --memory-size 1024

### 6.3 Deploy Bedrock Agents

In [None]:
%%bash
# Create IAM role for Bedrock Agent
cat > bedrock-trust-policy.json << EOF
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "Service": "bedrock.amazonaws.com"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}
EOF

aws iam create-role \
  --role-name finops-bedrock-agent-role \
  --assume-role-policy-document file://bedrock-trust-policy.json

In [None]:
%%bash
# Create Bedrock Agent
aws bedrock-agent create-agent \
  --agent-name "FinOpsOrchestratorAgent" \
  --agent-resource-role-arn arn:aws:iam::${ACCOUNT_ID}:role/finops-bedrock-agent-role \
  --foundation-model "anthropic.claude-v2" \
  --instruction "You are a FinOps expert assistant that helps users optimize their AWS costs."

In [None]:
%%bash
# Create action group for EC2 analysis
aws bedrock-agent create-agent-action-group \
  --agent-id <AGENT_ID> \
  --agent-version DRAFT \
  --action-group-name "EC2Actions" \
  --action-group-executor '{"lambda":"arn:aws:lambda:${REGION}:${ACCOUNT_ID}:function:finops-ec2-agent"}' \
  --api-schema '{"s3":{"s3BucketName":"<BUCKET>","s3ObjectKey":"service-agent-api-schema.yaml"}}'

### 6.4 Deploy MCP Servers

MCP servers can be deployed as Lambda functions or ECS services.

In [None]:
%%bash
# Package and deploy Cost Explorer MCP as Lambda
cd mcp-servers

# Create requirements.txt
cat > requirements.txt << EOF
boto3
botocore
python-dateutil
EOF

# Install dependencies
pip install -r requirements.txt -t .

# Create deployment package
zip -r cost-explorer-mcp.zip .

# Deploy as Lambda function
aws lambda create-function \
  --function-name finops-cost-explorer-mcp \
  --runtime python3.9 \
  --role arn:aws:iam::${ACCOUNT_ID}:role/${LAMBDA_ROLE_NAME} \
  --handler cost_explorer_mcp.lambda_handler \
  --zip-file fileb://cost-explorer-mcp.zip \
  --timeout 60 \
  --memory-size 256

### 6.5 Deploy Streamlit Frontend on AWS App Runner

In [None]:
%%bash
# Create Dockerfile for Streamlit app
cd frontend

cat > Dockerfile << EOF
FROM python:3.9-slim

WORKDIR /app

COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt

COPY . .

EXPOSE 8501

CMD ["streamlit", "run", "app.py", "--server.port=8501", "--server.address=0.0.0.0"]
EOF

# Build and push to ECR
aws ecr create-repository --repository-name finops-copilot-frontend

# Get ECR login token
aws ecr get-login-password --region ${REGION} | docker login --username AWS --password-stdin ${ACCOUNT_ID}.dkr.ecr.${REGION}.amazonaws.com

# Build and push image
docker build -t finops-copilot-frontend .
docker tag finops-copilot-frontend:latest ${ACCOUNT_ID}.dkr.ecr.${REGION}.amazonaws.com/finops-copilot-frontend:latest
docker push ${ACCOUNT_ID}.dkr.ecr.${REGION}.amazonaws.com/finops-copilot-frontend:latest

In [None]:
%%bash
# Create App Runner service
aws apprunner create-service \
  --service-name "finops-copilot-frontend" \
  --source-configuration '{
    "ImageRepository": {
      "ImageIdentifier": "'${ACCOUNT_ID}'.dkr.ecr.'${REGION}'.amazonaws.com/finops-copilot-frontend:latest",
      "ImageConfiguration": {
        "Port": "8501"
      },
      "ImageRepositoryType": "ECR"
    },
    "AutoDeploymentsEnabled": false
  }'

## 7. Testing <a id='testing'></a>

### 7.1 Unit Testing

Run unit tests for Lambda functions.

In [None]:
%%bash
# Install test dependencies
pip install pytest pytest-cov boto3 moto

# Run unit tests
cd /home/ec2-user/finops/aws-finops/finops-copilot
python -m pytest tests/unit/ -v

### 7.2 Integration Testing

Test Lambda functions with AWS services.

In [None]:
%%bash
# Test EC2 Agent Lambda
aws lambda invoke \
  --function-name finops-ec2-agent \
  --payload '{
    "action": "analyze_all",
    "days": 7
  }' \
  response.json

cat response.json | jq

In [None]:
%%bash
# Test S3 Agent Lambda
aws lambda invoke \
  --function-name finops-s3-agent \
  --payload '{
    "action": "analyze_all",
    "days": 30
  }' \
  response.json

cat response.json | jq

### 7.3 Frontend Testing

Test the Streamlit frontend application.

In [None]:
# Test Streamlit app locally
import subprocess
import time
import requests

# Start Streamlit app
process = subprocess.Popen(
    ["streamlit", "run", "frontend/app.py"],
    stdout=subprocess.PIPE,
    stderr=subprocess.PIPE
)

# Wait for app to start
time.sleep(5)

# Test if app is running
try:
    response = requests.get("http://localhost:8501")
    print(f"Frontend status: {response.status_code}")
    print("Frontend is running successfully!")
except Exception as e:
    print(f"Error accessing frontend: {e}")
finally:
    # Stop the process
    process.terminate()

### 7.4 End-to-End Testing

Test the complete flow from frontend to Lambda functions.

In [None]:
# Simulate end-to-end test
import boto3
import json

def test_e2e_flow():
    """Test the complete FinOps Copilot flow"""
    
    # 1. Call Orchestrator Agent
    lambda_client = boto3.client('lambda')
    
    response = lambda_client.invoke(
        FunctionName='finops-orchestrator-agent',
        InvocationType='RequestResponse',
        Payload=json.dumps({
            "query": "What are my biggest cost optimization opportunities?",
            "services": ["ec2", "s3"]
        })
    )
    
    result = json.loads(response['Payload'].read())
    print("Orchestrator Response:")
    print(json.dumps(result, indent=2))
    
    # 2. Verify response structure
    assert 'statusCode' in result
    assert result['statusCode'] == 200
    assert 'body' in result
    
    body = json.loads(result['body'])
    assert 'recommendations' in body
    assert 'total_savings' in body
    
    print("\n✅ End-to-end test passed!")

# Run the test
test_e2e_flow()

### 7.5 Performance Testing

Test Lambda function performance and latency.

In [None]:
import time
import statistics
import concurrent.futures

def performance_test_lambda(function_name, payload, num_requests=10):
    """Performance test for Lambda functions"""
    lambda_client = boto3.client('lambda')
    latencies = []
    
    def invoke_lambda():
        start_time = time.time()
        response = lambda_client.invoke(
            FunctionName=function_name,
            InvocationType='RequestResponse',
            Payload=json.dumps(payload)
        )
        latency = (time.time() - start_time) * 1000  # Convert to ms
        return latency
    
    # Run concurrent requests
    with concurrent.futures.ThreadPoolExecutor(max_workers=5) as executor:
        futures = [executor.submit(invoke_lambda) for _ in range(num_requests)]
        latencies = [f.result() for f in concurrent.futures.as_completed(futures)]
    
    # Calculate statistics
    print(f"\nPerformance Test Results for {function_name}:")
    print(f"  Requests: {num_requests}")
    print(f"  Min latency: {min(latencies):.2f} ms")
    print(f"  Max latency: {max(latencies):.2f} ms")
    print(f"  Mean latency: {statistics.mean(latencies):.2f} ms")
    print(f"  Median latency: {statistics.median(latencies):.2f} ms")
    print(f"  95th percentile: {statistics.quantiles(latencies, n=20)[18]:.2f} ms")

# Test EC2 Agent performance
performance_test_lambda(
    'finops-ec2-agent',
    {'action': 'analyze_all', 'days': 7}
)

## Summary

This notebook provides a comprehensive guide for deploying and testing the FinOps Copilot solution:

1. **Lambda Functions**: Deployed service-specific cost analyzers
2. **Bedrock Agents**: Created AI-powered orchestration agents
3. **MCP Servers**: Deployed data integration servers
4. **Streamlit Frontend**: Deployed interactive dashboard on App Runner
5. **Testing**: Comprehensive unit, integration, and E2E tests

### Next Steps

1. Configure CloudWatch alarms for monitoring
2. Set up CI/CD pipeline with AWS CodePipeline
3. Implement additional cost optimization features
4. Add more comprehensive test coverage
