# Knowledge Bases for Amazon Bedrock와 연동된 Agent for Amazon Bedrock 생성 및 Action Group 연결하기

이 노트북에서는 회사 데이터를 검색하고 작업을 완료하기 위해 Knowledge Bases for Amazon Bedrock를 사용하는 Amazon Bedrock Agent를 만드는 방법을 배웁니다. 이 노트북의 사용 사례는 레스토랑의 에이전트로, 고객에게 성인용 또는 어린이용 메뉴에 대한 정보를 제공하고 테이블 예약 시스템을 담당하는 작업을 수행합니다. 고객은 예약 정보를 생성, 삭제 또는 가져올 수 있습니다. 

이 노트북을 완성하는 단계는 다음과 같습니다:

1. 필요한 라이브러리 Import
2. 데이터 세트를 Amazon S3에 업로드
3. Knowledge Base for Amazon Bedrock 생성
4. Agent for Amazon Bedrock 생성
5. Agent 테스트하기
6. 생성된 리소스 정리

<img src="./images/lab5-architecture.png" alt="Create an Agent with a Knowledge Base and an Action Group" style="height: 400px; width:950px;"/>


## 1. Import the needed libraries

In [1]:
!pip install -q opensearch-py
!pip install -q retrying

In [2]:
import os
import json
import time
import uuid
import boto3
import zipfile
import logging
import pprint
from io import BytesIO
from retrying import retry
from itertools import cycle
from botocore.exceptions import ClientError
from opensearchpy import OpenSearch, RequestsHttpConnection, AWSV4SignerAuth
from aoss_utils import createEncryptionPolicy, createNetworkPolicy, createAccessPolicy, createCollection, waitForCollectionCreation
from bedrock_utils import create_bedrock_execution_role, create_oss_policy_attach_bedrock_execution_role, create_policies_in_oss, delete_iam_role_and_policies

In [3]:
#Clients
s3_client = boto3.client('s3')
iam_client = boto3.client('iam')
sts_client = boto3.client('sts')
session = boto3.session.Session()
region = session.region_name
lambda_client = boto3.client('lambda')
dynamodb_client = boto3.client('dynamodb')
dynamodb_resource = boto3.resource('dynamodb')
bedrock_agent_client = boto3.client('bedrock-agent')
bedrock = boto3.client("bedrock",region_name=region)
opensearch_client = boto3.client('opensearchserverless')
account_id = sts_client.get_caller_identity()["Account"]
identity_arn = session.client('sts').get_caller_identity()['Arn']
bedrock_agent_runtime_client = boto3.client('bedrock-agent-runtime')
logging.basicConfig(format='[%(asctime)s] p%(process)s {%(filename)s:%(lineno)d} %(levelname)s - %(message)s', level=logging.INFO)
logger = logging.getLogger(__name__)

In [4]:
session = boto3.session.Session()
region = session.region_name
account_id = sts_client.get_caller_identity()["Account"]
region, account_id

('us-west-2', '322537213286')

In [5]:
suffix = f"{region}-{account_id}"
agent_name = 'booking-agent'
solution_id = agent_name
agent_alias_name = "booking-agent-alias"
bucket_name = f'{agent_name}-{suffix}'

## 2. Upload the dataset to Amazon S3
Knowledge Bases for Amazon Bedrock, currently require data to reside in an Amazon S3 bucket. In this section we will create an Amazon S3 bucket and the files.

### 2.1 Create the Amazon S3 bucket

In [6]:
if region != 'us-east-1':
    s3_client.create_bucket(
        Bucket=bucket_name.lower(),
        CreateBucketConfiguration={'LocationConstraint': region}
    )
else:
    s3_client.create_bucket(Bucket=bucket_name)

### 2.2 Upload dataset to the Amazon S3 bucket

In [7]:
dataset_path = "dataset"
files = [f.name for f in os.scandir(dataset_path) if f.is_file()]
for file in files:
    s3_client.upload_file(f'{dataset_path}/{file}', bucket_name, f'{file}')

## 3. Create a Knowledge Base for Amazon Bedrock

이 섹션에서는 Knowledge Base.를 만들고 테스트하는 모든 단계를 살펴봅니다. 

완료해야 할 단계는 다음과 같습니다:
    
1. Amazon Opensearch Serverless Index 생성
2. Embeddings model ARN 정의
3. Knowledge Base 생성
4. data source 생성
5. Knowledge Base 동기화
6. Knowledge Base 테스트

### 3.1 Amazon Opensearch Serverless Service Index 생성

Amazon Opensearch Serverless Service에서 신규 인덱스를 생성하려면 다음 단계를 완료해야 합니다:
- Amazon Bedrock execution role 생성
- OpenSearch Service에서 정책을 생성하고 collection을 생성
- 인덱스 설정 및 매핑을 정의하고 인덱스를 생성

In [8]:
def short_uuid():
    uuid_str = str(uuid.uuid4())
    return uuid_str[:8]

short_uuid = short_uuid()

collectionName = "{}-{}".format(solution_id, short_uuid)
indexName = "{}-index-{}".format(solution_id, short_uuid)

print("Collection name:",collectionName)
print("Index name:",indexName)

Collection name: booking-agent-06deab41
Index name: booking-agent-index-06deab41


#### Amazon Bedrock execution role 생성

In [9]:
bedrock_kb_execution_role = create_bedrock_execution_role(bucket_name=bucket_name)
bedrock_kb_execution_role_arn = bedrock_kb_execution_role['Role']['Arn']

#### OpenSearch Service 정책 생성과 collection 생성

In [10]:
# Create policies in OpenSearch Service (OSS)
encryption_policy, network_policy, access_policy = create_policies_in_oss(
    vector_store_name=collectionName,
    aoss_client=opensearch_client,
    bedrock_kb_execution_role_arn=bedrock_kb_execution_role_arn
)

# Create collection in OpenSearch Service
collection = opensearch_client.create_collection(
    name=collectionName,
    type='VECTORSEARCH'
)

# Wait for collection creation to complete
time.sleep(10)

# Extract collection ID and host
collection_detail = collection.get('createCollectionDetail', {})
collection_id = collection_detail.get('id', '')
host = f"{collection_id}.{region}.aoss.amazonaws.com"

# Print collection details and host
print("Collection:", collection)
print("Host:", host)

# Create OSS policy and attach it to Bedrock execution role
create_oss_policy_attach_bedrock_execution_role(
    collection_id=collection_id,
    bedrock_kb_execution_role=bedrock_kb_execution_role
)
# Wait for all elements to be created
time.sleep(40) 

Collection: {'createCollectionDetail': {'arn': 'arn:aws:aoss:us-west-2:322537213286:collection/pq16ymgfmelm9zd381t0', 'createdDate': 1717816491185, 'id': 'pq16ymgfmelm9zd381t0', 'kmsKeyArn': 'auto', 'lastModifiedDate': 1717816491185, 'name': 'booking-agent-06deab41', 'standbyReplicas': 'ENABLED', 'status': 'CREATING', 'type': 'VECTORSEARCH'}, 'ResponseMetadata': {'RequestId': 'aa1e98fc-7089-4e96-8683-c00aac18f670', 'HTTPStatusCode': 200, 'HTTPHeaders': {'x-amzn-requestid': 'aa1e98fc-7089-4e96-8683-c00aac18f670', 'date': 'Sat, 08 Jun 2024 03:14:51 GMT', 'content-type': 'application/x-amz-json-1.0', 'content-length': '314', 'connection': 'keep-alive'}, 'RetryAttempts': 0}}
Host: pq16ymgfmelm9zd381t0.us-west-2.aoss.amazonaws.com
Opensearch serverless arn:  arn:aws:iam::322537213286:policy/AmazonBedrockOSSPolicyForKnowledgeBase_475


#### index settings and mappings 정의와 index 생성

In [11]:
# Set up AWS authentication
service = 'aoss'
credentials = boto3.Session().get_credentials()
awsauth = auth = AWSV4SignerAuth(credentials, region, service)

# Define index settings and mappings
index_settings = {
    "settings": {
        "index.knn": "true"
    },
    "mappings": {
        "properties": {
            "vector": {
                "type": "knn_vector",
                "dimension": 1536,
                 "method": {
                     "name": "hnsw",
                     "engine": "faiss",
                     "space_type": "innerproduct",
                     "parameters": {
                         "ef_construction": 512,
                         "m": 16
                     },
                 },
             },
            "text": {
                "type": "text"
            },
            "text-metadata": {
                "type": "text"
            }
        }
    }
}

# Build the OpenSearch client
oss_client = OpenSearch(
    hosts=[{'host': host, 'port': 443}],
    http_auth=awsauth,
    use_ssl=True,
    verify_certs=True,
    connection_class=RequestsHttpConnection,
    timeout=300
)

# Create index
response = oss_client.indices.create(index=indexName,body=json.dumps(index_settings))
print(response)

[2024-06-08 03:15:41,622] p4608 {credentials.py:1075} INFO - Found credentials from IAM Role: BaseNotebookInstanceEc2InstanceRole
[2024-06-08 03:15:42,666] p4608 {base.py:258} INFO - PUT https://pq16ymgfmelm9zd381t0.us-west-2.aoss.amazonaws.com:443/booking-agent-index-06deab41 [status:200 request:1.043s]


{'acknowledged': True, 'shards_acknowledged': True, 'index': 'booking-agent-index-06deab41'}


### 3.2 Embedding Model ARN 정의
Knowledge Bases for Amazon Bedrock에 데이터를 색인하는 데 사용할 임베딩 모델 ARN을 정의합니다.

In [12]:
embeddingModelArn = "arn:aws:bedrock:{}::foundation-model/amazon.titan-embed-text-v1".format(region)

### 3.3 Knowledge Base 생성
이 섹션에서는 이전에 생성한 Amazon Bedrock 실행 역할, 임베딩 모델 ARN 및 Opensearch 구성을 제공하는 Knowledge Base를 생성합니다. 

In [14]:
knowledge_base_name = solution_id
description = "Agents for Amazon Bedrock와 결합할 수 있는 Restaurant KB 에시"
opensearchServerlessConfiguration = {
            "collectionArn": collection["createCollectionDetail"]['arn'],
            "vectorIndexName": indexName,
            "fieldMapping": {
                "vectorField": "vector",
                "textField": "text",
                "metadataField": "text-metadata"
            }
        }

In [15]:
@retry(wait_random_min=1000, wait_random_max=2000,stop_max_attempt_number=7)
def create_knowledge_base_func():
    create_kb_response = bedrock_agent_client.create_knowledge_base(
        name = knowledge_base_name,
        description = description,
        roleArn = bedrock_kb_execution_role_arn,
        knowledgeBaseConfiguration = {
            "type": "VECTOR",
            "vectorKnowledgeBaseConfiguration": {
                "embeddingModelArn": embeddingModelArn
            }
        },
        storageConfiguration = {
            "type": "OPENSEARCH_SERVERLESS",
            "opensearchServerlessConfiguration":opensearchServerlessConfiguration
        }
    )
    return create_kb_response["knowledgeBase"]

try:
    kb = create_knowledge_base_func()
    kb_id = kb["knowledgeBaseId"]
    print(kb)
except Exception as err:
    print(f"{err=}, {type(err)=}")

{'createdAt': datetime.datetime(2024, 6, 8, 3, 18, 51, 883799, tzinfo=tzlocal()), 'description': 'Agents for Amazon Bedrock와 결합할 수 있는 Restaurant KB 에시', 'knowledgeBaseArn': 'arn:aws:bedrock:us-west-2:322537213286:knowledge-base/OZHOFK82QI', 'knowledgeBaseConfiguration': {'type': 'VECTOR', 'vectorKnowledgeBaseConfiguration': {'embeddingModelArn': 'arn:aws:bedrock:us-west-2::foundation-model/amazon.titan-embed-text-v1'}}, 'knowledgeBaseId': 'OZHOFK82QI', 'name': 'booking-agent', 'roleArn': 'arn:aws:iam::322537213286:role/AmazonBedrockExecutionRoleForKnowledgeBase_475', 'status': 'CREATING', 'storageConfiguration': {'opensearchServerlessConfiguration': {'collectionArn': 'arn:aws:aoss:us-west-2:322537213286:collection/pq16ymgfmelm9zd381t0', 'fieldMapping': {'metadataField': 'text-metadata', 'textField': 'text', 'vectorField': 'vector'}, 'vectorIndexName': 'booking-agent-index-06deab41'}, 'type': 'OPENSEARCH_SERVERLESS'}, 'updatedAt': datetime.datetime(2024, 6, 8, 3, 18, 51, 883799, tzinfo=

### 3.4 Create the data source (S3) 생성

knowledge base 생성한 후, 데이터 소스를 knowledge base에 수집하여 색인화하여 쿼리할 수 있도록 합니다.

In [16]:
chunkingStrategyConfiguration = {
    "chunkingStrategy": "FIXED_SIZE",
    "fixedSizeChunkingConfiguration": {
        "maxTokens": 512,
        "overlapPercentage": 20
    }
}

s3Configuration = {
    "bucketArn": f"arn:aws:s3:::{bucket_name}"
}

data_source = bedrock_agent_client.create_data_source(
    knowledgeBaseId=kb_id,
    name='restaurant-menus-source',
    description='Location of the restaurant menus',
    dataSourceConfiguration={
        'type': 'S3',
        's3Configuration': s3Configuration
    },
    vectorIngestionConfiguration={
        'chunkingConfiguration': chunkingStrategyConfiguration
    }
)

data_source_id = data_source["dataSource"]["dataSourceId"]
print("The data source id is: ", data_source_id)

The data source id is:  BOHBWOHX5G


### 3.5 Knowledge Base 동기화
데이터 소스를 만들고 Knowledge Base에 연결했으므로 데이터 동기화를 진행할 수 있습니다. 


데이터 소스에 대한 S3 버킷에서 파일을 추가, 수정 또는 제거할 때마다 데이터 소스를 동기화하여 Knowledge Base에 다시 색인되도록 해야 합니다. 동기화는 증분 방식으로 이루어지므로 Amazon Bedrock은 마지막 동기화 이후 추가, 수정 또는 삭제된 S3 버킷의 개체만 처리합니다.

In [17]:
ingestion_job_response = bedrock_agent_client.start_ingestion_job(
    knowledgeBaseId=kb_id,
    dataSourceId=data_source_id,
    description='Initial Ingestion'
)

In [18]:
%%time
status = bedrock_agent_client.get_ingestion_job(
    knowledgeBaseId=ingestion_job_response["ingestionJob"]["knowledgeBaseId"],
    dataSourceId=ingestion_job_response["ingestionJob"]["dataSourceId"],
    ingestionJobId=ingestion_job_response["ingestionJob"]["ingestionJobId"]
)["ingestionJob"]["status"]
print(status)
while status not in ["COMPLETE", "FAILED", "STOPPED"]:
    status = bedrock_agent_client.get_ingestion_job(
        knowledgeBaseId=ingestion_job_response["ingestionJob"]["knowledgeBaseId"],
        dataSourceId=ingestion_job_response["ingestionJob"]["dataSourceId"],
        ingestionJobId=ingestion_job_response["ingestionJob"]["ingestionJobId"]
    )["ingestionJob"]["status"]
    print(status)
    time.sleep(30)

IN_PROGRESS
IN_PROGRESS
COMPLETE
CPU times: user 7.86 ms, sys: 3.48 ms, total: 11.3 ms
Wall time: 1min


### 3.6 Knowledge Base 테스트
이제 Knowlegde Base를 사용할 수 있게 되었으니 **retrieve** 및 **retrieve_and_생성** 함수를 사용하여 테스트해 볼 수 있습니다. 

In [19]:
response = bedrock_agent_runtime_client.retrieve_and_generate(
    input={
        "text": "Which are the 5 mains available in the childrens menu?"
    },
    retrieveAndGenerateConfiguration={
        "type": "KNOWLEDGE_BASE",
        "knowledgeBaseConfiguration": {
            'knowledgeBaseId': kb_id,
            "modelArn": "arn:aws:bedrock:{}::foundation-model/anthropic.claude-3-sonnet-20240229-v1:0".format(region),
            "retrievalConfiguration": {
                "vectorSearchConfiguration": {
                    "numberOfResults":5
                } 
            }
        }
    }
)

print(response['output']['text'],end='\n'*2)

The 5 mains available in the children's menu are:

1. Mini Cheeseburgers - Small beef patties topped with cheese, served on mini buns.
2. Fish Sticks - Breaded fish sticks served with tartar sauce.
3. Grilled Cheese Sandwich - Melted cheese between slices of buttered bread, grilled to perfection.
4. Spaghetti with Marinara Sauce - Kid-friendly spaghetti noodles topped with tomato marinara sauce.
5. Mini Pita Pizza - Small pita bread topped with tomato sauce, cheese, and favorite toppings.



In [23]:
response_ret = bedrock_agent_runtime_client.retrieve(
    knowledgeBaseId=kb_id, 
    nextToken='string',
    retrievalConfiguration={
        "vectorSearchConfiguration": {
            "numberOfResults":5,
                } 
            },
    retrievalQuery={
        'text': '어린이 메뉴로 이용할 수 있는 5가지 메인 메뉴는 무엇인가요?'
            
        }
)

def response_print(retrieve_resp):
#structure 'retrievalResults': list of contents
# each list has content,location,score,metadata
    for num,chunk in enumerate(response_ret['retrievalResults'],1):
        print(f'Chunk {num}: ',chunk['content']['text'],end='\n'*2)
        print(f'Chunk {num} Location: ',chunk['location'],end='\n'*2)
        print(f'Chunk {num} Score: ',chunk['score'],end='\n'*2)
        print(f'Chunk {num} Metadata: ',chunk['metadata'],end='\n'*2)

response_print(response_ret)

Chunk 1:  The Regrettable Experience — Children's Menu Entrees:   1. CHICKEN NUGGETS   ●   ●   ●   Description: Crispy chicken nuggets served with a side of ketchup or ranch dressing.   Allergens: Gluten (in the coating), possible Soy.   Suitable for Vegetarians: No   2. MACARONI AND CHEESE   ●   ●   ●   Description: Classic macaroni pasta smothered in creamy cheese sauce.   Allergens: Dairy, Gluten.   Suitable for Vegetarians: Yes   3. MINI CHEESE QUESADILLAS   ●   ●   ●   Description: Small flour tortillas filled with melted cheese, served with a mild salsa.   Allergens: Dairy, Gluten.   Suitable for Vegetarians: Yes   4. PEANUT BUTTER AND BANANA SANDWICH   ●   ●   ●   Description: Peanut butter and banana slices on whole wheat bread.   Allergens: Nuts (peanut), Gluten.   Suitable for Vegetarians: Yes (if using vegetarian peanut butter)   5. VEGGIE PITA POCKETS   ●   ●   ●   Description: Mini whole wheat pita pockets filled with hummus, cucumber, and cherry tomatoes.   Allergens: Glu

## 4. Agent for Amazon Bedrock 생성

이 섹션에서는 Agent for Amazon Bedrock를 생성하는 모든 단계를 살펴봅니다. 

완료해야 할 단계는 다음과 같습니다:
    
1. Amazon DynamoDB 테이블 생성
2. AWS Lambda function 생성
3. 에이전트에 필요한 IAM 정책 생성
4. Agent 생성
5. Agent Action Group 만들기
6. Agent가 Action Group Lambda를 호출하도록 허용
7. Knowledge Base를 agent에게 연결
8. Agent 준비 및 alias 생성

### 4.1 Create the DynamoDB table 생성
레스토랑 예약 정보가 포함된 DynamoDB 테이블을 생성합니다.

In [21]:
table_name = 'restaurant_bookings'
table = dynamodb_resource.create_table(
    TableName=table_name,
    KeySchema=[
        {
            'AttributeName': 'booking_id',
            'KeyType': 'HASH'
        }
    ],
    AttributeDefinitions=[
        {
            'AttributeName': 'booking_id',
            'AttributeType': 'S'
        }
    ],
    BillingMode='PAY_PER_REQUEST'  # Use on-demand capacity mode
)

# Wait for the table to be created
print(f'Creating table {table_name}...')
table.wait_until_exists()
print(f'Table {table_name} created successfully!')

Creating table restaurant_bookings...
Table restaurant_bookings created successfully!


### 4.2 Lambda Function 생성

이제 DynamoDB 테이블과 상호 작용하는 람다 함수를 만들어 보겠습니다. 이를 위해 다음과 같이 하겠습니다:

1. 람다 함수에 대한 로직이 포함된 `lambda_function.py` 파일을 생성합니다.
2. 람다 함수에 대한 IAM 역할을 생성합니다.
3. 필요한 권한으로 람다 함수를 생성합니다.

#### Create the function code

In [22]:
%%writefile lambda_function.py
import json
import uuid
import boto3

dynamodb = boto3.resource('dynamodb')
table = dynamodb.Table('restaurant_bookings')

def get_booking_details(booking_id):
    try:
        response = table.get_item(Key={'booking_id': booking_id})
        if 'Item' in response:
            return response['Item']
        else:
            return {'message': f'{booking_id} ID로 예약을 찾을 수 없습니다.'}
    except Exception as e:
        return {'error': str(e)}

def create_booking(date, hour, num_guests):
    try:
        booking_id = str(uuid.uuid4())[:8]
        table.put_item(
            Item={
                'booking_id': booking_id,
                'date': date,
                'hour': hour,
                'num_guests': num_guests
            }
        )
        return {'booking_id': booking_id}
    except Exception as e:
        return {'error': str(e)}

def delete_booking(booking_id):
    try:
        response = table.delete_item(Key={'booking_id': booking_id})
        if response['ResponseMetadata']['HTTPStatusCode'] == 200:
            return {'message': f'Booking with ID {booking_id} deleted successfully'}
        else:
            return {'message': f'{booking_id} ID로 예약을 삭제하지 못했습니다.'}
    except Exception as e:
        return {'error': str(e)}

def lambda_handler(event, context):
    actionGroup = event.get('actionGroup', '')
    function = event.get('function', '')
    parameters = event.get('parameters', [])

    if function == 'get_booking_details':
        booking_id = None
        for param in parameters:
            if param["name"] == "booking_id":
                booking_id = param["value"]

        if booking_id:
            response = str(get_booking_details(booking_id))
            responseBody = {'TEXT': {'body': json.dumps(response)}}
        else:
            responseBody = {'TEXT': {'body': 'Missing booking_id parameter'}}

    elif function == 'create_booking':
        date = None
        hour = None
        num_guests = None
        for param in parameters:
            if param["name"] == "date":
                date = param["value"]
            if param["name"] == "hour":
                hour = param["value"]
            if param["name"] == "num_guests":
                num_guests = int(param["value"])

        if date and hour and num_guests:
            response = str(create_booking(date, hour, num_guests))
            responseBody = {'TEXT': {'body': json.dumps(response)}}
        else:
            responseBody = {'TEXT': {'body': 'Missing required parameters'}}

    elif function == 'delete_booking':
        booking_id = None
        for param in parameters:
            if param["name"] == "booking_id":
                booking_id = param["value"]

        if booking_id:
            response = str(delete_booking(booking_id))
            responseBody = {'TEXT': {'body': json.dumps(response)}}
        else:
            responseBody = {'TEXT': {'body': 'Missing booking_id parameter'}}

    else:
        responseBody = {'TEXT': {'body': 'Invalid function'}}

    action_response = {
        'actionGroup': actionGroup,
        'function': function,
        'functionResponse': {
            'responseBody': responseBody
        }
    }

    function_response = {'response': action_response, 'messageVersion': event['messageVersion']}
    print("Response: {}".format(function_response))

    return function_response

Overwriting lambda_function.py


#### Create the required permissions

In [None]:
lambda_function_role = f'{solution_id}-lambda-role'

In [None]:
# Create IAM Role for the Lambda function
try:
    assume_role_policy_document = {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Effect": "Allow",
                "Principal": {
                    "Service": "lambda.amazonaws.com"
                },
                "Action": "sts:AssumeRole"
            }
        ]
    }

    assume_role_policy_document_json = json.dumps(assume_role_policy_document)

    lambda_iam_role = iam_client.create_role(
        RoleName=lambda_function_role,
        AssumeRolePolicyDocument=assume_role_policy_document_json
    )

    # Pause to make sure role is created
    time.sleep(10)
except:
    lambda_iam_role = iam_client.get_role(RoleName=lambda_function_role)

# Attach the AWSLambdaBasicExecutionRole policy
iam_client.attach_role_policy(
    RoleName=lambda_function_role,
    PolicyArn='arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole'
)

# Create a policy to grant access to the DynamoDB table
dynamodb_access_policy = {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "dynamodb:GetItem",
                "dynamodb:PutItem",
                "dynamodb:DeleteItem"
            ],
            "Resource": "arn:aws:dynamodb:{}:{}:table/{}".format(region, account_id, table_name)
        }
    ]
}

# Create the policy
dynamodb_access_policy_json = json.dumps(dynamodb_access_policy)
dynamodb_access_policy_response = iam_client.create_policy(
    PolicyName='{}-DynamoDBAccessPolicy'.format(solution_id),
    PolicyDocument=dynamodb_access_policy_json
)

# Attach the policy to the Lambda function's role
iam_client.attach_role_policy(
    RoleName=lambda_function_role,
    PolicyArn=dynamodb_access_policy_response['Policy']['Arn']
)

#### Create the function 

In [None]:
lambda_function_name = f'{solution_id}-lambda'

In [None]:
# Package up the lambda function code
s = BytesIO()
z = zipfile.ZipFile(s, 'w')
z.write("lambda_function.py")
z.close()
zip_content = s.getvalue()

# Create Lambda Function
lambda_function = lambda_client.create_function(
    FunctionName=lambda_function_name,
    Runtime='python3.12',
    Timeout=60,
    Role=lambda_iam_role['Role']['Arn'],
    Code={'ZipFile': zip_content},
    Handler='lambda_function.lambda_handler'
)

### 4.3 Create the IAM policies needed for the Agent
We first need to create the agent policies that allow bedrock model invocation and Knowledge Base query and the agent IAM role with the policy associated to it. We will allow this agent to invoke the Claude Sonnet model

In [None]:
agent_bedrock_allow_policy_name = f"{solution_id}-ba"
agent_role_name = f'AmazonBedrockExecutionRoleForAgents_{solution_id}'
agent_foundation_model = "anthropic.claude-3-sonnet-20240229-v1:0"

In [None]:
# Create IAM policies for agent
bedrock_agent_bedrock_allow_policy_statement = {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "AmazonBedrockAgentBedrockFoundationModelPolicy",
            "Effect": "Allow",
            "Action": "bedrock:InvokeModel",
            "Resource": [
                f"arn:aws:bedrock:{region}::foundation-model/{agent_foundation_model}"
            ]
        },
        {
            "Sid": "QueryKB",
            "Effect": "Allow",
            "Action": [
                "bedrock:Retrieve",
                "bedrock:RetrieveAndGenerate"
            ],
            "Resource": [
                f"arn:aws:bedrock:{region}:{account_id}:knowledge-base/{kb_id}"
            ]
        },
    ]
}

bedrock_policy_json = json.dumps(bedrock_agent_bedrock_allow_policy_statement)

agent_bedrock_policy = iam_client.create_policy(
    PolicyName=agent_bedrock_allow_policy_name,
    PolicyDocument=bedrock_policy_json
)

In [None]:
# Create IAM Role for the agent and attach IAM policies
assume_role_policy_document = {
    "Version": "2012-10-17",
    "Statement": [{
          "Effect": "Allow",
          "Principal": {
            "Service": "bedrock.amazonaws.com"
          },
          "Action": "sts:AssumeRole"
    }]
}

assume_role_policy_document_json = json.dumps(assume_role_policy_document)
agent_role = iam_client.create_role(
    RoleName=agent_role_name,
    AssumeRolePolicyDocument=assume_role_policy_document_json
)

# Pause to make sure role is created
time.sleep(10)
    
iam_client.attach_role_policy(
    RoleName=agent_role_name,
    PolicyArn=agent_bedrock_policy['Policy']['Arn']
)

### 4.4 Create the Agent
Once the needed IAM role is created, we can use the bedrock agent client to create a new agent. To do so we use the `create_agent` function. It requires an agent name, underline foundation model and instruction. You can also provide an agent description. Note that the agent created is not yet prepared. We will focus on preparing the agent and then using it to invoke actions and use other APIs

In [None]:

agent_description = "Agent in charge of a restaurants table bookings"
agent_instruction = """
You are a restaurant agent, helping clients retrieve information from their booking, 
create a new booking or delete an existing booking
"""

In [None]:
response = bedrock_agent_client.create_agent(
    agentName=agent_name,
    agentResourceRoleArn=agent_role['Role']['Arn'],
    description=agent_description,
    idleSessionTTLInSeconds=1800,
    foundationModel=agent_foundation_model,
    instruction=agent_instruction,
)
response

In [None]:
agent_id = response['agent']['agentId']
print("The agent id is:",agent_id)

### 4.5 Create the Agent Action Group
We will now create an agent action group that uses the lambda function created before. The [`create_agent_action_group`](https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/bedrock-agent/client/create_agent_action_group.html) function provides this functionality. We will use `DRAFT` as the agent version since we haven't yet created an agent version or alias. To inform the agent about the action group functionalities, we will provide an action group description containing the functionalities of the action group.

In this example, we will provide the Action Group functionality using a `functionSchema`.

To define the functions using a function schema, you need to provide the `name`, `description` and `parameters` for each function.

In [None]:
agent_functions = [
    {
        'name': 'get_booking_details',
        'description': 'Retrieve details of a restaurant booking',
        'parameters': {
            "booking_id": {
                "description": "The ID of the booking to retrieve",
                "required": True,
                "type": "string"
            }
        }
    },
    {
        'name': 'create_booking',
        'description': 'Create a new restaurant booking',
        'parameters': {
            "date": {
                "description": "The date of the booking",
                "required": True,
                "type": "string"
            },
            "hour": {
                "description": "The hour of the booking",
                "required": True,
                "type": "string"
            },
            "num_guests": {
                "description": "The number of guests for the booking",
                "required": True,
                "type": "integer"
            }
        }
    },
    {
        'name': 'delete_booking',
        'description': 'Delete an existing restaurant booking',
        'parameters': {
            "booking_id": {
                "description": "The ID of the booking to delete",
                "required": True,
                "type": "string"
            }
        }
    },
]

In [None]:
agent_action_group_description = """
Actions for getting table booking information, create a new booking or delete an existing booking"""

agent_action_group_name = "TableBookingsActionGroup"

In [None]:
# Pause to make sure agent is created
time.sleep(30)

# Now, we can configure and create an action group here:
agent_action_group_response = bedrock_agent_client.create_agent_action_group(
    agentId=agent_id,
    agentVersion='DRAFT',
    actionGroupExecutor={
        'lambda': lambda_function['FunctionArn']
    },
    actionGroupName=agent_action_group_name,
    functionSchema={
        'functions': agent_functions
    },
    description=agent_action_group_description
)

In [None]:
agent_action_group_response

### 4.6 Allow the Agent to invoke the Action Group Lambda
Before using the action group, we need to allow the agent to invoke the lambda function associated with the action group. This is done via resource-based policy. Let's add the resource-based policy to the lambda function created

In [None]:
# Create allow invoke permission on lambda
response = lambda_client.add_permission(
    FunctionName=lambda_function_name,
    StatementId='allow_bedrock',
    Action='lambda:InvokeFunction',
    Principal='bedrock.amazonaws.com',
    SourceArn=f"arn:aws:bedrock:{region}:{account_id}:agent/{agent_id}",
)


In [None]:
response

### 4.7 Associate the Knowledge Base to the agent
Now we have created the Agent we can go ahead and associate the Knowledge Base we created earlier. 

In [None]:
response = bedrock_agent_client.associate_agent_knowledge_base(
    agentId=agent_id,
    agentVersion='DRAFT',
    description='Access the knowledge base when customers ask about the plates in the menu.',
    knowledgeBaseId=kb_id,
    knowledgeBaseState='ENABLED'
)

In [None]:
response

### 4.8 Prepare the Agent and create an alias

Let's create a DRAFT version of the agent that can be used for internal testing.


In [None]:
response = bedrock_agent_client.prepare_agent(
    agentId=agent_id
)
print(response)

We are also going to create an Agent alias to later on use to invoke it

In [None]:
response = bedrock_agent_client.create_agent_alias(
    agentAliasName='TestAlias',
    agentId=agent_id,
    description='Test alias',
)

alias_id = response["agentAlias"]["agentAliasId"]
print("The Agent alias is:",alias_id)

## 5. Test the Agent
Now that we've created the agent, let's use the `bedrock-agent-runtime` client to invoke this agent and perform some tasks.

In [None]:
def invokeAgent(query, session, enable_trace=False):
    end_session:bool = False
    
    # invoke the agent API
    agentResponse = bedrock_agent_runtime_client.invoke_agent(
        inputText=query,
        agentId=agent_id,
        agentAliasId=alias_id, 
        sessionId=session_id,
        enableTrace=enable_trace, 
        endSession= end_session
    )
    
    if enable_trace:
        logger.info(pprint.pprint(agentResponse))
    
    event_stream = agentResponse['completion']
    try:
        for event in event_stream:        
            if 'chunk' in event:
                data = event['chunk']['bytes']
                if enable_trace:
                    logger.info(f"Final answer ->\n{data.decode('utf8')}")
                agent_answer = data.decode('utf8')
                end_event_received = True
                return agent_answer
                # End event indicates that the request finished successfully
            elif 'trace' in event:
                if enable_trace:
                    logger.info(json.dumps(event['trace'], indent=2))
            else:
                raise Exception("unexpected event.", event)
    except Exception as e:
        raise Exception("unexpected event.", e)

In [None]:
session_id:str = str(uuid.uuid1())
query = "What are the starters in the childrens menu?"
response = invokeAgent(query, session_id)
print(response)

In [None]:
query = "I want to create a booking for 2 people, at 8pm on the 5th of May"
response = invokeAgent(query, session_id)
print(response)

In [None]:
query = "I want to get the information for booking 4179858b"
response = invokeAgent(query, session_id)
print(response)

In [None]:
query = "I want to get the information for booking 1e421532"
response = invokeAgent(query, session_id)
print(response)

In [None]:
query = "I want to delete the booking 1e421532"
response = invokeAgent(query, session_id)
print(response)

Now show a call with full trace

In [None]:
session_id:str = str(uuid.uuid1())
query = "What are the desserts on the adult menu?"
response = invokeAgent(query, session_id, enable_trace=True)
print(response)

## 6. Clean-up 
Let's delete all the associated resources created to avoid unnecessary costs. 

In [None]:
action_group_id=agent_action_group_response['agentActionGroup']['actionGroupId']
action_group_name = agent_action_group_response['agentActionGroup']['actionGroupName']


In [None]:
import boto3

def clean_up_resources(
    agent_id, alias_id, action_group_id, action_group_name,
    lambda_function_name, bucket_name, kb_id, collection_id, agent_role_name, table_name
):

    # Delete Agent Action Group, Agent Alias, and Agent
    try:
        response = bedrock_agent_client.update_agent_action_group(
                        agentId=agent_id,
                        agentVersion='DRAFT',
                        actionGroupId= action_group_id,
                        actionGroupName=action_group_name,
                        actionGroupExecutor={
                            'lambda': lambda_function['FunctionArn']
                        },
                        functionSchema={
                            'functions': agent_functions
                        },
                        actionGroupState='DISABLED',
                    )
        bedrock_agent_client.delete_agent_action_group(agentId=agent_id, agentVersion='DRAFT', 
                                                       actionGroupId=action_group_id)
        bedrock_agent_client.delete_agent_alias(agentAliasId=alias_id, agentId=agent_id)
        bedrock_agent_client.delete_agent(agentId=agent_id)
        print(f"Agent {agent_id}, Agent Alias {alias_id}, and Action Group have been deleted.")
    except Exception as e:
        print(f"Error deleting Agent resources: {e}")

    # Delete Lambda function
    try:
        lambda_client.delete_function(FunctionName=lambda_function_name)
        print(f"Lambda function {lambda_function_name} has been deleted.")
    except Exception as e:
        print(f"Error deleting Lambda function {lambda_function_name}: {e}")

    # Delete all objects in the bucket and the bucket itself
    try:
        response = s3_client.list_objects_v2(Bucket=bucket_name)
        if 'Contents' in response:
            for obj in response['Contents']:
                s3_client.delete_object(Bucket=bucket_name, Key=obj['Key'])
        s3_client.delete_bucket(Bucket=bucket_name)
        print(f"Bucket {bucket_name} and its objects have been deleted.")
    except Exception as e:
        print(f"Error deleting bucket {bucket_name}: {e}")

    # Delete Knowledge Base
    try:
        bedrock_agent_client.delete_knowledge_base(knowledgeBaseId=kb_id)
        print(f"Knowledge Base {kb_id} has been deleted.")
    except Exception as e:
        print(f"Error deleting Knowledge Base {kb_id}: {e}")

    # Delete Opensearch Collection
    try:
        opensearch_client.delete_collection(id=collection_id)
        print(f"Collection {collection_id} has been deleted.")
    except Exception as e:
        print(f"Error deleting Collection {collection_id}: {e}")

    # Delete Lambda Role and its policies
    try:
        attached_policies = iam_client.list_attached_role_policies(RoleName=agent_role_name)['AttachedPolicies']
        for policy in attached_policies:
            policy_name = policy['PolicyName']
            iam_client.detach_role_policy(RoleName=agent_role_name, PolicyArn=policy['PolicyArn'])
            iam_client.delete_role_policy(RoleName=agent_role_name, PolicyName=policy_name)
            print(f"Detached and deleted policy {policy_name} from role {agent_role_name}")
        iam_client.delete_role(RoleName=agent_role_name)
        print(f"Role {agent_role_name} has been deleted.")
    except Exception as e:
        pass
        print(f"Error deleting role {agent_role_name}: {e}")

    # Delete DynamoDB table
    try:
        dynamodb_client.delete_table(TableName=table_name)
        print(f"Table {table_name} is being deleted...")
        waiter = dynamodb_client.get_waiter('table_not_exists')
        waiter.wait(TableName=table_name)
        print(f"Table {table_name} has been deleted.")
    except Exception as e:
        print(f"Error deleting table {table_name}: {e}")

In [None]:
clean_up_resources(agent_id, alias_id, 
                   action_group_id, action_group_name, 
                   lambda_function_name, bucket_name, 
                   kb_id, collection_id, agent_role_name, table_name)
delete_iam_role_and_policies()