cdk-chatbot-falcon-stack.ts에 대해 설명합니다.
Chatbot에서 chat을 처리하는 lambda를 python3.9로 아래와 같이 구현합니다. 이때 environment의 endpoint는 Falcon FM에서 생성된 endpoint 이름을 입력합니다.
const lambdaChatApi = new lambda.Function(this, 'lambda-chat', {
description: 'lambda for chat api',
functionName: 'lambda-chat-api',
handler: 'lambda_function.lambda_handler',
runtime: lambda.Runtime.PYTHON_3_9,
code: lambda.Code.fromAsset(path.join(__dirname, '../../lambda-chat')),
timeout: cdk.Duration.seconds(120),
logRetention: logs.RetentionDays.ONE_DAY,
environment: {
endpoint: endpoint,
}
});
lambda-chat의 퍼미션은 아래와 같이 SageMaker를 사용할 수 있는 권한와 API Gateway를 invoke 할 수 있도록 설정합니다.
const SageMakerPolicy = new iam.PolicyStatement({
actions: ['sagemaker:*'],
resources: ['*'],
});
lambdaChatApi.role?.attachInlinePolicy(
new iam.Policy(this, 'sagemaker-policy', {
statements: [SageMakerPolicy],
}),
);
lambdaChatApi.grantInvoke(new iam.ServicePrincipal('apigateway.amazonaws.com'));
마찬가지로 PDF에서 요약(Summary)를 수행하는 lambda-pdf-summay를 Docker Conatiner를 이용하여 정의합니다. 아래와 같이 파일 저장할 bucket의 이름과 폴더를 지정하고, SageMaker, S3 읽기, API Gateway Invoke에 대한 권한을 설정합니다.
const lambdaPdfApi = new lambda.DockerImageFunction(this, "lambda-pdf-summay", {
description: 'lambda for pdf api',
functionName: 'lambda-pdf-api',
code: lambda.DockerImageCode.fromImageAsset(path.join(__dirname, '../../lambda-pdf-summary')),
timeout: cdk.Duration.seconds(60),
//logRetention: logs.RetentionDays.ONE_DAY,
environment: {
endpoint: endpoint,
s3_bucket: s3Bucket.bucketName,
s3_prefix: s3_prefix
}
});
const version = lambdaPdfApi.currentVersion;
const alias = new lambda.Alias(this, 'LambdaAlias', {
aliasName: 'Dev',
version,
});
lambdaPdfApi.role?.attachInlinePolicy( // add sagemaker policy
new iam.Policy(this, 'sagemaker-policy-for-lambda-pdf', {
statements: [SageMakerPolicy],
}),
);
s3Bucket.grantRead(lambdaPdfApi); // permission for s3
lambdaPdfApi.grantInvoke(new iam.ServicePrincipal('apigateway.amazonaws.com'));
API Gateway에 대한 권한 및 POST 방식의 '/chat' API를 생성합니다.
// role
const role = new iam.Role(this, "api-role-chatbot", {
roleName: "api-role-chatbot",
assumedBy: new iam.ServicePrincipal("apigateway.amazonaws.com")
});
role.addToPolicy(new iam.PolicyStatement({
resources: ['*'],
actions: ['lambda:InvokeFunction']
}));
role.addManagedPolicy({
managedPolicyArn: 'arn:aws:iam::aws:policy/AWSLambdaExecute',
});
// API Gateway
const api = new apiGateway.RestApi(this, 'api-chatbot', {
description: 'API Gateway for chatbot',
endpointTypes: [apiGateway.EndpointType.REGIONAL],
deployOptions: {
stageName: stage,
// logging for debug
loggingLevel: apiGateway.MethodLoggingLevel.INFO,
dataTraceEnabled: true,
},
});
// POST method
const chat = api.root.addResource('chat');
chat.addMethod('POST', new apiGateway.LambdaIntegration(lambdaChatApi, {
passthroughBehavior: apiGateway.PassthroughBehavior.WHEN_NO_TEMPLATES,
credentialsRole: role,
integrationResponses: [{
statusCode: '200',
}],
proxy: false,
}), {
methodResponses: [ // API Gateway sends to the client that called a method.
{
statusCode: '200',
responseModels: {
'application/json': apiGateway.Model.EMPTY_MODEL,
},
}
]
});
CloudFront와 API Gateway를 연결하도록 아래와 같이 설정합니다.
const distribution = new cloudFront.Distribution(this, 'cloudfront', {
defaultBehavior: {
origin: new origins.S3Origin(s3Bucket),
allowedMethods: cloudFront.AllowedMethods.ALLOW_ALL,
cachePolicy: cloudFront.CachePolicy.CACHING_DISABLED,
viewerProtocolPolicy: cloudFront.ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
},
priceClass: cloudFront.PriceClass.PRICE_CLASS_200,
});
new cdk.CfnOutput(this, 'distributionDomainName', {
value: distribution.domainName,
description: 'The domain name of the Distribution',
});
distribution.addBehavior("/chat", new origins.RestApiOrigin(api), {
cachePolicy: cloudFront.CachePolicy.CACHING_DISABLED,
allowedMethods: cloudFront.AllowedMethods.ALLOW_ALL,
viewerProtocolPolicy: cloudFront.ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
});
마찬가지로 cdk-chatbot-falcon-stack.ts에서는 '/pdf', '/upload' API를 설정하고 있습니다.