On AWS: IAM + S3 + Lex + Lambda

Services AWS uses some in a side project in. AWS provides a number of services, such as

• Compute
  • EC2
• Storage
  • S3
• Database
  • RDS
• Networking & Content Dilivery
  • Route 53
• Developer Tools
  • Cloud 9
• Machine Learning
  • Amazon Lex
• Security, Identity, & Compliance
  • IAM

He came into contact with a big nod to see a new word, a bit overwhelmed. And very detailed document, the feeling is written for technical staff rather than the user to see. Stop learning after a period of time, it is touched a little doorway. Here's to pick the next few say the focus is how to use.

1. IAM

Identity and Access Management

Access control

After a start register and log in AWS, we go in as a root user, the authority is very large, such as manage billing, plus or minus server, and so on. But our application to call AWS service, certainly not with the root user account, or there will be a security risk. At this point, we need to create other User in the IAM inside, and give the appropriate permissions.

IAM building access control hierarchy is as follows: Group which may be more Users, a User can turn multiple Roles, a Role can have multiple Policies. Size is the most refined in the Policy, you can be viewed Permissions policies in which they have permission.

Group
    User
        Role
            Policy

Meanwhile, in order to facilitate the management, IAM also a Permissions boundary, to control the maximum permissions this user can have. Generally can not set.

Access Key

When you call AWS service, you need a access key, so AWS know what this HTTP request is sent to the user, there is no permission to call the corresponding service. Generating a path is as follows:

Users -> Summary -> Security credentials -> Access keys -> Create access key

Generated access key in the following format:

Access key ID：ABCDEFG
Secret access key:ID：ABCDEFG

MFA device

If you want to add a layer of protection to the account, you can add MFA device, namely a mobile phone upload software (such as Google Autenticator), after each landing requires additional input a phone token.

Users -> Summary -> Security credentials -> Assigned MFA device

2. S3

S3 buckets, namely file server. Generally used to store some static files. Such as pictures, video, or need to import the css, js script and so on.

Web above operation is relatively simple, create a bucket, then fill it up to something. The only caveat is that it needs to set access permissions (Access), region (Region) and other attributes.

Of course, in addition to operating directly on the Web, it also supports the S3 API calls in your program, such as uploading or complete management operations.

3. Lex

Amazon Lex, can do some NLP, semantic recognition and treatment. A start should be noted that not every Region are offering this service, to this end, I chose the US East (N. Virginia) server.

Initial use down feeling is, Lex is a simple problem-oriented system. We can and robot dialogue to order flowers, customer service, etc., but may chat is more difficult. This is determined by its design.

Lex has several core components:

• Bot: Robot and our dialogue, such as a book a ticket bot
• Intent: robot trying to understand our intentions, such as booking air tickets, check flight, hotel reservation.
• Utterances: we can define some "words", and the associated Intent. For example, "I want to book a ticket," "I'd like to book a ticket" and so on.
• Slot type: intention of trying to get some of the parameters, such as air ticket booking, it needs what time flights.

Analysis book a ticket to this event, the dialogue might look

A:我要订机票。
Bot：你想要订哪个航班？
A：BK8767。
Bot:你想要订什么时间的？
A：2019年11月1号。
Bot：好的，给你定好了，订单号为12345。

After a series of dialogues, the robot got all Slot, which can do the final Fulfillment, guiding single payment page, and so on. Of course, the actual dialogue is certainly complicated than this, for example, the customer may ask: November 1 Flights from Beijing Fei Bali which, by price order. So repeatedly will complete the order. This requires additional code to support these features.

Lex support the expansion of the code functions, it supports the calls Lambda utterances in the early stages of treatment, also support the re-call Lambda stage in Fulfillment.

• Lambda initialization and validation: do get utterances after some processing, such as validation, but it can do more things, and even determine what Slot and so on.
• Fulfillment: After got Intent and Slot, how to do further processing.

Of course, Lex also supports the integration of external calls, such as to write a Presentation Layer, call Lex background do NLP, and then return the data to the foreground on display.

Personally I think, Lex is a simple semi-integrated NLP Bot, you can use low-cost, quickly customize a robot driven by business needs, but does not involve complex / high-end NLP treatment.

S3 and even as almost all AWS services, all operations are available through Lex Web Service to complete.

4. Lambda

In the above, we talk about Lex support calls Lambda, Lambda then what is it?

Personal understanding is that such a Function, AWS will manage its operating environment or life cycle, you just need to call just fine. as follows:

def order_flowers_info(intent_request):
    return something

The needs of users is very simple, call order_flowers method, and then get something, my ultimate focus is on something right, the other not so important. Therefore, this method can be implemented in Lambda and complete the call.

I think, Lambda is more for other AWS services. For example, when you use other AWS machine learning framework, want to do some hack or write your own logic, you can use the integrated self-Lambda, very convenient. If I have an application, then I will write directly to a local Function to call, no integrated Lambda.