Skip to main content

Architecture

This document explains the architecture of AI-Starter.

Architecture Patterns

The status of architecture pattern support is as follows:

Public Pattern

Overview

This is the most common pattern, characterized by its simplicity and ease of implementation.

Configuration Diagram

Features

  • Communication with AppRunner is done via the Internet.
  • Communication from AppRunner to AWS resources like Bedrock is done via the secure AWS internal network.
  • Communication from AppRunner to non-Bedrock LLMs is done via the Internet.
  • Security can be enhanced by utilizing AWS WAF for IP restrictions and protection against unauthorized access.

Hybrid Pattern

Overview

This pattern combines on-premises and cloud environments.

Configuration Diagram

Features

  • Communication with AppRunner is done via a private network.
  • High security can be achieved as no public endpoints are exposed.
  • The network configuration can be complex, which may lead to longer implementation times.

Private Pattern (Not Supported)

Overview

This pattern involves all communications being completed within a private network or AWS internal network. AI-Starter currently does not support this pattern.

Configuration Diagram

Reasons for Not Supporting

  • Sufficient security levels can be achieved with the Public and Hybrid patterns.
  • It's challenging to limit all LLM communications to private networks, and some LLMs don't support private network connections.
  • The network configuration becomes complex, reducing the flexibility required for AI services.