Overview
This is a repackaged open source software product wherein additional charges apply for integration and support of OpenAI API (https://openai.com/api/pricing/ ) and AWS Secrets Manager (https://aws.amazon.com/secrets-manager/pricing/ ). Our AMI provides a robust development environment for AI enabled Flask applications, seamlessly integrated with OpenAI and AWS Secrets Manager. Redis leverages the community edition. This setup is designed to be a secure development environment: in the demo application that comes pre-installed, secrets are retrieved at runtime and stored as environment variables, ensuring compliance with NIST Cybersecurity Framework (CSF) best practices. This approach enhances security and simplifies secret management. Start developing AI applications immediately with pre-configured environments tailored for OpenAI integration, including a pre-baked demo application for rapid prototyping.
Highlights
- Instantly Get Up and Running: Start developing immediately with pre-configured environments tailored for OpenAI integration. The AMI includes an OpenAI-enabled Flask application installed in the home directory. Simply add your Secret Names as variables in the .env file, initiate the Flask application, and quickly start building your own AI application.
- Secure Development with Remote SSH: Use this AMI as a remote development environment to enable secure, efficient AI application development from anywhere.
- Protect Your Secrets: Benefit from built-in AWS Secrets Manager integration to safeguard your sensitive information effortlessly.
Details
Typical total price
$0.153/hour
Pricing
Instance type | Product cost/hour | EC2 cost/hour | Total/hour |
---|---|---|---|
t3.micro AWS Free Tier | $0.07 | $0.01 | $0.08 |
t3.medium | $0.07 | $0.042 | $0.112 |
t3.large Recommended | $0.07 | $0.083 | $0.153 |
m5.large | $0.07 | $0.096 | $0.166 |
m5.xlarge | $0.07 | $0.192 | $0.262 |
c5.large | $0.07 | $0.085 | $0.155 |
c5.xlarge | $0.07 | $0.17 | $0.24 |
c5d.large | $0.07 | $0.096 | $0.166 |
r5.large | $0.07 | $0.126 | $0.196 |
r5.xlarge | $0.07 | $0.252 | $0.322 |
Additional AWS infrastructure costs
Type | Cost |
---|---|
EBS General Purpose SSD (gp2) volumes | $0.10/per GB/month of provisioned storage |
Vendor refund policy
For hourly billed AMIs, refunds are not offered as usage is billed in arrears. For monthly or annual subscriptions, refunds may be considered on a case-by-case basis, with cancellation required before the next billing cycle to avoid charges. Contact our support team for issues or billing errors. AWS Marketplace support may issue refunds if the AMI does not function as described or for billing errors. We aim for customer satisfaction and will work to resolve any issues promptly.
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Version 2.0.1 - Scalable Performant AI Application
- Boto package has been updated.
- Multi threaded multi worker coherent chat has been enabled by levergaing redis cache to enable stateless workers to pick up the entire chat history. Please see the deployment guide for guidance on how many users and threads to use based on the number of cores your instance type has.
Security Updates
- resolved several high and medium CVEs - remaining 2 CVEs in Amazon Inspector are a scanning error due to legacy version folders continuing to exist - please see the deployment guide for details about how to remove these false alerts if desired.
Base Update: The AMI is now based on Amazon Linux 2023 to address various CVEs. Ensured the Baked in Demo App is region agnostic, added in a new ENV variable for the region.
Security Enhancements:
Removal of Unauthorized Passwords and Keys: Ensures no authorized passwords, authentication keys, key pairs, security keys, or other credentials are present in the AMI. The build script includes a provisioner to delete any pre-configured authorized keys.
Administrator Control and Root Functions: Users can gain administrator control and perform root functions via sudo access.
Disabling Password-Based Remote Logins: Password-based authentication is disabled, allowing only key-based authentication. This is configured by updating the sshd_configfile.
Key Pair Association on Instance Creation: Allows users to associate a new key pair upon instance creation. Existing keys are removed to ensure secure association.
Additional Security Measures: Malware Scanner: chkrootkitis installed and run to check for rootkits. Security Scan: Lynisperforms a comprehensive security audit. Service and Cleanup: The sshdservice is reloaded, and unnecessary files and logs are removed. Root Login Disabled: The root account is locked to prevent direct login attempts.
These measures ensure the AMI meets stringent security requirements for the AWS Marketplace, providing a secure and controllable environment for end-users.
New Features
- Pre-Configured Environment: The AMI comes with a fully configured environment for Flask applications integrated with OpenAI and AWS Secrets Manager, enabling rapid development and deployment.
- Security Enhancements: Integrated AWS Secrets Manager for secure management of sensitive information, ensuring compliance with NIST CSF best practices.
- Pre-Installed Dependencies: Includes Docker, Python 3.11, Flask, AWS CLI, and necessary Python packages for seamless integration and development with OpenAI API.
Demo Application Enhancements This is an implementation of OpenAI Python quickstart for chat-basic: https://github.com/openai/openai-quickstart-python/tree/master that has been modified in the following ways:
- sticky sessions + redis "- clear" button
- DevOpser Logo
- Prometheus instrumentation at /metrics
- Use of AWS Secrets Manager at runtime for ENV variables for enhanced security
- healthcheck at /health
Known Issues
- Rate Limiting on OpenAI API: Users must prepay for OpenAI usage to avoid rate-limiting errors. Please see the deployment guide for instructions.
- Amazon Inspector Reporting False Positives: Upgraded packages may still be reported as unmitigated by Amazon Inspector until the folder for the outdated version is removed. Follow the manual instructions here: https://docs.google.com/document/d/1PM0Y1GvacPKwxlviu35_gT9VuWujwemOYjv9ySUw_N0/edit#heading=h.lsjmdcd302pl ** Markdown output** The output of the demo app is currently just a string - work is in progress to implement Markdown formatting per industry standard in AI apps ** Synchronous requests** These are limiting performance of the app - looking into async requests to further improve performance and scalability.
Documentation
- Comprehensive deployment guide available for setting up, managing, and scaling the AMI.
- Step-by-step instructions for secure secret management and compliance with security standards.
Additional Notes
- Cost Model: this service is billed hourly.
- Sizing Recommendations: A t3.large enables the app to launch more quickly. The alrger the instance the more quickly the app with launch.
For detailed instructions and further information, please refer to the Deployment Guide.
Additional details
Usage instructions
Please see the following section of the deployment guide: https://docs.google.com/document/d/1PM0Y1GvacPKwxlviu35_gT9VuWujwemOYjv9ySUw_N0/edit#heading=h.3pp0yuwfthsk
Or you can use the Terraform openaiflask-quickstart module: https://github.com/DevOpser-io/openaiflask-quickstart (main will deploy a production set up, dev will deploy a single server with the AMI with everything done per the deployment guidelines)
Resources
Vendor resources
Support
Vendor support
In case of any issues or questions, please email info@devopser.io
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.