New serverless pattern - lambda-endusermessaging

lambda-bedrock-endusermessaging/CODE_OF_CONDUCT.md

@@ -0,0 +1,4 @@
+## Code of Conduct
+This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct).
+For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact
+[email protected] with any additional questions or comments.

lambda-bedrock-endusermessaging/CONTRIBUTING.md

@@ -0,0 +1,59 @@
+# Contributing Guidelines
+
+Thank you for your interest in contributing to our project. Whether it's a bug report, new feature, correction, or additional
+documentation, we greatly value feedback and contributions from our community.
+
+Please read through this document before submitting any issues or pull requests to ensure we have all the necessary
+information to effectively respond to your bug report or contribution.
+
+
+## Reporting Bugs/Feature Requests
+
+We welcome you to use the GitHub issue tracker to report bugs or suggest features.
+
+When filing an issue, please check existing open, or recently closed, issues to make sure somebody else hasn't already
+reported the issue. Please try to include as much information as you can. Details like these are incredibly useful:
+
+* A reproducible test case or series of steps
+* The version of our code being used
+* Any modifications you've made relevant to the bug
+* Anything unusual about your environment or deployment
+
+
+## Contributing via Pull Requests
+Contributions via pull requests are much appreciated. Before sending us a pull request, please ensure that:
+
+1. You are working against the latest source on the *main* branch.
+2. You check existing open, and recently merged, pull requests to make sure someone else hasn't addressed the problem already.
+3. You open an issue to discuss any significant work - we would hate for your time to be wasted.
+
+To send us a pull request, please:
+
+1. Fork the repository.
+2. Modify the source; please focus on the specific change you are contributing. If you also reformat all the code, it will be hard for us to focus on your change.
+3. Ensure local tests pass.
+4. Commit to your fork using clear commit messages.
+5. Send us a pull request, answering any default questions in the pull request interface.
+6. Pay attention to any automated CI failures reported in the pull request, and stay involved in the conversation.
+
+GitHub provides additional document on [forking a repository](https://help.github.com/articles/fork-a-repo/) and
+[creating a pull request](https://help.github.com/articles/creating-a-pull-request/).
+
+
+## Finding contributions to work on
+Looking at the existing issues is a great way to find something to contribute on. As our projects, by default, use the default GitHub issue labels (enhancement/bug/duplicate/help wanted/invalid/question/wontfix), looking at any 'help wanted' issues is a great place to start.
+
+
+## Code of Conduct
+This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct).
+For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact
+[email protected] with any additional questions or comments.
+
+
+## Security issue notifications
+If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/). Please do **not** create a public github issue.
+
+
+## Licensing
+
+See the [LICENSE](LICENSE) file for our project's licensing. We will ask you to confirm the licensing of your contribution.

lambda-bedrock-endusermessaging/README.md

@@ -0,0 +1,177 @@
+# Amazon Lambda - Bedrock - End user messaging
+
+This sample pattern delivers personalized daily briefing SMS messages using Lambda, AWS End User Messaging and Amazon Bedrock. It combines real-time weather data with Amazon Bedrock's AI models to create natural language weather summaries that are automatically delivered to users' phones at their preferred time. You can extend this pattern to deliver additional personalized content such as news headlines, stock market updates, or sports scores by integrating relevant APIs and adapting the AI prompt engineering approach. 
+
+Built with a serverless-first approach, this solution automatically sends you tailored information at your preferred time each day, eliminating the need to manually check multiple sources.
+
+**Important:** this application uses various AWS services and there are costs associated with these services after the Free Tier usage - please see the [AWS Pricing page](https://aws.amazon.com/pricing/) for details. You are responsible for any AWS costs incurred. No warranty is implied in this example.
+
+### Getting Started
+
+The entire solution is built using AWS Cloud Development Kit (CDK) and AWS Lambda functions running on Python 3.11 runtime. This serverless architecture ensures minimal operational overhead while providing maximum flexibility for customization.
+
+### Requirements
+
+* [Create an AWS account](https://portal.aws.amazon.com/gp/aws/developer/registration/index.html) if you do not already have one and log in. The IAM user that you use must have sufficient permissions to make necessary AWS service calls and manage AWS resources.
+* [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html) installed and configured
+* [Git Installed](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git)
+* [AWS Cloud Development Kit](https://docs.aws.amazon.com/cdk/v2/guide/getting_started.html) installed
+* [Node.js](https://nodejs.org/en) and [npm](https://www.npmjs.com/) installed (required for CDK)
+* [Docker](https://www.docker.com/) is installed and the docker daemon is running
+* This solution requires an [WeatherAPI](https://www.weatherapi.com//) API key. To obtain one, please create a free account at [Weatherapi.com](https://www.weatherapi.com/) and retrieve your API key.
+* A destination phone number to receive SMS messages
+* An originating number based on your [country’s requirements](https://docs.aws.amazon.com/sms-voice/latest/userguide/phone-numbers-sms-by-country.html)
+* Access to Bedrock Foundation Models. Please refer to this [documentation](https://docs.aws.amazon.com/bedrock/latest/userguide/model-access-modify.html) to add or remove access to Bedrock foundation models. In this example, we are using the Anthropic Claude 3 Haiku foundation model.
+
+### AWS Services Used
+
+* AWS Lambda
+* Amazon Bedrock 
+* AWS Secret Manager
+* Amazon EventBridge 
+* AWS End User Messaging
+
+### Architecture Diagram
+<img src="./images/personalized_sms_briefing_architecture.jpg" alt="architecture" width="100%"/>
+
+### How it works
+
+* EventBridge triggers the Lambda function daily at your specified time
+* Main Lambda function performs the following actions:
+    * Invokes the Weather Agent Lambda to retrieve weather data from the WeatherAPI and summarize the content with Bedrock
+    * Receives the processed message and uses End User Messaging to send SMS
+
+### Deployment Instructions
+
+1. Create a new directory, navigate to that directory in a terminal and clone the GitHub repository:
+    ``` 
+    git clone https://github.com/aws-samples/serverless-patterns/
+    ```
+2. Change directory to the pattern directory:
+    ```
+    cd lambda-bedrock-endusermessaging
+    ```
+
+3. Create [AWS Secrets Manager Secret](https://docs.aws.amazon.com/secretsmanager/latest/userguide/create_secret.html) Secrets for your WeatherAPI key,destination  phone number, and origination phone number. 
+
+    Log in to your AWS account and navigate to the AWS Secrets Manager service in the AWS Console in your preferred region. Then select the Store a new secret button.
+
+    For the secret type, select Other type of secret. Under Key/value pair, select the Plaintext tab and enter the weather API key. For the encryption key, you can either encrypt using the AWS KMS key that AWS Secrets Manager creates or use a customer-managed AWS KMS key that you create. Select Next, provide the secret name as WeatherAPIKey, select Next, and click the Store button to create the secret. Note the secret ARN, as this will be needed for the next step.
+
+    Repeat this process for your destination and origination phone numbers, creating separate secrets named DestinationPhone and OriginationPhone respectively.
+
+    If you prefer the CLI option, use the commands below. Replace the placeholder values with your actual API key, destination, and origination phone numbers, along with your preferred region. 
+
+    ```
+    aws secretsmanager create-secret \
+    --name "WeatherAPIKey" \
+    --description "API key for WeatherAPI service" \
+    --secret-string "your-actual-weather-api-key-here" \
+    --region us-east-1
+
+
+    aws secretsmanager create-secret \
+        --name "OriginationPhone" \
+        --description "Origination phone number for SMS sending" \
+        --secret-string "+12065550100" \
+        --region us-east-1
+
+    aws secretsmanager create-secret \
+        --name "DestinationPhone" \
+        --description "Destination phone number for weather alerts" \
+        --secret-string "+12065550123" \
+        --region us-east-1
+
+    ```
+
+4. Edit the constants.py file under the folder personalized_sms_briefing_bedrock and customize the following parameters according to your preferences:
+    1. DESTINATION_PHONE_NUMBER: The phone number where you want to receive SMS briefings
+    2. ORIGINATION_IDENTITY_PHONE_NUMBER: Your verified sender ID for SMS messages
+    3. LOCATION: Your preferred location for weather forecasts
+    4. SCHEDULE_HOUR and SCHEDULE_MINUTE: Your desired delivery time (in UTC)
+    5. AWS_BEDROCK_MODEL_ID: The Bedrock model to use for content generation
+    6. WEATHER_API_KEY: Your personal API key from WeatherAPI
+
+    Example below 
+
+    ```
+    DESTINATION_PHONE_SECRET_ARN = "arn:aws:secretsmanager:us-west-2:123456789012:secret:destination-phone-Abc123"
+    ORIGINATION_PHONE_SECRET_ARN = "arn:aws:secretsmanager:us-west-2:123456789012:secret:origination-phone-Def456"
+    WEATHER_API_KEY_SECRET_ARN = "arn:aws:secretsmanager:us-west-2:123456789012:secret:weather-api-key-Ghi789"
+    LOCATION = "Seattle"
+    SCHEDULE_HOUR = 15
+    SCHEDULE_MINUTE = 0
+    AWS_BEDROCK_MODEL_ID= "anthropic.claude-3-haiku-20240307-v1:0"
+
+    ```
+
+5. Create a virtualenv on MacOS and Linux 
+    ``` 
+    python3 -m venv .venv
+    ```
+6. After the init process completes and the virtualenv is created, you can use the following step to activate your virtualenv
+    ```
+    source .venv/bin/activate
+    ```
+    [Optional - for Windows] If you are a Windows platform, you would activate the virtualenv with below command
+
+    ```
+    .venv\Scripts\activate.bat
+    ```
+7. Once the virtualenv is activated, you can install the required dependencies  
+    ``` 
+    pip install -r requirements.txt
+    ```
+8. Synthesize the CloudFormation template for this code 
+    ```
+    cdk synth
+    ```
+9. Deploy the stack
+
+    ```
+    cdk deploy
+    ```
+### Testing Your Deployment
+
+* For quick verification of your deployment using only the AWS CLI.Invoke the SMS sender function to trigger an immediate briefing:
+
+    ```
+   aws lambda invoke \
+    --function-name $(aws cloudformation describe-stacks --stack-name PersonalizedSmsBriefingBedrockStack --query "Stacks[0].Outputs[?OutputKey=='SmsSenderFunctionName'].OutputValue" --output text) \
+    --payload '{}' \
+    --cli-binary-format raw-in-base64-out \
+    response.json
+
+    ```
+
+* Check the execution status for detailed logs and any error messages.You should also have received an SMS on the destination phone number.
+
+    ```
+    cat response.json
+    ```
+
+### SMS Message samples
+
+```
+    "Hello! It's 59°F in Seattle. Partly cloudy. Grab a light jacket and enjoy the day! 🌤️"
+    "Hello! It's 45°F in Chicago. Overcast skies. Layer up and stay cozy! ☁️"
+```
+### Cleanup
+
+1. To cleanup/delete resources created while deploying the solution, go to the root folder of the project repository and run 
+    ```
+    cdk destroy
+    ```
+
+### Useful commands
+
+ * `cdk ls`          list all stacks in the app
+ * `cdk synth`       emits the synthesized CloudFormation template
+ * `cdk deploy`      deploy this stack to your default AWS account/region
+ * `cdk diff`        compare deployed stack with current state
+ * `cdk docs`        open CDK documentation
+
+------
+Copyright 2025 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+
+SPDX-License-Identifier: MIT-0

lambda-bedrock-endusermessaging/app.py

@@ -0,0 +1,17 @@
+#!/usr/bin/env python3
+import os
+import aws_cdk as cdk
+from personalized_sms_briefing_bedrock.personalized_sms_briefing_bedrock_stack import PersonalizedSmsBriefingBedrockStack
+
+app = cdk.App()
+
+PersonalizedSmsBriefingBedrockStack(
+    app, 
+    "PersonalizedSmsBriefingBedrockStack",
+    env=cdk.Environment(
+        account=os.getenv('CDK_DEFAULT_ACCOUNT'),
+        region=os.getenv('CDK_DEFAULT_REGION')
+    )
+)
+
+app.synth()

lambda-bedrock-endusermessaging/cdk.json

@@ -0,0 +1,94 @@
+{
+  "app": "python3 app.py",
+  "watch": {
+    "include": [
+      "**"
+    ],
+    "exclude": [
+      "README.md",
+      "cdk*.json",
+      "requirements*.txt",
+      "source.bat",
+      "**/__init__.py",
+      "**/__pycache__",
+      "tests"
+    ]
+  },
+  "context": {
+    "@aws-cdk/aws-lambda:recognizeLayerVersion": true,
+    "@aws-cdk/core:checkSecretUsage": true,
+    "@aws-cdk/core:target-partitions": [
+      "aws",
+      "aws-cn"
+    ],
+    "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": true,
+    "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": true,
+    "@aws-cdk/aws-ecs:arnFormatIncludesClusterName": true,
+    "@aws-cdk/aws-iam:minimizePolicies": true,
+    "@aws-cdk/core:validateSnapshotRemovalPolicy": true,
+    "@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": true,
+    "@aws-cdk/aws-s3:createDefaultLoggingPolicy": true,
+    "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": true,
+    "@aws-cdk/aws-apigateway:disableCloudWatchRole": true,
+    "@aws-cdk/core:enablePartitionLiterals": true,
+    "@aws-cdk/aws-events:eventsTargetQueueSameAccount": true,
+    "@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": true,
+    "@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": true,
+    "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": true,
+    "@aws-cdk/aws-route53-patters:useCertificate": true,
+    "@aws-cdk/customresources:installLatestAwsSdkDefault": false,
+    "@aws-cdk/aws-rds:databaseProxyUniqueResourceName": true,
+    "@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup": true,
+    "@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId": true,
+    "@aws-cdk/aws-ec2:launchTemplateDefaultUserData": true,
+    "@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments": true,
+    "@aws-cdk/aws-redshift:columnId": true,
+    "@aws-cdk/aws-stepfunctions-tasks:enableEmrServicePolicyV2": true,
+    "@aws-cdk/aws-ec2:restrictDefaultSecurityGroup": true,
+    "@aws-cdk/aws-apigateway:requestValidatorUniqueId": true,
+    "@aws-cdk/aws-kms:aliasNameRef": true,
+    "@aws-cdk/aws-autoscaling:generateLaunchTemplateInsteadOfLaunchConfig": true,
+    "@aws-cdk/core:includePrefixInUniqueNameGeneration": true,
+    "@aws-cdk/aws-efs:denyAnonymousAccess": true,
+    "@aws-cdk/aws-opensearchservice:enableOpensearchMultiAzWithStandby": true,
+    "@aws-cdk/aws-lambda-nodejs:useLatestRuntimeVersion": true,
+    "@aws-cdk/aws-efs:mountTargetOrderInsensitiveLogicalId": true,
+    "@aws-cdk/aws-rds:auroraClusterChangeScopeOfInstanceParameterGroupWithEachParameters": true,
+    "@aws-cdk/aws-appsync:useArnForSourceApiAssociationIdentifier": true,
+    "@aws-cdk/aws-rds:preventRenderingDeprecatedCredentials": true,
+    "@aws-cdk/aws-codepipeline-actions:useNewDefaultBranchForCodeCommitSource": true,
+    "@aws-cdk/aws-cloudwatch-actions:changeLambdaPermissionLogicalIdForLambdaAction": true,
+    "@aws-cdk/aws-codepipeline:crossAccountKeysDefaultValueToFalse": true,
+    "@aws-cdk/aws-codepipeline:defaultPipelineTypeToV2": true,
+    "@aws-cdk/aws-kms:reduceCrossAccountRegionPolicyScope": true,
+    "@aws-cdk/aws-eks:nodegroupNameAttribute": true,
+    "@aws-cdk/aws-ec2:ebsDefaultGp3Volume": true,
+    "@aws-cdk/aws-ecs:removeDefaultDeploymentAlarm": true,
+    "@aws-cdk/custom-resources:logApiResponseDataPropertyTrueDefault": false,
+    "@aws-cdk/aws-s3:keepNotificationInImportedBucket": false,
+    "@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature": false,
+    "@aws-cdk/aws-ecs:disableEcsImdsBlocking": true,
+    "@aws-cdk/aws-ecs:reduceEc2FargateCloudWatchPermissions": true,
+    "@aws-cdk/aws-dynamodb:resourcePolicyPerReplica": true,
+    "@aws-cdk/aws-ec2:ec2SumTImeoutEnabled": true,
+    "@aws-cdk/aws-appsync:appSyncGraphQLAPIScopeLambdaPermission": true,
+    "@aws-cdk/aws-rds:setCorrectValueForDatabaseInstanceReadReplicaInstanceResourceId": true,
+    "@aws-cdk/core:cfnIncludeRejectComplexResourceUpdateCreatePolicyIntrinsics": true,
+    "@aws-cdk/aws-lambda-nodejs:sdkV3ExcludeSmithyPackages": true,
+    "@aws-cdk/aws-stepfunctions-tasks:fixRunEcsTaskPolicy": true,
+    "@aws-cdk/aws-ec2:bastionHostUseAmazonLinux2023ByDefault": true,
+    "@aws-cdk/aws-route53-targets:userPoolDomainNameMethodWithoutCustomResource": true,
+    "@aws-cdk/aws-elasticloadbalancingV2:albDualstackWithoutPublicIpv4SecurityGroupRulesDefault": true,
+    "@aws-cdk/aws-iam:oidcRejectUnauthorizedConnections": true,
+    "@aws-cdk/core:enableAdditionalMetadataCollection": true,
+    "@aws-cdk/aws-lambda:createNewPoliciesWithAddToRolePolicy": false,
+    "@aws-cdk/aws-s3:setUniqueReplicationRoleName": true,
+    "@aws-cdk/aws-events:requireEventBusPolicySid": true,
+    "@aws-cdk/core:aspectPrioritiesMutating": true,
+    "@aws-cdk/aws-dynamodb:retainTableReplica": true,
+    "@aws-cdk/aws-stepfunctions:useDistributedMapResultWriterV2": true,
+    "@aws-cdk/s3-notifications:addS3TrustKeyPolicyForSnsSubscriptions": true,
+    "@aws-cdk/aws-ec2:requirePrivateSubnetsForEgressOnlyInternetGateway": true,
+    "@aws-cdk/aws-s3:publicAccessBlockedByDefault": true
+  }
+}