Merge pull request #628 from maryamkhidir/docs/update-solution-nomenc…

…lature documentation: Update app nomenclature
aws-samples · Jan 31, 2025 · 1d05f44 · 1d05f44
2 parents 7f6fa79 + 1d94b0c
commit 1d05f44
Show file tree

Hide file tree

Showing 8 changed files with 309 additions and 45 deletions.
diff --git a/docs/documentation/access-control.md b/docs/documentation/access-control.md
@@ -8,7 +8,7 @@ You need to assign the admin role to a user to be able to use the project after
 Users can have one or more roles defining their permissions. It can be used to restrict access to the functionalities as defined below.
 
 
-Rubicon has 3 pre-defined roles. They are created during deployment by CDK code. 
+The GenAI Chatbot on AWS has 3 pre-defined roles. They are created during deployment by CDK code. 
 1. admin - _full access_
 2. workspace_manager - _full access except the admin pages such as managing applications_
 3. user - _access to assigned applications_

diff --git a/docs/documentation/applications.md b/docs/documentation/applications.md
@@ -10,7 +10,7 @@ Roles determine which applications a user can access - for example, a "customer
 
 
 ## Iframe integration
-1. Deploy Rubicon.
+1. Deploy the GenAI Chatbot on AWS.
 2. Copy `GenAIChatBotStack.UserInterfaceUserInterfaceDomainName` value from the deployment output. It has `dxxxxxxxxxxxxx.cloudfront.net` format.
 3. Open UI dxxxxxxxxxxxxx.cloudfront.net.
 4. Create an application and open it (the URL will be used in the next step).

diff --git a/docs/documentation/private-chatbot.md b/docs/documentation/private-chatbot.md
@@ -26,3 +26,13 @@ chatbot.example.org
 ### After Private Deployment: 
 1. In Route 53 [link the created VPC to the Private Hosted Zone (PHZ)](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/hosted-zone-private-associate-vpcs.html)
 2. In the PHZ, [add an "A Record"](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-elb-load-balancer.html) with your chosen subdomain (i.e. chatbot.example.org) that points to the website Application Load Balancer Alias.
+
+### Limitations
+Deploying a fully private chatbot requires extending the existing solution. Since the current setup uses **Cognito and AppSync**, both of which are publicly accessible, additional configuration is needed:  
+
+- Authentication must be extended to integrate with your **private IdP**.  
+- AppSync access must be configured using **AWS PrivateLink** for private connectivity.  
+
+For more details, refer to these resources:  
+- [AppSync Lambda Authorization](https://aws.amazon.com/blogs/mobile/appsync-lambda-auth/)  
+- [Using Private APIs with AppSync](https://docs.aws.amazon.com/appsync/latest/devguide/using-private-apis.html)  
diff --git a/lib/user-interface/react-app/package-lock.json b/lib/user-interface/react-app/package-lock.json
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -43,11 +43,11 @@
     "@types/node": "20.1.7",
     "@typescript-eslint/eslint-plugin": "^6.0.0",
     "@typescript-eslint/parser": "^6.0.0",
+    "aws-cdk": "^2.177.0",
     "aws-xray-sdk-core": "3.10.1",
+    "eslint": "^8.45.0",
     "eslint-config-prettier": "^9.1.0",
     "eslint-plugin-prettier": "^5.2.1",
-    "aws-cdk": "2.159.1",
-    "eslint": "^8.45.0",
     "eslint-plugin-react-hooks": "^4.6.2",
     "eslint-plugin-react-refresh": "^0.4.9",
     "graphql": "^16.8.1",
@@ -64,7 +64,7 @@
     "@aws-cdk/aws-apigatewayv2-integrations-alpha": "^2.114.1-alpha.0",
     "@aws-cdk/aws-cognito-identitypool-alpha": "^2.114.1-alpha.0",
     "@cdklabs/generative-ai-cdk-constructs": "^0.1.122",
-    "aws-cdk-lib": "2.159.1",
+    "aws-cdk-lib": "^2.177.0",
     "cdk-monitoring-constructs": "8.1.0",
     "cdk-nag": "2.28.139",
     "commander": "^11.0.0",