How to Build a Production RAG System on AWS From Scratch (Complete Beginner’s Guide)
RAG (Retrieval-Augmented Generation) lets AI answer questions using YOUR organisation’s documents, not just what it was trained on. This guide teaches you to build a production-ready RAG system on AWS Bedrock from scratch. No ML experience needed. Every command included.
The Problem RAG Solves , And Why Every Organisation Needs It
Here is a scenario that plays out in every organisation.
A new employee joins your company. They have a question: “What is our policy on expense reimbursements?” They search the internal wiki. They get 47 results. They ask a colleague. The colleague is not sure and points them to a SharePoint folder with 200 documents. They spend 45 minutes reading through PDFs before finding the answer buried in paragraph 12 of a document called HR-Policy-V3-FINAL-updated-2024.pdf.
Now multiply that by every new employee, every contractor, every team member who needs to find information they know exists somewhere. McKinsey estimates employees spend an average of 2.5 hours per day searching for information. In an organisation of 500 people, that is 1,250 hours of lost productivity every single day.
RAG fixes this. With a properly built RAG system, that same employee types: “What is our expense reimbursement policy?” and gets an accurate, cited answer in under 3 seconds, drawn directly from your actual policy documents.
This is not theoretical. This is deployed and working at enterprises globally right now. And by the end of this article, you will have built exactly this for your organisation.
What Is RAG? (Explained Simply)
RAG stands for Retrieval-Augmented Generation. The name sounds complicated. The concept is simple.
A standard AI model (like Claude or GPT-4) knows only what it was trained on, information up to its training cutoff date, from public sources on the internet. It knows nothing about your company’s internal documents, your products, your policies, or your customers.
RAG solves this by adding a retrieval step before the AI generates an answer:
WITHOUT RAG:
User asks question → AI answers from training data only
Problem: AI knows nothing about your organisation
WITH RAG:
User asks question
↓
Search your documents for relevant content
↓
Give relevant content + question to AI
↓
AI answers using YOUR documents
Result: Accurate answers grounded in your actual information
The AI does not guess. It reads the relevant part of your document and answers based on what it finds. If the answer is not in your documents, it says so rather than making something up.
What We Are Building
A complete, production-ready RAG system that:
- Ingests your documents (PDFs, Word files, text files) from S3
- Chunks and embeds them into a searchable vector knowledge base
- Accepts natural language questions via an API
- Retrieves the most relevant document sections
- Generates accurate answers with citations showing which document the answer came from
- Runs serverlessly on AWS, no servers to manage
Architecture:
Your Documents (PDF, Word, TXT)
↓
Amazon S3
(document storage)
↓
Bedrock Knowledge Base
- Chunks documents into sections
- Embeds each section into vectors
- Stores vectors in OpenSearch Serverless
↓
Query API (Lambda + API Gateway)
↓
User gets answer + citations
AWS services used:
- Amazon S3: stores your documents
- Amazon Bedrock Knowledge Bases: managed RAG (chunking and embedding and retrieval)
- Amazon OpenSearch Serverless: vector database (created automatically by Bedrock)
- AWS Lambda: handles queries and formats responses
- Amazon API Gateway: gives the Lambda an HTTPS endpoint
- Amazon Titan Embeddings: converts text to vectors for search
What you need:
- AWS account (free tier, note OpenSearch Serverless costs ~$0.24/hour when active)
- AWS CLI configured
- Some PDF or text documents to test with
- About 90 minutes
Part 1: Understanding the Key Concepts
Before writing a single command, let us understand the three concepts that make RAG work. You do not need to understand the math, just what each step does.
Concept 1: Chunking
Your documents are too long to fit in a single AI prompt. A 50-page policy document might be 25,000 words. AI models have context limits (how much text they can process at once), and more importantly, sending 50 pages for every question is expensive and slow.
Chunking splits your documents into smaller pieces, typically 300–500 words each, with a small overlap between chunks so no sentence loses its context at a boundary.
Original document (50 pages):
"Section 1: Introduction... Section 2: Policy... Section 3: Procedures..."
After chunking (each ~400 words with 50-word overlap):
Chunk 1: "Section 1: Introduction... [first 400 words]"
Chunk 2: "[last 50 words of chunk 1]... Section 2: Policy... [next 350 words]"
Chunk 3: "[last 50 words of chunk 2]... [next 400 words]"
...and so on
Concept 2: Embeddings
Once your document is chunked, each chunk is converted into a vector, a list of numbers that represents its meaning mathematically.
The magic is that text with similar meaning produces similar vectors, even if the words are different. So the chunk about “expense reimbursement policy” will have a vector close to the question “how do I get reimbursed for travel costs”, even though those exact words do not appear together.
This is what makes semantic search possible: finding relevant content by meaning, not just keyword matching.
Concept 3: Retrieval
When a user asks a question, the question is also converted to a vector. The system then searches the vector database for the chunks whose vectors are closest to the question vector, these are the most semantically relevant chunks.
The top 3-5 chunks are retrieved and included in the prompt sent to the AI model.
Question: "How do I claim expenses for a business trip?"
↓
Question → vector → [0.234, -0.891, 0.127, ...]
↓
Search vector DB for similar vectors
↓
Top 3 matching chunks retrieved:
- Chunk from HR-Policy.pdf: "Section 4.2: Travel Expense Claims..."
- Chunk from Finance-Guide.pdf: "Business Travel Reimbursement..."
- Chunk from FAQ.pdf: "Q: What receipts do I need for expense claims..."
↓
AI reads these 3 chunks + question → generates answer with citations
Now you understand RAG. Let us build it.
Part 2: Prepare Your Documents
Step 1: Create the S3 Bucket
bash
# Set your variables — change these to match your setup
REGION="eu-west-1"
ACCOUNT_ID=$(aws sts get-caller-identity --query Account --output text)
BUCKET_NAME="my-rag-documents-$(date +%s)"
# Create the S3 bucket
aws s3 mb s3://$BUCKET_NAME --region $REGION
# Block all public access — documents should never be public
aws s3api put-public-access-block
--bucket $BUCKET_NAME
--public-access-block-configuration
BlockPublicAcls=true,IgnorePublicAcls=true,
BlockPublicPolicy=true,RestrictPublicBuckets=true
echo "S3 bucket created: $BUCKET_NAME"
echo "Save this: export BUCKET_NAME=$BUCKET_NAME"
Step 2: Upload Your Documents
If you have your own documents (PDFs, Word files, text files), upload them now. If not, create some sample documents to test with:
bash
# Create sample documents if you do not have your own
mkdir -p sample-docs
cat > sample-docs/expense-policy.txt << 'EOF'
EXPENSE REIMBURSEMENT POLICY
Last Updated: January 2026
1. OVERVIEW
This policy governs the reimbursement of business expenses incurred by employees
in the course of their work duties. All expenses must be pre-approved where
indicated and submitted within 30 days of being incurred.
2. ELIGIBLE EXPENSES
The following expenses are eligible for reimbursement:
- Business travel (flights, trains, taxis to/from client sites)
- Accommodation (up to £150 per night in London, £100 elsewhere in the UK)
- Business meals (up to £50 per person, must have 2+ attendees)
- Client entertainment (pre-approval required, up to £100 per person)
- Home office equipment (pre-approval required for items over £200)
- Professional development courses (pre-approval required)
3. HOW TO SUBMIT CLAIMS
All expense claims must be submitted through the Expenses portal at
expenses.company.internal within 30 days of the expense being incurred.
Required documentation:
- Original receipts for all expenses over £10
- Business justification for each expense
- Names of attendees for meals and entertainment
- Manager approval for expenses over £500
4. PAYMENT TIMELINE
Approved expenses are reimbursed in the next monthly payroll run, provided
the claim is submitted by the 15th of the month. Claims submitted after the
15th will be processed the following month.
5. INELIGIBLE EXPENSES
The following will not be reimbursed:
- Personal travel or accommodation
- Alcohol consumed outside of approved client entertainment
- Fines, penalties, or legal fees
- Personal mobile phone contracts (BYOD allowance is separate)
- First-class travel without VP-level approval
EOF
cat > sample-docs/remote-work-policy.txt << 'EOF'
REMOTE WORK POLICY
Last Updated: March 2026
1. ELIGIBILITY
All permanent employees who have completed their 3-month probationary period
are eligible for remote work arrangements. Contractors and temporary staff
require manager approval on a case-by-case basis.
2. HYBRID WORK ARRANGEMENT
The company operates a hybrid model requiring employees to be in the office:
- Minimum 3 days per week for team members
- Minimum 2 days per week for senior individual contributors
- As required for managers (typically 4 days per week)
Office days must include Tuesday and Wednesday (core collaboration days).
3. HOME OFFICE REQUIREMENTS
Employees working remotely must have:
- A dedicated workspace free from significant distractions
- Reliable broadband connection (minimum 25 Mbps download)
- Company-issued laptop (personal devices not permitted for security reasons)
- A webcam and headset suitable for video calls
4. EQUIPMENT AND EXPENSES
The company provides:
- Laptop and peripherals (mouse, keyboard) upon joining
- £400 home office setup allowance (one-time, claim through expenses)
- £30 per month broadband contribution (add to monthly expenses)
Employees are responsible for their own desk and chair.
5. AVAILABILITY REQUIREMENTS
Remote employees must:
- Be available during core hours: 9am-5pm in their local timezone
- Respond to messages within 2 hours during working hours
- Attend all required meetings with camera on unless exceptional circumstances
- Notify their manager in advance if unavailable during core hours
EOF
cat > sample-docs/annual-leave-policy.txt << 'EOF'
ANNUAL LEAVE POLICY
Last Updated: February 2026
1. ENTITLEMENT
Full-time permanent employees receive:
- 25 days annual leave per year (pro-rated for part-time employees)
- 8 UK bank holidays (fixed days off)
- 1 additional day for each year of service, up to 5 additional days
- Birthday leave (1 day, to be taken within the birthday month)
2. HOW TO REQUEST LEAVE
Annual leave must be requested through the HR portal at hr.company.internal.
Notice requirements:
- Up to 3 days: minimum 1 week notice
- 4-9 days: minimum 2 weeks notice
- 10+ consecutive days: minimum 4 weeks notice
Leave requests are subject to manager approval and team capacity.
3. CARRY OVER
Up to 5 days of unused annual leave may be carried over to the following year.
Carried-over leave must be used by 31 March of the following year or it is forfeited.
Employees may purchase up to 5 additional days of leave per year through salary
sacrifice (request by 1 December for the following year).
4. SICKNESS DURING ANNUAL LEAVE
If an employee falls ill during a period of annual leave and provides a medical
certificate, the days of illness may be recredited as annual leave. The employee
must notify their manager on the first day of illness.
5. LEAVING THE COMPANY
On leaving the company, employees will be paid for any unused annual leave accrued
in the current leave year. Employees who have taken more leave than accrued will
have the excess deducted from their final salary.
EOF
# Upload documents to S3
aws s3 cp sample-docs/ s3://$BUCKET_NAME/documents/ --recursive
echo "Documents uploaded:"
aws s3 ls s3://$BUCKET_NAME/documents/
Part 3: Create the Bedrock Knowledge Base
This is the core of the RAG system. Bedrock Knowledge Bases handles everything: chunking, embedding, and storing your documents in a searchable vector database.
Step 1: Create the IAM Role for Bedrock
Bedrock needs permission to read from your S3 bucket.
bash
# Create trust policy for Bedrock
cat > bedrock-trust-policy.json << 'EOF'
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Principal": {
"Service": "bedrock.amazonaws.com"
},
"Action": "sts:AssumeRole",
"Condition": {
"StringEquals": {
"aws:SourceAccount": "YOUR_ACCOUNT_ID"
}
}
}]
}
EOF
# Replace placeholder with actual account ID
sed -i "s/YOUR_ACCOUNT_ID/$ACCOUNT_ID/g" bedrock-trust-policy.json
# Create the role
aws iam create-role
--role-name bedrock-knowledge-base-role
--assume-role-policy-document file://bedrock-trust-policy.json
# Create permissions policy
cat > bedrock-kb-policy.json << EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::$BUCKET_NAME",
"arn:aws:s3:::$BUCKET_NAME/*"
]
},
{
"Effect": "Allow",
"Action": [
"bedrock:InvokeModel"
],
"Resource": "arn:aws:bedrock:$REGION::foundation-model/amazon.titan-embed-text-v2:0"
},
{
"Effect": "Allow",
"Action": [
"aoss:APIAccessAll"
],
"Resource": "*"
}
]
}
EOF
aws iam put-role-policy
--role-name bedrock-knowledge-base-role
--policy-name bedrock-kb-permissions
--policy-document file://bedrock-kb-policy.json
KB_ROLE_ARN=$(aws iam get-role
--role-name bedrock-knowledge-base-role
--query 'Role.Arn'
--output text)
echo "Bedrock role ARN: $KB_ROLE_ARN"
Step 2: Create the Knowledge Base via AWS Console
The Knowledge Base creation is easiest via the console because it automatically sets up OpenSearch Serverless for you:
1. Open AWS Console → Amazon Bedrock → Knowledge Bases → Create knowledge base
2. Knowledge base details:
Name: company-knowledge-base
Description: Internal company policies and documentation
IAM Role: bedrock-knowledge-base-role (select the one you created)
3. Data source:
Type: Amazon S3
S3 URI: s3://YOUR_BUCKET_NAME/documents/
Name: company-documents
4. Embeddings model:
Select: Titan Text Embeddings V2
(This converts your text into vectors)
5. Vector store:
Select: Quick create a new vector store
Type: Amazon OpenSearch Serverless
(Bedrock creates and configures this automatically)
6. Review and create → Create knowledge base
Wait 3-5 minutes for creation to complete.
Get the Knowledge Base ID:
bash
KB_ID=$(aws bedrock-agent list-knowledge-bases
--region $REGION
--query 'knowledgeBaseSummaries[?name==`company-knowledge-base`].knowledgeBaseId'
--output text)
echo "Knowledge Base ID: $KB_ID"
echo "Save this: export KB_ID=$KB_ID"
Step 3: Sync Your Documents
bash
# Get the data source ID
DATA_SOURCE_ID=$(aws bedrock-agent list-data-sources
--knowledge-base-id $KB_ID
--region $REGION
--query 'dataSourceSummaries[0].dataSourceId'
--output text)
echo "Data Source ID: $DATA_SOURCE_ID"
# Start the ingestion job (chunks, embeds, and indexes your documents)
INGESTION_JOB_ID=$(aws bedrock-agent start-ingestion-job
--knowledge-base-id $KB_ID
--data-source-id $DATA_SOURCE_ID
--region $REGION
--query 'ingestionJob.ingestionJobId'
--output text)
echo "Ingestion job started: $INGESTION_JOB_ID"
echo "Waiting for ingestion to complete..."
# Poll until complete
while true; do
STATUS=$(aws bedrock-agent get-ingestion-job
--knowledge-base-id $KB_ID
--data-source-id $DATA_SOURCE_ID
--ingestion-job-id $INGESTION_JOB_ID
--region $REGION
--query 'ingestionJob.status'
--output text)
echo "Status: $STATUS"
if [ "$STATUS" = "COMPLETE" ]; then
echo "Ingestion complete. Your documents are now searchable."
break
elif [ "$STATUS" = "FAILED" ]; then
echo "Ingestion failed. Check the AWS console for details."
exit 1
fi
sleep 15
done
Part 4: Test the Knowledge Base Directly
Before building the API, test that the knowledge base works:
bash
# Test: ask a question directly using the AWS CLI
aws bedrock-agent-runtime retrieve-and-generate
--region $REGION
--input '{"text": "What is the expense reimbursement policy for business travel?"}'
--retrieve-and-generate-configuration "{
"type": "KNOWLEDGE_BASE",
"knowledgeBaseConfiguration": {
"knowledgeBaseId": "$KB_ID",
"modelArn": "arn:aws:bedrock:$REGION::foundation-model/anthropic.claude-3-haiku-20240307-v1:0"
}
}" | python3 -m json.tool
You should see an answer like:
json
{
"output": {
"text": "For business travel, you can claim reimbursement for flights, trains, and taxis to client sites. Accommodation is reimbursed up to £150 per night in London and £100 per night elsewhere in the UK. All claims must be submitted within 30 days through the Expenses portal."
},
"citations": [
{
"retrievedReferences": [
{
"content": {
"text": "Business travel (flights, trains, taxis to/from client sites)..."
},
"location": {
"s3Location": {
"uri": "s3://your-bucket/documents/expense-policy.txt"
}
}
}
]
}
]
}
The citation shows exactly which document the answer came from. This is one of the most valuable features of RAG, your users can verify the source.
Part 5: Build the Query Lambda Function
Now we wrap the knowledge base in a Lambda function that handles validation, formats responses cleanly, and logs everything.
python
# rag_handler.py
# Production RAG query handler
import boto3
import json
import logging
import os
import time
from datetime import datetime, timezone
logger = logging.getLogger()
logger.setLevel(logging.INFO)
# Clients — initialised outside handler for warm reuse
bedrock_agent = boto3.client('bedrock-agent-runtime', region_name='eu-west-1')
# Configuration from environment variables
KNOWLEDGE_BASE_ID = os.environ.get('KNOWLEDGE_BASE_ID', '')
MODEL_ARN = f"arn:aws:bedrock:eu-west-1::foundation-model/anthropic.claude-3-haiku-20240307-v1:0"
MAX_QUESTION_LENGTH = 1000
MIN_QUESTION_LENGTH = 3
NUM_RESULTS = 5 # How many document chunks to retrieve
def log_event(level: str, event: str, **kwargs):
"""Structured JSON logging for CloudWatch"""
entry = {
"level": level,
"event": event,
"timestamp": datetime.now(timezone.utc).isoformat(),
**kwargs
}
getattr(logger, level.lower(), logger.info)(json.dumps(entry))
def validate_question(question: str) -> tuple[bool, str]:
"""Validate the user's question"""
if not question or not isinstance(question, str):
return False, "question must be a non-empty string"
question = question.strip()
if len(question) < MIN_QUESTION_LENGTH:
return False, f"question must be at least {MIN_QUESTION_LENGTH} characters"
if len(question) > MAX_QUESTION_LENGTH:
return False, f"question must not exceed {MAX_QUESTION_LENGTH} characters"
return True, question
def format_citations(citations: list) -> list:
"""
Extract and format citation information from Bedrock response.
Returns a clean list of sources that users can reference.
"""
formatted = []
seen_sources = set() # Avoid duplicate citations
for citation in citations:
for ref in citation.get('retrievedReferences', []):
# Get source document location
location = ref.get('location', {})
s3_uri = location.get('s3Location', {}).get('uri', '')
# Extract just the filename from the full S3 URI
# s3://bucket-name/documents/expense-policy.txt → expense-policy.txt
if s3_uri and s3_uri not in seen_sources:
seen_sources.add(s3_uri)
filename = s3_uri.split('/')[-1]
# Get a short excerpt from the retrieved content
content_text = ref.get('content', {}).get('text', '')
excerpt = content_text[:200].strip()
if len(content_text) > 200:
excerpt += '...'
formatted.append({
'document': filename,
'source_uri': s3_uri,
'excerpt': excerpt
})
return formatted
def query_knowledge_base(question: str) -> dict:
"""
Query the Bedrock Knowledge Base and return answer with citations.
"""
# Custom prompt template to improve answer quality
# This instructs Claude on how to use the retrieved context
prompt_template = """You are a helpful assistant for company employees.
Answer the question using ONLY the information provided in the search results below.
Important rules:
- If the answer is clearly in the search results, provide it directly and concisely
- If the search results do not contain enough information to answer the question, say:
"I don't have specific information about that in the available documents. Please contact HR or your manager."
- Never make up information not found in the search results
- Keep answers professional and easy to understand
- If there are specific numbers, dates, or limits mentioned, include them exactly
$search_results$
Question: $query$
Answer:"""
response = bedrock_agent.retrieve_and_generate(
input={'text': question},
retrieveAndGenerateConfiguration={
'type': 'KNOWLEDGE_BASE',
'knowledgeBaseConfiguration': {
'knowledgeBaseId': KNOWLEDGE_BASE_ID,
'modelArn': MODEL_ARN,
'retrievalConfiguration': {
'vectorSearchConfiguration': {
'numberOfResults': NUM_RESULTS
}
},
'generationConfiguration': {
'promptTemplate': {
'textPromptTemplate': prompt_template
},
'inferenceConfig': {
'textInferenceConfig': {
'maxTokens': 800,
'temperature': 0.1 # Low temperature = factual, consistent answers
}
}
}
}
}
)
answer = response['output']['text']
citations = format_citations(response.get('citations', []))
return {
'answer': answer,
'citations': citations,
'session_id': response.get('sessionId', '')
}
def build_response(status_code: int, body: dict, request_id: str) -> dict:
"""Build a consistent HTTP response"""
return {
'statusCode': status_code,
'headers': {
'Content-Type': 'application/json',
'X-Request-ID': request_id,
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Headers': 'Content-Type',
'Access-Control-Allow-Methods': 'POST,OPTIONS'
},
'body': json.dumps(body)
}
def lambda_handler(event, context):
"""Main Lambda handler"""
request_id = context.aws_request_id
start_time = time.time()
# Handle CORS preflight
http_method = event.get('requestContext', {}).get('http', {}).get('method', '')
if http_method == 'OPTIONS':
return build_response(200, {}, request_id)
log_event("INFO", "query_received", request_id=request_id)
# Parse request body
try:
body = json.loads(event.get('body', '{}'))
except json.JSONDecodeError:
return build_response(400, {
'success': False,
'error': 'Request body must be valid JSON'
}, request_id)
question = body.get('question', '')
# Validate
is_valid, result = validate_question(question)
if not is_valid:
return build_response(400, {
'success': False,
'error': result
}, request_id)
question = result # cleaned question
# Query the knowledge base
try:
rag_result = query_knowledge_base(question)
duration_ms = int((time.time() - start_time) * 1000)
log_event("INFO", "query_completed",
request_id=request_id,
question_length=len(question),
answer_length=len(rag_result['answer']),
citation_count=len(rag_result['citations']),
duration_ms=duration_ms)
return build_response(200, {
'success': True,
'answer': rag_result['answer'],
'citations': rag_result['citations'],
'metadata': {
'citation_count': len(rag_result['citations']),
'duration_ms': duration_ms,
'request_id': request_id
}
}, request_id)
except bedrock_agent.exceptions.ThrottlingException:
log_event("WARN", "throttling", request_id=request_id)
return build_response(503, {
'success': False,
'error': 'Service temporarily busy. Please retry in a moment.'
}, request_id)
except Exception as e:
log_event("ERROR", "query_failed",
request_id=request_id,
error_type=type(e).__name__,
error_message=str(e))
return build_response(500, {
'success': False,
'error': 'Something went wrong. Please try again.'
}, request_id)
Part 6: Deploy the Lambda and API Gateway
bash
# Package and deploy Lambda
zip -j rag-function.zip rag_handler.py
# Create Lambda IAM role
cat > lambda-rag-trust.json << 'EOF'
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Principal": {"Service": "lambda.amazonaws.com"},
"Action": "sts:AssumeRole"
}]
}
EOF
aws iam create-role
--role-name rag-lambda-role
--assume-role-policy-document file://lambda-rag-trust.json
aws iam attach-role-policy
--role-name rag-lambda-role
--policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
# Add Bedrock Knowledge Base permission
cat > rag-lambda-policy.json << EOF
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Action": [
"bedrock:Retrieve",
"bedrock:RetrieveAndGenerate",
"bedrock:InvokeModel"
],
"Resource": [
"arn:aws:bedrock:$REGION:$ACCOUNT_ID:knowledge-base/$KB_ID",
"arn:aws:bedrock:$REGION::foundation-model/*"
]
}]
}
EOF
aws iam put-role-policy
--role-name rag-lambda-role
--policy-name rag-bedrock-access
--policy-document file://rag-lambda-policy.json
LAMBDA_ROLE_ARN=$(aws iam get-role
--role-name rag-lambda-role
--query 'Role.Arn' --output text)
# Wait for role propagation
sleep 10
# Create Lambda function
aws lambda create-function
--function-name rag-query-handler
--runtime python3.12
--role $LAMBDA_ROLE_ARN
--handler rag_handler.lambda_handler
--zip-file fileb://rag-function.zip
--timeout 30
--memory-size 512
--region $REGION
--environment Variables="{"KNOWLEDGE_BASE_ID":"$KB_ID"}"
echo "Lambda deployed"
# Create API Gateway
API_ID=$(aws apigatewayv2 create-api
--name "rag-api"
--protocol-type HTTP
--cors-configuration
AllowOrigins='*'
AllowHeaders='Content-Type'
AllowMethods='POST,OPTIONS'
--region $REGION
--query 'ApiId' --output text)
# Create integration
INTEGRATION_ID=$(aws apigatewayv2 create-integration
--api-id $API_ID
--integration-type AWS_PROXY
--integration-uri arn:aws:lambda:$REGION:$ACCOUNT_ID:function:rag-query-handler
--payload-format-version 2.0
--region $REGION
--query 'IntegrationId' --output text)
# Create route
aws apigatewayv2 create-route
--api-id $API_ID
--route-key 'POST /ask'
--target integrations/$INTEGRATION_ID
--region $REGION
# Deploy
aws apigatewayv2 create-stage
--api-id $API_ID
--stage-name production
--auto-deploy
--region $REGION
# Permission for API Gateway to invoke Lambda
aws lambda add-permission
--function-name rag-query-handler
--statement-id allow-api-gateway
--action lambda:InvokeFunction
--principal apigateway.amazonaws.com
--source-arn "arn:aws:execute-api:$REGION:$ACCOUNT_ID:$API_ID/*/*"
--region $REGION
API_URL=$(aws apigatewayv2 get-api
--api-id $API_ID
--region $REGION
--query 'ApiEndpoint' --output text)
echo ""
echo "==============================="
echo "RAG API is live at:"
echo "$API_URL/production/ask"
echo "==============================="
Part 7: Test Your RAG System
bash
API_ENDPOINT="$API_URL/production/ask"
echo "=== Test 1: Expense policy question ==="
curl -s -X POST $API_ENDPOINT
-H "Content-Type: application/json"
-d '{"question": "What is the maximum hotel rate I can claim for a trip to London?"}'
| python3 -m json.tool
echo ""
echo "=== Test 2: Annual leave question ==="
curl -s -X POST $API_ENDPOINT
-H "Content-Type: application/json"
-d '{"question": "How many days notice do I need to give for a 2-week holiday?"}'
| python3 -m json.tool
echo ""
echo "=== Test 3: Remote work question ==="
curl -s -X POST $API_ENDPOINT
-H "Content-Type: application/json"
-d '{"question": "Do I need to be in the office on Tuesdays?"}'
| python3 -m json.tool
echo ""
echo "=== Test 4: Question not in documents ==="
curl -s -X POST $API_ENDPOINT
-H "Content-Type: application/json"
-d '{"question": "What is the capital of France?"}'
| python3 -m json.tool
Expected response for Test 1:
json
{
"success": true,
"answer": "For business trips to London, accommodation is reimbursed up to £150 per night. For other UK locations, the limit is £100 per night. All accommodation claims must be submitted through the Expenses portal within 30 days.",
"citations": [
{
"document": "expense-policy.txt",
"source_uri": "s3://your-bucket/documents/expense-policy.txt",
"excerpt": "Accommodation (up to £150 per night in London, £100 elsewhere in the UK)..."
}
],
"metadata": {
"citation_count": 1,
"duration_ms": 2341,
"request_id": "abc123"
}
}
Expected response for Test 4 (not in documents):
json
{
"success": true,
"answer": "I don't have specific information about that in the available documents. Please contact HR or your manager.",
"citations": [],
"metadata": {
"citation_count": 0,
"duration_ms": 1823,
"request_id": "xyz789"
}
}
This is the critical difference from a standard AI: when the answer is not in your documents, the system says so honestly rather than guessing.
Part 8: Add More Documents and Keep It Current
The RAG system only knows about documents you have ingested. Add new documents any time and re-sync:
bash
# Upload a new document
aws s3 cp new-policy.pdf s3://$BUCKET_NAME/documents/
# Trigger a new ingestion job to index the new document
aws bedrock-agent start-ingestion-job
--knowledge-base-id $KB_ID
--data-source-id $DATA_SOURCE_ID
--region $REGION
echo "New document ingestion started"
For production, set up an automatic sync using EventBridge:
bash
# Create a rule that syncs every night at midnight UTC
aws events put-rule
--name rag-nightly-sync
--schedule-expression "cron(0 0 * * ? *)"
--state ENABLED
--region $REGION
This ensures new documents added to S3 are automatically indexed overnight without manual intervention.
Part 9: Build a Simple Web Interface
Your API is working. Now give it a user interface so anyone in your organisation can use it without writing code:
html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Company Knowledge Base</title>
<style>
* { box-sizing: border-box; margin: 0; padding: 0; }
body {
font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif;
background: #f8fafc;
min-height: 100vh;
padding: 40px 20px;
}
.container { max-width: 720px; margin: 0 auto; }
h1 { font-size: 1.75rem; color: #0f172a; margin-bottom: 6px; }
.subtitle { color: #64748b; margin-bottom: 32px; }
.search-box {
display: flex;
gap: 10px;
margin-bottom: 24px;
}
input {
flex: 1;
padding: 14px 16px;
border: 1px solid #e2e8f0;
border-radius: 8px;
font-size: 1rem;
outline: none;
transition: border-color 0.2s;
}
input:focus { border-color: #3b82f6; box-shadow: 0 0 0 3px rgba(59,130,246,0.1); }
button {
padding: 14px 24px;
background: #3b82f6;
color: white;
border: none;
border-radius: 8px;
font-size: 1rem;
font-weight: 600;
cursor: pointer;
white-space: nowrap;
}
button:hover { background: #2563eb; }
button:disabled { background: #94a3b8; cursor: not-allowed; }
.answer-card {
background: white;
border: 1px solid #e2e8f0;
border-radius: 10px;
overflow: hidden;
display: none;
}
.answer-card.visible { display: block; }
.answer-header {
padding: 14px 20px;
background: #f1f5f9;
border-bottom: 1px solid #e2e8f0;
font-size: 0.85rem;
font-weight: 600;
color: #475569;
text-transform: uppercase;
letter-spacing: 0.5px;
}
.answer-body {
padding: 20px;
line-height: 1.7;
color: #334155;
}
.citations {
padding: 16px 20px;
border-top: 1px solid #e2e8f0;
background: #f8fafc;
}
.citations h3 {
font-size: 0.8rem;
color: #64748b;
text-transform: uppercase;
letter-spacing: 0.5px;
margin-bottom: 10px;
}
.citation-item {
padding: 10px 12px;
background: white;
border: 1px solid #e2e8f0;
border-radius: 6px;
margin-bottom: 8px;
font-size: 0.85rem;
}
.citation-doc { font-weight: 600; color: #3b82f6; margin-bottom: 4px; }
.citation-excerpt { color: #64748b; font-style: italic; }
.loading { color: #3b82f6; padding: 20px; text-align: center; display: none; }
.error { padding: 16px 20px; background: #fef2f2; border: 1px solid #fecaca; border-radius: 8px; color: #dc2626; display: none; }
.no-citations { color: #64748b; font-size: 0.85rem; font-style: italic; }
</style>
</head>
<body>
<div class="container">
<h1> Company Knowledge Base</h1>
<p class="subtitle">Ask any question about company policies, procedures, and guidelines.</p>
<div class="search-box">
<input
type="text"
id="questionInput"
placeholder="e.g. How many days notice do I need for annual leave?"
onkeypress="if(event.key==='Enter') askQuestion()"
/>
<button onclick="askQuestion()" id="askBtn">Ask</button>
</div>
<div class="error" id="errorDiv"></div>
<div class="loading" id="loadingDiv"> Searching company documents...</div>
<div class="answer-card" id="answerCard">
<div class="answer-header">Answer</div>
<div class="answer-body" id="answerBody"></div>
<div class="citations" id="citationsDiv">
<h3> Sources</h3>
<div id="citationsList"></div>
</div>
</div>
</div>
<script>
// Replace with your actual API URL
const API_URL = 'YOUR_API_GATEWAY_URL/production/ask';
async function askQuestion() {
const question = document.getElementById('questionInput').value.trim();
if (!question) return;
const btn = document.getElementById('askBtn');
const loading = document.getElementById('loadingDiv');
const error = document.getElementById('errorDiv');
const card = document.getElementById('answerCard');
btn.disabled = true;
loading.style.display = 'block';
error.style.display = 'none';
card.classList.remove('visible');
try {
const res = await fetch(API_URL, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ question })
});
const data = await res.json();
if (!res.ok || !data.success) throw new Error(data.error || 'Request failed');
document.getElementById('answerBody').textContent = data.answer;
const citationsList = document.getElementById('citationsList');
if (data.citations && data.citations.length > 0) {
citationsList.innerHTML = data.citations.map(c => `
<div class="citation-item">
<div class="citation-doc">📄 ${c.document}</div>
<div class="citation-excerpt">"${c.excerpt}"</div>
</div>
`).join('');
} else {
citationsList.innerHTML = '<p class="no-citations">No specific sources cited for this answer.</p>';
}
card.classList.add('visible');
} catch (err) {
error.textContent = `Error: ${err.message}`;
error.style.display = 'block';
} finally {
btn.disabled = false;
loading.style.display = 'none';
}
}
</script>
</body>
</html>
Save this as index.html, replace YOUR_API_GATEWAY_URL, and host it on S3 static website hosting (covered in Article 4 of this series).
What You Have Built , And What It Means for Your Organisation
Let us step back and look at what this system does:
Before RAG: Employee has a question → 45 minutes searching documents → finds the answer (if lucky)
After RAG: Employee has a question → types it → gets a cited answer in 3 seconds
For a 100-person organisation where employees each save 30 minutes per day searching for information, that is 50 person-hours saved per day, roughly 3 full-time employees’ worth of time redirected from searching to actual work.
The citations are not just nice to have. They are essential for enterprise trust. Your employees can see exactly which document the answer came from and verify it themselves. The AI is not guessing, it is reading your actual documents and reporting what they say.
Common Issues and How to Fix Them
“The knowledge base is not finding relevant documents” The chunking strategy might not be optimal for your document types. In the AWS console → Knowledge Base → Data Source → Edit → change the chunking strategy to “Semantic chunking” for better results with long documents.
“The AI is making up answers not in the documents” Increase the strictness of the prompt template. Add: “If you are not 100% certain the answer is in the provided context, say you do not know.”
“Ingestion is taking a long time” Large PDF files with many images can be slow to process. For best performance, use text-based PDFs or convert Word documents to plain text before uploading.
“I get throttling errors” Amazon Bedrock has per-account quotas. For production scale, request a quota increase in the AWS Service Quotas console.
Like
0
Liked
Liked
