Part 2: Deploying and using an AWS Quiz Generator on AWS infrastructure

Hein Htet WinHein Htet Win
8 min read

Table of contents

Hi everyone! Welcome back to the two-part series of GenAI application on AWS. In this part-2 of the series, I will continue what we have left in the part-1 and deploy our solution in my AWS account so anyone from the internet can access it and use it to generate AWS practice exam questions.

If you have made it into the part 2, I just want to say Congratulations you all. ☘️ You will learn more about how to deploy GenAI applications on AWS in this part. But if you haven’t checked the part one of this series - you can Check Out Here🔗. So, without further ado, let’s dive into the world of AWS and GenAI application deployment.

You will need access to the code being deployed to follow along, feel free to clone my GitHub repository.🔗

Architecture Diagram

Below is a high-level overview diagram of what we will deploy on our AWS account:

This architecture includes only minimal resources for testing purposes and if you want to scale out your application, you can think of alternative solutions like ECS and EKS for deploying containerized workloads. In this diagram, it only consists of:

  • an EC2 instance: to host our container and use as compute power provider.

  • IAM Role: to use as authentication and authorization for secure access to cross services within AWS.

  • Amazon BedRock: to utilize the latest ML models readily hosted in AWS.

  • Nginx Server: For using as reverse proxy for web server and mapping the custom domain name to this web server.

Dockerize the GenAI application

Firstly, we need to dockerize our genAI application that is developed in Part - 1 and make sure it will work on every machine. This way, we can reuse and share our source code to anyone and they can use for their own use-cases.

In order to dockerize our application, first we need a Dockerfile:

# Use an official Python image as the base image
FROM python:3.13.3-slim

# Set the working directory in the container
WORKDIR /app

# Copy the requirements file into the container
COPY requirements.txt .

# Install the required Python dependencies
RUN pip install --no-cache-dir -r requirements.txt

# Copy the application code into the container
COPY . .

# Expose ports for Streamlit (frontend) and FastAPI (backend)
EXPOSE 8501 8000

# Command to run both the frontend and backend
CMD ["sh", "-c", "uvicorn main:app --host 0.0.0.0 --port 8000 --reload & streamlit run app.py --server.port 8501 --server.address 0.0.0.0"]

In this Dockerfile, I have used base python image of version 3.13.3-slim and used uvicorn to bootstrap our application.

You can basically create a docker image of this repository with docker or podman command.

podman build -t aws-quiz:latest .

If you want to run and test locally the container image you have built, you need to pass AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY env variables while running run command:

podman run -d -p 8501:8501 -p 8000:8000 -e AWS_ACCESS_KEY_ID=<your-key-value> -e AWS_SECRET_ACCESS_KEY=<your-secret-accesskey-value> aws-quiz:latest

You need to replace your relevant access key and secret access key values in the above command. Note that you can also use docker command equivalent to podman.

Setting Up AWS Infrastructure

Pre-requisites

There are some pre-requisites in our AWS account that needs to be in-place before deploying our containerized application:

  • EC2: You need access to use Amazon AWS EC2 service to be able to deploy your containerized application.

  • ECR: an Amazon ECR repository to store our Docker image and pull them from anywhere around the world.

  • IAM: Identity and Access Management (IAM) is required for almost all AWS services in order for them to authenticate and authorize securely from cross services.

  • VPC: a virtual private cloud (VPC) network for our servers to reside in complete isolation.

  • BedRock: We need access to relevant Amazon Bedrock models access which we will use later in this tutorial (I used, Amazon Nova Pro). If you don’t know how to request access, please check out in Part -1 of this series.

Deploying the Quiz Generator Application

Now with our pre-requisites in hand, we will continue to deploy our GenAI application to our AWS account. In this section, I will walk you through the different step-by-step implementation of our application.

Pushing container image to ECR

To push our container image we have built above, we have to tag and push to our repository. I have already pushed my image to the public repository so everyone can pull and readily use my image too.

If you don’t want to push your own image, please use this command to pull my already built image to your server: docker pull public.ecr.aws/h4l5g7w3/heinux-aws-quiz:latest

But if you want to push your own image to the repository you have created, please tag your built image with your repo name first:

podman tag aws-quiz:latest <your-repo-url>:<tag>

Replace the <your-repo-url> and <tag> with appropriate repo URL from DockerHub or AWS ECR

And then push your image with:

podman push <your-repo-url>:<tag>

Creating an IAM role to assume by our EC2 server

We need to create an IAM role to provide our server necessary authorization to access:

  • Amazon Bedrock models

  • ECR image pulling (if private), but in this tutorial, I’ve made my repository public so no need for that

  • any other permission if needed

Go to the Identity and Access Management (IAM) service → and choose Create role.

Choose AmazonBedrockFullAccess permission and go Next.

Give a proper name and create the role. I gave my role named aws-quiz-server-role.

Launching the EC2 server and configurations

The next step is to launch our EC2 server with very minimal resources configuration, I have used Ubuntu 24.04 server in this example:

I’ve used 64-bit Arm architecture CPU in this example for compatibility but you can also use 64-bit Amd version as well. For instance type, I chose t4g.micro.

For network configuration, I have allowed all traffic for SSH port 22 and HTTP port 80.

The last important one is to make use of the IAM role we have created above in our server config.

And to install some pre-requisite software in our server, we will make use of AWS User Data script. In this example, I have used below script to install Docker and Nginx on our web server.

#!/bin/bash

# Install Docker
apt-get update -y
apt-get install -y curl
curl -fsSL https://get.docker.com -o get-docker.sh
sh get-docker.sh
usermod -aG docker ubuntu 
systemctl enable docker
systemctl start docker

# Install Nginx
apt-get install -y nginx
systemctl enable nginx
systemctl start nginx

Running the Docker container application

We can simply ssh into our server using native ssh client or AWS tool like EC2 Instance Connect. I will use EC2 Instance Connect to connect to my server and verify Docker and Nginx are installed correctly first:

docker --version && systemctl status nginx

If your output shows something like this, you can confirm that both are installed successfully using our user data script.

Next, is to pull the docker image we have published in previous steps:

docker pull <your-repo-url>:<your-tag>

And, we can run our docker application using:

docker run -d -p 8501:8501 -p 8000:8000 <your-repo-url>:<your-tag>

In this example, I have hard-coded my Bedrock model name to be used and also port numbers but in real life, you can configure and manage those variables as env variables and can change through the runtime.

Configuring Nginx configuration file

Next is to configure our Nginx server config file to reverse proxy all the traffic coming to our HTTP port to our frontend server port. For this, we can add a virtual server config file in /etc/nginx/sites-available/reverse-proxy.conf directory. using text editor like sudo vi /etc/nginx/sites-available/reverse-proxy.conf

# /etc/nginx/sites-available/reverse-proxy.conf
server {
    listen 80;
    server_name your-domain.com;  # Replace with your domain or IP

    location / {
        proxy_pass http://127.0.0.1:8501;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

        # WebSocket support (if your app uses WebSockets)
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_read_timeout 86400;
    }
}

And create a symlink to your enabled sites directory:

sudo ln -s /etc/nginx/sites-available/reverse-proxy.conf /etc/nginx/sites-enabled/

Test the validity of your Nginx config files and reload the server using:

sudo nginx -t       # Validate syntax
sudo systemctl reload nginx

Updating custom domain mapping

In this last step, I will map one of my custom domain to the Public IP of our EC2 instance. I use Cloudflare as my Domain provider and management, so I will create an A record type in my DNS management console.

Testing and Validation

Finally, we can test and validate our application is working properly by going into the custom domain name we mapped:

And it is able to provide practice AWS questions based on the certificate name I have chosen and the number of questions as follows:

NOTE: I will run this domain and server until 16th May, 2025 and later will delete all resources hosted in my AWS account.

Conclusion

So, in this article, I have concluded how to deploy and host your containerized GenAI application on AWS with very basic and simple architecture. In today’s fast-paced, data-driven world, AI/ML is no longer optional - it’s the main source of innovation, reshaping industries, solving global challenges. From healthcare breakthroughs to climate solutions and business automation, AI/ML empowers us to turn complexity into clarity and ideas into impact. By learning these skills, you future-proof your career, stay ahead of technological shifts, and contribute meaningfully to a smarter, more equitable world.

I hope this post inspired you to dive deeper into AI/ML, whether you’re a curious beginner or a seasoned professional. The journey starts with curiosity, and every step you take today prepares you for tomorrow’s challenges. Keep learning, stay bold, and let’s build the future. 🚀

This article is part of a two-part series — Designing, Building, and Deploying a GenAI AWS Quiz Application.

Part 1 - Build an AWS Quiz Generator and exam practice app with the help of GenAI and Amazon Nova

Part 2 - Deploying and using an AWS Quiz Generator on AWS infrastructure

Thank you all for reading till the end and hope your GenAI learning journey thrives! 🚀🙏

0
Subscribe to my newsletter

Read articles from Hein Htet Win directly inside your inbox. Subscribe to the newsletter, and don't miss out.

genaiAWSbedrockAmazon NovaAI Engineering

Written by

Hein Htet Win
Hein Htet Win

I am a DevOps Engineer from Yangon, Myanmar. I fell in love with automation and CI/CD. I also enjoy using open-source software and regularly contribute to and participate on webinars. In my spare time, I enjoy playing games with my friends in addition to my job.