Six production-shaped reference architectures for AI workloads on AWS — diagrams, key decisions, Terraform skeletons, cost analysis at three scales, and Well-Architected reviews.
- Production: AWS AI Reference Architectures
- Documentation: Project docs
- GitHub: fernandofatech/aws-ai-reference-architectures
- Author: Fernando Francisco Azevedo · LinkedIn · GitHub
This public repository is part of a bilingual portfolio focused on solution architecture, AWS, AI, MCP/tooling, DevSecOps, and production-ready engineering practices.
Este repositório público faz parte de um portfólio bilíngue focado em arquitetura de soluções, AWS, IA, MCP/tools, DevSecOps e boas práticas de engenharia para produção.
Most AI-on-AWS examples online are either toy notebooks (one file, no IaC, no security) or 200-page enterprise white papers (impressive, unreadable). This repo sits in the middle: six opinionated reference architectures that are detailed enough to be useful for real designs, and concise enough to be read in 10 minutes each.
Every architecture answers the same questions:
- Problem — what use case does this fit?
- Components — what services and why?
- Diagram — one Mermaid view.
- Decisions — the 3–5 calls that matter (with rationale and alternatives).
- Cost — rough monthly USD at S / M / L scales.
- Well-Architected — the salient findings across all six pillars.
- Trade-offs — when to use this, when NOT to.
- Terraform skeleton — IaC starting point (not a full module, by design).
| # | Name | Pattern | Best for |
|---|---|---|---|
| 01 | RAG with Bedrock + OpenSearch | Retrieval-augmented generation | Internal Q&A over docs, knowledge bases |
| 02 | Multi-agent orchestration | Bedrock Agents + Step Functions | Long-running workflows that need durable state |
| 03 | Streaming AI inference | API Gateway + Lambda + Bedrock streaming | Chat UIs with token-level streaming |
| 04 | Event-driven AI processing | EventBridge + SQS + Lambda + Bedrock | Async classification, enrichment, moderation |
| 05 | Fine-tuning pipeline | SageMaker + S3 + MLflow | Custom models on top of foundation models |
| 06 | Secure agentic system | Bedrock Agents + Guardrails + VPC | Multi-tenant production agent with hard guardrails |
- For shaping a new design: read the relevant architecture end-to-end, then port the trade-offs section into your design doc.
- For brownfield review: open the Well-Architected section and compare with your existing setup.
- For cost conversations: the cost-analysis tables include three sizings (S/M/L) with the input assumptions spelled out.
- For ADR inspiration: the decisions in each arch follow the MADR format — copy and adapt.
- Not a Terraform module library. The IaC is skeleton — it shows the resources and wiring, but each team will adapt names, tags, networking, IAM policies and remote state.
- Not exhaustive. Six patterns cover most workloads I see in practice; if yours doesn't fit, open an issue with the use case.
- Not a replacement for the AWS Well-Architected Tool — use the formal Tool before any production launch.
.
├── architectures/ # one folder per reference
│ ├── 01-rag-bedrock-opensearch/
│ ├── 02-multi-agent-orchestration/
│ ├── 03-streaming-ai-inference/
│ ├── 04-event-driven-ai-processing/
│ ├── 05-fine-tuning-pipeline/
│ └── 06-secure-agentic-system/
├── docs/ # MkDocs Material site (GitHub Pages)
├── frontend/ # dependency-free static catalog landing (Vercel)
└── .github/workflows/ # CI + docs deploy
This portfolio repo ships with automated checks for the parts that matter in public technical work:
- Frontend: lint, static build, and
npm audit. - Docs: strict MkDocs build and GitHub Pages deploy.
- Security: CodeQL, dependency review, Trivy filesystem scan, and Gitleaks secret scan.
- Maintenance: Dependabot for GitHub Actions and frontend dependencies.
- Vercel: automatic preview and production deploys are connected through Vercel Git integration.
See OPERATIONS.md for the full workflow and required secrets.
Issues with new patterns or corrections to existing ones are welcome. See CONTRIBUTING.md. Conventional Commits are enforced.
MIT © Fernando Francisco Azevedo
Fernando Francisco Azevedo — Solution Architect, AWS & AI focus. fernando@moretes.com · LinkedIn · fernando.moretes.com