Close Menu

    Get faster and actionable AWS Trusted Advisor insights to make data-driven decisions using Amazon Q Business

    Our customers’ key strategic objectives are cost savings and building secure and resilient infrastructure. At AWS, we’re dedicated to helping you meet these critical goals with our unparalleled expertise and industry-leading tools. One of the most valuable resources we offer is the AWS Trusted Advisor detailed report, which provides deep insights into cost optimization, security enhancement, infrastructure resilience, performance optimization, and service limit management. This comprehensive analysis is invaluable for customers of all sizes and across diverse business units and teams. However, the complexity of modern cloud environments can make it challenging to efficiently identify, prioritize, and address the hundreds of Trusted Advisor risks (and each risk might have thousands of affected resources) that might be impacting your operations.

    In this post, we demonstrate how Amazon Q Business can empower you to efficiently identify, prioritize, and address Trusted Advisor risks.

    Amazon Q Business is a generative AI–powered assistant that can answer questions, provide summaries, generate content, and securely complete tasks based on data and information in your enterprise systems. It empowers employees to be more creative, data-driven, efficient, prepared, and productive.

    Trusted Advisor helps you optimize costs, increase performance, improve security and resilience, and operate at scale in the cloud. Trusted Advisor continuously evaluates your AWS environment using best practice checks across the categories of cloud cost optimization, performance, resilience, security, operational excellence, and service limits, and it recommends actions to remediate deviations from best practices.

    Jira is a project management and issue tracking tool that helps teams plan, track, and manage work. By integrating Jira with Amazon Q Business, you can effortlessly create Jira tasks using natural language.

    By taking advantage of the capabilities of Amazon Q Business, you can gain faster and more actionable insights into your detailed Trusted Advisor data. This can enable you to proactively take targeted actions on Trusted Advisor risks that could otherwise significantly impact your business.

    Solution overview

    The solution uses the following components:

    The following diagram illustrates the solution architecture.

    Prerequisites

    Complete the following prerequisite steps:

    1. Set up Amazon Q Business.
    2. Configure an IAM Identity Center instance.
    3. Create IAM Identity Center users and groups.
    4. Have a Trusted Advisor detailed report (Excel or CSV).
    5. Have the following Jira resources:
      • A Jira account URL (site base URL) from your Jira account settings. For example, https://company.atlassian.net/
      • Access to the Jira Developer Console.
      • A Jira project for creating Jira tasks.

    Create the Amazon Q Business application

    Complete the following steps to create the Amazon Q Business application:

    1. On the Amazon Q Business console, choose Create application.
    2. For Application name, enter a name (for example, TrustedAdvisorGenAIApplication).
    3. For Access management method, IAM Identity Center is the recommended method. You can also use the other option available: AWS IAM Identity Provider.
    4. For Quick Start user, use the Select User dropdown menu to choose either an individual user or a group containing the users you want to use the application with.
    5. Choose a subscription for users or groups using the Select Subscription dropdown menu.
    6. Expand Application details, and for Choose a method to authorize Amazon Q Business, select Create and use a new service-linked role (SLR).
    7. For Web experience settings in Choose a method to authorize Amazon Q Business, select Create and use a new service role, or you can also use an existing role by using the option Use an existing service role. Refer to IAM roles for Amazon Q Business for more details.
    8. Choose Create.

    After the application is created, you will see application details similar to those in the following screenshot.

    Make note of the value for Deployed URL because you will use it to chat with Amazon Q Business.

    Create an index

    Indexing in Amazon Q Business is done before configuring the data sources to establish a secure and organized framework for data management. This pre-configuration makes sure proper access controls are in place and creates an efficient structure for categorizing and retrieving information, similar to creating a library’s organizational system before adding books.

    Complete the following steps to enable indexing:

    1. On the application details page, choose Data sources.
    2. Choose Add an index.
    3. For Index name, enter a name for your index.
    4. For Index provisioning, select an index option:
      • Enterprise is ideal for production workloads that are deployed in a Multi-AZ setup for enhanced fault tolerance.
      • Starter is ideal for workloads such as proofs of concept, development, and testing that are deployed in a single Availability Zone.
    5. For Units, enter the number of units depending on your needs.
    6. Choose Add an index.

    Under Data sources, you will see the index has been added and is active.

    Configure a data source

    Now that you created an index, you can add a data source. Complete the following steps:

    1. Under Data sources, choose Add data source.
    2. Choose Upload files, because we will be using a spreadsheet. Other data source options are available, which you can select depending on your business requirements.
    3. Choose the file you want to upload using Choose files.
    4. Choose Upload.

    Amazon Q Business can handle embedded tables in PDF, Word, HTML, and tables in CSV and Excel.

    1. Choose Done.

    You will see that the file has been successfully uploaded.

    The following screenshot is a sample of a few rows and columns that are part of the dataset.

    To get the detailed Trusted Advisor report, you can coordinate with your technical account managers or refer to Organizational view for AWS Trusted Advisor to understand the prerequisites and steps for generating a similar report.

    Configure the Jira Cloud plugin

    In this section, we walk through the steps to set up Jira Cloud and the Jira plugin.

    Set up Jira Cloud

    Complete the following steps to set up Jira Cloud:

    1. Access the Jira Cloud Developer console.
    2. Choose Create and choose OAuth 2.0 integration from the dropdown menu.
    3. Enter a name and choose Create.
    4. On the Permissions tab, choose Add under Action for Jira API and then choose Configure.

    5. Edit scopes (Classic and Granular) to add the following required scopes:
      1. read:jira-work
      2. write:jira-work
      3. manage:jira-project
      4. read:sprint:jira-software
      5. write:sprint:jira-software
      6. delete:sprint:jira-software
      7. read:board-scope:jira-software
      8. read:project:jira

    6. On the Authorization tab, for Callback URL, enter <q-web-url-endpoint>/oauth/callback.

    Set up the Jira plugin

    Gather the following information, which will be needed to set up the Jira plugin:

    • Domain URL of your Jira Cloud instance: https://api.atlassian.com/ex/jira/<Instance ID>, where the instance ID is retrieved using https://<your namespace>.atlassian.net/_edge/tenant_info
    • Access token URL: https://auth.atlassian.com/oauth/token
    • Authorization URL: https://auth.atlassian.com/authorize
    • Client ID and secret from your OAuth 2.0 application: To get the client ID and secret, navigate to the Settings tab from your OAuth 2.0 application

    Complete the following steps to set up the Jira plugin:

    1. On the Amazon Q Business console, navigate to your application.
    2. In the navigation pane, under Actions, choose Plugins.
    3. Choose Add plugin.
    4. Choose the plus sign for Jira Cloud.
    5. Enter a name for Plugin name and a URL for Domain URL.
    6. Under OAuth2.0 authorization, select Create and use a new secret.
    7. Enter values for Secret name, Client ID, Client secret, and Redirect URL, then choose Create.
    8. For Service access, select Create and use a new service role.
    9. Choose Add.

    The Jira plugin will be added, as shown in the following screenshot.

    Customize the web experience

    You can choose Customize web experience and change the title, subtitle, and welcome message. Also, you can display sample prompts by selecting Display sample prompts.

    Now, when you open the application, it will show you the title, subtitle, and welcome message you set.

    Access the Amazon Q application’s web experience endpoint

    In the next steps, we interact with the chat interface of the TrustedAdvisorGenAIApplication application to get faster insights and make it actionable by creating a Jira task.

    1. On the Amazon Q Business console, navigate to the TrustedAdvisorGenAIApplication application.
    2. In the Web experience settings section, copy the deployed URL of the application. This will be the UI of Amazon Q application, as shown in the following screenshot.

    Interact with the Amazon Q application

    Now, let’s see the TrustedAdvisorGenAIApplication application in action.

    We enter the following prompt to get insights: “Top 5 Lambda functions with Function Name from Lambda over-provisioned functions for memory size.”

    The following screenshot shows the prompt output given by our Amazon Q Business application.

    We got the insights we wanted, but insights alone aren’t enough—we need to transform that knowledge into tangible results. Amazon Q Business has features where you can use plugins with powerful project management tools (like Jira), streamlining remediation efforts and enabling maximum impact.

    Let’s ask the Amazon Q Business application to create a Jira task using the preceding output information. We use the following prompt and ask Amazon Q to create a Jira task with the insights we got earlier: “Using the above important function details, create a JIRA task in amazonqbusiness project.”

    During the first use of the Jira plugin, Amazon Q Business will authenticate the user through the Jira login interface, as shown in the following screenshot. For users who have already authenticated through enterprise single sign-on (SSO) or directly using their Jira login, only an API access approval will be requested.

    Choose Authorize and then choose Accept.

    The application will ask for details to create the Jira task. Enter information if needed and choose Submit. The Amazon Q Business application will create the task in the Jira project you specified.

    You will see that the Jira task has been created, as shown in the following screenshot.

    Queries will be automatically routed to the plugins you have configured. Users will not need to invoke a plugin in the conversation window and then run the queries.

    Clean up

    After you’re done testing the solution, you can delete the resources to avoid incurring charges. Follow the instructions in Managing Amazon Q Business applications to delete the application. See Amazon Q Business pricing for more pricing information.

    Conclusion

    In this post, we showed how to create an application using Amazon Q Business with Jira integration that used a dataset containing a Trusted Advisor detailed report. This solution demonstrates how to use new generative AI services like Amazon Q Business to get data insights faster and make them actionable.

    You can expand this solution to use other data sources and use natural language to get data insights faster, which will help you make data-driven decisions.

    To learn more about Amazon Q, see the Amazon Q main product page, Amazon Q Developer, and Getting started with Amazon Q. Additionally, check out the following blog posts:

    About the author

    Satish Bhonsle is a Senior Technical Account Manager at AWS. He is passionate about customer success and technology. He loves working backwards by quickly understanding strategic customer objectives, aligning them to software capabilities and effectively driving customer success.

    Source: Read More 

    Related Posts

    Leave A Reply

    For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.