Managing operational activity across EC2 instances can be challenging, especially when multiple administrators use the AWS Systems Manager Session Manager tool for remote access. While Session Manager provides secure and auditable connections, manually reviewing session logs to identify user actions, detect anomalies, or summarize activity can be time-consuming and prone to error. This is where generative AI (GenAI) can help, by automatically analyzing session activity and turning raw operational data into clear, actionable insights.
In this Cloud Lab, you’ll build a GenAI-powered log analysis pipeline that automatically summarizes AWS Session Manager activity logs. You’ll begin by creating IAM roles and an EC2 instance configured with Session Manager logging, where each session’s logs will be stored in an S3 bucket, forming the foundation of your automated analysis workflow. Next, you’ll create an SNS topic for notifications and a Lambda function triggered whenever a new session log is uploaded to S3.
The function will read the log contents, use a Bedrock model to analyze the session, and publish an AI-generated summary to the SNS topic, providing you with instant insights directly in your inbox. Finally, you’ll enhance the workflow by integrating AWS CloudTrail, allowing the Lambda function to identify which IAM user initiated the session, from which IP address, and on which instance, adding rich, audit-ready context to your AI-powered summaries.
After completing this Cloud Lab, you’ll understand how to build an end-to-end intelligent log analysis system powered by GenAI. You’ll gain hands-on experience in automating operational visibility, providing a practical foundation for creating secure, auditable, and insight-driven workflows in the cloud.
The following is the high-level architecture diagram of the infrastructure you’ll create in this Cloud Lab:
