AI-Powered Cloud Configuration Review

In today's fast-paced cloud landscape, keeping cloud environments secure is a challenge. Misconfigurations have become a leading cause of data breaches, and manually researching and reviewing every configuration is time-consuming and prone to error. But what if we could leverage the power of Generative AI to enhance this process?

In this blog post, we'll go through a capstone project that I have built to enhance my cloud configuration review process. This was possible after taking Google and Kaggle’s free GenAI Intensive course. This course gave me a strong understanding of generative AI, from the basics of large language models (LLMs) to using gen AI with tools in production. The course was carefully designed and explored a broad variety of topics:

• Day 1: Foundational Models & Prompt Engineering
• Day 2: Embeddings and Vector Stores/Databases
• Day 3: Generative AI Agents
• Day 4: Domain-Specific LLMs
• Day 5: MLOps for Generative AI

Why over 140,000 developers took our five-day generative AI course

Google and Kaggle recently launched a five-day intensive course about generative AI.

GoogleD. Sculley

5-Day Gen AI Intensive Course with Google

Join our 5-day course, March 31–April 4, to explore the fundamental technologies and techniques behind Generative AI.

Getting back to the capstone project. We will see how we can use Gen AI to help us with our Cloud Configuration Reviews.

The Problem

From my personal experience, I have always had trouble ensuring the completeness or thoroughness of my cloud configuration review checklist. The cloud is constantly evolving, documentation is vast, and security information is scattered across the web. The process of gathering all relevant details can be laborious, often requiring an inordinate amount of time.

The Solution: Gen AI to the Rescue

This project leverages the power of Gen AI and several cutting-edge tools to automate and enhance the cloud configuration review process. The core idea is to build a comprehensive checklist, drawing upon various knowledge sources and tailoring it to specific cloud environments. Some of the features include:

• Automated checklist creation tailored to specific environments
• Leverage vast amounts of data for comprehensive guidance
• Easily adapt to new threats and cloud service updates

Key Technologies and Techniques

Here's a breakdown of the technologies and techniques used in this Gen AI workflow:

• Large Language Models (LLMs): The heart of the system, providing natural language understanding, generation, and reasoning capabilities. I used Gemini-2.0-flash model for this project.
• LangChain: A powerful framework for building applications powered by LLMs. LangChain provides the structure and tools to chain together different AI components and create complex workflows.
• Diagrams: A Python library for visualizing cloud system architectures, making it easier to understand and analyze complex cloud environments.
• Chroma: A versatile, open-source AI application database. Chroma is used as a vector store to store and efficiently retrieve relevant information.
• Nomic: Nomic is used for creating high-quality vector embeddings, which are essential for semantic search and information retrieval.
• Image Understanding: I have used multimodal capabilities of Gen AI to extract information and use it for downstream tasks.
• Retrieval Augmented Generation (RAG): This technique is employed to retrieve relevant documents and information from vector databases, providing the LLM with the necessary context to generate accurate and insightful checklist items.
• Structured Output: Langchain's structured output capability allows the LLM to generate output in a well-defined format, such as JSON, making it easier to process and integrate with other systems.
• LangSmith (Optional): LangSmith provides observability and evaluation tools, allowing you to monitor and optimize the Gen AI application's performance.

The link to the notebook can be found here -

Future Direction

• Firstly, we can refine the workflow's ability to extract critical information based on the severity of each finding, whether categorized as High, Medium, or Low priority. This will enable us to generate actionable items that directly address the most pressing concerns.
• Secondly, we can introduce an AI-assisted review workflow, which can be seamlessly invoked once the checklist items have been addressed. This collaborative tool will facilitate a more efficient and informed review process, ensuring that all stakeholders are aligned with the actions taken.
• Lastly, we can build an AI-assisted reporting framework, capable of automatically generating comprehensive reports on all findings. This will enable our users to track progress, identify areas for improvement, and make data-driven decisions with ease.

All of these flows can be put into an Agentic Workflow and a more comprehensive solution for others to use.