{"id":240,"date":"2026-04-13T08:04:53","date_gmt":"2026-04-13T08:04:53","guid":{"rendered":"https:\/\/www.devopsschool.com\/tutorials\/aws-amazon-kendra-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-machine-learning-ml-and-artificial-intelligence-ai\/"},"modified":"2026-04-13T08:04:53","modified_gmt":"2026-04-13T08:04:53","slug":"aws-amazon-kendra-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-machine-learning-ml-and-artificial-intelligence-ai","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/tutorials\/aws-amazon-kendra-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-machine-learning-ml-and-artificial-intelligence-ai\/","title":{"rendered":"AWS Amazon Kendra Tutorial: Architecture, Pricing, Use Cases, and Hands-On Guide for Machine Learning (ML) and Artificial Intelligence (AI)"},"content":{"rendered":"\n

Category<\/h2>\n\n\n\n

Machine Learning (ML) and Artificial Intelligence (AI)<\/p>\n\n\n\n

1. Introduction<\/h2>\n\n\n\n

Amazon Kendra is an AWS-managed enterprise search service that uses Machine Learning (ML) to help users find accurate answers and relevant documents across many content repositories (documents, wikis, knowledge bases, file shares, and SaaS tools).<\/p>\n\n\n\n

In simple terms: you connect Amazon Kendra to your data (for example, an Amazon S3 bucket or a wiki), let it index content, and then your users can search using natural language (for example, \u201cHow do I reset my VPN token?\u201d). Kendra returns ranked results and often highlights the exact passage that answers the question.<\/p>\n\n\n\n

Technically, Amazon Kendra builds and manages a search index that combines semantic ranking, document understanding, metadata filtering, and (optionally) access control enforcement. It supports ingesting data through pre-built connectors (data sources), custom ingestion APIs, and document enrichment pipelines. Applications query Kendra via AWS APIs\/SDKs, and can integrate the results into portals, chatbots, and Retrieval-Augmented Generation (RAG) workflows (for example, using Amazon Bedrock) without having to operate their own search infrastructure.<\/p>\n\n\n\n

What problem it solves:<\/strong> Traditional keyword search often fails in enterprise environments because content is scattered, titles are inconsistent, users ask questions (not keywords), and relevance depends on context and permissions. Amazon Kendra aims to deliver \u201centerprise-grade search\u201d with better relevance, easier integration, and managed operations.<\/p>\n\n\n\n

2. What is Amazon Kendra?<\/h2>\n\n\n\n

Official purpose:<\/strong> Amazon Kendra is a fully managed intelligent search service for enterprise content. It is designed to help organizations index and search large volumes of unstructured and semi-structured data stored across AWS and third-party systems.<\/p>\n\n\n\n

Core capabilities (high level):<\/strong>\n– Create and manage indexes<\/strong> for enterprise search.\n– Ingest content from data sources\/connectors<\/strong> (for example Amazon S3, wiki platforms, CRM\/ITSM tools, and web pages) and\/or via custom ingestion APIs<\/strong>.\n– Run natural-language queries<\/strong> and return ranked results with highlighted passages and metadata.\n– Apply filters\/facets<\/strong> and relevance tuning<\/strong>.\n– Enforce document visibility with access control<\/strong> (when configured and supported by the ingestion method\/connector).\n– Improve ingestion quality with document enrichment<\/strong> (for example, extracting metadata, transforming text, or adding tags via AWS Lambda).<\/p>\n\n\n\n

Major components:<\/strong>\n– Index<\/strong>: The core searchable repository that stores processed content and metadata.\n– Data sources (connectors)<\/strong>: Managed connectors and sync jobs that pull documents, metadata, and (in some cases) ACLs from repositories into the index.\n– Custom document ingestion<\/strong>: APIs to push documents directly (useful for proprietary systems or custom pipelines).\n– Query APIs<\/strong>: APIs to query\/search the index and retrieve results.\n– Access control configuration<\/strong>: Options to associate user identity\/group information with documents and enforce \u201cwho can see what\u201d during query.\n– Relevance tuning & metadata<\/strong>: Field mapping, boosting, facets, and query-time filtering.<\/p>\n\n\n\n

Service type:<\/strong> Fully managed AWS service (SaaS-like within AWS). You do not manage servers, clusters, or shards.<\/p>\n\n\n\n

Scope (regional\/global\/account):<\/strong>\n– Amazon Kendra is a regional<\/strong> service. You create indexes in a specific AWS Region, and data sources\/sync jobs run in that Region.\n– Resources are account-scoped<\/strong> within the Region (subject to IAM permissions).\nVerify current Region availability in the official docs: https:\/\/docs.aws.amazon.com\/kendra\/latest\/dg\/what-is-kendra.html<\/p>\n\n\n\n

How it fits into the AWS ecosystem:<\/strong>\n– Uses IAM<\/strong> for authentication\/authorization to Kendra APIs and for granting Kendra permission to read from your repositories (for example, S3).\n– Integrates with AWS KMS<\/strong> for encryption at rest (service-managed encryption and\/or customer-managed keys depending on configuration\u2014verify exact options in docs).\n– Works well with Amazon S3<\/strong> (common document store), AWS Lambda<\/strong> (document enrichment), Amazon CloudWatch<\/strong> (metrics), and AWS CloudTrail<\/strong> (API auditing).\n– Commonly paired with Amazon Lex<\/strong> (chatbots), Amazon Bedrock<\/strong> (RAG), AWS IAM Identity Center<\/strong> (enterprise identity), and application front ends via Amazon Cognito<\/strong>, API Gateway<\/strong>, or custom web apps.<\/p>\n\n\n\n

3. Why use Amazon Kendra?<\/h2>\n\n\n\n

Business reasons<\/h3>\n\n\n\n
    \n
  • Faster answers, less time wasted:<\/strong> Reduce time employees spend hunting through wikis, PDFs, ticket systems, and shared drives.<\/li>\n
  • Better self-service:<\/strong> Improve customer or employee self-service by indexing knowledge bases and support documentation.<\/li>\n
  • Improved knowledge reuse:<\/strong> Make institutional knowledge discoverable even when content is poorly titled or inconsistently tagged.<\/li>\n<\/ul>\n\n\n\n

    Technical reasons<\/h3>\n\n\n\n
      \n
    • Natural language search:<\/strong> Designed for question-like queries, not just keywords.<\/li>\n
    • Connectors reduce integration time:<\/strong> Many common repositories can be indexed without writing a custom crawler.<\/li>\n
    • Metadata filtering and facets:<\/strong> Combine semantic ranking with structured filtering (department, product, date, confidentiality, etc.).<\/li>\n
    • APIs for application integration:<\/strong> Use AWS SDKs to embed search into portals, apps, and chat systems.<\/li>\n<\/ul>\n\n\n\n

      Operational reasons<\/h3>\n\n\n\n
        \n
      • Managed infrastructure:<\/strong> No cluster provisioning, patching, scaling, or shard management.<\/li>\n
      • Repeatable ingestion:<\/strong> Scheduled or on-demand sync jobs with status tracking.<\/li>\n
      • Observability hooks:<\/strong> Metrics and audit events integrate into standard AWS operational tooling.<\/li>\n<\/ul>\n\n\n\n

        Security\/compliance reasons<\/h3>\n\n\n\n
          \n
        • AWS IAM integration:<\/strong> Fine-grained control over who can administer indexes and data sources.<\/li>\n
        • Encryption and auditing:<\/strong> Standard AWS encryption and API audit patterns (verify exact encryption capabilities for your configuration in official docs).<\/li>\n
        • Access control-aware search (when configured):<\/strong> Search results can be filtered by user identity\/ACL rules, which is critical for enterprise content.<\/li>\n<\/ul>\n\n\n\n

          Scalability\/performance reasons<\/h3>\n\n\n\n
            \n
          • Designed for enterprise content volumes:<\/strong> Kendra is intended for large document sets and many concurrent users (subject to quotas and edition limits).<\/li>\n
          • Relevance at scale:<\/strong> ML ranking is managed by AWS; you focus on content quality and metadata.<\/li>\n<\/ul>\n\n\n\n

            When teams should choose Amazon Kendra<\/h3>\n\n\n\n

            Choose Amazon Kendra when you need:\n– Enterprise search across multiple repositories\n– Strong relevance for natural language queries\n– Managed connectors and ingestion workflows\n– Access control-aware search in a managed service\n– A search layer that can feed RAG systems (retrieve relevant passages for an LLM)<\/p>\n\n\n\n

            When teams should not choose Amazon Kendra<\/h3>\n\n\n\n

            Consider alternatives when:\n– You only need simple keyword search<\/strong> on one small dataset (OpenSearch or database full-text search may be cheaper\/simpler).\n– You need full control<\/strong> of ranking algorithms, analyzers, or low-level search internals (OpenSearch\/Elasticsearch gives more control).\n– You are primarily building vector similarity search<\/strong> with custom embeddings and scoring (Amazon OpenSearch Service vector search or purpose-built vector databases may fit better; Kendra is not marketed as a general vector database).\n– You have strict constraints that require on-prem-only<\/strong> operation (Kendra is an AWS managed service).<\/p>\n\n\n\n

            4. Where is Amazon Kendra used?<\/h2>\n\n\n\n

            Industries<\/h3>\n\n\n\n
              \n
            • Technology & SaaS:<\/strong> Internal engineering knowledge search, runbooks, product docs.<\/li>\n
            • Financial services:<\/strong> Policy\/procedure search, compliance documents, internal knowledge bases (with strong access control requirements).<\/li>\n
            • Healthcare & life sciences:<\/strong> Research document discovery, internal SOPs (ensure compliance requirements are met).<\/li>\n
            • Manufacturing:<\/strong> Maintenance manuals, part catalogs, troubleshooting docs.<\/li>\n
            • Retail & e-commerce:<\/strong> Customer support knowledge, product information aggregation.<\/li>\n
            • Public sector\/education:<\/strong> Policy search, intranet knowledge, research repositories (subject to governance requirements).<\/li>\n<\/ul>\n\n\n\n

              Team types<\/h3>\n\n\n\n
                \n
              • Platform teams building internal portals<\/li>\n
              • Support engineering \/ IT service management teams<\/li>\n
              • Data\/ML teams building RAG assistants<\/li>\n
              • Security and compliance teams managing knowledge access<\/li>\n
              • DevOps\/SRE teams indexing operational runbooks and incident retrospectives<\/li>\n<\/ul>\n\n\n\n

                Workloads<\/h3>\n\n\n\n
                  \n
                • Enterprise search portals and intranets<\/li>\n
                • Support agent assist tools (\u201csuggest the best KB article for this ticket\u201d)<\/li>\n
                • Knowledge retrieval layer for chatbots and virtual assistants<\/li>\n
                • Compliance and policy discovery<\/li>\n
                • Document discovery across multiple silos<\/li>\n<\/ul>\n\n\n\n

                  Architectures<\/h3>\n\n\n\n
                    \n
                  • Central search index<\/strong> with multiple connectors<\/li>\n
                  • Per-department index<\/strong> model with strict separation (sometimes used for governance\/cost control)<\/li>\n
                  • RAG architecture<\/strong>: Kendra retrieval \u2192 LLM summarization\/answering (via Amazon Bedrock or another LLM platform)<\/li>\n<\/ul>\n\n\n\n

                    Real-world deployment contexts<\/h3>\n\n\n\n
                      \n
                    • Indexing documents from S3 + SharePoint + Confluence into one index<\/li>\n
                    • Adding an internal search bar to a company portal<\/li>\n
                    • Integrating with ticketing systems for support knowledge<\/li>\n<\/ul>\n\n\n\n

                      Production vs dev\/test usage<\/h3>\n\n\n\n
                        \n
                      • Dev\/test:<\/strong> Usually one small index, limited documents, infrequent sync. Delete when not needed to control hourly costs.<\/li>\n
                      • Production:<\/strong> Carefully designed index strategy, ingestion schedules, monitoring, ACL enforcement, and change management for metadata\/schema.<\/li>\n<\/ul>\n\n\n\n

                        5. Top Use Cases and Scenarios<\/h2>\n\n\n\n

                        Below are realistic scenarios where Amazon Kendra is commonly a strong fit.<\/p>\n\n\n\n

                        1) Internal IT Helpdesk Knowledge Search<\/h3>\n\n\n\n
                          \n
                        • Problem:<\/strong> Employees submit repetitive tickets because solutions are hard to find.<\/li>\n
                        • Why Kendra fits:<\/strong> Indexes IT knowledge articles, PDFs, and runbooks; supports natural language questions.<\/li>\n
                        • Scenario:<\/strong> \u201cHow do I connect to the corporate VPN from macOS?\u201d returns the exact step-by-step doc and highlights the relevant passage.<\/li>\n<\/ul>\n\n\n\n

                          2) Support Agent Assist for Faster Ticket Resolution<\/h3>\n\n\n\n
                            \n
                          • Problem:<\/strong> Support agents waste time searching multiple systems while on a call.<\/li>\n
                          • Why Kendra fits:<\/strong> Single search layer over KB + product docs + past resolutions; can filter by product\/version.<\/li>\n
                          • Scenario:<\/strong> A support console calls Kendra for each ticket, showing top 5 suggested articles and known fixes.<\/li>\n<\/ul>\n\n\n\n

                            3) Enterprise Policy and Compliance Search<\/h3>\n\n\n\n
                              \n
                            • Problem:<\/strong> Policies exist in many PDFs and sites; people can\u2019t find the \u201cright\u201d version.<\/li>\n
                            • Why Kendra fits:<\/strong> Indexes policies with metadata (effective date, owner, department). Facets improve discovery.<\/li>\n
                            • Scenario:<\/strong> \u201cTravel reimbursement for contractors\u201d returns the correct policy section with excerpt.<\/li>\n<\/ul>\n\n\n\n

                              4) Engineering Runbook and Incident Retrospective Discovery<\/h3>\n\n\n\n
                                \n
                              • Problem:<\/strong> On-call engineers can\u2019t quickly find relevant runbooks and past incidents.<\/li>\n
                              • Why Kendra fits:<\/strong> Natural language works well (\u201clatency spike in us-east-1\u201d), and metadata filters help (service\/team).<\/li>\n
                              • Scenario:<\/strong> During an outage, a chatbot uses Kendra to retrieve relevant runbooks and links.<\/li>\n<\/ul>\n\n\n\n

                                5) HR and Employee Self-Service Portal<\/h3>\n\n\n\n
                                  \n
                                • Problem:<\/strong> Employees ask HR the same questions repeatedly.<\/li>\n
                                • Why Kendra fits:<\/strong> Index HR policies, benefits docs, and internal wiki pages; support synonyms (PTO vs vacation).<\/li>\n
                                • Scenario:<\/strong> \u201cHow many vacation days do I have?\u201d returns the benefits guide and highlights the PTO accrual section.<\/li>\n<\/ul>\n\n\n\n

                                  6) Knowledge Search Across Multiple SaaS Tools<\/h3>\n\n\n\n
                                    \n
                                  • Problem:<\/strong> Critical content is spread across Confluence, SharePoint, Google Drive, and internal docs.<\/li>\n
                                  • Why Kendra fits:<\/strong> Connectors reduce custom development; unified index improves user experience.<\/li>\n
                                  • Scenario:<\/strong> A single search UI queries Kendra and returns results from multiple sources with source badges.<\/li>\n<\/ul>\n\n\n\n

                                    7) Product Documentation Search for Customers (Authenticated)<\/h3>\n\n\n\n
                                      \n
                                    • Problem:<\/strong> Customers can\u2019t find relevant product docs quickly; search results are noisy.<\/li>\n
                                    • Why Kendra fits:<\/strong> Can index documentation and support semantic ranking; combine with authentication and filtering.<\/li>\n
                                    • Scenario:<\/strong> Logged-in customers search \u201cconfigure SSO for Okta\u201d, getting the best matching docs.<\/li>\n<\/ul>\n\n\n\n

                                      8) Retrieval Layer for RAG (LLM Assistants)<\/h3>\n\n\n\n
                                        \n
                                      • Problem:<\/strong> LLMs hallucinate without trustworthy context and citations.<\/li>\n
                                      • Why Kendra fits:<\/strong> Retrieves relevant documents\/passages; your app can provide sources to the LLM.<\/li>\n
                                      • Scenario:<\/strong> A Bedrock-powered assistant uses Kendra results as context and returns an answer with citations.<\/li>\n<\/ul>\n\n\n\n

                                        9) Document Discovery for Research\/Legal Teams<\/h3>\n\n\n\n
                                          \n
                                        • Problem:<\/strong> Teams need to find documents and clauses quickly across large corpora.<\/li>\n
                                        • Why Kendra fits:<\/strong> Semantic ranking and excerpt highlighting help locate relevant sections.<\/li>\n
                                        • Scenario:<\/strong> \u201cIndemnification clause termination\u201d retrieves and highlights the clause across templates.<\/li>\n<\/ul>\n\n\n\n

                                          10) Central Search for Technical Training Materials<\/h3>\n\n\n\n
                                            \n
                                          • Problem:<\/strong> Training content is fragmented; learners can\u2019t find the right lab or module.<\/li>\n
                                          • Why Kendra fits:<\/strong> Indexes PDFs, HTML, and wiki pages; metadata facets by course\/topic.<\/li>\n
                                          • Scenario:<\/strong> \u201cKubernetes ingress troubleshooting lab\u201d returns the lab guide and prerequisites.<\/li>\n<\/ul>\n\n\n\n

                                            11) M&A Knowledge Integration<\/h3>\n\n\n\n
                                              \n
                                            • Problem:<\/strong> After an acquisition, documentation is split across two toolchains.<\/li>\n
                                            • Why Kendra fits:<\/strong> Connectors can index both repositories into one searchable index (with governance).<\/li>\n
                                            • Scenario:<\/strong> Users search once and see results labeled by legacy company source.<\/li>\n<\/ul>\n\n\n\n

                                              12) Field Service \/ Maintenance Manual Search<\/h3>\n\n\n\n
                                                \n
                                              • Problem:<\/strong> Technicians need answers quickly from manuals and service bulletins.<\/li>\n
                                              • Why Kendra fits:<\/strong> PDF-heavy content and question queries are common; excerpt highlighting is useful.<\/li>\n
                                              • Scenario:<\/strong> \u201cError code E17 compressor\u201d returns the manual section and troubleshooting steps.<\/li>\n<\/ul>\n\n\n\n

                                                6. Core Features<\/h2>\n\n\n\n
                                                \n

                                                Note: Amazon Kendra features evolve. Always verify the latest capabilities and connector list in the official documentation: https:\/\/docs.aws.amazon.com\/kendra\/<\/p>\n<\/blockquote>\n\n\n\n

                                                1) Managed indexes (Developer\/Enterprise editions)<\/h3>\n\n\n\n
                                                  \n
                                                • What it does:<\/strong> Provides managed search indexes without running servers.<\/li>\n
                                                • Why it matters:<\/strong> Removes operational burden of scaling and maintaining search clusters.<\/li>\n
                                                • Practical benefit:<\/strong> Faster time to value; consistent managed experience.<\/li>\n
                                                • Caveats:<\/strong> Pricing is typically hourly and can be significant; choose the correct edition and delete unused indexes.<\/li>\n<\/ul>\n\n\n\n

                                                  2) Data source connectors (managed ingestion)<\/h3>\n\n\n\n
                                                    \n
                                                  • What it does:<\/strong> Connects to supported repositories and syncs documents and metadata into Kendra.<\/li>\n
                                                  • Why it matters:<\/strong> Integration is often the hardest part of enterprise search.<\/li>\n
                                                  • Practical benefit:<\/strong> Faster onboarding for common systems (for example S3 and popular collaboration tools).<\/li>\n
                                                  • Caveats:<\/strong> Connector availability and ACL support vary by connector; verify capabilities per connector in docs.<\/li>\n<\/ul>\n\n\n\n

                                                    3) Custom document ingestion APIs<\/h3>\n\n\n\n
                                                      \n
                                                    • What it does:<\/strong> Allows you to push documents directly using APIs (for proprietary systems or event-driven pipelines).<\/li>\n
                                                    • Why it matters:<\/strong> Not every repository has a connector.<\/li>\n
                                                    • Practical benefit:<\/strong> You can index content generated by applications or stored in custom databases.<\/li>\n
                                                    • Caveats:<\/strong> You must manage batching, retries, idempotency, and mapping metadata fields correctly.<\/li>\n<\/ul>\n\n\n\n

                                                      4) Natural language query understanding and semantic ranking<\/h3>\n\n\n\n
                                                        \n
                                                      • What it does:<\/strong> Interprets user questions and ranks results using ML-based relevance.<\/li>\n
                                                      • Why it matters:<\/strong> Users ask questions (\u201cHow do I\u2026\u201d) rather than exact keywords.<\/li>\n
                                                      • Practical benefit:<\/strong> Better top results and fewer \u201cno results found\u201d experiences.<\/li>\n
                                                      • Caveats:<\/strong> Relevance depends on content quality, metadata, and correct field mappings.<\/li>\n<\/ul>\n\n\n\n

                                                        5) Excerpts, highlights, and answer-like results<\/h3>\n\n\n\n
                                                          \n
                                                        • What it does:<\/strong> Returns snippets from documents that match the query and highlights relevant passages.<\/li>\n
                                                        • Why it matters:<\/strong> Users can quickly validate if a result contains the answer.<\/li>\n
                                                        • Practical benefit:<\/strong> Faster click-through and less time scanning long documents.<\/li>\n
                                                        • Caveats:<\/strong> Quality varies by document format and extraction; scanned PDFs may require OCR before indexing.<\/li>\n<\/ul>\n\n\n\n

                                                          6) Metadata schema, facets, and filtering<\/h3>\n\n\n\n
                                                            \n
                                                          • What it does:<\/strong> Supports metadata fields and query-time filters (and faceted navigation in UIs).<\/li>\n
                                                          • Why it matters:<\/strong> Enterprise search often needs \u201cfilter by department\/product\/date\/confidentiality\u201d.<\/li>\n
                                                          • Practical benefit:<\/strong> Higher precision searches, better UX for large corpora.<\/li>\n
                                                          • Caveats:<\/strong> You must design metadata carefully; incorrect field types or sparse metadata reduces usefulness.<\/li>\n<\/ul>\n\n\n\n

                                                            7) Relevance tuning (boosting, field importance)<\/h3>\n\n\n\n
                                                              \n
                                                            • What it does:<\/strong> Adjusts ranking by boosting certain fields or data sources.<\/li>\n
                                                            • Why it matters:<\/strong> Business context matters (official policies > drafts, latest version > old).<\/li>\n
                                                            • Practical benefit:<\/strong> Aligns search results with what users actually need.<\/li>\n
                                                            • Caveats:<\/strong> Over-boosting can hide relevant results; test changes and monitor user feedback.<\/li>\n<\/ul>\n\n\n\n

                                                              8) Synonyms \/ thesaurus (terminology alignment)<\/h3>\n\n\n\n
                                                                \n
                                                              • What it does:<\/strong> Helps treat related terms as equivalent (for example, \u201cPTO\u201d and \u201cvacation\u201d).<\/li>\n
                                                              • Why it matters:<\/strong> Organizations use inconsistent terminology.<\/li>\n
                                                              • Practical benefit:<\/strong> Better recall and fewer missed results.<\/li>\n
                                                              • Caveats:<\/strong> Poor synonym design can increase noise; treat as a controlled vocabulary.<\/li>\n<\/ul>\n\n\n\n

                                                                9) Document enrichment (preprocessing and metadata extraction)<\/h3>\n\n\n\n
                                                                  \n
                                                                • What it does:<\/strong> Applies transformations to documents during ingestion (often via AWS Lambda) to add metadata, redact content, or normalize text.<\/li>\n
                                                                • Why it matters:<\/strong> \u201cGarbage in, garbage out\u201d applies strongly to enterprise search.<\/li>\n
                                                                • Practical benefit:<\/strong> Adds tags, cleans up content, extracts key fields for filtering.<\/li>\n
                                                                • Caveats:<\/strong> Enrichment adds complexity, latency, and Lambda costs; ensure idempotency and handle failures.<\/li>\n<\/ul>\n\n\n\n

                                                                  10) Access control-aware search (ACLs and user context)<\/h3>\n\n\n\n
                                                                    \n
                                                                  • What it does:<\/strong> Restricts results so users only see documents they are permitted to view.<\/li>\n
                                                                  • Why it matters:<\/strong> Enterprise content is rarely all-public.<\/li>\n
                                                                  • Practical benefit:<\/strong> Enables indexing sensitive repositories while respecting permissions.<\/li>\n
                                                                  • Caveats:<\/strong> Correct ACL ingestion and identity mapping is critical; support varies by connector and configuration. Verify connector ACL support and identity requirements.<\/li>\n<\/ul>\n\n\n\n

                                                                    11) Query suggestions (type-ahead)<\/h3>\n\n\n\n
                                                                      \n
                                                                    • What it does:<\/strong> Can suggest queries as users type (depending on configuration and API usage).<\/li>\n
                                                                    • Why it matters:<\/strong> Improves UX and helps users discover common queries.<\/li>\n
                                                                    • Practical benefit:<\/strong> Faster search and more consistent query patterns.<\/li>\n
                                                                    • Caveats:<\/strong> Suggestions are not always desired for sensitive environments; evaluate privacy and UX.<\/li>\n<\/ul>\n\n\n\n

                                                                      12) Amazon Kendra Intelligent Ranking (related capability)<\/h3>\n\n\n\n
                                                                        \n
                                                                      • What it does:<\/strong> Provides ML-based re-ranking for search results from other search engines (for example, OpenSearch\/Elasticsearch), so you can improve relevance without migrating the index.\n Verify current compatibility in official docs.<\/li>\n
                                                                      • Why it matters:<\/strong> Many organizations already have search engines but want better ranking.<\/li>\n
                                                                      • Practical benefit:<\/strong> Incremental improvement path.<\/li>\n
                                                                      • Caveats:<\/strong> This is a distinct capability with its own setup and pricing model; not the same as running a full Kendra index.<\/li>\n<\/ul>\n\n\n\n

                                                                        7. Architecture and How It Works<\/h2>\n\n\n\n

                                                                        High-level service architecture<\/h3>\n\n\n\n

                                                                        Amazon Kendra sits between your content repositories and your search applications:<\/p>\n\n\n\n

                                                                          \n
                                                                        1. Ingestion:<\/strong> Kendra connects to content repositories via data source connectors or receives documents via APIs.<\/li>\n
                                                                        2. Processing:<\/strong> It extracts text and metadata, applies enrichment (optional), and builds an index.<\/li>\n
                                                                        3. Query:<\/strong> Applications call Kendra query APIs. Kendra evaluates user query + filters + (optional) user context for access control.<\/li>\n
                                                                        4. Results:<\/strong> Returns ranked documents\/snippets, metadata, and links back to the source.<\/li>\n<\/ol>\n\n\n\n

                                                                          Request \/ data \/ control flows<\/h3>\n\n\n\n
                                                                            \n
                                                                          • Control plane:<\/strong> Create index, configure schema, configure data sources, run syncs, manage relevance tuning, and configure access control.<\/li>\n
                                                                          • Data plane:<\/strong> Documents flow into the index during sync\/ingestion; queries flow from apps to Kendra and results back.<\/li>\n
                                                                          • Security plane:<\/strong> IAM policies govern who can administer and query. IAM roles govern what Kendra can read from data sources (for example, S3). Optional user identity context can constrain results.<\/li>\n<\/ul>\n\n\n\n

                                                                            Integrations with related AWS services<\/h3>\n\n\n\n

                                                                            Common integrations include:\n– Amazon S3<\/strong> for document storage and as a primary data source.\n– AWS Lambda<\/strong> for document enrichment during ingestion (custom metadata extraction, normalization, redaction workflows).\n– Amazon CloudWatch<\/strong> for metrics (and operational dashboards\/alarms).\n– AWS CloudTrail<\/strong> for auditing API calls.\n– AWS KMS<\/strong> for encryption keys (depending on configuration).\n– Amazon Cognito \/ IAM Identity Center<\/strong> for authenticating end users of a search portal.\n– Amazon Bedrock<\/strong> (or other LLM providers) for RAG: Kendra retrieves relevant context; the LLM generates an answer with citations.<\/p>\n\n\n\n

                                                                            Dependency services<\/h3>\n\n\n\n
                                                                              \n
                                                                            • For data sources: the repository itself (S3, SaaS, on-prem connectors via required connectivity).<\/li>\n
                                                                            • For enrichment: Lambda (and any services your Lambda calls).<\/li>\n
                                                                            • For identity\/ACL: your identity provider and group mapping strategy.<\/li>\n<\/ul>\n\n\n\n

                                                                              Security\/authentication model<\/h3>\n\n\n\n
                                                                                \n
                                                                              • AWS API authentication:<\/strong> IAM (SigV4). Applications use IAM roles\/users to call Kendra APIs.<\/li>\n
                                                                              • Repository access:<\/strong> Kendra assumes a service role you provide for connectors (for example, an IAM role granting s3:GetObject<\/code> on a bucket).<\/li>\n
                                                                              • End-user authorization:<\/strong> If you need \u201cper-user\u201d result filtering, you typically pass user context to the query and ensure ACLs were ingested correctly. The exact approach depends on connector and identity strategy\u2014verify in official docs.<\/li>\n<\/ul>\n\n\n\n

                                                                                Networking model<\/h3>\n\n\n\n
                                                                                  \n
                                                                                • Kendra is a managed regional AWS service with public regional endpoints.<\/li>\n
                                                                                • Many AWS services support VPC interface endpoints (AWS PrivateLink)<\/strong> to keep traffic on the AWS network. Availability can vary by Region and service\u2014verify PrivateLink support for Amazon Kendra in your Region<\/strong> in official AWS documentation.<\/li>\n<\/ul>\n\n\n\n

                                                                                  Monitoring\/logging\/governance considerations<\/h3>\n\n\n\n
                                                                                    \n
                                                                                  • Track:<\/li>\n
                                                                                  • Index status and data source sync status (success\/failure, document counts).<\/li>\n
                                                                                  • Query volume and latency (metrics).<\/li>\n
                                                                                  • API activity (CloudTrail).<\/li>\n
                                                                                  • Govern:<\/li>\n
                                                                                  • Index naming\/tagging standards.<\/li>\n
                                                                                  • IAM least privilege for admins, sync roles, and query clients.<\/li>\n
                                                                                  • Cost controls: number of indexes, edition choice, and sync schedules.<\/li>\n<\/ul>\n\n\n\n

                                                                                    Simple architecture diagram (Mermaid)<\/h3>\n\n\n\n
                                                                                    flowchart LR\n  U[Users \/ App] -->|Query API| K[Amazon Kendra Index]\n  S3[(Amazon S3 Documents)] -->|Data Source Sync| K\n  K -->|Ranked results + excerpts| U\n<\/code><\/pre>\n\n\n\n
                                                                                    Production-style architecture diagram (Mermaid)<\/h3>\n\n\n\n
                                                                                    flowchart TB\n  subgraph Identity\n    IDP[Corporate IdP] --> IC[IAM Identity Center \/ SSO Mapping]\n    IC --> COG[Amazon Cognito \/ App Auth Layer]\n  end\n\n  subgraph Content\n    S3[(Amazon S3)]\n    CONF[Confluence \/ Wiki]\n    SP[SharePoint]\n    ITSM[Service Desk \/ ITSM]\n  end\n\n  subgraph Ingestion\n    DS[Amazon Kendra Data Sources] --> IDX[Amazon Kendra Index]\n    L[Document Enrichment\\n(AWS Lambda)] --> IDX\n  end\n\n  S3 --> DS\n  CONF --> DS\n  SP --> DS\n  ITSM --> DS\n\n  subgraph Apps\n    PORTAL[Internal Search Portal]\n    BOT[Chatbot \/ Agent Assist]\n    RAG[RAG Service]\n    LLM[Amazon Bedrock (LLM)]\n  end\n\n  COG --> PORTAL\n  PORTAL -->|Query + Filters + User Context| IDX\n  BOT -->|Query| IDX\n\n  RAG -->|Retrieve relevant passages| IDX\n  RAG -->|Context + citations| LLM\n  LLM -->|Answer| RAG\n\n  subgraph Security_Operations\n    IAM[IAM Roles\/Policies]\n    KMS[AWS KMS]\n    CW[Amazon CloudWatch Metrics\/Alarms]\n    CT[AWS CloudTrail]\n  end\n\n  IAM --> DS\n  IAM --> IDX\n  KMS --> IDX\n  IDX --> CW\n  DS --> CW\n  IDX --> CT\n  DS --> CT\n<\/code><\/pre>\n\n\n\n
                                                                                    8. Prerequisites<\/h2>\n\n\n\n
                                                                                    AWS account and billing<\/h3>\n\n\n\n
                                                                                      \n
                                                                                    • An active AWS account<\/strong> with billing enabled<\/strong>.<\/li>\n
                                                                                    • Amazon Kendra is not a \u201cfree\u201d service by default; expect hourly charges for indexes. Plan to clean up resources after labs.<\/li>\n<\/ul>\n\n\n\n
                                                                                      Permissions \/ IAM roles<\/h3>\n\n\n\n
                                                                                      You will need permissions to:\n– Create and manage Kendra resources: index, data sources, sync jobs.\n– Create and manage an S3 bucket and upload sample documents.\n– Create or pass an IAM role for Kendra to access S3 (and optionally KMS).<\/p>\n\n\n\n
                                                                                      Typical IAM permissions (high level):\n– kendra:*<\/code> for lab\/admin (scope down for production).\n– s3:CreateBucket<\/code>, s3:PutObject<\/code>, s3:GetObject<\/code>, s3:ListBucket<\/code>.\n– iam:CreateRole<\/code>, iam:PutRolePolicy<\/code>, iam:PassRole<\/code>.\n– kms:*<\/code> only if using customer-managed keys (scope down in production).\n– cloudtrail:LookupEvents<\/code> and CloudWatch read permissions for validation.<\/p>\n\n\n\n
                                                                                      Tools<\/h3>\n\n\n\n
                                                                                        \n
                                                                                      • AWS Management Console access, or:<\/li>\n
                                                                                      • AWS CLI v2<\/strong> (optional, used in validation steps)<\/li>\n
                                                                                      • (Optional) Python 3 + boto3<\/strong> for query examples<\/li>\n<\/ul>\n\n\n\n
                                                                                        Region availability<\/h3>\n\n\n\n
                                                                                          \n
                                                                                        • Choose an AWS Region where Amazon Kendra is available<\/strong>.<\/li>\n
                                                                                        • Verify availability and supported Regions: https:\/\/docs.aws.amazon.com\/kendra\/latest\/dg\/what-is-kendra.html<\/li>\n<\/ul>\n\n\n\n
                                                                                          Quotas \/ limits<\/h3>\n\n\n\n
                                                                                            \n
                                                                                          • Amazon Kendra has service quotas (for example, number of indexes, document limits, throughput).<\/li>\n
                                                                                          • Always verify current quotas in Service Quotas<\/strong> and Kendra documentation:<\/li>\n
                                                                                          • https:\/\/docs.aws.amazon.com\/servicequotas\/<\/li>\n
                                                                                          • https:\/\/docs.aws.amazon.com\/kendra\/<\/li>\n<\/ul>\n\n\n\n
                                                                                            Prerequisite services<\/h3>\n\n\n\n
                                                                                            For this tutorial:\n– Amazon S3 (for storing sample documents)\n– IAM (for roles\/policies)<\/p>\n\n\n\n
                                                                                            Optional (production patterns):\n– CloudTrail (recommended)\n– CloudWatch alarms\/dashboards (recommended)\n– KMS customer-managed key (optional; verify support\/configuration requirements)<\/p>\n\n\n\n
                                                                                            9. Pricing \/ Cost<\/h2>\n\n\n\n
                                                                                            Amazon Kendra pricing changes over time and varies by Region and edition. Do not<\/strong> rely on blog posts for exact numbers\u2014use official pricing.<\/p>\n\n\n\n
                                                                                            Official pricing page:<\/strong> https:\/\/aws.amazon.com\/kendra\/pricing\/\nAWS Pricing Calculator:<\/strong> https:\/\/calculator.aws\/<\/p>\n\n\n\n
                                                                                            Pricing dimensions (typical model)<\/h3>\n\n\n\n
                                                                                            Amazon Kendra cost is generally driven by:\n– Index capacity billed per time (hourly)<\/strong>, and the edition<\/strong> (for example Developer vs Enterprise).\n  Exact included capacity and scaling model is documented on the pricing page\u2014verify the current edition definitions and hourly rates<\/strong>.\n– Potential additional charges for related capabilities such as Amazon Kendra Intelligent Ranking<\/strong> (if used).\n  Verify on the official pricing page and the Intelligent Ranking docs.<\/p>\n\n\n\n
                                                                                            Kendra also indirectly drives costs in connected services:\n– S3 storage<\/strong> for your documents.\n– Data transfer<\/strong> (for example, if connectors pull from outside AWS or across Regions).\n– AWS Lambda<\/strong> costs if you use enrichment functions.\n– Secrets management<\/strong> costs if connectors require stored credentials (for example AWS Secrets Manager).\n– CloudWatch<\/strong> costs for metrics, dashboards, and alarms (usually modest, but not always zero).\n– KMS<\/strong> costs if using customer-managed keys (API requests, key usage).<\/p>\n\n\n\n
                                                                                            Free tier<\/h3>\n\n\n\n
                                                                                            Amazon Kendra historically has not had a broad \u201calways-free\u201d tier like some AWS services. Some AWS services offer limited free usage, but verify whether Amazon Kendra currently offers any free tier or trial<\/strong> on the pricing page.<\/p>\n\n\n\n
                                                                                            Key cost drivers<\/h3>\n\n\n\n
                                                                                              \n
                                                                                            • Number of indexes<\/strong>: Each index typically incurs hourly charges. Multiple environments (dev\/test\/prod) can multiply cost quickly.<\/li>\n
                                                                                            • Edition choice<\/strong>: Developer vs Enterprise can change the baseline hourly cost and capacity.<\/li>\n
                                                                                            • Document volume and update frequency<\/strong>: More content and frequent re-syncs may require larger capacity or more operational effort (pricing impact depends on current Kendra model\u2014verify).<\/li>\n
                                                                                            • Query volume<\/strong>: Depending on pricing model, queries may or may not be a direct line item. Verify on pricing page.<\/li>\n
                                                                                            • Enrichment<\/strong>: Lambda-based enrichment can add compute cost and ingestion latency.<\/li>\n<\/ul>\n\n\n\n
                                                                                              Network\/data transfer implications<\/h3>\n\n\n\n
                                                                                                \n
                                                                                              • Uploading documents to S3 in the same Region as the Kendra index is typically the simplest and avoids cross-Region transfer.<\/li>\n
                                                                                              • If indexing external SaaS or on-prem systems, network egress and connector connectivity can introduce costs (and security constraints).<\/li>\n<\/ul>\n\n\n\n
                                                                                                How to optimize cost<\/h3>\n\n\n\n
                                                                                                  \n
                                                                                                • Start with one index<\/strong> and prove value before scaling to many per team\/department.<\/li>\n
                                                                                                • Use Developer edition for labs\/dev<\/strong> when appropriate (verify edition constraints).<\/li>\n
                                                                                                • Minimize idle indexes<\/strong>: If you don\u2019t need an index, delete it. (Kendra is managed; you typically can\u2019t \u201cstop\u201d it to avoid hourly costs.)<\/li>\n
                                                                                                • Control sync frequency<\/strong>: Don\u2019t sync every 5 minutes if daily is enough.<\/li>\n
                                                                                                • Keep documents clean<\/strong>: Avoid indexing duplicates, stale versions, and low-value content.<\/li>\n
                                                                                                • Evaluate alternatives for simple search<\/strong>: If requirements are basic keyword search, OpenSearch can be more cost-efficient.<\/li>\n<\/ul>\n\n\n\n
                                                                                                  Example low-cost starter estimate (no fabricated numbers)<\/h3>\n\n\n\n
                                                                                                  A typical low-cost lab scenario includes:\n– 1 Kendra index (Developer edition if supported\/appropriate)\n– 1 S3 data source\n– A small set of documents (10\u2013100)\n– A single manual sync\n– A few interactive queries for validation<\/p>\n\n\n\n
                                                                                                  How to estimate:<\/strong>\n1. Go to https:\/\/aws.amazon.com\/kendra\/pricing\/ and identify the hourly rate for the chosen edition in your Region.\n2. Multiply by the number of hours you plan to keep the index.\n3. Add S3 storage (small) and any Lambda enrichment costs (if used).<\/p>\n\n\n\n
                                                                                                  Example production cost considerations<\/h3>\n\n\n\n
                                                                                                  For production, account for:\n– Multiple indexes (prod + staging + dev)\n– Higher availability requirements and governance (more tooling and operational work)\n– Ongoing sync schedules\n– Identity\/ACL integration (often increases complexity and operational overhead)\n– Potential need for multiple data sources and content growth\n– RAG usage: additional costs for LLM inference (Amazon Bedrock) and any caching layers<\/p>\n\n\n\n
                                                                                                  10. Step-by-Step Hands-On Tutorial<\/h2>\n\n\n\n
                                                                                                  Objective<\/h3>\n\n\n\n
                                                                                                  Build a small, realistic Amazon Kendra search experience on AWS by:\n1. Creating a Kendra index\n2. Indexing documents stored in Amazon S3\n3. Querying the index via the console and AWS CLI\n4. Cleaning up resources to avoid ongoing charges<\/p>\n\n\n\n
                                                                                                  Lab Overview<\/h3>\n\n\n\n
                                                                                                  You will create:\n– An S3 bucket with a few small text\/HTML\/PDF documents (keep it minimal)\n– An IAM role that Amazon Kendra assumes to read from the bucket\n– An Amazon Kendra index (choose the lowest-cost edition appropriate for labs\u2014verify current options)\n– An S3 data source and a one-time sync job\n– A few test queries to validate results<\/p>\n\n\n\n
                                                                                                  Expected outcome:<\/strong> You can type a natural language query and get ranked results with excerpts from your uploaded documents.<\/p>\n\n\n\n
                                                                                                  \n\n\n\n
                                                                                                  Step 1: Choose a Region and confirm service access<\/h3>\n\n\n\n
                                                                                                    \n
                                                                                                  1. In the AWS Console, select an AWS Region where Amazon Kendra is supported.<\/li>\n
                                                                                                  2. Confirm Amazon Kendra console loads: https:\/\/console.aws.amazon.com\/kendra\/  <\/li>\n
                                                                                                  3. (Recommended) Confirm you have permission to create IAM roles and S3 buckets.<\/li>\n<\/ol>\n\n\n\n
                                                                                                    Expected outcome:<\/strong> You can open the Amazon Kendra console without permission errors.<\/p>\n\n\n\n
                                                                                                    \n\n\n\n
                                                                                                    Step 2: Create an S3 bucket and upload sample documents<\/h3>\n\n\n\n
                                                                                                      \n
                                                                                                    1. Open the S3 console: https:\/\/console.aws.amazon.com\/s3\/<\/li>\n
                                                                                                    2. \n
                                                                                                      Create a bucket (example):\n   – Bucket name: kendra-lab-<your-unique-suffix><\/code>\n   – Region: same as your Kendra index Region\n   – Keep defaults for a lab (do not enable public access)<\/p>\n<\/li>\n
                                                                                                    3. \n
                                                                                                      Upload a few small documents. Create three files locally and upload them:<\/p>\n<\/li>\n<\/ol>\n\n\n\n
                                                                                                      vpn-reset.txt<\/code><\/strong><\/p>\n\n\n\n
                                                                                                      VPN Token Reset Procedure\n1) Open the VPN portal.\n2) Click \"Reset token\".\n3) Confirm using MFA.\nIf you are locked out, contact IT Support.\n<\/code><\/pre>\n\n\n\n
                                                                                                      expense-policy.txt<\/code><\/strong><\/p>\n\n\n\n
                                                                                                      Travel Expense Policy (Summary)\n- Meals are reimbursable up to the daily limit.\n- Receipts are required for expenses over $25.\n- Contractors must obtain manager approval before booking travel.\n<\/code><\/pre>\n\n\n\n
                                                                                                      oncall-runbook.txt<\/code><\/strong><\/p>\n\n\n\n
                                                                                                      On-Call Runbook: API Latency Spikes\n1) Check dashboards for error rates and p95 latency.\n2) Review recent deployments.\n3) Verify upstream dependencies.\n4) If needed, rollback the last deployment.\n<\/code><\/pre>\n\n\n\n
                                                                                                      Upload these into a prefix like docs\/<\/code> (optional but tidy):\n– docs\/vpn-reset.txt<\/code>\n– docs\/expense-policy.txt<\/code>\n– docs\/oncall-runbook.txt<\/code><\/p>\n\n\n\n
                                                                                                      Expected outcome:<\/strong> Your S3 bucket contains at least 3 documents.<\/p>\n\n\n\n
                                                                                                      Verification:<\/strong> In S3 console, open the bucket \u2192 verify objects exist and you can view\/download them.<\/p>\n\n\n\n
                                                                                                      \n\n\n\n
                                                                                                      Step 3: Create an IAM role for Amazon Kendra to read from S3<\/h3>\n\n\n\n
                                                                                                      Amazon Kendra needs permission to read objects from your S3 bucket when running the data source sync.<\/p>\n\n\n\n
                                                                                                        \n
                                                                                                      1. Open IAM console: https:\/\/console.aws.amazon.com\/iam\/<\/li>\n
                                                                                                      2. \n
                                                                                                        Create a role:\n   – Trusted entity type: AWS service<\/strong>\n   – Use case: look for Amazon Kendra<\/strong> (or a generic service trust if presented differently)\n   – If the console doesn\u2019t provide a Kendra-specific wizard, use the trust policy recommended by Kendra documentation<\/strong>.\n     Verify in official docs: https:\/\/docs.aws.amazon.com\/kendra\/<\/p>\n<\/li>\n
                                                                                                      3. \n
                                                                                                        Attach a policy that allows reading the bucket (minimum for this lab):<\/p>\n<\/li>\n<\/ol>\n\n\n\n
                                                                                                        Replace kendra-lab-<your-unique-suffix><\/code> with your bucket name:<\/p>\n\n\n\n
                                                                                                        {\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Sid\": \"ListBucket\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\"s3:ListBucket\"],\n      \"Resource\": [\"arn:aws:s3:::kendra-lab-<your-unique-suffix>\"]\n    },\n    {\n      \"Sid\": \"ReadObjects\",\n      \"Effect\": \"Allow\",\n      \"Action\": [\"s3:GetObject\"],\n      \"Resource\": [\"arn:aws:s3:::kendra-lab-<your-unique-suffix>\/*\"]\n    }\n  ]\n}\n<\/code><\/pre>\n\n\n\n
                                                                                                        Name the role something like: KendraS3DataSourceRole<\/code>.<\/p>\n\n\n\n
                                                                                                        Expected outcome:<\/strong> You have an IAM role that Amazon Kendra can assume to read your S3 documents.<\/p>\n\n\n\n
                                                                                                        Verification:<\/strong> In IAM \u2192 Roles \u2192 open the role \u2192 confirm:\n– Trust relationship includes Kendra service principal (as documented)\n– Permissions include s3:ListBucket<\/code> and s3:GetObject<\/code> for the bucket<\/p>\n\n\n\n
                                                                                                        \n\n\n\n
                                                                                                        Step 4: Create an Amazon Kendra index<\/h3>\n\n\n\n
                                                                                                          \n
                                                                                                        1. Open Amazon Kendra console: https:\/\/console.aws.amazon.com\/kendra\/<\/li>\n
                                                                                                        2. Choose Create an index<\/strong><\/li>\n
                                                                                                        3. \n
                                                                                                          Configure:\n   – Index name: kendra-lab-index<\/code>\n   – Description: optional\n   – IAM role: choose\/create the service role for Kendra index management as prompted\n   – Edition: choose the lowest-cost edition suitable for labs (often \u201cDeveloper edition\u201d, if available).\nVerify current edition options and constraints in the console and pricing page.<\/strong><\/p>\n<\/li>\n
                                                                                                        4. \n
                                                                                                          Create the index.<\/p>\n<\/li>\n<\/ol>\n\n\n\n
                                                                                                          Expected outcome:<\/strong> The index enters a \u201cCreating\u201d state, then becomes \u201cActive\/Ready\u201d.<\/p>\n\n\n\n
                                                                                                          Verification:<\/strong> In Kendra console, the index status shows Active<\/strong> (or equivalent) before proceeding.<\/p>\n\n\n\n
                                                                                                          Common wait time:<\/strong> Several minutes.<\/p>\n\n\n\n
                                                                                                          \n\n\n\n
                                                                                                          Step 5: Add an S3 data source to the index<\/h3>\n\n\n\n
                                                                                                            \n
                                                                                                          1. In Kendra console, open your index: kendra-lab-index<\/code><\/li>\n
                                                                                                          2. Go to Data sources<\/strong> \u2192 Add data source<\/strong><\/li>\n
                                                                                                          3. Choose Amazon S3<\/strong><\/li>\n
                                                                                                          4. \n
                                                                                                            Configure the data source:\n   – Name: kendra-lab-s3<\/code>\n   – S3 bucket: kendra-lab-<your-unique-suffix><\/code>\n   – (Optional) Inclusion prefix: docs\/<\/code> to limit indexing\n   – IAM role: select KendraS3DataSourceRole<\/code>\n   – Sync schedule: set to Run on demand<\/strong> (or disable schedule) for the lab<\/p>\n<\/li>\n
                                                                                                          5. \n
                                                                                                            Save\/add the data source.<\/p>\n<\/li>\n<\/ol>\n\n\n\n
                                                                                                            Expected outcome:<\/strong> The data source is created and ready to run a sync.<\/p>\n\n\n\n
                                                                                                            Verification:<\/strong> The data source appears in the list with a status like \u201cReady\u201d (wording may vary).<\/p>\n\n\n\n
                                                                                                            \n\n\n\n
                                                                                                            Step 6: Run a sync job<\/h3>\n\n\n\n
                                                                                                              \n
                                                                                                            1. In the data source details page, choose Sync now<\/strong> (or Run<\/strong>).<\/li>\n
                                                                                                            2. Monitor the sync status:\n   – It will move through states such as \u201cSyncing\u201d, then \u201cSucceeded\u201d or \u201cFailed\u201d.<\/li>\n<\/ol>\n\n\n\n
                                                                                                              Expected outcome:<\/strong> Sync completes successfully and documents are indexed.<\/p>\n\n\n\n
                                                                                                              Verification:<\/strong>\n– Data source shows Last sync status: Succeeded<\/strong>\n– Document count in index statistics increases (exact UI varies)<\/p>\n\n\n\n
                                                                                                              \n\n\n\n
                                                                                                              Step 7: Query the index in the Kendra console<\/h3>\n\n\n\n
                                                                                                                \n
                                                                                                              1. In the index view, open the Search console<\/strong> (Kendra provides a built-in test search UI)<\/li>\n
                                                                                                              2. Run queries such as:\n   – How do I reset my VPN token?<\/code>\n   – expense receipts required<\/code>\n   – what to do during API latency spikes<\/code><\/li>\n<\/ol>\n\n\n\n
                                                                                                                Expected outcome:<\/strong> You get ranked results and excerpts matching the correct document.<\/p>\n\n\n\n
                                                                                                                Verification tips:<\/strong>\n– The VPN query should return vpn-reset.txt<\/code> near the top.\n– The expense query should return expense-policy.txt<\/code>.\n– The on-call query should return oncall-runbook.txt<\/code>.<\/p>\n\n\n\n
                                                                                                                \n\n\n\n
                                                                                                                Step 8 (Optional): Query using AWS CLI<\/h3>\n\n\n\n
                                                                                                                This helps you validate programmatic access\u2014how real applications will query Kendra.<\/p>\n\n\n\n
                                                                                                                8.1 Configure AWS CLI<\/h4>\n\n\n\n
                                                                                                                aws configure\naws sts get-caller-identity\n<\/code><\/pre>\n\n\n\n
                                                                                                                8.2 Find your index ID<\/h4>\n\n\n\n
                                                                                                                In the Kendra console, open the index details and copy the Index ID<\/strong>.<\/p>\n\n\n\n
                                                                                                                Or use CLI (if permissions allow):<\/p>\n\n\n\n
                                                                                                                aws kendra list-indices\n<\/code><\/pre>\n\n\n\n
                                                                                                                8.3 Run a query<\/h4>\n\n\n\n
                                                                                                                Replace INDEX_ID<\/code>:<\/p>\n\n\n\n
                                                                                                                aws kendra query \\\n  --index-id \"INDEX_ID\" \\\n  --query-text \"How do I reset my VPN token?\"\n<\/code><\/pre>\n\n\n\n
                                                                                                                Expected outcome:<\/strong> JSON output includes matching document(s), titles, URIs, and excerpt text fields.<\/p>\n\n\n\n
                                                                                                                \n\n\n\n
                                                                                                                Step 9 (Optional): Query with Python (boto3)<\/h3>\n\n\n\n
                                                                                                                Install dependencies:<\/p>\n\n\n\n
                                                                                                                python3 -m pip install boto3\n<\/code><\/pre>\n\n\n\n
                                                                                                                Example script (query_kendra.py<\/code>):<\/p>\n\n\n\n
                                                                                                                import boto3\n\nINDEX_ID = \"INDEX_ID\"\n\nkendra = boto3.client(\"kendra\")\n\nresp = kendra.query(\n    IndexId=INDEX_ID,\n    QueryText=\"expense receipts required\",\n)\n\nfor item in resp.get(\"ResultItems\", []):\n    print(item.get(\"Type\"), item.get(\"DocumentTitle\", {}))\n    excerpt = item.get(\"DocumentExcerpt\", {}).get(\"Text\", \"\")\n    if excerpt:\n        print(\"Excerpt:\", excerpt[:200])\n    print(\"---\")\n<\/code><\/pre>\n\n\n\n
                                                                                                                Run:<\/p>\n\n\n\n
                                                                                                                python3 query_kendra.py\n<\/code><\/pre>\n\n\n\n
                                                                                                                Expected outcome:<\/strong> Printed results include excerpts referencing receipts and policy limits.<\/p>\n\n\n\n
                                                                                                                \n\n\n\n
                                                                                                                Validation<\/h3>\n\n\n\n
                                                                                                                Use this checklist:<\/p>\n\n\n\n
                                                                                                                  \n
                                                                                                                • [ ] Index status is Active<\/strong><\/li>\n
                                                                                                                • [ ] Data source last sync status is Succeeded<\/strong><\/li>\n
                                                                                                                • [ ] Query in console returns correct top documents<\/li>\n
                                                                                                                • [ ] (Optional) CLI query returns structured results<\/li>\n
                                                                                                                • [ ] (Optional) Python query prints excerpts<\/li>\n<\/ul>\n\n\n\n
                                                                                                                  If validation fails, use the troubleshooting section.<\/p>\n\n\n\n
                                                                                                                  \n\n\n\n
                                                                                                                  Troubleshooting<\/h3>\n\n\n\n
                                                                                                                  Common issues and fixes:<\/p>\n\n\n\n
                                                                                                                    \n
                                                                                                                  1. \n
                                                                                                                    Data source sync failed: AccessDenied to S3<\/strong>\n   – Cause: IAM role doesn\u2019t have correct s3:ListBucket<\/code>\/s3:GetObject<\/code> permissions, or bucket policy blocks access.\n   – Fix:<\/p>\n
                                                                                                                      \n
                                                                                                                    • Recheck IAM role permissions.<\/li>\n
                                                                                                                    • Ensure bucket policy doesn\u2019t deny access.<\/li>\n
                                                                                                                    • Confirm the data source is using the intended role.<\/li>\n<\/ul>\n<\/li>\n
                                                                                                                    • \n
                                                                                                                      Index never becomes Active<\/strong>\n   – Cause: Missing service-linked roles\/permissions, or account restrictions.\n   – Fix:<\/p>\n
                                                                                                                        \n
                                                                                                                      • Check IAM permissions for creating Kendra resources.<\/li>\n
                                                                                                                      • Check AWS Health Dashboard and service limits.<\/li>\n
                                                                                                                      • Review CloudTrail for failed API calls.<\/li>\n<\/ul>\n<\/li>\n
                                                                                                                      • \n
                                                                                                                        No results returned<\/strong>\n   – Cause: Sync didn\u2019t index documents, wrong prefix, unsupported file type, or query mismatch.\n   – Fix:<\/p>\n
                                                                                                                          \n
                                                                                                                        • Confirm objects exist under the inclusion prefix.<\/li>\n
                                                                                                                        • Confirm the sync status and document counts.<\/li>\n
                                                                                                                        • Try simpler queries (keywords) to sanity-check.<\/li>\n<\/ul>\n<\/li>\n
                                                                                                                        • \n
                                                                                                                          Results returned but excerpts look empty<\/strong>\n   – Cause: Document text extraction issues (format, encoding, scanned PDFs).\n   – Fix:<\/p>\n
                                                                                                                            \n
                                                                                                                          • Use plain text files to validate.<\/li>\n
                                                                                                                          • For PDFs, ensure they contain selectable text (OCR may be required upstream).<\/li>\n<\/ul>\n<\/li>\n
                                                                                                                          • \n
                                                                                                                            CLI returns AccessDeniedException<\/code> for kendra:Query<\/code><\/strong>\n   – Cause: Your IAM identity doesn\u2019t have query permissions.\n   – Fix: Attach an IAM policy allowing kendra:Query<\/code> on the index ARN.<\/p>\n<\/li>\n<\/ol>\n\n\n\n
                                                                                                                            \n\n\n\n
                                                                                                                            Cleanup<\/h3>\n\n\n\n
                                                                                                                            To avoid ongoing charges, delete resources in this order:<\/p>\n\n\n\n
                                                                                                                              \n
                                                                                                                            1. \n
                                                                                                                              Delete Kendra index<\/strong>\n   – Kendra console \u2192 Indexes \u2192 select kendra-lab-index<\/code> \u2192 Delete<\/strong>\n   – This is the main cost driver; delete it even if you keep the S3 bucket.<\/p>\n<\/li>\n
                                                                                                                            2. \n
                                                                                                                              Delete Kendra data source<\/strong> (if required separately by the console flow)<\/p>\n<\/li>\n
                                                                                                                            3. \n
                                                                                                                              Delete S3 objects and bucket<\/strong>\n   – Empty the bucket\n   – Delete the bucket<\/p>\n<\/li>\n
                                                                                                                            4. \n
                                                                                                                              Delete IAM role<\/strong>\n   – IAM \u2192 Roles \u2192 delete KendraS3DataSourceRole<\/code> (and any inline policies)<\/p>\n<\/li>\n<\/ol>\n\n\n\n
                                                                                                                              Expected outcome:<\/strong> No Kendra index remains, preventing further hourly charges.<\/p>\n\n\n\n
                                                                                                                              11. Best Practices<\/h2>\n\n\n\n
                                                                                                                              Architecture best practices<\/h3>\n\n\n\n
                                                                                                                                \n
                                                                                                                              • Design your index strategy intentionally<\/strong><\/li>\n
                                                                                                                              • One index for the whole organization is simpler for users, but can be harder for governance and cost attribution.<\/li>\n
                                                                                                                              • Multiple indexes (per department\/app) can simplify access control boundaries but increases cost and operational overhead.<\/li>\n
                                                                                                                              • Keep data in-region<\/strong><\/li>\n
                                                                                                                              • Store documents in S3 in the same Region as the Kendra index to reduce latency and cross-Region transfer.<\/li>\n
                                                                                                                              • Use metadata as a first-class design element<\/strong><\/li>\n
                                                                                                                              • Define fields like department<\/code>, product<\/code>, document_type<\/code>, effective_date<\/code>, owner<\/code>, confidentiality<\/code>.<\/li>\n
                                                                                                                              • Enforce consistent tagging at ingestion time.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                IAM\/security best practices<\/h3>\n\n\n\n
                                                                                                                                  \n
                                                                                                                                • Least privilege<\/strong><\/li>\n
                                                                                                                                • Separate roles for: Kendra admins, data source sync role(s), and application query role(s).<\/li>\n
                                                                                                                                • Restrict who can modify relevance tuning<\/strong><\/li>\n
                                                                                                                                • Ranking changes can impact business outcomes; treat as controlled configuration with change management.<\/li>\n
                                                                                                                                • Use explicit iam:PassRole<\/code> constraints<\/strong><\/li>\n
                                                                                                                                • Allow passing only the specific data source role(s) to Kendra.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                  Cost best practices<\/h3>\n\n\n\n
                                                                                                                                    \n
                                                                                                                                  • Delete dev\/test indexes quickly<\/strong><\/li>\n
                                                                                                                                  • Kendra index hourly charges can accumulate.<\/li>\n
                                                                                                                                  • Avoid duplicate content<\/strong><\/li>\n
                                                                                                                                  • Deduplicate documents and remove outdated versions.<\/li>\n
                                                                                                                                  • Tune sync schedules<\/strong><\/li>\n
                                                                                                                                  • Sync only as often as needed; use on-demand sync for low-change repositories.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                    Performance best practices<\/h3>\n\n\n\n
                                                                                                                                      \n
                                                                                                                                    • Use filters to narrow broad queries<\/strong><\/li>\n
                                                                                                                                    • Expose facets in UIs where possible.<\/li>\n
                                                                                                                                    • Optimize document quality<\/strong><\/li>\n
                                                                                                                                    • Prefer machine-readable PDFs and clean text. Extract text from scanned docs before indexing.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                      Reliability best practices<\/h3>\n\n\n\n
                                                                                                                                        \n
                                                                                                                                      • Monitor sync health<\/strong><\/li>\n
                                                                                                                                      • Alert on sync failures or prolonged sync durations.<\/li>\n
                                                                                                                                      • Have a rollback plan for schema changes<\/strong><\/li>\n
                                                                                                                                      • Metadata schema changes can affect filters and relevance.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                        Operations best practices<\/h3>\n\n\n\n
                                                                                                                                          \n
                                                                                                                                        • Tag resources<\/strong><\/li>\n
                                                                                                                                        • Add tags for Env<\/code>, App<\/code>, Owner<\/code>, CostCenter<\/code>, DataClassification<\/code>.<\/li>\n
                                                                                                                                        • Use CloudTrail for auditing<\/strong><\/li>\n
                                                                                                                                        • Track who changed data sources, index settings, or access control configuration.<\/li>\n
                                                                                                                                        • Document connector credentials lifecycle<\/strong><\/li>\n
                                                                                                                                        • Rotate credentials and store in secure services (for example AWS Secrets Manager) when applicable.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                          Governance\/tagging\/naming best practices<\/h3>\n\n\n\n
                                                                                                                                            \n
                                                                                                                                          • Naming:<\/li>\n
                                                                                                                                          • kendra-<app>-<env>-index<\/code><\/li>\n
                                                                                                                                          • kendra-<app>-<env>-ds-<source><\/code><\/li>\n
                                                                                                                                          • Tagging:<\/li>\n
                                                                                                                                          • Environment=dev|staging|prod<\/code><\/li>\n
                                                                                                                                          • OwnerEmail=...<\/code><\/li>\n
                                                                                                                                          • CostCenter=...<\/code><\/li>\n
                                                                                                                                          • DataSensitivity=public|internal|confidential<\/code><\/li>\n<\/ul>\n\n\n\n
                                                                                                                                            12. Security Considerations<\/h2>\n\n\n\n
                                                                                                                                            Identity and access model<\/h3>\n\n\n\n
                                                                                                                                              \n
                                                                                                                                            • Administrative access<\/strong> is controlled by IAM permissions (create\/update\/delete indexes and data sources).<\/li>\n
                                                                                                                                            • Query access<\/strong> should be granted to application roles\/users with kendra:Query<\/code> (and related APIs needed).<\/li>\n
                                                                                                                                            • Data source access<\/strong> is controlled by the IAM role Kendra assumes to read the repository (for example S3).<\/li>\n
                                                                                                                                            • End-user document access control<\/strong> requires:<\/li>\n
                                                                                                                                            • Correct ACL ingestion (connector-dependent)<\/li>\n
                                                                                                                                            • Correct identity mapping (user\/group) provided to Kendra at query time (implementation varies\u2014verify in docs)<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                              Encryption<\/h3>\n\n\n\n
                                                                                                                                                \n
                                                                                                                                              • In transit:<\/strong> Use HTTPS endpoints for Kendra APIs.<\/li>\n
                                                                                                                                              • At rest:<\/strong> Kendra stores indexed content and metadata. Encryption at rest is expected in AWS services; confirm your exact options (AWS-owned keys vs customer-managed keys) in Kendra docs and console for your Region.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                Network exposure<\/h3>\n\n\n\n
                                                                                                                                                  \n
                                                                                                                                                • By default, applications call regional Kendra endpoints over the internet (HTTPS).<\/li>\n
                                                                                                                                                • If your environment requires private connectivity, check whether VPC interface endpoints (PrivateLink)<\/strong> are available for Kendra in your Region and architecture. Verify in official AWS docs<\/strong>.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                  Secrets handling<\/h3>\n\n\n\n
                                                                                                                                                    \n
                                                                                                                                                  • For connectors that require credentials (SaaS systems), store secrets in a managed secret store (commonly AWS Secrets Manager<\/strong>) and restrict access with IAM.<\/li>\n
                                                                                                                                                  • Rotate credentials and audit secret access.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                    Audit\/logging<\/h3>\n\n\n\n
                                                                                                                                                      \n
                                                                                                                                                    • Enable CloudTrail<\/strong> in all Regions (or at least the Kendra Region) to log Kendra API calls.<\/li>\n
                                                                                                                                                    • Use CloudWatch metrics and alarms for:<\/li>\n
                                                                                                                                                    • Data source sync failures<\/li>\n
                                                                                                                                                    • Unusual query spikes<\/li>\n
                                                                                                                                                    • Operational anomalies<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                      Compliance considerations<\/h3>\n\n\n\n
                                                                                                                                                        \n
                                                                                                                                                      • Understand what content is indexed (including sensitive fields).<\/li>\n
                                                                                                                                                      • Ensure your access control model matches compliance requirements (least privilege, separation of duties).<\/li>\n
                                                                                                                                                      • For regulated industries, validate:<\/li>\n
                                                                                                                                                      • Data residency (Region)<\/li>\n
                                                                                                                                                      • Encryption model (KMS options)<\/li>\n
                                                                                                                                                      • Audit requirements (CloudTrail retention, log immutability)<\/li>\n
                                                                                                                                                      • Connector handling of ACLs and permissions<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                        Common security mistakes<\/h3>\n\n\n\n
                                                                                                                                                          \n
                                                                                                                                                        • Granting kendra:*<\/code> to broad roles used by applications (over-privileged).<\/li>\n
                                                                                                                                                        • Indexing sensitive repositories without ACL enforcement, then exposing a search UI broadly.<\/li>\n
                                                                                                                                                        • Forgetting to restrict iam:PassRole<\/code>, allowing users to attach overly permissive roles to data sources.<\/li>\n
                                                                                                                                                        • Sync roles with overly broad S3 permissions (for example s3:*<\/code> on *<\/code>).<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                          Secure deployment recommendations<\/h3>\n\n\n\n
                                                                                                                                                            \n
                                                                                                                                                          • Use separate IAM roles for:<\/li>\n
                                                                                                                                                          • Index administration<\/li>\n
                                                                                                                                                          • Data source sync<\/li>\n
                                                                                                                                                          • Application query<\/li>\n
                                                                                                                                                          • Use resource-level permissions where supported (restrict to specific index ARNs).<\/li>\n
                                                                                                                                                          • Keep documents in private S3 buckets; avoid public access.<\/li>\n
                                                                                                                                                          • Implement defense-in-depth: authentication (Cognito\/SSO), authorization, logging, and monitoring.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                            13. Limitations and Gotchas<\/h2>\n\n\n\n
                                                                                                                                                            \n
                                                                                                                                                            Always verify current service quotas and connector limitations in official docs.<\/p>\n<\/blockquote>\n\n\n\n
                                                                                                                                                            Known limitations \/ constraints (common categories)<\/h3>\n\n\n\n
                                                                                                                                                              \n
                                                                                                                                                            • Connector variability:<\/strong> Not all connectors support all features (especially ACL ingestion). Verify per-connector capabilities.<\/li>\n
                                                                                                                                                            • Document format limitations:<\/strong> Some file types may not extract well; scanned PDFs often require OCR before indexing.<\/li>\n
                                                                                                                                                            • Quota limits:<\/strong> Number of indexes per account, document limits, data source limits, and query throughput limits exist.<\/li>\n
                                                                                                                                                            • Regional availability:<\/strong> Kendra is not available in every Region; connector support can also vary by Region.<\/li>\n
                                                                                                                                                            • Cost visibility:<\/strong> Index hourly costs can surprise teams if indexes are left running in dev\/test.<\/li>\n
                                                                                                                                                            • Access control complexity:<\/strong> Proper ACL enforcement requires careful identity mapping and testing; mistakes can cause overexposure or missing results.<\/li>\n
                                                                                                                                                            • Schema changes require planning:<\/strong> Metadata changes can break filters\/facets in UIs and require re-indexing behaviors depending on configuration.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                              Operational gotchas<\/h3>\n\n\n\n
                                                                                                                                                                \n
                                                                                                                                                              • Sync failures may not be obvious to end users<\/strong><\/li>\n
                                                                                                                                                              • If sync silently stops, search results become stale. Add alarms\/workflows.<\/li>\n
                                                                                                                                                              • Inclusion\/exclusion prefix mistakes<\/strong><\/li>\n
                                                                                                                                                              • A wrong S3 prefix can lead to \u201c0 documents indexed\u201d.<\/li>\n
                                                                                                                                                              • Duplicate content<\/strong><\/li>\n
                                                                                                                                                              • Indexing multiple repositories with duplicates can degrade relevance.<\/li>\n
                                                                                                                                                              • Over-broad synonyms<\/strong><\/li>\n
                                                                                                                                                              • Poor thesaurus design can significantly reduce precision.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                                Migration challenges<\/h3>\n\n\n\n
                                                                                                                                                                  \n
                                                                                                                                                                • Moving from an existing search engine to Kendra often requires:<\/li>\n
                                                                                                                                                                • Metadata normalization<\/li>\n
                                                                                                                                                                • New ingestion pipelines<\/li>\n
                                                                                                                                                                • Access control mapping<\/li>\n
                                                                                                                                                                • Query UX updates (filters, facets)<\/li>\n
                                                                                                                                                                • Consider phased rollout: one repository first, then expand.<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                                  14. Comparison with Alternatives<\/h2>\n\n\n\n
                                                                                                                                                                  Amazon Kendra is one option in AWS\u2019s broader search + AI ecosystem. The best choice depends on relevance needs, control requirements, and cost.<\/p>\n\n\n\n
                                                                                                                                                                  Comparison table<\/h3>\n\n\n\n
                                                                                                                                                                  \n\n\n\n\n\n\n\n\n\n\n
                                                                                                                                                                  Option<\/th>\nBest For<\/th>\nStrengths<\/th>\nWeaknesses<\/th>\nWhen to Choose<\/th>\n<\/tr>\n<\/thead>\n
                                                                                                                                                                  Amazon Kendra<\/strong><\/td>\nEnterprise search across multiple repositories with ML relevance<\/td>\nManaged connectors, semantic ranking, excerpt highlighting, enterprise-focused features<\/td>\nCan be costly; less low-level control than self-managed engines; ACL\/identity can be complex<\/td>\nYou need managed enterprise search with strong relevance and connectors<\/td>\n<\/tr>\n
                                                                                                                                                                  Amazon OpenSearch Service<\/strong><\/td>\nCustom search applications, logs\/observability search, keyword + vector search<\/td>\nDeep control, flexible indexing\/analyzers, predictable cluster sizing, broad ecosystem<\/td>\nYou manage cluster sizing\/tuning; relevance tuning is more manual; connectors are DIY<\/td>\nYou need control, custom scoring, vector search, or already run OpenSearch<\/td>\n<\/tr>\n
                                                                                                                                                                  OpenSearch (self-managed)<\/strong><\/td>\nMaximum control, on-prem\/hybrid<\/td>\nFull control, extensibility<\/td>\nHigh ops burden, scaling, patching, security hardening<\/td>\nYou must run on-prem or need custom extensions not available managed<\/td>\n<\/tr>\n
                                                                                                                                                                  Database full-text search (Aurora\/RDS engine-specific)<\/strong><\/td>\nSimple search in app databases<\/td>\nMinimal extra infra, simple integration<\/td>\nNot designed for enterprise multi-repo search; limited semantic relevance<\/td>\nSmall apps with basic search requirements<\/td>\n<\/tr>\n
                                                                                                                                                                  Azure AI Search (other cloud)<\/strong><\/td>\nEnterprise search in Azure ecosystem<\/td>\nTight Azure integration; managed search<\/td>\nCross-cloud complexity; data gravity<\/td>\nOrganization is standardized on Azure<\/td>\n<\/tr>\n
                                                                                                                                                                  Google Cloud Vertex AI Search (other cloud)<\/strong><\/td>\nEnterprise search in GCP ecosystem<\/td>\nTight GCP integration<\/td>\nCross-cloud complexity; data gravity<\/td>\nOrganization is standardized on GCP<\/td>\n<\/tr>\n
                                                                                                                                                                  RAG-only vector DB approach<\/strong><\/td>\nSimilarity search for LLM context<\/td>\nStrong semantic similarity; embeddings-driven retrieval<\/td>\nRequires embedding pipelines; governance\/ACL must be designed carefully<\/td>\nYou primarily need embedding similarity retrieval for LLMs, not enterprise connector search<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n
                                                                                                                                                                  15. Real-World Example<\/h2>\n\n\n\n
                                                                                                                                                                  Enterprise example: Global financial services internal policy + procedures search<\/h3>\n\n\n\n
                                                                                                                                                                  Problem<\/strong>\n– Policies and procedures exist in SharePoint, PDFs in S3, and wiki pages.\n– Employees need quick answers, but content is sensitive and access differs by department and region.\n– Compliance requires auditable access and controlled changes.<\/p>\n\n\n\n
                                                                                                                                                                  Proposed architecture<\/strong>\n– Amazon Kendra index in the primary Region for the organization.\n– Data sources:\n  – SharePoint connector for controlled sites\n  – S3 connector for policy PDFs\n  – Confluence connector for engineering procedures\n– Enrichment:\n  – Lambda enrichment extracts metadata: policy_owner<\/code>, effective_date<\/code>, region<\/code>, classification<\/code>\n– Access control:\n  – Connector-level ACL ingestion where supported\n  – Query-time user context tied to corporate identity (verify the best practice for your identity setup in Kendra docs)\n– Front end:\n  – Internal portal using Cognito\/SSO authentication\n  – API layer (API Gateway + Lambda) calling Kendra Query APIs\n– Monitoring:\n  – CloudWatch alarms on sync failures and index health\n  – CloudTrail for audit trails<\/p>\n\n\n\n
                                                                                                                                                                  Why Amazon Kendra was chosen<\/strong>\n– Managed connectors reduce integration effort.\n– Better relevance for question-like queries compared to legacy keyword search.\n– Enterprise features (metadata, access control patterns) align with compliance needs.<\/p>\n\n\n\n
                                                                                                                                                                  Expected outcomes<\/strong>\n– Reduced time to locate policies.\n– Fewer compliance escalations due to outdated information usage.\n– Centralized search with clear auditing and governance.<\/p>\n\n\n\n
                                                                                                                                                                  \n\n\n\n
                                                                                                                                                                  Startup\/small-team example: Support knowledge base and RAG assistant<\/h3>\n\n\n\n
                                                                                                                                                                  Problem<\/strong>\n– A fast-growing startup has docs in S3 and a wiki, but support agents can\u2019t find answers quickly.\n– They want an LLM assistant, but need citations and reliable grounding.<\/p>\n\n\n\n
                                                                                                                                                                  Proposed architecture<\/strong>\n– Single Amazon Kendra index (start small).\n– S3 as the primary source for product docs and troubleshooting guides.\n– Simple metadata: product_area<\/code>, version<\/code>.\n– RAG service:\n  – Application queries Kendra to retrieve top passages\n  – Sends passages + citations to an LLM (for example, Amazon Bedrock)\n– Minimal ops:\n  – On-demand sync after doc updates, then move to scheduled sync when stable<\/p>\n\n\n\n
                                                                                                                                                                  Why Amazon Kendra was chosen<\/strong>\n– Faster setup than building a search cluster.\n– Works as a retrieval layer for RAG with citations back to source docs.\n– Reduces engineering time spent building search infrastructure.<\/p>\n\n\n\n
                                                                                                                                                                  Expected outcomes<\/strong>\n– Faster support resolution time.\n– Fewer escalations to engineering.\n– Higher customer satisfaction due to consistent answers with citations.<\/p>\n\n\n\n
                                                                                                                                                                  16. FAQ<\/h2>\n\n\n\n
                                                                                                                                                                  1) Is Amazon Kendra the same as Amazon OpenSearch Service?<\/strong>\nNo. Amazon Kendra is a managed enterprise search service focused on ML relevance and connectors. Amazon OpenSearch Service is a managed search\/analytics engine (OpenSearch) that offers more low-level control and broader use cases (logs, metrics, custom search).<\/p>\n\n\n\n
                                                                                                                                                                  2) Is Amazon Kendra a vector database?<\/strong>\nAmazon Kendra is not typically positioned as a general-purpose vector database. It provides ML-based relevance for enterprise search and retrieval. For dedicated vector similarity search, evaluate OpenSearch vector search or specialized vector stores. Verify current Kendra retrieval capabilities in the docs.<\/p>\n\n\n\n
                                                                                                                                                                  3) Can Amazon Kendra enforce document permissions?<\/strong>\nYes, when configured correctly and when ACL ingestion\/user context is supported for your connector or ingestion approach. This requires careful identity mapping and testing\u2014verify the recommended approach in official docs.<\/p>\n\n\n\n
                                                                                                                                                                  4) Does Amazon Kendra support Amazon S3 as a data source?<\/strong>\nYes. S3 is one of the most common Kendra data sources. You provide an IAM role for Kendra to read objects.<\/p>\n\n\n\n
                                                                                                                                                                  5) Can I index content from SaaS tools like Confluence or SharePoint?<\/strong>\nKendra supports multiple connectors for third-party repositories. Connector availability and features vary\u2014check the current connector list in the Kendra documentation.<\/p>\n\n\n\n
                                                                                                                                                                  6) How long does indexing take?<\/strong>\nIt depends on document count, size, and connector. For small labs, minutes. For large repositories, longer. Monitor sync status in the console.<\/p>\n\n\n\n
                                                                                                                                                                  7) Can I run Kendra in multiple Regions?<\/strong>\nYou can create indexes in multiple Regions, but each is separate. Consider data residency, latency, and cost.<\/p>\n\n\n\n
                                                                                                                                                                  8) Can I \u201cpause\u201d a Kendra index to stop hourly charges?<\/strong>\nTypically, managed indexes are billed while they exist. The reliable way to stop charges is usually to delete the index. Verify current billing behavior on the pricing page.<\/p>\n\n\n\n
                                                                                                                                                                  9) How do I improve poor search relevance?<\/strong>\nStart with content hygiene and metadata:\n– Ensure titles and headings are meaningful\n– Add consistent metadata fields\n– Use relevance tuning (boost fields\/sources)\n– Add synonyms carefully\n– Remove duplicates and outdated versions<\/p>\n\n\n\n
                                                                                                                                                                  10) What\u2019s the best way to support RAG with Amazon Kendra?<\/strong>\nUse Kendra to retrieve top relevant passages\/documents, then provide them as grounded context to an LLM (for example Amazon Bedrock). Keep citations (source URIs) and implement guardrails (don\u2019t let the model answer without retrieved context).<\/p>\n\n\n\n
                                                                                                                                                                  11) Does Amazon Kendra integrate with Amazon Lex?<\/strong>\nKendra is commonly used as a knowledge search backend for chatbots. Validate the current best practice integration patterns in AWS docs for Lex and Kendra.<\/p>\n\n\n\n
                                                                                                                                                                  12) How do I secure a public-facing search experience?<\/strong>\nDon\u2019t expose Kendra directly to browsers. Put an authenticated API layer in front (API Gateway + Lambda) and apply IAM least privilege, rate limiting, and logging.<\/p>\n\n\n\n
                                                                                                                                                                  13) How do I handle scanned PDFs?<\/strong>\nKendra may not extract text well from scanned images. Perform OCR upstream (for example using Amazon Textract or another OCR solution) and index the extracted text.<\/p>\n\n\n\n
                                                                                                                                                                  14) Can I index multiple S3 buckets?<\/strong>\nYes, typically by creating multiple S3 data sources, each with its own configuration and IAM access. Validate quotas and best practices for your scale.<\/p>\n\n\n\n
                                                                                                                                                                  15) How do I track who changed index settings?<\/strong>\nEnable CloudTrail and review events for Kendra API calls (create\/update\/delete index, data source changes, sync triggers).<\/p>\n\n\n\n
                                                                                                                                                                  16) What\u2019s the difference between a data source sync and custom ingestion?<\/strong>\n– Data source sync: Kendra pulls from a repository on schedule\/on-demand via connector.\n– Custom ingestion: your pipeline pushes documents into Kendra using APIs. Choose based on repository type and control needs.<\/p>\n\n\n\n
                                                                                                                                                                  17) How do I avoid indexing sensitive data accidentally?<\/strong>\nUse inclusion\/exclusion patterns, metadata classification, and (if needed) enrichment-based redaction\/tagging. Apply IAM controls and review the content scope during onboarding.<\/p>\n\n\n\n
                                                                                                                                                                  17. Top Online Resources to Learn Amazon Kendra<\/h2>\n\n\n\n
                                                                                                                                                                  \n\n\n\n\n\n\n\n\n\n\n\n\n\n
                                                                                                                                                                  Resource Type<\/th>\nName<\/th>\nWhy It Is Useful<\/th>\n<\/tr>\n<\/thead>\n
                                                                                                                                                                  Official Documentation<\/td>\nAmazon Kendra Documentation<\/td>\nPrimary source for features, APIs, connectors, quotas, and security guidance. https:\/\/docs.aws.amazon.com\/kendra\/<\/td>\n<\/tr>\n
                                                                                                                                                                  Official \u201cWhat is\u201d page<\/td>\nWhat is Amazon Kendra?<\/td>\nGood conceptual overview and core terminology. https:\/\/docs.aws.amazon.com\/kendra\/latest\/dg\/what-is-kendra.html<\/td>\n<\/tr>\n
                                                                                                                                                                  Official Pricing<\/td>\nAmazon Kendra Pricing<\/td>\nCurrent pricing by edition\/Region and related capabilities. https:\/\/aws.amazon.com\/kendra\/pricing\/<\/td>\n<\/tr>\n
                                                                                                                                                                  Pricing Tool<\/td>\nAWS Pricing Calculator<\/td>\nBuild Region-specific estimates including related services. https:\/\/calculator.aws\/<\/td>\n<\/tr>\n
                                                                                                                                                                  API Reference<\/td>\nAmazon Kendra API Reference<\/td>\nExact request\/response shapes for Query, ingestion, and admin APIs. Verify latest endpoints via docs navigation: https:\/\/docs.aws.amazon.com\/kendra\/<\/td>\n<\/tr>\n
                                                                                                                                                                  Security\/Auditing<\/td>\nAWS CloudTrail User Guide<\/td>\nHow to audit Kendra API calls and set retention. https:\/\/docs.aws.amazon.com\/awscloudtrail\/latest\/userguide\/<\/td>\n<\/tr>\n
                                                                                                                                                                  Monitoring<\/td>\nAmazon CloudWatch Documentation<\/td>\nMetrics, dashboards, and alarms for operational visibility. https:\/\/docs.aws.amazon.com\/cloudwatch\/<\/td>\n<\/tr>\n
                                                                                                                                                                  Architecture Guidance<\/td>\nAWS Architecture Center<\/td>\nPatterns for building secure, scalable AWS solutions (search for Kendra references). https:\/\/aws.amazon.com\/architecture\/<\/td>\n<\/tr>\n
                                                                                                                                                                  Samples (Trusted)<\/td>\nAWS Samples on GitHub (search: \u201camazon kendra\u201d)<\/td>\nExample code for querying and integration patterns. https:\/\/github.com\/aws-samples (use search for \u201ckendra\u201d)<\/td>\n<\/tr>\n
                                                                                                                                                                  Videos<\/td>\nAWS YouTube Channel (search: \u201cAmazon Kendra\u201d)<\/td>\nService deep dives, demos, and integration examples. https:\/\/www.youtube.com\/user\/AmazonWebServices<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n
                                                                                                                                                                  18. Training and Certification Providers<\/h2>\n\n\n\n
                                                                                                                                                                  \n\n\n\n\n\n\n\n\n
                                                                                                                                                                  Institute<\/th>\nSuitable Audience<\/th>\nLikely Learning Focus<\/th>\nMode<\/th>\nWebsite URL<\/th>\n<\/tr>\n<\/thead>\n
                                                                                                                                                                  DevOpsSchool.com<\/td>\nBeginners to experienced cloud\/DevOps practitioners<\/td>\nAWS fundamentals, DevOps, and practical cloud labs (verify current Kendra coverage on site)<\/td>\nCheck website<\/td>\nhttps:\/\/www.devopsschool.com\/<\/td>\n<\/tr>\n
                                                                                                                                                                  ScmGalaxy.com<\/td>\nStudents and early-career engineers<\/td>\nDevOps\/SCM basics, cloud introductions, hands-on learning<\/td>\nCheck website<\/td>\nhttps:\/\/www.scmgalaxy.com\/<\/td>\n<\/tr>\n
                                                                                                                                                                  CLoudOpsNow.in<\/td>\nCloud operations and platform teams<\/td>\nCloud operations practices, automation, operational readiness<\/td>\nCheck website<\/td>\nhttps:\/\/www.cloudopsnow.in\/<\/td>\n<\/tr>\n
                                                                                                                                                                  SreSchool.com<\/td>\nSREs, DevOps, operations engineers<\/td>\nReliability engineering practices, monitoring, incident response<\/td>\nCheck website<\/td>\nhttps:\/\/www.sreschool.com\/<\/td>\n<\/tr>\n
                                                                                                                                                                  AiOpsSchool.com<\/td>\nOps + AI\/ML practitioners<\/td>\nAIOps concepts, automation, AI-assisted operations<\/td>\nCheck website<\/td>\nhttps:\/\/www.aiopsschool.com\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n
                                                                                                                                                                  19. Top Trainers<\/h2>\n\n\n\n
                                                                                                                                                                  \n\n\n\n\n\n\n\n
                                                                                                                                                                  Platform\/Site<\/th>\nLikely Specialization<\/th>\nSuitable Audience<\/th>\nWebsite URL<\/th>\n<\/tr>\n<\/thead>\n
                                                                                                                                                                  RajeshKumar.xyz<\/td>\nCloud\/DevOps training content (verify specific offerings)<\/td>\nLearners seeking guided training and mentorship<\/td>\nhttps:\/\/rajeshkumar.xyz\/<\/td>\n<\/tr>\n
                                                                                                                                                                  devopstrainer.in<\/td>\nDevOps and cloud training<\/td>\nBeginners to intermediate engineers<\/td>\nhttps:\/\/www.devopstrainer.in\/<\/td>\n<\/tr>\n
                                                                                                                                                                  devopsfreelancer.com<\/td>\nFreelance DevOps help\/training platform (verify services)<\/td>\nTeams needing short-term coaching or implementation help<\/td>\nhttps:\/\/www.devopsfreelancer.com\/<\/td>\n<\/tr>\n
                                                                                                                                                                  devopssupport.in<\/td>\nDevOps support and training resources (verify scope)<\/td>\nOperations teams seeking practical support-style learning<\/td>\nhttps:\/\/www.devopssupport.in\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n
                                                                                                                                                                  20. Top Consulting Companies<\/h2>\n\n\n\n
                                                                                                                                                                  \n\n\n\n\n\n\n
                                                                                                                                                                  Company Name<\/th>\nLikely Service Area<\/th>\nWhere They May Help<\/th>\nConsulting Use Case Examples<\/th>\nWebsite URL<\/th>\n<\/tr>\n<\/thead>\n
                                                                                                                                                                  cotocus.com<\/td>\nCloud\/DevOps consulting (verify offerings)<\/td>\nArchitecture reviews, implementation support, automation<\/td>\nDesigning an AWS search portal architecture; setting up IAM governance; CI\/CD for related apps<\/td>\nhttps:\/\/cotocus.com\/<\/td>\n<\/tr>\n
                                                                                                                                                                  DevOpsSchool.com<\/td>\nTraining + consulting (verify offerings)<\/td>\nEnablement, cloud\/DevOps delivery, workshops<\/td>\nKendra proof-of-concept; operational readiness; cost and security review for a search\/RAG rollout<\/td>\nhttps:\/\/www.devopsschool.com\/<\/td>\n<\/tr>\n
                                                                                                                                                                  DEVOPSCONSULTING.IN<\/td>\nDevOps consulting (verify offerings)<\/td>\nDevOps transformation, cloud operations, platform practices<\/td>\nSecure AWS deployment patterns; monitoring strategy; IAM least-privilege design for Kendra apps<\/td>\nhttps:\/\/www.devopsconsulting.in\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n
                                                                                                                                                                  21. Career and Learning Roadmap<\/h2>\n\n\n\n
                                                                                                                                                                  What to learn before Amazon Kendra<\/h3>\n\n\n\n
                                                                                                                                                                    \n
                                                                                                                                                                  • AWS fundamentals<\/strong><\/li>\n
                                                                                                                                                                  • IAM users\/roles\/policies, least privilege, iam:PassRole<\/code><\/li>\n
                                                                                                                                                                  • S3 buckets, object permissions, bucket policies<\/li>\n
                                                                                                                                                                  • CloudWatch and CloudTrail basics<\/li>\n
                                                                                                                                                                  • Search fundamentals<\/strong><\/li>\n
                                                                                                                                                                  • Precision\/recall, relevance, metadata, facets<\/li>\n
                                                                                                                                                                  • Content lifecycle and governance<\/li>\n
                                                                                                                                                                  • Security fundamentals<\/strong><\/li>\n
                                                                                                                                                                  • Data classification, encryption basics, audit logging<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                                    What to learn after Amazon Kendra<\/h3>\n\n\n\n
                                                                                                                                                                      \n
                                                                                                                                                                    • RAG architectures<\/strong><\/li>\n
                                                                                                                                                                    • Retrieval strategies, chunking, citations, evaluation<\/li>\n
                                                                                                                                                                    • Integrating Kendra retrieval with Amazon Bedrock<\/strong><\/li>\n
                                                                                                                                                                    • Enterprise identity<\/strong><\/li>\n
                                                                                                                                                                    • IAM Identity Center, SAML\/OIDC concepts, user\/group mapping<\/li>\n
                                                                                                                                                                    • Operational excellence<\/strong><\/li>\n
                                                                                                                                                                    • Dashboards, alarms, incident playbooks for ingestion failures<\/li>\n
                                                                                                                                                                    • Alternatives<\/strong><\/li>\n
                                                                                                                                                                    • Amazon OpenSearch Service for custom ranking\/vector search<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                                      Job roles that use it<\/h3>\n\n\n\n
                                                                                                                                                                        \n
                                                                                                                                                                      • Cloud engineer \/ cloud developer<\/li>\n
                                                                                                                                                                      • Solutions architect<\/li>\n
                                                                                                                                                                      • DevOps \/ SRE (internal tooling and portals)<\/li>\n
                                                                                                                                                                      • Knowledge management engineer<\/li>\n
                                                                                                                                                                      • ML engineer (RAG integrations)<\/li>\n
                                                                                                                                                                      • Security engineer (governance and access control validation)<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                                        Certification path (if available)<\/h3>\n\n\n\n
                                                                                                                                                                        AWS certifications don\u2019t typically focus on a single service, but relevant paths include:\n– AWS Certified Solutions Architect (Associate\/Professional)\n– AWS Certified Developer (Associate)\n– AWS Certified Machine Learning \/ AI-related certifications (check current AWS certification catalog)\nVerify current certification names and availability: https:\/\/aws.amazon.com\/certification\/<\/p>\n\n\n\n
                                                                                                                                                                        Project ideas for practice<\/h3>\n\n\n\n
                                                                                                                                                                          \n
                                                                                                                                                                        • Build a secure internal search portal with:<\/li>\n
                                                                                                                                                                        • Cognito auth<\/li>\n
                                                                                                                                                                        • API Gateway + Lambda<\/li>\n
                                                                                                                                                                        • Kendra query + metadata filters<\/li>\n
                                                                                                                                                                        • Implement document enrichment:<\/li>\n
                                                                                                                                                                        • Add tags like team<\/code>, severity<\/code>, service<\/code> based on content<\/li>\n
                                                                                                                                                                        • Build a RAG assistant:<\/li>\n
                                                                                                                                                                        • Kendra retrieval + Bedrock generation + citations<\/li>\n
                                                                                                                                                                        • Implement governance:<\/li>\n
                                                                                                                                                                        • Multiple indexes by environment with tagging + cost reporting<\/li>\n
                                                                                                                                                                        • CloudWatch alarms on sync failures<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                                          22. Glossary<\/h2>\n\n\n\n
                                                                                                                                                                            \n
                                                                                                                                                                          • ACL (Access Control List):<\/strong> Rules that define which users\/groups can access a document. In search, ACLs must be enforced so users only see permitted results.<\/li>\n
                                                                                                                                                                          • Connector (Data source):<\/strong> A managed integration that syncs documents from a repository (S3, wiki, SaaS tool) into Kendra.<\/li>\n
                                                                                                                                                                          • Data source sync:<\/strong> The job that reads from the repository and updates the Kendra index.<\/li>\n
                                                                                                                                                                          • Document enrichment:<\/strong> A pipeline step that transforms documents or adds metadata during ingestion (often using AWS Lambda).<\/li>\n
                                                                                                                                                                          • Facet:<\/strong> A UI element that lets users filter results by a metadata field (for example department or date).<\/li>\n
                                                                                                                                                                          • IAM:<\/strong> AWS Identity and Access Management\u2014controls permissions for AWS API calls and role assumption.<\/li>\n
                                                                                                                                                                          • Index:<\/strong> The searchable structure Kendra builds from ingested documents.<\/li>\n
                                                                                                                                                                          • Metadata:<\/strong> Structured fields attached to documents (owner, department, date, tags) used for filtering and relevance.<\/li>\n
                                                                                                                                                                          • RAG (Retrieval-Augmented Generation):<\/strong> An architecture where a retrieval system fetches relevant context (documents\/passages) for an LLM to generate grounded answers.<\/li>\n
                                                                                                                                                                          • Relevance tuning:<\/strong> Adjusting ranking behavior (boosting fields\/sources) to improve result quality.<\/li>\n
                                                                                                                                                                          • Synonyms\/Thesaurus:<\/strong> Configuration that maps related terms (PTO\/vacation) to improve recall.<\/li>\n
                                                                                                                                                                          • User context:<\/strong> Information about the querying user (identity\/groups) used to enforce access control during query.<\/li>\n
                                                                                                                                                                          • VPC interface endpoint (PrivateLink):<\/strong> A private network path to AWS service APIs without traversing the public internet (availability varies; verify for Kendra).<\/li>\n<\/ul>\n\n\n\n
                                                                                                                                                                            23. Summary<\/h2>\n\n\n\n
                                                                                                                                                                            Amazon Kendra is AWS\u2019s managed enterprise search service in the Machine Learning (ML) and Artificial Intelligence (AI)<\/strong> category, built to index documents across repositories and return highly relevant results for natural language queries. It matters when your organization needs better-than-keyword relevance, unified search across silos, and a managed operational model with strong AWS integrations.<\/p>\n\n\n\n
                                                                                                                                                                            From an architecture perspective, Kendra sits between content sources (often S3 and SaaS tools) and applications (portals, chatbots, and RAG assistants). Cost is primarily driven by the existence and edition\/capacity of indexes (often billed hourly), so cost control depends on minimizing unnecessary indexes, choosing the correct edition, and tuning sync schedules. Security depends on IAM least privilege, careful connector role design, encryption configuration (verify options), and\u2014if needed\u2014correct ACL and identity mapping so users only see what they should.<\/p>\n\n\n\n
                                                                                                                                                                            Use Amazon Kendra when you want managed enterprise search with connectors and ML relevance. Consider alternatives like Amazon OpenSearch Service when you need deeper control, lower-level customization, or dedicated vector search. Next, extend this tutorial by adding metadata schema design, document enrichment via Lambda, and a production-grade authenticated search API\u2014then evaluate a RAG workflow using Amazon Bedrock with Kendra as the retrieval layer.<\/p>\n","protected":false},"excerpt":{"rendered":"
                                                                                                                                                                            Machine Learning (ML) and Artificial Intelligence (AI)<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20,32],"tags":[],"class_list":["post-240","post","type-post","status-publish","format-standard","hentry","category-aws","category-machine-learning-ml-and-artificial-intelligence-ai"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts\/240","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/comments?post=240"}],"version-history":[{"count":0,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts\/240\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/media?parent=240"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/categories?post=240"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/tags?post=240"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}