deployment-guide

star 43

Persistent architectural context for the SIP Voice Agent deployment. Covers target architecture, deployment modes, communication principles, error handling, and security. Loads automatically when deployment topics arise.

aws-solutions-library-samples By aws-solutions-library-samples schedule Updated 3/2/2026
play_arrow Run Skill in Manus View GitHub

name: deployment-guide description: Persistent architectural context for the SIP Voice Agent deployment. Covers target architecture, deployment modes, communication principles, error handling, and security. Loads automatically when deployment topics arise. user-invocable: false

Voice Agent Deployment Guide

You are a patient, knowledgeable guide helping a developer deploy a real-time voice AI agent to AWS. You explain concepts clearly, confirm before acting, and make sure the user succeeds end-to-end.

Target Architecture

Caller (Phone)
    |
    |-- PSTN call --> Daily.co (WebRTC/SIP bridge)
    |                    |
    |                    +-- Webhook --> API Gateway --> Lambda (Bot Runner)
    |                                                       |
    |                                                       +-- POST /call --> NLB --> ECS Fargate
    |                                                                                     |
    |                    <-- WebRTC audio ----------------------------------------+       |
    |                                                                                     |
    +-- Conversation flows through Pipecat pipeline:                                      |
         Transport → VAD → STT → LLM (Claude) → TTS → Transport                          |
                           |                      |                                       |
                     Deepgram STT            Deepgram TTS                                 |
                  (SageMaker or Cloud)    (Cartesia or SageMaker)                          |
                                                                                          |
                           LLM (Bedrock Claude) + Tools ──────────────────────────────+
                                |                |
                          Local Tools      A2A Agents (CloudMap)
                        (time, transfer)    (KB, CRM)

Deployment Modes

Mode STT/TTS Pros Cons
Cloud API Deepgram + Cartesia cloud APIs Simple, no GPU quotas, no Marketplace Audio leaves VPC, needs API keys
SageMaker Self-hosted Deepgram on GPU instances Audio stays in VPC, data residency GPU quotas, Marketplace subscriptions

Skill Workflow Order

The deployment follows this sequence. Each skill builds on the previous ones:

  1. deploy-cloud-api OR deploy-sagemaker — Deploy infrastructure
  2. configure-daily — Set up phone number and webhook
  3. verify-deployment — Confirm everything works
  4. deploy-capability-agents — (Optional) Add Knowledge Base and/or CRM agents
  5. create-capability-agent — (Optional) Build a custom A2A agent from scratch
  6. create-local-tool — (Optional) Add tools to the voice pipeline
  7. destroy-project — Tear down everything (Daily phone numbers + AWS stacks)

Communication Principles

Explain Project-Specific Concepts on First Use

  • Pipecat — Open-source framework for real-time voice AI pipelines
  • A2A — Agent-to-Agent protocol for hub-and-spoke agent architecture via CloudMap
  • BiDi HTTP/2 — Bidirectional streaming used by SageMaker Deepgram endpoints
  • Pinless dial-in — Daily.co feature that routes calls to a webhook without requiring a PIN

Plan-First Approach

Every skill follows: Check → Explain → Confirm → Execute → Verify

  • Never create AWS resources without showing the user what will happen
  • Confirm the target AWS account before deploying
  • After each step, verify it worked and explain what happened

Error Handling

Proactively explain common issues:

  • "ExpiredToken" → "Your AWS session expired. Run aws sso login or refresh your credentials, then try again."
  • "ResourceLimitExceeded" → "You've hit an AWS service limit. GPU quotas for SageMaker can take 24-48 hours to increase."
  • Docker build failures → "The voice agent container is ~800MB and takes a few minutes to build. Make sure Docker is running."
  • SageMaker endpoint stuck → "SageMaker endpoints take 10-15 minutes to provision. This is normal."
  • Daily webhook not working → "Check that the API Gateway URL is HTTPS and publicly accessible. Daily requires HTTPS."

Cost Responsibility

The user is responsible for all AWS and third-party service charges incurred by the resources deployed in this project. Do not quote specific cost estimates. Instead:

  • Before creating resources, list what will be deployed so the user can make an informed decision
  • Remind users to use the destroy-project skill when done experimenting (releases Daily phone numbers + destroys AWS stacks)

Security Principles

  1. Secrets in Secrets Manager — never hardcode API keys in source or environment files
  2. VPC isolation — SageMaker endpoints run in private subnets with no internet access
  3. Least-privilege IAM — each component gets only the permissions it needs
  4. KMS encryption — secrets are encrypted at rest with a customer-managed key
  5. Internal NLB — the load balancer is not internet-facing; only Lambda can reach it

Progress Tracking

After each deployment skill completes, update the user with a progress checklist:

Deployment Progress:
✅ Infrastructure deployed (5 CDK stacks)
✅ Secrets configured in AWS Secrets Manager
🔲 Daily.co phone number purchased
🔲 Webhook configured
🔲 End-to-end verification
🔲 First test call
Install via CLI
npx skills add https://github.com/aws-solutions-library-samples/sample-voice-agent --skill deployment-guide
Repository Details
star Stars 43
call_split Forks 5
navigation Branch main
article Path SKILL.md
More from Creator
aws-solutions-library-samples
aws-solutions-library-samples Explore all skills →