Repo
ambientintel/ambientcloud
Architecture
v4 · 2026-04-21
Data handling
IRB-approved · HIPAA §164.514(c) coded data · No names, DOBs, or MRNs
ambientcloud · AWS
Services
13Services
135Tests
12With Terraform
| Service | Type | Description | Tests | Infra | |
|---|---|---|---|---|---|
| Ella ↗ | AI · Bedrock | Twice-daily Claude Sonnet narrative per subject via Bedrock — de-identified summaries stored in DynamoDB for clinical staff. | 11 | ✓ | |
| Nurse/Admin API ↗ | REST API | FastAPI + Cognito JWT with row-level facility scoping. Twelve endpoints serving staff web and mobile clients. | 41 | ✓ | |
| Telemetry ↗ | Streaming | Fall-alert Lambda → SNS for sub-2s staff notification; per-minute aggregates → Firehose → Parquet on S3. | 15 | ✓ | |
| Admin CLI ↗ | CLI | Operator CLI for device provisioning — mints tenant X.509 certs and registers rooms in DynamoDB. | 66 | — | |
| URL Minter ↗ | Upload | Presigned S3 upload URLs for device Parquet batches — eliminates MQTT overhead for analytic cold-path data. | — | ✓ | |
| Athena ↗ | Analytics | Glue table and partition projection for raw radar frames on the cold path — queryable without ETL. | — | ✓ | |
| Golden Pipeline ↗ | Analytics | Daily golden-combine Lambda runs Athena UNLOAD to merge raw frames into the golden_frames dataset. Feeds SimLab analytics and clinical reporting. | — | ✓ | |
| Simulation Runner ↗ | SimLab | Container image Lambda (pyarrow ARM64) generating synthetic radar Parquet frames for 6 clinical scenarios. Invokes golden-combine after each run. Function URL with IAM auth. | — | ✓ | |
| CloudTrail ↗ | Audit | Data-event audit logging on all sensitive DynamoDB tables — every read/write attributed for HIPAA compliance. | — | ✓ | |
| IoT Core ↗ | IoT | Role alias (temp AWS creds for devices via mTLS), Device Shadow, IoT Rules for fall-enricher and legacy Firehose paths, and device policy with AllowPublishShadow for Device Shadow telemetry. | — | ✓ | |
| KMS ↗ | Security | Four tenant CMKs (data, s3, sns, sqs) with 30-day deletion window, automatic annual rotation, and scoped key policy. Lambda env vars, CloudWatch logs, and SQS queues all encrypted with dedicated CMKs. | — | ✓ | |
| Reconciler ↗ | Analytics | 15-min Athena row-count delta → TelemetryDivergence CloudWatch metric + alarm. Embedded in TelemetryStack; keeps cold-path divergence visible without a separate service deployment. | 2 | ✓ | |
| Observability ↗ | Monitoring | CloudWatch Metric Streams to central account — scalar metrics only (Lambda, DynamoDB, Ambient/* namespace). No PHI crosses the boundary. | — | ✓ |