top of page

What is DeepSeek and How to Deploy It on AWS


Deploy deepseek llm
Deepseek LLM Model

Introduction

In the rapidly evolving world of artificial intelligence, efficiency and cost-effectiveness are key drivers of innovation. Enter DeepSeek, a Chinese AI company making waves with its flagship model, DeepSeek-R1. Launched in 2023 by Liang Wenfeng, DeepSeek focuses on delivering high-performance large language models (LLMs) at a fraction of the cost of competitors like ChatGPT. Its standout model, DeepSeek-R1, is renowned for its advanced reasoning abilities and open-source approach, making it an attractive option for businesses seeking powerful yet affordable AI solutions.

But how can you effectively deploy DeepSeek-R1 to leverage its capabilities at scale? The answer lies in Amazon Web Services (AWS). By deploying DeepSeek-R1 on AWS Bedrock, you can harness the power of a scalable, secure, and cost-efficient cloud platform to maximize your AI’s potential. This guide will walk you through everything you need to know about DeepSeek-R1 and provide a step-by-step tutorial on how to deploy it on AWS seamlessly.

Ready to get started? Let’s dive in!


1. What is DeepSeek-R1 and Why Deploy It on AWS?

DeepSeek-R1 is the flagship large language model from DeepSeek, known for its advanced reasoning capabilities and cost-efficient performance. Built with an open-source mindset, DeepSeek-R1 offers flexible integration options and has been gaining traction for applications in industries like legal analysis, medical research, and customer support.

Why Deploy DeepSeek-R1 on AWS?

  • Scalability and Flexibility: AWS provides unmatched scalability, allowing you to dynamically adjust resources based on demand.

  • Cost-Efficiency: By leveraging AWS’s pay-as-you-go model, you can optimize operational costs, aligning perfectly with DeepSeek’s focus on cost-effective AI.

  • Secure and Reliable Infrastructure: AWS’s robust security features ensure that your deployment remains secure and compliant with industry standards.

  • Seamless Integration: Deploying on AWS Bedrock allows for seamless integration with other AWS services, like Lambda and API Gateway, enabling efficient model invocation and secure API management.

By deploying DeepSeek-R1 on AWS, you’re not just investing in a powerful AI model—you’re also future-proofing your solution with a reliable, scalable cloud infrastructure.


2. Prerequisites for Setting up Bedrock on AWS

Before deploying DeepSeek-R1 on AWS, it’s essential to ensure you have the right prerequisites in place. Proper preparation streamlines the deployment process and helps avoid common pitfalls. Here’s what you’ll need:

1. AWS Account Setup

  • Create an AWS Account: If you don’t already have one, visit the AWS website and create an account. Ensure you have administrator access for seamless configuration.

  • Billing and Limits: Make sure your billing details are set up and review service limits to ensure you have sufficient resources for model deployment.

2. Required IAM Roles and Permissions

  • IAM Role for Bedrock Access: Create an IAM role with the necessary permissions to access AWS Bedrock. This role will allow your application to interact securely with the model.

  • IAM Role for Lambda Function: You’ll also need an IAM role for the Lambda function, granting it permissions to invoke the DeepSeek-R1 model and access related AWS services like API Gateway.

  • Best Practice: Follow the principle of least privilege—grant only the permissions necessary to perform the required tasks.

3. Necessary Tools and Configurations

  • AWS CLI: Install the AWS Command Line Interface for terminal-based management and testing. You can download it here.

  • AWS SDKs: Depending on your development environment, you might need AWS SDKs (e.g., Boto3 for Python). These are essential for integrating Lambda functions with Bedrock.

  • Environment Variables: Set up environment variables for secure storage of API keys and other sensitive credentials. This will be crucial for authenticating requests.

4. Security and Authentication Preparations

  • API Key Generation: Generate an API key in API Gateway for secure access and authentication.

  • Secrets Management: Consider using AWS Systems Manager Parameter Store or AWS Secrets Manager for managing sensitive keys securely.


With these prerequisites in place, you’ll be ready to import DeepSeek-R1 into AWS Bedrock and set up the Lambda function for model invocation.


3. Importing DeepSeek-R1 into AWS Bedrock

With the prerequisites in place, the next step is to import the DeepSeek-R1 model into AWS Bedrock. AWS Bedrock provides a managed environment for deploying and scaling AI models, making it an ideal choice for leveraging DeepSeek-R1’s advanced reasoning capabilities. Here’s how to get started:


Step 1: Access AWS Bedrock

  1. Sign in to AWS Console: Go to the AWS Management Console.

  2. Navigate to Bedrock: Search for “Bedrock” in the services search bar and select it from the list.


Step 2: Import the Model

  1. Click on “Models” in the Bedrock dashboard.

  2. Choose “Import Model” and select the option to import from an external source.

  3. Provide Model Details:

    • Model Name: Enter a unique name for the model (e.g., DeepSeek-R1).

    • Model Source: Specify the source location, such as an S3 bucket URL or a public model repository if available.

    • Framework and Runtime: Ensure compatibility by selecting the correct framework (e.g., PyTorch or TensorFlow) that DeepSeek-R1 uses.

  4. Review and Confirm: Double-check the details and click Import Model.


Step 3: Test the Model

After importing, it’s crucial to test the model to verify its functionality:

  • Option 1: Playground Testing

    • Bedrock offers a built-in playground for model testing.

    • In the Bedrock dashboard, navigate to Playground.

    • Select the imported DeepSeek-R1 model and enter sample prompts to evaluate its reasoning capabilities.

  • Option 2: Terminal Testing

  • Alternatively, test the model using AWS CLI or SDKs.

  • Example using AWS CLI:

aws bedrock invoke-model --model-name DeepSeek-R1 --payload '{"text": "Sample prompt"}'

  • This approach allows for more advanced testing and integration into development workflows.


Step 4: Monitor and Troubleshoot

  • Logs and Metrics: Monitor logs and performance metrics in Amazon CloudWatch to ensure the model is running smoothly.

  • Troubleshooting Tips:

    • If the model fails to load, double-check the source URL and framework compatibility.

    • Review IAM role permissions to confirm access to the S3 bucket or other resources.


4. Creating an AWS Lambda Function to Invoke DeepSeek-R1

To efficiently invoke the DeepSeek-R1 model on AWS, you’ll need to set up an AWS Lambda function. This serverless approach ensures scalability and cost-efficiency, allowing you to execute code in response to API requests without managing infrastructure. Here’s how to do it:


Step 1: Create the Lambda Function

  1. Sign in to the AWS Console and navigate to AWS Lambda.

  2. Click on “Create Function.”

  3. Choose “Author from Scratch” to create a new function.

  4. Enter the following details:

    • Function Name: Choose a descriptive name (e.g., DeepSeekR1Invoker).

    • Runtime: Select the programming language. For this example, we’ll use Python 3.9.

    • Permissions:

      • Create or select an IAM role with the following permissions:

        • AWSLambdaBasicExecutionRole for CloudWatch logging.

        • Custom permissions to allow the Lambda function to invoke the DeepSeek-R1 model in Bedrock.

    • Click “Create Function.”


Step 2: Write the Lambda Function Code

In the Lambda function editor, write the code to invoke DeepSeek-R1. Here’s a sample using Python:

import boto3
import os
import json

# Initialize Bedrock client
bedrock_client = boto3.client('bedrock')

def lambda_handler(event, context):
    try:
        # Get the input prompt from the event
        prompt = event.get('prompt', 'Hello, DeepSeek!')

		# Call the DeepSeek-R1 model in Bedrock
        response = bedrock_client.invoke_model(
            ModelName='DeepSeek-R1',
            Payload=json.dumps({"text": prompt})
        )
		# Return the model's output
        result = json.loads(response['Body'].read().decode('utf-8'))
        return {
            'statusCode': 200,
            'body': json.dumps({'output': result})

        }
	except Exception as e:
        return {
            'statusCode': 500,
            'body': json.dumps({'error': str(e)})

        }

Step 3: Add Environment Variable for API Key

For authentication, you’ll need to store the API key securely as an environment variable:

  1. In the Lambda function console, navigate to Configuration → Environment Variables.

  2. Click Edit and Add Environment Variable.

  3. Enter:

    • Key: API_KEY

    • Value: (Paste the API Key generated in API Gateway)

  4. Click Save.

Security Tip: Consider storing the API Key in AWS Systems Manager Parameter Store or AWS Secrets Manager for enhanced security.


Step 4: Test the Lambda Function

  1. Go to the Test tab in the Lambda console.

  2. Create a new test event with the following JSON input:

{
  "prompt": "What is the capital of Canada?"
}

  1. Click Test and check the output. You should receive a response from DeepSeek-R1.

  2. Troubleshooting: If the test fails:

    • Check CloudWatch logs for detailed error messages.

    • Confirm that the IAM role has the necessary permissions.

    • Verify that the API Key is correctly configured and matches the one in API Gateway.


Step 5: Monitor and Optimize

  • CloudWatch Monitoring: View execution logs and metrics in Amazon CloudWatch.

  • Performance Optimization: Adjust memory and timeout settings based on model response times.

  • Cost Efficiency: Monitor Lambda invocation costs and optimize function usage to minimize expenses.


5. Setting Up API Gateway and Enabling Authentication

To provide secure and scalable access to the DeepSeek-R1 model, the next step is to set up AWS API Gateway. This allows you to expose the Lambda function as a RESTful API endpoint, enabling external applications to interact with the model securely. Additionally, implementing API Key authentication ensures that only authorized users can access the service. Here’s how to set it up:


Step 1: Open API Gateway

  1. Sign in to the AWS Management Console and navigate to API Gateway.

  2. Click on “Create API.”


Step 2: Choose API Type

Select the type of API that best suits your needs:

  • REST API: Flexible and feature-rich, suitable for most use cases.

  • HTTP API: Faster and cheaper, ideal for simple RESTful services.

  • WebSocket API: For real-time communication, not needed for this use case.

For this deployment, we’ll use REST API:

  • Click on “Build” under REST API.

  • Choose “Regional” for wider availability.

  • Click “Create API.”


Step 3: Create a New Resource

  1. In the left panel, click on Resources.

  2. Click on Actions → Create Resource.

  3. Enter the following details:

    • Resource Name: deepseek

    • Resource Path: /deepseek

  4. Click “Create Resource.”


Step 4: Create an HTTP Method

  1. Click on your newly created resource (/deepseek).

  2. Click on Actions → Create Method.

  3. Select the HTTP Method you want to support (e.g., POST).

  4. Click the ✔️ Checkmark.


Step 5: Integrate API Gateway with Lambda

  1. Choose Integration Type → Lambda Function.

  2. Check the box for Use Lambda Proxy Integration for streamlined request handling.

  3. Enter the Lambda Function Name: (DeepSeekR1Invoker from the previous step).

  4. Click Save.

  5. Confirm the permission pop-up by clicking OK to allow API Gateway to invoke the Lambda function.


Step 6: Deploy the API

  1. Click on Actions → Deploy API.

  2. Under Deployment Stage, select [New Stage].

  3. Enter the following details:

    • Stage Name: dev (or prod for production)

    • Description: Development stage for DeepSeek-R1 API

  4. Click Deploy.

  5. Copy the Invoke URL that appears. This is the public endpoint for accessing DeepSeek-R1 via API Gateway.


Step 7: Enable Authentication with API Key

To secure the API, enable API Key authentication:

1. Create a Usage Plan:

  • Go to API Gateway → Usage Plans and click Create Usage Plan.

  • Enter Plan Details:

    • Name: DeepSeekBasicPlan

    • Throttle Settings:

      • Rate: 10 requests per second

      • Burst: 20 requests

    • Quota Settings (Optional): Limit requests per day, week, or month.

  • Click Next.

2. Link the Usage Plan to Your API Stage:

  • In Associated API Stages, click Add API Stage.

  • Choose the following:

    • API: Select your DeepSeek-R1 API.

    • Stage: dev (or the stage name you created).

  • Click Add.

3. Create and Link an API Key:

  • Navigate to API Keys in API Gateway.

  • Click Create API Key.

  • Enter the following details:

    • Name: DeepSeekAPIKey

    • Key Type: Choose Auto Generate or manually enter a custom key.

  • Click Save.

  • Link the API Key:

    • After saving, click Add to Usage Plan.

    • Select the Usage Plan (DeepSeekBasicPlan) and click Add.

4. Enable API Key Requirement on API Method:

  • Go to API Gateway → APIs and select your DeepSeek-R1 API.

  • Navigate to Resources and select the method (POST or GET).

  • Click on Method Request.

  • Under “API Key Required,” set it to true.

  • Click Save.


Step 8: Deploy and Test the API

  1. Redeploy the API:

    • Click on Actions → Deploy API.

    • Select the stage (dev or prod).

    • Click Deploy.

  2. Test with API Key using Curl:

curl -X POST \
-H "x-api-key: YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"prompt": "What is the capital of Ontario?"}' \
https://YOUR_INVOKE_URL/deepseek

  • Replace YOUR_API_KEY with the generated API Key.

  • Replace YOUR_INVOKE_URL with the Invoke URL copied from API Gateway.

  • Check the Response: You should see a JSON response from DeepSeek-R1 with the model’s output.


Troubleshooting Tips:

  • If you receive a 403 error, double-check the API Key and Usage Plan association.

  • Confirm that the API Key is set as a required parameter in Method Request.

  • Review CloudWatch logs for detailed error insights.


Conclusion

Deploying DeepSeek-R1 on AWS is a powerful way to leverage advanced reasoning capabilities while maintaining cost efficiency and scalability. In this guide, we’ve walked through each step of the deployment process, from setting up Bedrock and creating a Lambda function to configuring API Gateway with secure API Key authentication. By following the outlined best practices and proactively addressing potential challenges, you can ensure a reliable, secure, and high-performing AI solution.


Why Choose Dexalo for Your AI Deployment Needs?

Navigating the complexities of AI deployment requires expertise and strategic planning. At Dexalo, we specialize in end-to-end AI solutions, from model selection and integration to deployment and optimization. Our team of AI experts can help you:

  • Maximize Performance and Efficiency: Optimize model configurations to achieve faster response times and cost savings.

  • Enhance Security and Compliance: Implement robust security measures tailored to your industry’s requirements.

  • Scale with Confidence: Design scalable architectures that grow with your business needs.

Ready to transform your business with the power of DeepSeek-R1? Contact Dexalo today to learn how we can help you deploy advanced AI solutions on AWS seamlessly and efficiently.

bottom of page