A private, secure, serverless voice assistant backend designed for integration with Home Assistant and other smart home platforms. Built with AWS (API Gateway, Lambda, Polly, Transcribe, S3) and a security-first mindset.
- VoiceβIntentβAction: Convert voice commands to secure smart home actions.
- Privacy by Design: All secrets stored in AWS Secrets Manager. No third-party data leaks.
- API Security: API Gateway with API Key (optionally Cognito), strict IAM, encrypted storage.
- Home Assistant Integration: REST commands, automations, and secure token use.
Home Assistant/Client
|
v
API Gateway
|
+--- /speak --> Lambda: Polly TTS --> S3 (audio) --> presigned URL
|
+--- /command --> Lambda: Intent parse --> Secure HTTPS to HA API
|
[Secrets in AWS Secrets Manager]
- AWS account (IAM user with least-privilege, MFA enabled)
- Node.js/Python (for Lambda)
- Home Assistant (HA) instance with HTTPS and Long-Lived Access Token
git clone https://github.com/yourusername/jarvis-personal-assistant.git
cd jarvis-personal-assistant/infra
pip install -r requirements.txt # or npm install- Define AWS resources using Pulumi/Terraform (see infra/).
- Store all secrets (HA token, API keys) in Secrets Manager.
- Add
rest_commandto HAconfiguration.yamlto call API Gateway endpoints with API Key. - Use HA automations/scripts to trigger voice/intent actions.
- Secrets: Never hardcode. Always use AWS Secrets Manager or SSM Parameter Store.
- IAM: Use narrowly scoped roles for Lambda/API Gateway.
- API Gateway: API Key required for all endpoints; consider Cognito for multi-user.
- S3: All audio files encrypted at rest, presigned URLs expire quickly.
- Logging: All access/events logged in CloudWatch (audit-ready).
- Voice command to intent (NLU)
- Home Assistant state query/response
- User authentication with Cognito
- Automated security scanning (CI/CD)
- Multi-environment deploys (dev, staging, prod)
- Fork, branch, and PR (feat/refactor/fix/chore).
- All code must pass security and lint checks before merge.
- See
CONTRIBUTING.mdfor details.
MIT License. See LICENSE for details.