- Overview
- Architecture
- Prerequisites
- Cost
- Security
- Deployment and User Guide
- Next Steps
- License
- Authors
The Open Source 3D Reconstruction Toolbox for Gaussian Splats provides an end-to-end, pipeline-based guidance on AWS to reconstruct 3D scenes or objects from images or video inputs. The infrastructure can be deployed via AWS Cloud Development Kit (CDK) or Terraform leveraging infrastructure-as-code.
Once deployed, the guidance features a full 3D reconstruction back-end system with the following customizable components or pipelines:
- Media Ingestion: Process videos or collections of images as input
- Image Processing: Automatic filtering, enhancement, and preparation of source imagery (e.g. background removal)
- Structure from Motion (SfM): Camera pose estimation and initial 3D point cloud generation
- Gaussian Splat Training: Optimization of 3D Gaussian primitives to represent the scene using AI/ML
- Export & Delivery: Generation of the final 3D asset in standard formats for easy viewing and notification via email
By deploying this guidance, users gain access to a flexible infrastructure that handles the entire 3D reconstruction process programmatically, from media upload to final 3D model delivery, while being highly modular through its componentized pipeline-based approach. This guidance addresses the significant challenges organizations face when trying to create photorealistic 3D content - traditionally a time-consuming, expensive, and technically complex process requiring specialized skills and equipment.
This guidance will:
- create the infrastructure required to create a gaussian splat from a video or set of images
- create the mechanism to run the code and perform 3D reconstruction
- enable a user to create a 3D gaussian splat using open source tools and AWS by uploading a video (.mp4 or .mov) or images (.png or .jpg) and metadata (.json) into S3
- provide a 3D viewer for viewing the photo-realistic effects and performant nature of gaussian splats
Figure 1: 3D Reconstruction Toolbox for Gaussian Splats on AWS Reference Architecture
- User authenticates to AWS Identity and Access Management (IAM) via AWS Tools and SDKs.
- The input is uploaded to a dedicated Amazon Simple Storage Service (S3) job bucket location. This can be done using a Gradio interface and AWS Software Development Kit (SDK).
- Optionally, the solution supports external job submission by uploading a ‘.JSON’ job configuration file and media into a designated S3 job bucket location.
- The job JSON file uploaded to the S3 job bucket will trigger an Amazon Simple Notification Service (SNS) message that will invoke an initialization AWS Lambda function.
- The job trigger AWS Lambda function will perform input validation and set appropriate variables for the AWS Step Function State Machine.
- The workflow job record will be created in Amazon DynamoDB job table.
- The job trigger AWS Lambda function will invoke an AWS Step Functions State Machine to handle the entire workflow job.
- An Amazon SageMaker Training Job will be submitted synchronously using the state machine built-in wait until completion mechanism.
- The Amazon Elastic Container Registry (ECR) container image and S3 job bucket model artifacts will be used to spin up a new Graphics Processing Unit (GPU) container. The compute node instance type is determined by the job JSON configuration.
- The GPU container will run the entire pipeline as an Amazon SageMaker training job.
- The job completion AWS Lambda function will complete the workflow job by updating the job metadata in Amazon DynamoDB and notifying the user via email upon completion using Amazon SNS.
- Internal workflow parameters are stored in AWS System Manager Parameter Store during guidance deployment to decouple the job trigger AWS Lambda function and the AWS Step Function State Machine.
- Amazon CloudWatch is used to monitor the training logs, surfacing errors to the user.
| AWS Service | Role | |
|---|---|---|
| Amazon Simple Storage Service (S3) | Core | Host training models, job configurations, media, and generated assets |
| AWS Lambda | Core | Run custom code to process requests |
| Amazon Simple Notification Service (SNS) | Core | Send completion status via notification to email |
| AWS Step Functions | Core | Orchestrate the 3D reconstruction workflow |
| Amazon DynamoDB | Core | Store training job details and attributes |
| Amazon SageMaker | Core | Run 3D reconstruction pipeline processing on container |
| Amazon Elastic Container Registry | Core | Image store for the custom created container |
| Amazon CloudWatch | Core | Monitor logs and surface errors to SNS |
| AWS Identity and Access Management | Core | Security access controls to run the workflow securely |
| AWS Cloud Development Kit | Core | Cloud infrastructure as code for easy deployment |
| Amazon Systems Manager Parameter Store | Core | Securely store infrastructure resource ids in Parameter Store to aid in deployment and execution |
In this project, there is only one Docker container that contains all of the 3D reconstruction tools for Gaussian Splatting. This container has a Dockerfile, main.py, and helper script files and open source libraries under the source/container directory. The main script processes each request from the SageMaker Training Job invoke message and saves the result to S3 upon successful completion.
The list of open source libraries that make this project possible include:
- NerfStudio (Apache-2.0) - Splat Training Engine
- Glomap(BSD-3-Clause) - Global SfM
- Colmap (BSD) - Incremental SfM
- OpenCV (Apache-2.0) - Video and Image Processing
- gsplat (Apache-2.0) - Splat Model
- splatfacto-w (Apache-2.0) - Splat Model
- 3DGRUT (Apache-2.0) - Gaussian Ray Tracing Model
- backgroundremover (MIT) - General Background Remover for Objects
- sam2 (Apache-2.0/BSD-3-Clause) - High Quality Background Remover for Objects in Video
- SuperSplat (MIT) - Splat Editor
- Gradio (Apache-2.0) - UI and Splat Viewer
- Git
- Docker
- Terraform (if choosing not to deploy infrastructure using CDK)
An active AWS Account with IAM user or role with elevated permissions to deploy resources is required to deploy this guidance, along with either a local computer with appropriate AWS credentials to deploy the CDK or Terraform solution, or utilize an AWS EC2 workstation to build and deploy the CDK or Terraform solution. Please refer to the Implementation Guide for detailed instructions for deployment and running the guidance.
- EC2 (if choosing not to deploy infrastructure from your local computer)
- IAM roles with permissions
- CloudFormation
- ECR Image
- S3 Buckets
- DynamoDB Table
- Lambda Functions
- SageMaker Training Jobs
- Step Functions State Machine
- CDK (Please refer to the Implementation Guide for detailed instructions for deployment and running the guidance.)
-
Service quotas - increases can be requested via the AWS Management Console, AWS CLI, or AWS SDKs (see Accessing Service Quotas)
-
This solution runs SageMaker Training Jobs which uses a Docker container to run the training. This deployment guide walks through building a custom container image for SageMaker.
- Depending on what instances you will be using to train on (configured during job submission, ml.g5.4xlarge is the default), you may need to adjust the SageMaker Training Jobs quota. This will be under the SageMaker service in Service Quotas named "training job usage".
- (Optional) You can optionally build and test this container locally (not running on SageMaker) on a GPU-enabled EC2 instance. If you plan to do this, increase the EC2 quota named "Running On-Demand G and VT instances" and/or "Running On-Demand P instances", depending on the instance family you plan to use, to a desired maximum number of vCPUs for running instances of the target family. Note, this is vCPUs NOT number of instances like the SageMaker Training Jobs quota.
You are responsible for the cost of the AWS services used while running this Guidance. As of May 2025, the cost for running this Guidance with the default settings in the default AWS Region (US East 1(N. Virginia)) is approximately $278.33 per month for processing 100 requests.
We recommend creating a Budget through AWS Cost Explorer to help manage costs. Prices are subject to change. For full details, refer to the pricing webpage for each AWS service used in this Guidance.
The following table provides a sample cost breakdown for deploying this Guidance with the default parameters in the US East (N. Virginia) Region for one month.
| AWS Service | Dimensions | Cost [USD] |
|---|---|---|
| Amazon S3 | Standard feature storage (input=200MB, output=2.5GB) | $1.61/month |
| Amazon S3 | Data transfer feature | $0.90/month |
| Amazon DynamoDB | Job table storage, 0.5MB per month, 1GB total, avg item size=825bytes | $0.81/month |
| AWS Lambda | 2 invocations per job, 1.25s, 7.1s = 8.5s | $0.01/month |
| AWS Step Functions | State transitions per workflow = 5 | $0.01/month |
| Amazon SageMaker | num_instance=1, num_hours_per_job=1, ml.g5.4xlarge, Volume_size_in_GB_per_job=15 | $273.00/month |
| Amazon ECR | Data storage, 15GB | $1.47/month |
| Amazon SNS | Email notifications, 1 per request | $0.01/month |
| Parameter Store | Store 1 param | $0.01/month |
| Amazon CloudWatch | Metrics, 1GB | $0.50/month |
| TOTAL | (est. 100 requests) | $278.33/month |
Considerations
At the time of publishing, the codebase was scanned using Semgrep, Bandit, Checkov, and Gitleaks. The following table outlines all security issues flagged as ERROR or CRITICAL with an explanation.
| Level | Classification | Source | Rule ID | Cause | Explanation |
|---|---|---|---|---|---|
| Error | False Positive | Bandit | B202 tarfile.extractall | tarfile.extractall used without any validation. Please check and discard dangerous members | This is a zipfile extraction (not tarfile), and the input file path is validated earlier in the code, making it safe from directory traversal attacks. |
| Error | False Positive | Semgrep | 590 dangerous-subprocess-use-audit | Detected subprocess function 'run' without a static string. If this data can be controlled by a malicious actor, it may be an instance of command injection | The subprocess call is already validated - it uses a list of arguments (preventing shell injection) and all parameters are validated before use, making it safe from command injection attacks. |
| Error | False Positive | Semgrep | 98 sqlalchemy-execute-raw-query | Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection | The query is already validated with proper table name escaping, making it safe from SQL injection attacks. |
| Error | False Positive | Semgrep | 93 sqlalchemy-execute-raw-query | Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection | The query is already validated with proper table name escaping and validation, making it safe from SQL injection attacks. |
| Error | False Positive | Gitleaks | 54 generic-api-key : fingerprint | API Key found | This is not an API key but just a random prefix for the project components |
For detailed guidance deployment steps and running the guidance as a user please see the Implementation Guide
This robust framework for 3D reconstruction serves as a fundamental building block for scalable construction of 3D environments and content workflows. You can extend this solution in multiple ways: embed it into your web applications, integrate it with game engines for interactive experiences, or implement it in virtual production environments - these are just a few possibilities to support your requirements.
By leveraging other AWS services, you can further enhance your workflow to scale, share, and optimize your 3D reconstruction needs, whatever they might be.
This library is licensed under the MIT-0 License. See the LICENSE file.
- Eric Cornwell, Sr. Spatial Compute SA
- Dario Macangano, Sr. Worldwide Visual Compute SA
- Stanford Lee, Technical Account Manager (Spatial Computing TFC)
- Daniel Zilberman, Sr. Specialist SA, Technical Guidances