AWS Amplify Console App

This page shows how to write Terraform and CloudFormation for Amplify Console App and write them securely.

aws_amplify_app (Terraform)

The App in Amplify Console can be configured in Terraform with the resource name aws_amplify_app. The following sections describe 5 examples of how to use the resource and its parameters.

Example Usage from GitHub

amplify.tf#L1
resource "aws_amplify_app" "app" {
    name = var.name
    repository = var.repository
    build_spec = var.build_spec
    environment_variables = var.environment_variables
    access_token = var.access_token
amplify.tf#L1
resource "aws_amplify_app" "example" {
  name       = "wireframe "
  repository = "https://github.com/Otherotter/todo_hw2.git"
  # GitHub personal access token
  access_token =  "~/.ssh/id_rsa.pub"

amplify.tf#L1
resource "aws_amplify_app" "front_app" {
  name         = "front"
  repository   = "https://github.com/Tiino1/serverless-webapp"
  access_token = yamldecode(file("../env.yml"))["GITHUB_PAT"]

  enable_auto_branch_creation = true
main.tf#L1
resource "aws_amplify_app" "app2" {
  name       = "amp"
  repository = "https://gitlab.com/neoitotech/neoito-tfc"

  # GitHub personal access token
  access_token = var.access_token
main.tf#L1
resource "aws_amplify_app" "app" {
  name       = var.name
  repository = var.RepoUrl

  # GitHub personal access token
  access_token = var.access_token

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

The following arguments are supported:

  • name - (Required) The name for an Amplify app.
  • access_token - (Optional) The personal access token for a third-party source control system for an Amplify app. The personal access token is used to create a webhook and a read-only deploy key. The token is not stored.
  • auto_branch_creation_config - (Optional) The automated branch creation configuration for an Amplify app. An auto_branch_creation_config block is documented below.
  • auto_branch_creation_patterns - (Optional) The automated branch creation glob patterns for an Amplify app.
  • basic_auth_credentials - (Optional) The credentials for basic authorization for an Amplify app.
  • build_spec - (Optional) The build specification (build spec) for an Amplify app.
  • custom_rule - (Optional) The custom rewrite and redirect rules for an Amplify app. A custom_rule block is documented below.
  • description - (Optional) The description for an Amplify app.
  • enable_auto_branch_creation - (Optional) Enables automated branch creation for an Amplify app.
  • enable_basic_auth - (Optional) Enables basic authorization for an Amplify app. This will apply to all branches that are part of this app.
  • enable_branch_auto_build - (Optional) Enables auto-building of branches for the Amplify App.
  • enable_branch_auto_deletion - (Optional) Automatically disconnects a branch in the Amplify Console when you delete a branch from your Git repository.
  • environment_variables - (Optional) The environment variables map for an Amplify app.
  • iam_service_role_arn - (Optional) The AWS Identity and Access Management (IAM) service role for an Amplify app.
  • oauth_token - (Optional) The OAuth token for a third-party source control system for an Amplify app. The OAuth token is used to create a webhook and a read-only deploy key. The OAuth token is not stored.
  • platform - (Optional) The platform or framework for an Amplify app. Valid values: WEB.
  • repository - (Optional) The repository for an Amplify app.
  • tags - (Optional) Key-value mapping of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

An auto_branch_creation_config block supports the following arguments:

  • basic_auth_credentials - (Optional) The basic authorization credentials for the autocreated branch.
  • build_spec - (Optional) The build specification (build spec) for the autocreated branch.
  • enable_auto_build - (Optional) Enables auto building for the autocreated branch.
  • enable_basic_auth - (Optional) Enables basic authorization for the autocreated branch.
  • enable_performance_mode - (Optional) Enables performance mode for the branch.
  • enable_pull_request_preview - (Optional) Enables pull request previews for the autocreated branch.
  • environment_variables - (Optional) The environment variables for the autocreated branch.
  • framework - (Optional) The framework for the autocreated branch.
  • pull_request_environment_name - (Optional) The Amplify environment name for the pull request.
  • stage - (Optional) Describes the current stage for the autocreated branch. Valid values: PRODUCTION, BETA, DEVELOPMENT, EXPERIMENTAL, PULL_REQUEST.

A custom_rule block supports the following arguments:

  • condition - (Optional) The condition for a URL rewrite or redirect rule, such as a country code.
  • source - (Required) The source pattern for a URL rewrite or redirect rule.
  • status - (Optional) The status code for a URL rewrite or redirect rule. Valid values: 200, 301, 302, 404, 404-200.
  • target - (Required) The target pattern for a URL rewrite or redirect rule.

In addition to all arguments above, the following attributes are exported:

  • arn - The Amazon Resource Name (ARN) of the Amplify app.
  • default_domain - The default domain for the Amplify app.
  • id - The unique ID of the Amplify app.
  • production_branch - Describes the information about a production branch for an Amplify app. A production_branch block is documented below.
  • tags_all - A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

A production_branch block supports the following attributes:

  • branch_name - The branch name for the production branch.
  • last_deploy_time - The last deploy time of the production branch.
  • status - The status of the production branch.
  • thumbnail_url - The thumbnail URL for the production branch.

Explanation in Terraform Registry

Provides an Amplify App resource, a fullstack serverless app hosted on the AWS Amplify Console.

Note: When you create/update an Amplify App from Terraform, you may end up with the error "BadRequestException: You should at least provide one valid token" because of authentication issues. See the section "Repository with Tokens" below.

AWS::Amplify::App (CloudFormation)

The App in Amplify can be configured in CloudFormation with the resource name AWS::Amplify::App. The following sections describe 10 examples of how to use the resource and its parameters.

Example Usage from GitHub

amplify.yml#L33
      Type: "AWS::Amplify::App"
      Properties:
          AutoBranchCreationConfig:
            EnableAutoBranchCreation: true
            EnableAutoBuild: true
          Name: "eg-iot_management_app"
serverless.yml#L11
      Type: AWS::Amplify::App
      Properties:
        Name: AmplifyManualReleaseReactApp

    AmplifyBranch:
      Type: AWS::Amplify::Branch
amplify_app_access_token_from_secure_systems_manager.yaml#L4
    Type: AWS::Amplify::App
    Properties:
      AccessToken: '{{resolve:ssm-secure:SecureSecretString:1}}'
      Name: foobar
amplify_app_oauth_token_from_systems_manager.yaml#L4
    Type: AWS::Amplify::App
    Properties:
      OauthToken: '{{resolve:ssm:UnsecureSecretString:1}}'
      Name: foobar
amplify_app_oauth_token_as_a_literal_in_plaintext.yaml#L4
    Type: AWS::Amplify::App
    Properties:
      OauthToken: b@d0@u7H70K3n
      Name: foobar
positive3.json#L5
      "Type": "AWS::Amplify::App",
      "Properties": {
        "OauthToken": "String",
        "Repository": "String",
        "BasicAuthConfig": {
          "Username": "admin",
negative5.json#L4
      "Type": "AWS::Amplify::App",
      "Properties": {
        "BasicAuthConfig": {
          "EnableBasicAuth": true,
          "Password": "ParentPassword",
          "Username": "ParentUsername"
negative5.json#L21
      "Type": "AWS::Amplify::App"
    }
  }
}
negative6.json#L16
      "Type": "AWS::Amplify::App",
      "Properties": {
        "BuildSpec": "String",
        "CustomHeaders": "String",
        "Description": "String",
        "EnableBranchAutoDeletion": true,
negative6.json#L16
      "Type": "AWS::Amplify::App",
      "Properties": {
        "BuildSpec": "String",
        "Description": "String",
        "EnableBranchAutoDeletion": true,
        "Repository": "String",

Parameters

Explanation in CloudFormation Registry

The AWS::Amplify::App resource creates Apps in the Amplify Console. An App is a collection of branches.

Frequently asked questions

What is AWS Amplify Console App?

AWS Amplify Console App is a resource for Amplify Console of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS Amplify Console App?

For Terraform, the casc3798/terragrunt-modules, Otherotter/practice-terraform and Tiino1/serverless-webapp source code examples are useful. See the Terraform Example section for further details.

For CloudFormation, the shintaroZ/cloudformation, jmptr/amplify-manual-release and gustcol/Canivete source code examples are useful. See the CloudFormation Example section for further details.