How To Deploy Backend Services with AWS and Amplication: A Comprehensive Guide

Derick Ruiz
Derick Ruiz
Apr 22, 2024
How To Deploy Backend Services with AWS and Amplication: A Comprehensive GuideHow To Deploy Backend Services with AWS and Amplication: A Comprehensive Guide

Deploying backend services can be a complex and time-consuming task, especially when dealing with enterprise-level applications. In this blog post, you'll learn how to create a production-ready backend service in minutes and seamlessly deploy it to AWS cloud. By the end of this guide, you will have a backend service with all your data models, APIs, up and running using container images deployed on AWS.

You will leverage the power and simplicity of Amplication to generate production-ready Node.js backend, with the highest standards, and its plugins to provision and deploy to various AWS services.

Understanding Amplication and AWS

Amplication is a powerful low-code platform that helps enterprises generate backend services up to 20 times faster than traditional development methods. You can define your data models, APIs, roles, and permissions through an intuitive UI. Amplication generates human-readable, fully editable, and customizable Node.js code. This approach ensures consistency, scalability, and adherence to best practices across your organization's backend services while providing full control over the generated codebase.

AWS is a comprehensive cloud platform that offers a wide range of services for hosting, managing, and scaling applications. For deploying a generated Amplication service, we’ll primarily focus on the four major AWS services:

  1. Elastic Container Service (ECS): a fully managed container orchestration service for running and scaling containerized applications.
  2. Elastic Container Registry (ECR): a secure and scalable container registry for storing and managing container images.
  3. Relational Database Service (RDS): a managed service that simplifies the setup, operation, and scaling of relational databases in the cloud.
  4. Simple Storage Service (S3): a scalable and secure object storage service for storing and retrieving data.

Integrating Amplication with AWS will give you the benefits of both platforms. This results in efficient development and deployment of backend services.

Instantly generate
production-ready backend
Never waste time on repetitive coding again.
Try Now


Before we dive into the deployment process, ensure that you have the following:

  1. An Amplication account: sign up for an Amplication account if you haven’t already.
  2. An AWS account: create an AWS account if you don’t have one yet.
  3. A GitHub account: you’ll need a GitHub account to store your Amplication project and enable the deployment workflow. Amplication also supports other Git providers for enterprise customers like Bitbucket, AWS CodeCommit, and GitLab.
  4. Terraform: install Terraform on your local machine to provision the necessary AWS resources.

Additionally, basic familiarity with core AWS services and concepts will be helpful throughout the deployment process. You can learn more about those concepts on the AWS documentation.

Let’s get started with this step-by-step deployment guide.

Step 1: create your backend service

First, log in to your Amplication account and create a new project.

Next, design your service by defining data models, and roles & permissions using Amplication’s intuitive UI.

Alternatively, if you have an existing database schema, you can use Amplication’s Database Schema Import feature. This feature lets you to import your Prisma schema file, automatically setting up entities, fields, and relations.

If you need additional assistance creating your service, refer to the documentation on creating Amplication services.

Once you’re done creating your service, click on the Generate the code button in your Pending Changes sidebar. This will generate the backend code for your service and also push it to GitHub.

Step 2: prepare AWS for deployment

In this step, we’ll set up the necessary IAM permissions, roles, and secrets to ensure secure access to AWS services with Amplication.

Create an IAM User

  1. Sign in to the AWS Management Console and navigate to the IAM dashboard. You can search for “IAM” in the top search bar.
  2. Click on “Users” in the left sidebar and then click Create user.
  3. Enter a user name and select “Programmatic access” as the access type. Click Next which will take you to the permissions page.
  4. Click on “Attach policies directly” and search for and enable the following policies:
    • AmazonEC2ContainerRegistryFullAccess
    • AmazonECS_FullAccess
  5. Click Next which will take you to the Review and create page. You can optionally add any tags to the new user.
  6. Review the user details and click “Create user”.

Create IAM user access key

  1. Click on your newly created AWS user in the list, and then click on the Create access key link. Alternatively, you can click on the Security credentials tab and click on the Create access key button from there.
  2. Click on Third-party service from the use case list, check the confirmation box, and click the Next button.
  3. Optionally give your access key a tag value. Something like “Amplication” can work.
  4. Click on the Create access key button.
  5. Keep this tab open or store the generated access key ID and secret access key securely. We’ll need it in Step 3.

Configure GitHub Secrets

  1. Go to your GitHub repository settings and navigate to the Secrets and variables section in the left sidebar.
  2. Click on Actions and then click on the New repository secret button.
  3. Create the following secrets:
    • AWS_ACCESS_KEY_ID: Enter the access key ID of the IAM user you created in the previous step.
    • AWS_SECRET_ACCESS_KEY: Enter the secret access key of the IAM user.

Create an IAM Role for ECS Task Execution

  1. In the IAM dashboard, click on “Roles” in the left sidebar and then click “Create role”.
  2. Select “AWS service” as the trusted entity and choose “Elastic Container Service” as the use case or service.
  3. Click the Next button and open the Set permissions boundary.
  4. Select Use a permissions boundary to control the maximum role permissions and attach the following permissions:
    • AmazonECSTaskExecutionRolePolicy
    • SecretsManagerReadWrite
  5. Click “Next: Tags” and optionally add any tags. Click “Next: Review”.
  6. Enter a role name (e.g., ecsTaskExecutionRole) and click “Create role”.

Store sensitive information in AWS secrets manager

  1. Open the AWS Secrets Manager console. You can search for Secrets Manager in the top search box of the AWS console.
  2. Click on “Store a new secret” and select “Other type of secret”.
  3. Enter key-value pairs for your sensitive information (e.g., database credentials).
  4. Choose an encryption key and click “Next”.
  5. Provide a unique secret name (e.g., AmplicationSecretForOrderService) and optional description.
  6. Review the secret details and click “Store”.

Create an S3 bucket for Terraform state

  1. Open the Amazon S3 console.
  2. Click “Create bucket” and enter a unique bucket name.
  3. Configure the bucket settings as per your requirements (e.g., versioning, encryption).
  4. Click “Create bucket”.

After completing everything above, we’ve properly configured AWS. This lays the foundation for a smooth deployment process and will enable Amplication plugins to interact with AWS resources effectively.

Step 3: integrate Amplication with AWS plugins

In this step, we’ll now integrate your Amplication service with the various AWS-focused plugins that will take care of all of the deployment for you. It will integrate all of the above information that you created and allow the plugins to interact with AWS.

Install all AWS plugins

  1. In your Amplication project, navigate to the Plugins section. On the left sidebar, expand the Categories and click on AWS.
  2. Install the following plugins:
    • Terraform - AWS Core
    • GitHub Actions - AWS ECS
    • Terraform - AWS Repository ECR
    • Terraform - AWS Deployment ECS
    • Terraform - AWS Database RDS

The Installed Plugins page of your Amplication dashboard should now have at least the following plugins installed:

Now we’ll go through and configure each plugin individually using a lot of the information that we’ve already created in the previous step.

Configure Terraform - AWS Core

  1. Configure each plugin with the appropriate AWS settings. For example:
    • Set the AWS region (e.g., us-east-1)
    • Provide the AWS account ID
    • Specify resource names (e.g., ECS cluster name, ECR repository name)

  "root_level" : true,
  "directory_name": "terraform",
  "global": {
    "name": "<YOUR_SERVICE_NAME>",
    "region": "eu-west-1",
    "environment": "development"
  "vpc": {
    "cidr_block": "",
    "enable_dns_hostnames": true,
    "enable_dns_support": true,
    "enable_nat_gateway": true,
    "single_nat_gateway": true
  "backend": {
    "type": "s3",
    "s3": {
      "bucket_name": "terraform-state",
      "key": "development/terraform.tfstate",
      "region": "eu-west-1"

Configure GitHub Actions - AWS ECS

  "region_identifier": "eu-west-1",
  "account_identifier": "012345678901",
  "ecr_repository_name": "<YOUR_SERVICE_NAME>",
  "ecr_image_tag": "${{ github.sha }}",
  "ecs_cluster_name": "development-cluster",
  "ecs_role_name": "task-execution-role-name",
  "sm_secret_name": "<YOUR_SERVICE_NAME>",
  "resources": {
    "cpu": "1024",
    "memory": "2048"
  "runtime": {
    "cpu_architecture": "X86_64",
    "os_family": "LINUX"

Configure Terraform - AWS Repository ECR

  "repository_name": "<YOUR_SERVICE_NAME>",
  "repository_type": "private",
  "configuration": {
    "force_delete": false

Configure Terraform - AWS Deployment ECS

  "cluster": {
    "name": "development-cluster",
    "capacity_provider": {
      "type": "fargate",
      "fargate": {
        "fargate_weight": 100,
        "fargate_base": 0,
        "fargate_spot_weight": 0
  "service": {
    "name": "",
    "container_definitions": {
      "image": "<YOUR_SERVICE_NAME>",
      "port": 3000

Configure Terraform - AWS Database RDS

If the JSON object below contains empty values, they will default to your service's name unless filled.

  "postgres" : {
    "identifier": "",
    "instance_class": "db.t4g.medium",
    "database_name": "",
    "username": "postgres",
    "port": 5432,
    "storage": {
      "allocated": 20,
      "maximum": 100
    "maintenance": {
      "window": "Mon:00:00-Mon:03:00"
    "backup": {
      "window": "03:00-06:00",
      "retention_period": 14
    "security_group": {
      "name": ""

Step 4: generate code and set up workflow

  1. After configuring the plugins, click the Generate the code button in Amplication.
  2. Amplication will generate the Terraform codebase and GitHub Actions workflow.
  3. Review the generated code, which includes Terraform configuration files and a GitHub Actions workflow file.
  4. Merge the pull request created by Amplication into your main branch.

Step 5: provision infrastructure with Terraform

  1. Open a terminal and navigate to the generated Terraform directory in your project.

  2. Run the following command to initialize Terraform:

    terraform init
  3. Run the following command to preview the changes:

    terraform plan
  4. If the plan looks good, apply the changes:

    terraform apply

    Confirm the changes by typing yes when asked.

Step 6: build and deploy the service

  1. Amplication will create a pull request with all the generated code. Go to your GitHub repository and merge the pull request into your main branch.
  2. The GitHub Actions workflow will be triggered automatically.
  3. The workflow will build the container image, push it to ECR, and update the ECS task definition.
  4. ECS will deploy the updated task definition, and your service will be live on AWS.
  5. You and your users can now start using it instantly.


By following this step-by-step guide, you can seamlessly deploy your Amplication-generated services to AWS, leveraging the power of Amplication plugins and AWS services. This integration allows businesses to focus on developing their core application logic while Amplication and AWS handle the infrastructure and deployment complexities.

As you continue to build and deploy services with Amplication and AWS, be sure to explore the additional features and capabilities offered by both platforms. This will help you optimize your development and deployment processes further, enabling your organization to deliver high quality backend services with unparalleled efficiency.

Additional Resources