Using AWS App Runner with AWS Toolkit - AWS Cloud9

AWS Cloud9 is no longer available to new customers. Existing customers of AWS Cloud9 can continue to use the service as normal. Learn more

Using AWS App Runner with AWS Toolkit

AWS App Runner provides a quick and cost-effective way to deploy from source code or a container image directly to a scalable and secure web application in the AWS Cloud. Using it, you don't need to learn new technologies, decide which compute service to use, or know how to provision and configure AWS resources.

You can use AWS App Runner to create and manage services based on a source image or source code. If you use a source image, you can choose a public or private container image that's stored in an image repository. App Runner supports the following image repository providers:

  • Amazon Elastic Container Registry (Amazon ECR): Stores private images in your AWS account.

  • Amazon Elastic Container Registry Public (Amazon ECR Public): Stores publicly readable images.

If you choose the source code option, you can deploy from a source code repository that's maintained by a supported repository provider. Currently, App Runner supports GitHub as a source code repository provider.

Prerequisites

To interact with App Runner using the AWS Toolkit requires the following:

  • An AWS account

  • A version of AWS Toolkit that features AWS App Runner

In addition to those core requirements, make sure that all relevant IAM users have permissions to interact with the App Runner service. Make sure also to obtain specific information about your service source such as the container image URI and the connection to the GitHub repository. You need this information when creating your App Runner service.

To grant the permissions that are required for App Runner quickly, attach an existing AWS managed policy to the relevant AWS Identity and Access Management (IAM) entity. In particular, you can attach a policy to either a user or group. App Runner provides two managed policies that you can attach to your IAM users:

  • AWSAppRunnerFullAccess: Allows users to perform all App Runner actions.

  • AWSAppRunnerReadOnlyAccess: Allow users to list and view details about App Runner resources.

If you choose a private repository from the Amazon Elastic Container Registry (Amazon ECR) as the service source, you must also create the following access role for your App Runner service:

  • AWSAppRunnerServicePolicyForECRAccess: Allows App Runner to access Amazon Elastic Container Registry (Amazon ECR) images in your account.

You can create this role automatically when configuring your service instance with the AWS Toolkit command pane.

Note

The AWSServiceRoleForAppRunner service-linked role allows AWS App Runner to complete the following tasks:

  • Push logs to Amazon CloudWatch Logs log groups.

  • Create Amazon CloudWatch Events rules to subscribe to Amazon Elastic Container Registry (Amazon ECR) image push.

You don't need to manually create the service-linked role. When you create an AWS App Runner in the AWS Management Console or by using API operations that are called by AWS Toolkit, AWS App Runner creates this service-linked role for you.

For more information, see Identity and access management for App Runner in the AWS App Runner Developer Guide.

You can use AWS App Runner to deploy services from a source image or source code.

Source image

If you're deploying from a source image, obtain a link to the repository for that image from a private or public AWS image registry.

Note

You can also obtain the URI for a private Amazon ECR repository directly from AWS Explorer in the AWS Toolkit:

  • Open AWS Explorer and expand the ECR node to view the list of repositories for that AWS Region.

  • Open the context (right-click) menu for a repository and choose Copy Repository URI to copy the link to your clipboard.

You specify the URI for the image repository when configuring your service instance with the AWS Toolkit command pane.

For more information, see App Runner service based on a source image in the AWS App Runner Developer Guide.

Source code

For your source code to be deployed to an AWS App Runner service, that code must be stored in a Git repository. This Git repository must be maintained by a supported repository provider. App Runner supports one source code repository provider: GitHub.

For information about setting up a GitHub repository, see the Getting started documentation on GitHub.

To deploy your source code to an App Runner service from a GitHub repository, App Runner establishes a connection to GitHub. If your repository is private (that is, it isn't publicly accessible on GitHub), you must provide App Runner with connection details.

Important

To create GitHub connections, you must use the App Runner console (https://console.aws.amazon.com/apprunner) to create a connection that links GitHub to AWS. You can select the connections that are available on the GitHub connections page when configuring your service instance with the AWS Toolkit's command pane.

For more information, see Managing App Runner connections in the AWS App Runner Developer Guide.

The App Runner service instance provides a managed runtime that allows your code to build and run. AWS App Runner currently supports the following runtimes:

  • Python managed runtime

  • Node.js managed runtime

As part of your service configuration, you provide information about how the App Runner service builds and starts your service. You can enter this information using the Command Palette or specify a YAML-formatted App Runner configuration file. Values in this file instruct App Runner how to build and start your service, and provide runtime context. This includes relevant network settings and environment variables. The configuration file is named apprunner.yaml. It's automatically added to root directory of your application’s repository.

Pricing

You're charged for the compute and memory resources that your application uses. In addition, if you automate your deployments, you also pay a set monthly fee for each application that covers all automated deployments for that month. If you opt to deploy from source code, you pay a build fee for the time that it takes App Runner to build a container from your source code.

For more information, see AWS App Runner Pricing.