Set up your AWS account
This guide will walk you through how to set up your AWS account by creating a local profile and by completing a one-time bootstrapping process to perform CI/CD deployments for your Amplify (Gen 2) applications.
Configure local machine
You will need to configure your local machine to connect to your AWS account before you can set up the Amplify Sandbox environment.
Setup a local profile
Configure a profile by running the following command:
1npx amplify configure profile --name <value>npx amplify configure profile will ask you if you already have setup IAM user credentials. Enter No.
Amazon IAM (Identity and Access Management) enables you to manage users and user permissions in AWS. To setup an IAM user and credentials, follow the instructions outlined below:
- Sign into the AWS Management Console.
- Navigate to the IAM User creation page.
- Enter a User name and select Next. You can name the user anything but we will call it "amplify-dev".
Select Attach policies directly and select AmplifyBackendDeployFullAccess as the Permissions policy. Select Next.
On the Review page, check that everything looks good and select Create user.
This will redirect to the Users list page. Select the user you just created.
On the user details page, navigate to the Security credentials tab, scroll down to Access keys and select Create access keys.
On the next page, select Command Line Interface, acknowledge the warning, and select Next.
On the next page select Create access key. You will then see a page with the access keys for the user. Use the copy icon to copy these values to your clipboard, then return to the CLI.
Next, enter the credentials of the newly created IAM user i.e. their access key, secret access key, and lastly select the AWS region to use with the profile.
If you already have an IAM user and credentials setup
Configure a profile by running the following command:
1npx amplify configure profile --name <value>npx amplify configure profile will ask you if you already have setup IAM user credentials. Enter Yes.
Next, enter the credentials of the existing IAM user (this is their access key and secret access key), and then select the AWS region to use with the profile.
Learn moreSingle Sign On (SSO) support
AWS Amplify (Gen 2) enhances your user experience with Single Sign-On (SSO) authentication powered by AWS IAM Identity Center. AWS Amplify (Gen 2) now adheres to and works out of the box with the default credential provider chain.
You can get started with implementing SSO with the AWS CLI for your teams or organizations by referring to the AWS IAM Identity Center documentation.
Configure Amplify CI/CD
Before you can start creating the cloud sandbox environment, Amplify will need to complete a one-time bootstrap setup for the account and region before it can start deploying resources in your AWS account.
Learn moreWhat is bootstrapping?
Bootstrapping is the process of provisioning resources for the AWS CDK before you can deploy AWS CDK apps into an AWS environment. These resources include an Amazon S3 bucket for storing files and IAM roles that grant permissions needed to perform deployments. The required resources are defined in an AWS CloudFormation stack, called the bootstrap stack, which is usually named CDKToolkit. Like any AWS CloudFormation stack, it appears in the AWS CloudFormation console once it is deployed. You can learn more about this process in the CDK
documentation.
You can setup a distinct profile for each developer on your team and they can now start developing their fullstack applications locally by creating an isolated sandbox environment as follows:
1amplify sandbox --profile <value>
During the first time setup, amplify sandbox will ask you to sign into the AWS Console. Once you're signed in, you will be redirected to the Amplify Console. Select Initialize setup now.
It may take a few minutes for the bootstrapping process to complete.
Done! You have successfully completed the bootstrapping process and you can now return to the terminal to create a new Amplify Sandbox environment:
1amplify sandbox --profile <value>