Amplify:
Deploy Frontend React App
A walk through of one of the coolest new deployment platforms out there, Lab Standards compliant AWS Amplify.
Objective
We will walk through the deployment of a front end react app on AWS Amplify, one of the approved services in the Labs Standards. The deployment will have automatic deploys upon merge to main
. In addition we will cover the steps to setup Previews that will be generated when a PR is created.
Technologies
References
Prerequsites
You will need to have an AWS account
A github.com account
Setup main
deployment
main
deploymentCreate a base react app using create-react-app
> npx create-react-app awesomeness-aws-app
> cd awesomeness-aws-app
Initialize the Git repo and set origin to the new repo
> git init
> git remote add origin <new repo url>
Initialize the react project and confirm it works
> npm; npm start; open http://localhost:3000
Push the repo to github
> git push origin main
Open the AWS Amplify console and connect an app. Choose to connect existing code from github and enter your
main
branch
!!! Info You will need to authorize WAS with github to gain access. This is similar to services like Netlify and Heroku.
Save the default settings and watch the deploy
open your browser to the url amplify setup for you to confirm you have a Labs Standards compliant site running. 🎉
Setup Previews
Similar to Heroku Review apps AWS Amplify can create resources to serve up your app based on a PR.
Open Previews from the side bar
Click to enable Previews
![Enable previews](../assets/images/aws-amplify/amplify-enable-previews.png
"Enable previews")
You will need to install a GitHub app to enable previews. Either your APL or Engineering Manager will need to do this for your repo.
All set. Now go commit a change to your project and push to a new branch so you can create a PR.
Open the PR url and see your changes live.
When you merge your PR AWS Amplify will destroy the preview and automagically
deploy main to the production resources. 🎉🎉
A video walk-through of this entire process
Amplify
Please be sure to review, bookmark and follow all the AWS related standards in the Labs Engineering Standards.
AWS Amplify is a PaaS service that is used to host static websites.
Glossary
Amplify Application
An Application in AWS Amplify represents a group of deployments from a specific repository. As such, each project team will work inside a separate AWS Amplify Application. See the Labs Engineering Standards for instructions on how to name the Application.
FAQ
How do I request a new AWS account or access to an existing account to use Amplify?
Your APL will provide your team with access to a Lambda School managed AWS account.
How do I configure the Amplify build process?
Configuration is done using a file named amplify.yml
that resides in the root folder of your project. This file controls the build settings for your application.
When you first begin using Amplify, this file is automatically created, but not stored in your repository. Instead, the file can be edited in the console, by clicking the "Build Settings" link in the menu.
Pro Tip: Don't edit the amplify.yml
file in the AWS console! You should download it, put it in your project root directory and commit it to Git to keep it version controlled.
Always make absolutely sure that you are not storing any secrets in this file!
Why is Amplify showing me some ugly XML that says
AccessDenied
when I try to hit my app?If you see something like this in your browser...
Your build is probably not working correctly and you're not giving Amplify any static HTML to display. Double-check your
amplify.yml
file and your build output to be sure that thebaseDirectory
in theartifacts
section is correctly pointing to your generated HTML.
Why is my build working locally, but not in Amplify?
If you are building a project using Node.js, your dependencies will be downloaded and stored by NPM in a node_modules
folder. Dependency management is hard and sometimes NPM store dependencies that break your build. When this happens, you can delete your node_modules
folder and reinstall your dependencies. When Amplify builds a project, by default, it caches your node_modules
folder to speed up the build process. Unfortunately, sometimes this means that a bad dependency will be "stuck" in the node_modules
folder that is being cached by Amplify. You can force Amplify to delete your node_modules
folder and rebuild your project by temporarily adding a step to your build process defined by your amplify.yml
file:
Be sure to remove this line after the build is fixed, as rebuilding node_modules from scratch will significantly increase your build times.
Why is my OIDC callback route not working?
tl;dr
Add this rule: https://docs.aws.amazon.com/amplify/latest/userguide/redirects.html#redirects-for-single-page-web-apps-spa
What's really happening?
The redirect URL (usually something like [<https://myapp.com/implicit/callback>](<https://myapp.com/implicit/callback>)
) that your OIDC identity provider sends the user back to leads to a route in your React app. Usually, there is a code passed back to your app using query parameters, like this: [<https://myapp.com/implicit/callback?code=asdlakjdoiajsdoiqwodiqmwxo>](<https://myapp.com/implicit/callback?code=asdlakjdoiajsdoiqwodiqmwxo>)
. This code is used by the OIDC client in your app to retrieve tokens for the current user.
The issue seems to be that AWS Cloudfront (which serves your static SPA from an S3 bucket) considers the /implicit/callback
path to be a directory. This automatically triggers a 301 redirect to the equivalent path with a trailing slash appended. Apparently this is a function of many CDNs in order to normalize paths to maximize cache hits. This also seems to cause lots of problems with various static websites and SPAs.
For some reason, which is not clear to me, by default Cloudfront not only does a 301 redirect, but also strips off query parameters... which breaks our callback. Cloudfront does support 301 forwarding while preserving query parameters, but that option is not able to be configured using Amplify. Though, this feature does appear to be on their backlog: https://github.com/aws-amplify/amplify-console/issues/97
For now though, you can add a rewrite rule that's specified here, which will resolve the issue... though why it does is not clear.
If deploying an SPA to Amplify that does client-side authentication using OIDC w/PKCE, you'll need to following the directions here to add a rewrite rule that will allow your callback route to work properly: https://docs.aws.amazon.com/amplify/latest/userguide/redirects.html#redirects-for-single-page-web-apps-spa
Resources
Last updated