| title | description | type | i18nReady |
|---|---|---|---|
Deploy your Astro Site to AWS |
How to deploy your Astro site to the web using AWS. |
deploy |
true |
import { Steps } from '@astrojs/starlight/components'; import PackageManagerTabs from '~/components/tabs/PackageManagerTabs.astro';
AWS is a full-featured web app hosting platform that can be used to deploy an Astro site.
Deploying your project to AWS requires using the AWS console. (Most of these actions can also be done using the AWS CLI). This guide will walk you through the steps to deploy your site to AWS using AWS Amplify, S3 static website hosting, and CloudFront.
AWS Amplify is a set of purpose-built tools and features that lets frontend web and mobile developers quickly and easily build full-stack applications on AWS.
1. Create a new Amplify Hosting project.-
Connect your repository to Amplify.
-
Modify your build settings to match your project's build process.
```yaml version: 1 frontend: phases: preBuild: commands: - npm i -g pnpm - pnpm config set store-dir .pnpm-store - pnpm i build: commands: - pnpm run build artifacts: baseDirectory: /dist files: - '**/*' cache: paths: - .pnpm-store/**/* ``` ```yaml version: 1 frontend: phases: preBuild: commands: - npm ci build: commands: - npm run build artifacts: baseDirectory: /dist files: - '**/*' cache: paths: - node_modules/**/* ``` ```yaml version: 1 frontend: phases: preBuild: commands: - yarn install build: commands: - yarn build artifacts: baseDirectory: /dist files: - '**/*' cache: paths: - node_modules/**/* ```
Amplify will automatically deploy your website and update it when you push a commit to your repository.
S3 is the starting point of any application. It is where your project files and other assets are stored. S3 charges for file storage and number of requests. You can find more information about S3 in the AWS documentation.
1. Create an S3 bucket with your project's name.:::tip
The bucket name should be globally unique. We recommend a combination of your project name and the domain name of your site.
:::
-
Disable "Block all public access". By default, AWS sets all buckets to be private. To make it public, you need to uncheck the "Block public access" checkbox in the bucket's properties.
-
Upload your built files located in
distto S3. You can do this manually in the console or use the AWS CLI. If you use the AWS CLI, use the following command after authenticating with your AWS credentials:aws s3 cp dist/ s3://<BUCKET_NAME>/ --recursive -
Update your bucket policy to allow public access. You can find this setting in the bucket's Permissions > Bucket policy.
{ "Version": "2012-10-17", "Statement": [ { "Sid": "PublicReadGetObject", "Effect": "Allow", "Principal": "*", "Action": "s3:GetObject", "Resource": "arn:aws:s3:::<BUCKET_NAME>/*" } ] }:::caution Do not forget to replace
<BUCKET_NAME>with the name of your bucket. ::: -
Enable website hosting for your bucket. You can find this setting in the bucket's Properties > Static website hosting. Set your index document to
index.htmland your error document to404.html. Finally, you can find your new website URL in the bucket's Properties > Static website hosting.:::note If you are deploying a single-page application (SPA), set your error document to
index.html. :::
CloudFront is a web service that provides content delivery network (CDN) capabilities. It is used to cache content of a web server and distribute it to end users. CloudFront charges for the amount of data transferred. Adding CloudFront to your S3 bucket is more cost-effective and provides a faster delivery.
To connect S3 with Cloudfront, create a CloudFront distribution with the following values:
- Origin domain: Your S3 bucket static website endpoint. You can find your endpoint in your S3 bucket's Properties > Static website hosting. Alternative, you can select your s3 bucket and click on the callout to replace your bucket address with your bucket static endpoint.
- Viewer protocol policy: "Redirect to HTTPS"
This configuration will serve your site using the Cloudfront CDN network. You can find your CloudFront distribution URL in the bucket's Distributions > Domain name.
:::note When connecting CloudFront to an S3 static website endpoint, you rely on S3 bucket policies for access control. See S3 static website hosting section for more information about bucket policies. :::
There are many ways to set up continuous deployment for AWS. One possibility for code hosted on GitHub is to use GitHub Actions to deploy your website every time you push a commit.
1. Create a new policy in your AWS account using [IAM](https://aws.amazon.com/iam/) with the following permissions. This policy will allow you to upload built files to your S3 bucket and invalidate the CloudFront distribution files when you push a commit.```json
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:ListBucket",
"s3:DeleteObject",
"cloudfront:CreateInvalidation"
],
"Resource": [
"<DISTRIBUTION_ARN>",
"arn:aws:s3:::<BUCKET_NAME>/*",
"arn:aws:s3:::<BUCKET_NAME>"
]
}
]
}
```
:::caution
Do not forget to replace `<DISTRIBUTION_ARN>` and `<BUCKET_NAME>`. You can find the DISTRIBUTION_ARN in **CloudFront > Distributions > Details**.
:::
-
Create a new IAM user and attach the policy to the user. This will provide your
AWS_SECRET_ACCESS_KEYandAWS_ACCESS_KEY_ID. -
Add this sample workflow to your repository at
.github/workflows/deploy.ymland push it to GitHub. You will need to addAWS_ACCESS_KEY_ID,AWS_SECRET_ACCESS_KEY,BUCKET_ID, andDISTRIBUTION_IDas “secrets” to your repository on GitHub under Settings > Secrets > Actions. Click New repository secret to add each one.name: Deploy Website on: push: branches: - main jobs: deploy: runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v1 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: us-east-1 - name: Install modules run: npm ci - name: Build application run: npm run build - name: Deploy to S3 run: aws s3 sync --delete ./dist/ s3://${{ secrets.BUCKET_ID }} - name: Create CloudFront invalidation run: aws cloudfront create-invalidation --distribution-id ${{ secrets.DISTRIBUTION_ID }} --paths "/*"
:::note Your
BUCKET_IDis the name of your S3 bucket. YourDISTRIBUTION_IDis your CloudFront distribution ID. You can find your CloudFront distribution ID in CloudFront > Distributions > ID :::