By using AWS re:Post, you agree to the Terms of Use
/Allow AWS Amplify access a restricted site for npm builds/

Allow AWS Amplify access a restricted site for npm builds

0

Setup

I am using AWS Amplify to host my NextJS app. My backend is a headless CMS called Craft CMS (PHP). The NextJS app is using the GraphQL endpoint from Craft CMS for data fetching. The CMS is in EC2 server. It is connected to an Application Load Balancer.

Requirement

I want to be the only one who can access the CMS since I'm the only one using it. So the EC2 security group's source for HTTP and HTTPs is the ELB security group ID. The ELB security group has my IP for the HTTP and HTTPS traffic. This configuration works. I'm the only one who can access the site.

The issue

The problem is that when Amplify tries to build my frontend app, it's always build error. It seems that the Amplify can not reach the GraphQL endpoint when it tries to build the app.

Action taken

I tried adding AmazonEC2FullAccess to the Amplify Service role and it didn't work.

Temporary workaround

I turned on the access logs of the CMS and found the AWS IP of the Amplify app. I then added the IP to the ELB security group to allow access. This works but I don't know how often AWS changes the IP address and I know at point some point it'll break down.

Question

How do we allow Amplify to access the GraphQL endpoint for npm builds? Any ideas is greatly appreciated. Thank you.

1 Answers
0

I think you can consider AWS custom CDK for Amplify.

https://docs.amplify.aws/cli/custom/cdk/

answered 2 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions