# Using AWS Toolkit for JetBrains with AWS App Runner
AWS App Runner
[AWS App Runner](https://docs.aws.amazon.com/apprunner/latest/dg/what-is-apprunner.html) provides a fast, simple, and cost-effective way to deploy from source code or a container image directly to a scalable and secure web application in the AWS Cloud. Using it, you don't need to learn new technologies, decide which compute service to use, or know how to provision and configure AWS resources.
You can use AWS App Runner to create and manage services based on a *source image* or *source code*. If you use a source image, you can choose a public or private container image that's stored in an image repository. App Runner supports the following image repository providers:
+ Amazon Elastic Container Registry (Amazon ECR): Stores private images in your AWS account.
+ Amazon Elastic Container Registry Public (Amazon ECR Public): Stores publicly readable images.
If you choose the source code option, you can deploy from a source code repository that's maintained by a supported repository provider. Currently, App Runner supports [GitHub](https://github.com/) as a source code repository provider:
## Prerequisites
This section assumes you already have an AWS account and the latest version of AWS Toolkit for JetBrains that features AWS App Runner. In addition to those core requirements, make sure that all relevant IAM users have permissions to interact with the App Runner service. Also you need to obtain specific information about your service source such as the container image URI or the connection to the GitHub repository. You need this information when creating your App Runner service.
### Configuring IAM permissions for App Runner
The easiest way to grant the permissions that are required for App Runner is to attach an existing AWS managed policy to the relevant IAM entity, specifically a user or group. App Runner provides two managed policies that you can attach to your IAM users:
+ `AWSAppRunnerFullAccess`: Allows users to perform all App Runner actions.
+ `AWSAppRunnerReadOnlyAccess`: Allow users to list and view details about App Runner resources.
In addition, if you choose a private repository from the Amazon Elastic Container Registry (Amazon ECR) as the service source, you must create the following access role for your App Runner service:
+ `AWSAppRunnerServicePolicyForECRAccess`: Allows App Runner to access Amazon Elastic Container Registry (Amazon ECR) images in your account.
You can use the **Create App Runner Service** dialog box to create this IAM role.
**Note**
The **AWSServiceRoleForAppRunner** service-linked role allows AWS App Runner to complete the following tasks:
Push logs to Amazon CloudWatch Logs log groups.
Create Amazon CloudWatch Events rules to subscribe to Amazon Elastic Container Registry (Amazon ECR) image push.
You don't need to manually create the service-linked role. When you create an AWS App Runner in the AWS Management Console or by using API operations that are called by AWS Toolkit for JetBrains, AWS App Runner creates this service-linked role for you.
For more information, see [Identity and access management for App Runner](https://docs.aws.amazon.com/apprunner/latest/dg/security-iam.html) in the *AWS App Runner Developer Guide*.
### Obtaining service sources for App Runner
You can use AWS App Runner to deploy services from a source image or source code.
------
#### [ Source image ]
If you're deploying from a source image, you can obtain a link to the repository for that image from a private or public AWS image registry.
+ Amazon ECR private registry: Copy the URI for a private repository that uses the Amazon ECR console at [https://console.aws.amazon.com/ecr/repositories](https://console.aws.amazon.com/ecr/repositories).
+ Amazon ECR public registry: Copy the URI for a public repository that uses the Amazon ECR Public Gallery at [https://gallery.ecr.aws/](https://gallery.ecr.aws).
You specify the URI for the image repository when entering details for your source in the **Create App Runner Service** dialog box.
For more information, see [App Runner service based on a source image](https://docs.aws.amazon.com/apprunner/latest/dg/service-source-image.html) in the *AWS App Runner Developer Guide*.
------
#### [ Source code ]
For your source code to be deployed to an AWS App Runner service, that code must be stored in a Git repository that's maintained by a supported repository provider. App Runner supports one source code repository provider: [GitHub](https://github.com/).
For information about setting up a GitHub repository, see the [Getting started documentation](https://docs.github.com/en/github/getting-started-with-github) on GitHub.
To deploy your source code to an App Runner service from a GitHub repository, App Runner establishes a connection to GitHub. If your repository is private (that is, it isn't publicly accessible on GitHub), you must provide App Runner with connection details.
**Important**
To create GitHub connections, you must use the App Runner console ([https://console.aws.amazon.com/apprunner](https://console.aws.amazon.com/apprunner)) to create a connection that links GitHub to AWS. You can select the connections that are available on the **GitHub connections** page when using the **Create App Runner Service** dialog box to specify details about your source code repository.
For more information, see [Managing App Runner connections](https://docs.aws.amazon.com/apprunner/latest/dg/manage-connections.html) in the *AWS App Runner Developer Guide*.
The App Runner service instance provides a managed runtime that allows your code to build and run. AWS App Runner currently supports the following runtimes:
+ Python managed runtime
+ Node.js managed runtime
Using the **Create App Runner Service** dialog box that's available in AWS Toolkit for JetBrains, you provide information about how the App Runner service builds and starts your service. You can enter the information directly in the interface or specify a YAML-formatted [App Runner configuration file](https://docs.aws.amazon.com/apprunner/latest/dg/config-file.html). Values in this file instruct App Runner how to build and start your service, and provide runtime context. This includes relevant network settings and environment variables. The configuration file is named `apprunner.yaml`. It's automatically added to root directory of your application’s repository.
------
## Pricing
You're charged for the compute and memory resources that your application uses. In addition, if you automate your deployments, you also pay a set monthly fee for each application that covers all automated deployments for that month. If you opt to deploy from source code, you additionally pay a build fee for the amount of time that it takes App Runner to build a container from your source code.
For more information, see [AWS App Runner Pricing](https://aws.amazon.com/apprunner/pricing/).
**Topics**
+ [
## Prerequisites
](#apprunner-prereqs)
+ [
## Pricing
](#app-runner-pricing)
+ [Creating App Runner services](creating-service-apprunner.md)
+ [
# Managing App Runner services
](managing-service-apprunner.md)
# Creating App Runner services
Creating App Runner services
You can create an App Runner service in AWS Toolkit for JetBrains by using the **Create App Runner Service** dialog box. You can use its interface to select a source repository and configure the service instance where your application runs.
Before creating an App Runner service, make sure that you completed all the [prerequisites](using-apprunner.md#apprunner-prereqs). Included is providing the relevant IAM permissions and taking note of the specific information about the source repository that you want to deploy.
# To create an App Runner service
1. Open AWS Explorer, if it isn't already open.
1. Right-click the **App Runner** node and choose **Create Service**.
The **Create App Runner Service** dialog box is displayed.
1. Enter your unique **Service name**.
1. Choose your source type (**ECR**, **ECR public** or **Source code repository**) and configure the relevant settings:
------
#### [ ECR/ECR public ]
If you're using a private registry, choose the **Deployment type**:
+ **Manual**: Use manual deployment if you want to explicitly initiate each deployment to your service.
+ **Automatic**: Use automatic deployment if you want implement continuous integration and deployment (CI/CD) behavior for your service. If you choose this option, it means that whenever you push a new image version to your image repository or a new commit to your code repository, App Runner automatically deploys it to your service without further action required from you.
For **Container image URI**, enter the URI of the image repository that you copied from your Amazon ECR private registry or Amazon ECR Public Gallery.
For **Start Command**, enter the command to start the service process.
For **Port**, enter the IP port that's used by the service.
If you're using an Amazon ECR private registry, select the required **ECR access role** and choose **Create**.
+ The **Create IAM Role** dialog box displays the **Name**, **Managed Policies**, and **Trust Relationships** for the IAM role. Choose **Create**.
------
#### [ Source code repository ]
Choose the **Deployment type**:
+ **Manual**: Use manual deployment if you want to explicitly initiate each deployment to your service.
+ **Automatic**: Use automatic deployment if you want implement continuous integration and deployment (CI/CD) behavior for your service. If you choose this option, it means that whenever you push a new image version to your image repository, or a new commit to your code repository, App Runner automatically deploys it to your service without further action required from you.
For **Connections**, select a connection that's available from the list on **GitHub connections** page.
For **Repository URL**, enter the link to remote repository that's hosted on GitHub.
For **Branch**, indicate which Git branch of your source code that you want to deploy.
For **Configuration**, specify how you want to specify your runtime configuration:
+ **Configure all settings here**: Choose this option if you want to specify the following settings for the runtime environment of your application:
+ **Runtime**: Choose **Python 3** or **Nodejs 12**.
+ **Port**: Enter the IP port that your service uses.
+ **Build command**: Enter the command to build your application in the runtime environment of your service instance.
+ **Start command**: Enter the command to start your application in the runtime environment of your service instance.
+ **Provide a configuration file settings here**: Choose this option to use the settings that are defined by the `apprunner.yaml` configuration file. This file is in the root directory of your application’s repository.
------
1. Specify values to define the runtime configuration of the App Runner service instance:
+ **CPU**: The number of CPU units that are reserved for each instance of your App Runner service (Default: `1 vCPU`).
+ **Memory:** The amount of memory that's reserved for each instance of your App Runner service (Default: `2 GB`)
+ **Environmental variables**: Optional environment variables that you use to customize behavior in your service instance. Create environmental variables by defining a key and a value.
1. Choose **Create**
When your service is being created, its status changes from **Operation in progress** to **Running**.
1. After your service starts running, right-click it and choose **Copy Service URL**.
1. To access your deployed application, paste the copied URL into the address bar of your web browser.
# Managing App Runner services
After creating an App Runner service, you can manage it by using the AWS Explorer pane to carry out the following activities:
+ [Pausing and resuming App Runner services](#pause-resume-apprunner)
+ [Deploying App Runner services](#deploying-apprunner)
+ [Viewing logs streams for App Runner](#viewing-logs-apprunner)
+ [Deleting App Runner services](#deleting-apprunner)
## Pausing and resuming App Runner services
If you need to disable your web application temporarily and stop the code from running, you can pause your AWS App Runner service. App Runner reduces the compute capacity for the service to zero. When you're ready to run your application again, resume your App Runner service. App Runner provisions new compute capacity, deploys your application to it, and runs the application.
**Important**
You're billed for App Runner only when it's running. Therefore, you can pause and resume your application as needed to manage costs. This is particularly helpful in development and testing scenarios.
## To pause your App Runner service
1. Open AWS Explorer, if it isn't already open.
1. Expand **App Runner** to view the list of services.
1. Right-click your service and choose **Pause**.
1. In the dialog box that displays, choose **Pause**.
While the service is pausing, the service status changes from **Running** to **Operation in progress** and then to **Paused**.
## To resume your App Runner service
1. Open AWS Explorer, if it isn't already open.
1. Expand **App Runner** to view the list of services.
1. Right-click your service and choose **Resume**.
1. In the dialog box that displays, choose **Resume**.
While the service is resuming, the service status changes from **Paused** to **Operation in progress** and then to **Running**.
## Deploying App Runner services
If you choose the manual deployment option for your service, you need to explicitly initiate each deployment to your service.
1. Open AWS Explorer, if it isn't already open.
1. Expand **App Runner** to view the list of services.
1. Right-click your service and choose **Deploy**.
1. While your application is being deployed, the service status changes from **Operation in progress** to **Running**.
1. To confirm that your application is successfully deployed, right-click the same service and choose **Copy Service URL**.
1. To access your deployed web application, paste the copied URL into the address bar of your web browser.
## Viewing logs streams for App Runner
Use CloudWatch Logs to monitor, store, and access your log files for services such as App Runner. CloudWatch Logs records two distinct types of log files: log events and log streams. Log events are records of activity that was recorded by the application or resource that you monitor with CloudWatch Logs . A log stream is a sequence of log events that share the same source.
You can access the two following types of log streams for App Runner:
+ **Service log streams**: Contains the logging output that's generated by App Runner. For this type of log stream, the log events are records of how App Runner manages your service and acts on it.
+ **Application log streams**: Contains the output of your running application code.
1. Expand **App Runner** to view the list of services
1. Right-click a service and choose one of the following options:
+ **View Service Log Streams**
+ **View Application Log Streams**
The **Log Streams** pane displays the log events that make up the log stream.
1. To view more information about a specific event, right-click it and choose **Export Log Stream**, **Open in Editor** or **Export Log Stream**, **Save to a File**.
## Deleting App Runner services
**Important**
If you delete your App Runner service, it's permanently removed and your stored data is deleted. If you need to recreate the service, App Runner needs to fetch your source again and build it if it's a code repository. Your web application gets a new App Runner domain.
1. Open AWS Explorer, if it isn't already open.
1. Expand **App Runner** to view the list of services.
1. Right-click a service and choose **Delete Service**.
1. In the confirmation dialog box, enter *delete me* and then choose **OK**.
The deleted service displays the **Operation in progress** status, and then the service disappears from the list.