Environment variables - AWS Amplify

Environment variables

Environment variables are key-value pairs that are available at build time. These configurations can be anything, including the following:

  • Database connection details

  • Third-party API keys

  • Different customization parameters

  • Secrets

As a best practice, you can use environment variables to expose these configurations. All environment variables that you add are encrypted to prevent rogue access, so you can use them to store secret information.


Environment variables is visible in the Amplify Console’s App settings menu only when an app is set up for continuous deployment and connected to a git repository. For instructions on this type of deployment, see Getting started with existing code.

Set environment variables

To set environment variables

  1. Sign in to the AWS Management Console and open the Amplify Console.

  2. In the Amplify Console, choose App Settings, and then choose Environment variables.

  3. In the Environment variables section, choose Manage variables.

  4. In the Manage variables section, under Variable, enter your key. For Value, enter your value. By default, the Amplify console applies the environment variables across all branches, so you don’t have to re-enter variables when you connect a new branch.

                  Screenshot of the Manage variables section.
  5. (Optional) To customize an environment variable specifically for a branch, add a branch override as follows:

    1. Choose Actions and then choose Add variable override.

    2. You now have a set of environment variables specific to your branch.

                  An animated gif demonstrating how to add a branch override.
  6. Choose Save.

Access environment variables

To access an environment variable during a build, edit your build settings to include the environment variable in your build commands.

To edit build settings to include an environment variable

  1. Sign in to the AWS Management Console and open the Amplify Console.

  2. In the Amplify Console, choose App Settings, then choose Build settings.

  3. In the App build specification section, choose Edit.

  4. Add the environment variable to your build command. You should now be able to access your environment variable during your next build.

    build: commands: - npm run build:$BUILD_ENV

Create a new backend environment with authentication parameters

To create a new backend environment with authentication parameters

  1. Sign in to the AWS Management Console and open the Amplify Console.

  2. When connecting a branch, choose Create new environment, and enter the name of your backend environment. The following screenshot shows the Backend deployments section of the Amplify console with backend entered for the backend environment name.

                  Screenshot of the Backend deployments section in the Amplify
  3. To set the environment variables for the new backend environment, in the navigation pane, choose AppSettings, Environment variables.

  4. In the Environment variables section, choose Manage variables.

  5. In the Manage variables section, for Variable (key), enter your client ID. For Value, enter your client secret. For the list of Amplify system environment variables that are available by default, see the table in Amplify Console environment variables .

Amplify Console environment variables

You can use the following environment variables that are accessible by default within the Amplify Console.

Variable name Description Example value


The app ID of the current build



The branch name of the current build



The branch ARN of the current build



The clone URL used to fetch the git repository contents



The commit ID of the current build. “HEAD” for rebuilds



The job ID of the current build. This includes some padding of ‘0’ so it always has the same length.



The tool will be upgraded to the latest version.

[{“name”:”Amplify CLI”,”pkg”:”@aws-amplify/cli”,”type”:”npm”,”version”:”latest”}]


The Facebook client ID.



The Facebook client secret.



The Google client ID.



The Google client secret.



The Amazon client ID.



The Amazon client secret.



The build timeout duration in minutes.