Adding a service role to the Amplify Console when you connect an app - AWS Amplify

Adding a service role to the Amplify Console when you connect an app

The Amplify Console requires permissions to deploy backend resources with your front end. You use a service role to accomplish this. A service role is the AWS Identity and Access Management (IAM) role that Amplify Console assumes when calling other services on your behalf. In this guide, you will create an Amplify service role that has account administrative permissions and explicity allows direct access to resources that Amplify applications require to deploy any Amplify CLI resources, and create and manage backends . For more information, about the Amplify CLI, see Amplify CLI in the Amplify Framework Documentation.

Step 1: Sign in to the IAM console

Open the IAM console and choose Roles from the left navigation bar, then choose Create role.

Step 2: Create Amplify role

In the role selection screen find Amplify and choose the Amplify-Backend Deployment role. Accept all the defaults and choose a name for your role, such as AmplifyConsoleServiceRole-AmplifyRole.

Step 3: Return to the Amplify Console

Open the Amplify Console. If you are in the process of deploying a new app, choose refresh, and then choose the role you just created. It should look like AmplifyConsoleServiceRole-AmplifyRole.

If you already have an existing app, you can find the service role setting in App settings > General and then choose Edit from the top right corner of the box. Pick the service role you just created from the dropdown and choose Save.

The Amplify Console now has permissions to deploy backend resources.