What Is AWS AppConfig? - AWS AppConfig

What Is AWS AppConfig?

Use AWS AppConfig, a capability of AWS Systems Manager, to create, manage, and quickly deploy application configurations. You can use AWS AppConfig with applications hosted on Amazon Elastic Compute Cloud (Amazon EC2) instances, AWS Lambda, containers, mobile applications, or IoT devices.

Simplify tasks with AWS AppConfig

AWS AppConfig helps simplify the following tasks:

  • Configure

    Source your configurations from Amazon Simple Storage Service (Amazon S3), AWS AppConfig hosted configurations, Parameter Store, Systems Manager Document Store. Use AWS CodePipeline integration to source your configurations from Bitbucket Pipelines, GitHub, and AWS CodeCommit.

  • Validate

    While deploying application configurations, a simple typo could cause an unexpected outage. Prevent errors in production systems using AWS AppConfig validators. AWS AppConfig validators provide a syntactic check using a JSON schema or a semantic check using an AWS Lambda function to ensure that your configurations deploy as intended. Configuration deployments only proceed when the configuration data is valid.

  • Deploy and monitor

    Define deployment criteria and rate controls to determine how your targets receive the new configuration. Use AWS AppConfig deployment strategies to set deployment velocity, deployment time, and bake time. Monitor each deployment to proactively catch any errors using AWS AppConfig integration with Amazon CloudWatch Events. If AWS AppConfig encounters an error, the system rolls back the deployment to minimize impact on your application users.

AWS AppConfig use cases

AWS AppConfig can help you in the following use cases:

  • Application tuning – Introduce changes carefully to your application that can be tested with production traffic.

  • Feature toggle – Turn on new features that require a timely deployment, such as a product launch or announcement.

  • Allow list – Allow premium subscribers to access paid content.

  • Operational issues – Reduce stress on your application when a dependency or other external factor impacts the system.

Benefits of using AWS AppConfig

AWS AppConfig offers the following benefits for your organization:

  • Reduce errors in configuration changes

    AWS AppConfig reduces application downtime by enabling you to create rules to validate your configuration. Configurations that aren't valid can't be deployed. AWS AppConfig provides the following two options for validating configurations:

    • For syntactic validation, you can use a JSON schema. AWS AppConfig validates your configuration by using the JSON schema to ensure that configuration changes adhere to the application requirements.

    • For semantic validation, you can call an AWS Lambda function that runs your configuration before you deploy it.

  • Deploy changes across a set of targets quickly

    AWS AppConfig simplifies the administration of applications at scale by deploying configuration changes from a central location. AWS AppConfig supports configurations stored in Systems Manager Parameter Store, Systems Manager (SSM) documents, and Amazon S3. You can use AWS AppConfig with applications hosted on EC2 instances, AWS Lambda, containers, mobile applications, or IoT devices.

    Targets don't need to be configured with the Systems Manager SSM Agent or the AWS Identity and Access Management (IAM) instance profile required by other Systems Manager capabilities. This means that AWS AppConfig works with unmanaged instances.

  • Update applications without interruptions

    AWS AppConfig deploys configuration changes to your targets at runtime without a heavy-weight build process or taking your targets out of service.

  • Control deployment of changes across your application

    When deploying configuration changes to your targets, AWS AppConfig enables you to minimize risk by using a deployment strategy. You can use the rate controls of a deployment strategy to determine how fast you want your application targets to receive a configuration change.

Get started with AWS AppConfig

The following resources can help you work directly with AWS AppConfig.

Video: AWS AppConfig overview

View a video introduction to AWS AppConfig. (Duration: 9:12)

View more AWS videos on the Amazon Web Services YouTube Channel.

The following blogs can help you learn more about AWS AppConfig and its capabilities:

How AWS AppConfig works

At a high level, there are three processes for working with AWS AppConfig:

  1. Configure AWS AppConfig to work with your application.

  2. Enable your application code to periodically check for and receive configuration data from AWS AppConfig.

  3. Deploy a new or updated configuration.

The following sections describe each step.

Configure AWS AppConfig to work with your application

To configure AWS AppConfig to work with your application, you set up three types of resources, which are described in the following table.

Resource Details


An application in AWS AppConfig is a logical unit of code that provides capabilities for your customers. For example, an application can be a microservice that runs on EC2 instances, a mobile application installed by your users, a serverless application using Amazon API Gateway and AWS Lambda, or any system you run on behalf of others.


For each application, you define one or more environments. An environment is a logical deployment group of AWS AppConfig applications, such as applications in a Beta or Production environment. You can also define environments for application subcomponents such as the Web, Mobile, and Back-end components for your application. You can configure Amazon CloudWatch alarms for each environment. The system monitors alarms during a configuration deployment. If an alarm is triggered, the system rolls back the configuration.

Configuration profile

A configuration profile enables AWS AppConfig to access your configuration in its stored location. You can store configurations in the following formats and locations:

  • YAML, JSON, or text documents in the AWS AppConfig hosted configuration store

  • Objects in an Amazon S3 bucket

  • Documents in the Systems Manager document store

  • Parameters in Parameter Store

A configuration profile can also include optional validators to ensure your configuration data is syntactically and semantically correct. AWS AppConfig performs a check using the validators when you start a deployment. If any errors are detected, the deployment stops before making any changes to the targets of the configuration.

Enable your application code to check for and receive configuration data

You must configure your application to periodically check for and receive configuration updates by using the GetConfiguration API action. When a new or updated configuration is ready, AWS AppConfig deploys the configuration file to each target in your deployment strategy.

When called, your code sends the following information:

  • The IDs of an AWS AppConfig application, environment, and configuration profile.

  • A unique application instance identifier called a client ID.

  • The last configuration version known by your application code.

When a new configuration is deployed (which means there is a new version of the configuration), AWS AppConfig responds to the GetConfiguration request and returns the new configuration data.

Deploy a new or updated configuration

AWS AppConfig enables you to deploy configurations in the manner that best suits the use case of your applications. You can deploy changes in seconds, or you can roll them out slowly to assess the impact of the changes. The AWS AppConfig resource that helps you control deployments is called a deployment strategy. A deployment strategy includes the following information:

  • Total amount of time for a deployment to last. (DeploymentDurationInMinutes).

  • The percentage of targets to receive a deployed configuration during each interval. (GrowthFactor).

  • The amount of time AWS AppConfig monitors for alarms before considering the deployment to be complete and no longer eligible for automatic rollback. (FinalBakeTimeInMinutes).

You can use built-in deployment strategies that cover common scenarios, or you can create your own. After you create or choose a deployment strategy, you start the deployment. Starting the deployment calls the StartDeployment API action. The call includes the IDs of an application, environment, configuration profile, and (optionally) the configuration data version to deploy. The call also includes the ID of the deployment strategy to use, which determines how the configuration data rolls out.


For information about AWS AppConfig language-specific SDKs, see AWS AppConfig SDKs.

Pricing for AWS AppConfig

There is a charge to use AWS AppConfig. For more information, see AWS Systems Manager Pricing.

AWS AppConfig quotas

Information about AWS AppConfig endpoints and service quotas along with other Systems Manager quotas is in the Amazon Web Services General Reference.


For information about quotas for services that store AWS AppConfig configurations, see About configuration store quotas and limitations.