Using AWS Toolkit for JetBrains with AWS App Runner - AWS Toolkit for JetBrains

Using AWS Toolkit for JetBrains with AWS App Runner

AWS App Runner provides a fast, simple, and cost-effective way to deploy from source code or a container image directly to a scalable and secure web application in the AWS Cloud. Using it, you don't need to learn new technologies, decide which compute service to use, or know how to provision and configure AWS resources.

You can use AWS App Runner to create and manage services based on a source image or source code. If you use a source image, you can choose a public or private container image that's stored in an image repository. App Runner supports the following image repository providers:

  • Amazon Elastic Container Registry (Amazon ECR): Stores private images in your AWS account.

  • Amazon Elastic Container Registry Public (Amazon ECR Public): Stores publicly readable images.

If you choose the source code option, you can deploy from a source code repository that's maintained by a supported repository provider. Currently, App Runner supports GitHub as a source code repository provider:


This section assumes you already have an AWS account and the latest version of AWS Toolkit for JetBrains that features AWS App Runner. In addition to those core requirements, make sure that all relevant IAM users have permissions to interact with the App Runner service. Also you need to obtain specific information about your service source such as the container image URI or the connection to the GitHub repository. You need this information when creating your App Runner service.

The easiest way to grant the permissions that are required for App Runner is to attach an existing AWS managed policy to the relevant IAM entity, specifically a user or group. App Runner provides two managed policies that you can attach to your IAM users:

  • AWSAppRunnerFullAccess: Allows users to perform all App Runner actions.

  • AWSAppRunnerReadOnlyAccess: Allow users to list and view details about App Runner resources.

In addition, if you choose a private repository from the Amazon Elastic Container Registry (Amazon ECR) as the service source, you must create the following access role for your App Runner service:

  • AWSAppRunnerServicePolicyForECRAccess: Allows App Runner to access Amazon Elastic Container Registry (Amazon ECR) images in your account.

You can use the Create App Runner Service dialog box to create this IAM role.


The AWSServiceRoleForAppRunner service-linked role allows AWS App Runner to complete the following tasks:

  • Push logs to Amazon CloudWatch Logs log groups.

  • Create Amazon CloudWatch Events rules to subscribe to Amazon Elastic Container Registry (Amazon ECR) image push.

You don't need to manually create the service-linked role. When you create an AWS App Runner in the AWS Management Console or by using API operations that are called by AWS Toolkit for JetBrains, AWS App Runner creates this service-linked role for you.

For more information, see Identity and access management for App Runner in the AWS App Runner Developer Guide.

You can use AWS App Runner to deploy services from a source image or source code.

Source image

If you're deploying from a source image, you can obtain a link to the repository for that image from a private or public AWS image registry.

You specify the URI for the image repository when entering details for your source in the Create App Runner Service dialog box.

For more information, see App Runner service based on a source image in the AWS App Runner Developer Guide.

Source code

For your source code to be deployed to an AWS App Runner service, that code must be stored in a Git repository that's maintained by a supported repository provider. App Runner supports one source code repository provider: GitHub.

For information about setting up a GitHub repository, see the Getting started documentation on GitHub.

To deploy your source code to an App Runner service from a GitHub repository, App Runner establishes a connection to GitHub. If your repository is private (that is, it isn't publicly accessible on GitHub), you must provide App Runner with connection details.


To create GitHub connections, you must use the App Runner console ( to create a connection that links GitHub to AWS. You can select the connections that are available on the GitHub connections page when using the Create App Runner Service dialog box to specify details about your source code repository.

For more information, see Managing App Runner connections in the AWS App Runner Developer Guide.

The App Runner service instance provides a managed runtime that allows your code to build and run. AWS App Runner currently supports the following runtimes:

  • Python managed runtime

  • Node.js managed runtime

Using the Create App Runner Service dialog box that's available in AWS Toolkit for JetBrains, you provide information about how the App Runner service builds and starts your service. You can enter the information directly in the interface or specify a YAML-formatted App Runner configuration file. Values in this file instruct App Runner how to build and start your service, and provide runtime context. This includes relevant network settings and environment variables. The configuration file is named apprunner.yaml. It's automatically added to root directory of your application’s repository.


You're charged for the compute and memory resources that your application uses. In addition, if you automate your deployments, you also pay a set monthly fee for each application that covers all automated deployments for that month. If you opt to deploy from source code, you additionally pay a build fee for the amount of time that it takes App Runner to build a container from your source code.

For more information, see AWS App Runner Pricing.