Deploy Strapi on AWS

This a step-by-step guide on how to deploy Strapi on your AWS account using Microtica.

Strapi v4

Microtica’s default version of the Strapi component is v4.

You can use the previous versions of Strapi as well. This is explained in the step Deploy Strapi Infrastructure.

Strapi is an open-source headless CMS built with NodeJS. Using Strapi you can easily design and publish your content consumed by your apps via API. Strapi provides a great admin UI portal where you can design your data models, create and manage content.

The benefits of using Microtica for your Strapi projects is the simplicity of setup and low maintenance, while having the infrastructure on your own AWS account. We are following the GitOps and declarative infrastructure approach for stable, more reliable and predictable deployments.

With our approach, Strapi can coexist with your existing AWS infrastructure and you always have the flexibility to extend this setup with additional cloud resources.

Infrastructure ownership

The Strapi infrastructure will be provisioned on your own AWS account.

You retain full control over your infrastructure and data while getting all the benefits of infrastructure automation.

In this guide we will walk you through a few quick steps to create a complete infrastructure for Strapi on AWS.

#What will be provisioned on AWS

Since Microtica deploys on your cloud account, you would expect nothing less than a complete transparency of what resources are going to be provisioned.

Strapi template – Microtica components

Using the Strapi template, we will create a new environment and automatically create a few components in the environment:

  • VPC – VPC, subnets and networking
  • AppRunner – Container infrastructure based on Fargate and application load balancer. This component will run the Strapi project
  • StrapiInfra – Persistent storage, relational databased and S3 storage
  • StrapiApp (optional) – component for your existing Strapi project. If not provided, a standalone Strapi development environment is created

Below is a high-level diagram of the resources that will be provisioned.

Strapi template – cloud resources

Persistent Storage

The Strapi template uses an Amazon EFS file system to store the persistent Strapi files:

  • image uploads – media files storage
  • api folder – only for the standalone setup where you don’t have your source code connected via Git (default). In this guide we will explain how you can deploy your existing Strapi project
  • data folder – store the sqlite data file, if database client is sqlite (default)

The data stored in these folders will persist on subsequent deployments, application restarts or even if you kill the container completely.

Relational Database

The template provisions an RDS MySql database only if the database client is mysql.

Database is encrypted using a custom KMS key. Database password is automatically generated and stored securely in a AWS Secret Manager secret.

Container Environment

By default, the template provisions an AWS Fargate cluster with one container. For production environments we recommend at least two containers running all the time. This will also ensure a zero-downtime deployment.

The Fargate services is exposed via Application Load Balancer. When using custom domain, which is recommended for production, the domain certificate will be attached and SSL termination will happen on this load balancer.

Since we use persistent file storage, all containers share the same file system.

Strapi Logs

The Strapi application logs are stored in a CloudWatch Logs. You can monitor the logs from the Fargate console under tasks. The default log retention is 90 days.

#Deploy Strapi Infrastructure

Microtica provides a built-in environment template that provisions the necessary infrastructure to run Strapi on your AWS account in a scalable, secure and reliable way with zero downtime deployment.

To deploy the infrastructure you need to create an environment. Choose Environments under Infrastructure Builder from the main menu and hit on Create Environment.

Enter the environment name and description and choose the Strapi template from the list.

Select Strapi environment template
Cost Optimization

You can optionally enable Cost Optimization for non-production environments. This will stop the RDS instances if you use mysql as database client.

Microtica uses Strapi v4 as a default version for the StrapiInfra component. If you want to use a previous Strapi version, configure the StrapiInfra component’s imageUrl parameter with microtica/strapi:v3.6.2.

Once the environment deployment finishes, hit on the Quick Deploy button. Since the environment is new, you need to configure the target AWS account where your Strapi infrastructure will be provisioned. Here is a quick guide How to Connect your AWS account.

Once your AWS account is connected and configured in the environment, click again on Quick Deploy to trigger the deployment.

It takes up to 10 mins to create a live Strapi environment.

Once the environment deployment finishes, you can find the access URL in the environment details by expanding the AppRunner component.

Strapi access URL

#Configure a Custom Domain and SSL

By default, Strapi will be available on an auto-generated domain via http protocol.

To configure a custom domain you would need to do the following:

  • configure the custom domain
  • configure the SSL certificate
  • add the DNS records in your domain provider

Configure the custom domain

To configure the custom domain, simply enter the custom domain in the AppRunner component DomainName parameter.

Configure the SSL certificate

To create an SSL certificate follow the How to create SSL certificate guide.

Once you have your issued SSL certificate through AWS Certificate Manager you just need to copy the certificate ARN and past it in the AppRunner component CertificateArn parameter.

Add the DNS records in your domain provider

While in the environment details, expand the AppRunner component and copy the value of the CNAME parameter and add it as a CNAME record in your DNS provider.

Strapi CNAME record


You can scale your Strapi project vertically and horizontally.

For vertical scaling, update the CPU and Memory configuration in the StrapiInfra component. For horizontal scaling, update the number of desired replicas in the same StrapiInfra component.

#Deploy an Existing Strapi Project

The infrastructure we’ve just deployed is a standalone setup which gives you the ability to immediately start using the capabilities of the Strapi platform.

However, for production environments we recommend using Git for your Strapi projects. This also makes the process of moving content types from one environment to another much easier and deployments more predictable.

The usual flow is that you run your Strapi project locally and push the changes in your Git repository. Microtica pipelines will automate the rest.

Below are the few steps to deploy your existing Strapi project on AWS.

1. Add the pipeline spec and Dockerfile

The first thing you need to do is to define the pipeline and the Dockerfile for your Strapi project.

The easiest way to do this is by using Microtica Component Generator CLI.

# Install Microtica component generator

sudo npm install -g yo
sudo npm install -g @microtica/generator-microtica-component
# Generate .microtica folder with the necessary component files

cd /path/to/strapi-project

yo @microtica/microtica-component:strapi

This will create a new .microtica folder in your Strapi project that contains the microtica.yaml pipeline spec and a Dockerfile.

2. Connect your Amazon ECR registry

The Strapi project will be built, packaged as a Docker image and stored on your remote registry. This is a quick guide how to Connect your Amazon ECR registry.

3. Create a pipeline for the Strapi project

Next, we need to create a pipeline. The .microtica/microtica.yaml file contains the pipeline steps, so we just need to associate the pipeline with the Git repo for the Strapi project.

To create a pipeline, go to Pipelines menu and hit on Create Pipeline button.

Create pipeline for the Strapi project

Select the Git account and Git repository and change the Pipeline specs dir configuration to ./.microtica. This is where the pipeline spec (microtica.yaml) is located.

Change the pipeline branch if you want to trigger the pipeline from another branch than master. You can also use a regex to cover more then one branch (e.g. master|develop).

In Environment variables add ENV_ID as key and the ID of the environment you just created as value. This value tells the pipeline on which environment to deploy the Strapi project. You can find the environment ID in the environment details.

Now push the code changes or manually trigger the pipeline. We need at least one successful build to be able to deploy the project.

4. Create a custom component for the Strapi project

Next, you need to create a custom component associated with the previously created pipeline.

To create a new component, choose Components under Infrastructure Builder from the main menu and hit on Create Component.

For Deployment artifact select the previously created pipeline and select the PackageComponent pipeline step.

Select component deployment artifact

5. Add the component in the environment

The pipeline you’ve just created will push a Docker image on ECR. This image contains your Strapi application.

Go to the environment details and from the right panel select the component you just created. When the configuration dialog opens, name the component as StrapiApp and enter the image URL. The image URL should be in the following format:


The account ID and the region are the some as configured in the step 2.

Configuring the ImageUrl in the StrapiApp component

Since now we are using a custom image, we need to do one small change in the StrapiInfra component. While in the environment details, click the Configure button of the StrapiInfra component. For the ImageUrl parameter, reference the image URL from the custom component. Here is an example:

Referencing the ImageUrl from StrapiApp component in the StrapiInfra component

Hit Quick Deploy!

🎉 Congrats! You now have your Strapi application deploying on your AWS.

#Access RDS database over SSH

The Strapi app and the RDS database reside in a VPC private network and all traffic from the outside is blocked by default. This means that you cannot directly access the service nor the database from the Internet.

However, if you need to access the database from your local machine there is a way to do so by following the instructions below:

1. Create EC2 key pair

To create a new EC2 key-pair, go to AWS console, choose EC2 service and from the left panel, choose Key Pairs, and click Create key pair in the top right. The name you choose here is the one used to configure the VPC component in the Microtica Developer Portal.

AWS console – Create key pair
EC2 key-pair

You will need to create an EC2 key-pair from the AWS console. We don’t create it automatically due to security reasons. This key should always be in your possession and kept in a secure place. It will allow you to access your EC2 instances through SSH.

2. Allow SSH access from your public IP address

In the AWS console, go to EC2 service, select the VPC-nat instance. In the Security tab click on the security group.

NAT instance security group

Edit the inbound rules by whitelisting your public IP address for port 22 (SSH port). Save the changes.

Allow SSH access from your public IP address

3. Configure VPC component in the Microtica Developer Portal

Next thing you need to do is to add the name of the key pair you’ve just created by updating the configuration of the VPC component in the Strapi environment. Click on update and then Quick Deploy. Continue with the steps once the deployment is completed.

Configure VPC component key pair name

4. Connect with the database over SSH

Now you have everything ready to establish a connection with the database. You can get the details from the outputs by expanding the components in the environment.

From the VPC component outputs you can get the NAT instance IP and use it as a SSH hostname. Set SSH username to ec2-user.

VPC component NAT instance IP address output property

From the StrapiInfra component you can get the database endpoint, port, username.

The database password is securely stored in AWS Secret Manager specified in the DatabaseSecret output parameter.

StrapiInfra component output properties

And last, use your preferred client (e.g. MySQLWorkbench) to connect with the Strapi database.

#Estimated AWS cost

The estimated cost of AWS cloud depends from the configuration of the Strapi infrastructure. Below is the cost estimation breakdown based on different configurations assuming the resources are running all the time:

  • sqlite with one app container (0.25 vCPU and 0.5GB memory) the costs is around $30/month
  • MySql with one app container (0.25 vCPU and 0.5GB memory) the cost would be around $45/month
  • each additional container with the default config is $14/month

Additional costs apply for using the AWS EFS for storing media files (~$0.09 GB/month).

You can reduce the cost of your non-production Strapi environments with our Cloud Waste Manager.