AWS is giving the server side of its Amplify hosting service new Identity and Access Management (IAM) roles. Among other things, this will help Server Side Rendering (SSR) applications gain more secure access to other AWS services at the detail level.
The new IAM server roles, or compute roles as the hyperscaler itself calls them, are designed primarily for applications that perform server-side rendering (SSR). These IAM-based compute roles make it possible for these applications to control at a detailed level whether and how they can access other AWS services.
Previously, developers themselves had to define the environment variables for the login credentials that applications needed to access these services. The new compute roles now ensure that temporary login credentials are treated just like long-term available login credentials, managing them in the same way as all other AWS IAM roles.
Other features
In addition, the new compute roles allow access to sensitive configuration data at runtime within Next.js AIP routes. This is done using AWS Secrets Manager and Systems Manager Parameter Store.
The compute roles also allow the SSR applications to connect directly to, such as databases like Amazon RDS, Amazon DynamoDB and other AWS databases.
Furthermore, the new compute roles enable secure and authenticated calls to any AWS service from within the server-side code.
Part Amplify development platform
AWS Amplify hosting is part of the company’s Amplify development platform. It allows developers to deploy and host Web applications very easily. It also allows them to build and scale these applications via the public cloud infrastructure.
In addition, the service provides connections to other AWS services for enhancing the functionality of these applications. These include Amazon S3 for storing static assets, Amazon CloudFront for content delivery and AWS Lambda for serverless functionality.
Also read: AWS introduces preview of Amplify version 6