In an earlier post, I described how to have a separate Amplify environment for each developer in the team who are using separate AWS accounts.

Now, what if there are multiple developers in the team that use different AWS accounts, but we don’t want to use multiple Amplify environments but want the ability that each Amplify environment can be used by every developer in their own AWS accounts?

Another scenario is that the team would like to have the stack for the production environment in the same git repo, but don’t want to share the details of the production roles in the git repo such as the AuthRole, UnauthRole etc.

This post is going to describe using the same AWS Amplify environment(s) for multiple developers with different AWS accounts that don’t have access to each others’ accounts.

FIrst time setup

This post assumes that you have the following setup already:

we are going to setup the Amplify app for the first time. So got to the root of your project and follow the usual commands provided below and choose options in the interactive prompts:

amplify init

Add a service, here we I will use auth:

amplify add auth

Push your changes to your AWS account:

amplify push

Choose to create a new environment and name it something. Also make sure you have an AWS profile present which has the required permissions to perform Amplify operation in your AWS account.

This is going to create and publish a new Amplify app for you. We added the authentication service that will create respective Cognito resources.

An Amplify folder is going to be created in the root of the project.

Adding files to .gitignore

Next we need to add some Amplify configuration files to .gitignore so they are not included in the repository. The reason for this is that some of these files contain AWS account specific information which prohibits us to push changes made by one AWS account to another AWS account. Then, there are files that are just some local files that are created automatically for a user when they follow Amplify commands.

So, as your .gitignore already has an #Amplify section already present, update this section to look like the following:

#amplify
amplify/\#current-cloud-backend
amplify/mock-data
amplify/.config/local-aws-info.json
amplify/backend/amplify-meta.json
amplify/team-provider-info.json
build/
dist/
node_modules/
aws-exports.js
aws-exports.ts
awsconfiguration.json
amplifyconfiguration.json
amplify-gradle-config.json
amplifyxc.config

First commit your .gitignore before any other so that it can take effect in your repo:

git add .gitignore && git commit -m "Additions to gitignore"

Next, add the remaining Amplify files to the repo:

git add --all
git commit "Amplify configuration"
git push origin master

setup for second developer’s accounts

Now that the initial setup for Amplify is complete, other developers can pull these changes pull these changes to their git repo:

git pull origin master

Changes to the Amplify configuration

Now open the file amplify/backend/auth/yourAmplifyProjectName/parameters.json and find the following section in code:

"hostedUIDomainName": "CognitoOriginalDomainName",

This is the domain name that will be generated for Cognito. This domain name needs to be universally unique and as the original developer who created this Amplify configuration is already using this domain name, you need to update this value to a random, long unique string, otherwise the Amplify deployment will fail. So let’s say you replace this value like the following:

"hostedUIDomainName": "mynewcognitodomainname-0179757283399763210",

This is the only change that is required to make the configuration work.

deploy amplify

Enter the following Amplify commands:

amplify init
? Do you want to use an existing environment? Yes
? Enter a name for the environment prod
? Do you want to use an AWS profile? Yes
? Please choose the profile you want to use YourProfileName

Notice that we are going to use the same environment prod here. The developer needs to choose an AWS profile on their machine which has permissions necessary for deploying Amplify.

amplify push

And that is it. All the resources that the first developer had deployed to their account are now also available to the second developer’s account as well. This setup can then be established by as many members of the team and they can push to the same git branch while working independently in their own AWS accounts.

Now as an added benefit, the details for the production environment such as authorisation roles etc present in amplify/team-provider-info.json are not added to the git repository as the file is being git ignored.

summary

This post described how we can use the same Amplify environment between multiple developers who have AWS accounts that are totally separate from each other and that to accomplish this, we only need to add some Amplify configuration files to .gitignore and just provide a unique Domain Name for Cognito in the amplify/backend/auth/yourAmplifyProjectName/parameters.json file and the team is all set to use the same info from the code repo and deploy in their own AWS accounts.

Also, this technique provides a way to not share any sensitive AWS Amplify information for an environment in the git repository but still works with multiple AWS accounts.