So I went on this journey mainly to minimize costs as AWS is free for 1 year. I have mostly succeeded and I want to share what I did.
The absolutely best place to start is this article: https://www.prismagraphql.com/docs/tutorials/cluster-deployment/digital-ocean-(docker-machine)-texoo9aemu. It pretty much works for AWS too. Installing Docker and creating AWS account is probably not worth mentioning as it’s pretty straightforward.
The biggest initial hurdle was to figure the
secret_access_key. It’s recommended to create IAM user with a limited access, but I got lost in what permissions to add so I used root access key directly on My Security Credentials. It’s probably not that big deal since it’s one time call.
Next step is to actually create an instance within AWS. At first, I’ve done that manually, but
docker-machine is your friend. Just follow the official instructions and everything is done for you. Careful about the region, by default it picks
us-east-1 so if your audience is eg. in Europe, you might want to pick a different one. Region cannot be changed once AWS instance is created. In a couple of seconds, you have a Unix machine with Docker ready to be used.
The article about Digital Ocean explains lengthy process of creating docker containers, but I went a shortcut and simply ran
prisma local start (after switching to a correct docker machine). Works like a charm. Sure, it’s some prebaked configuration so you cannot eg. set your own passwords/secrets, but for initial fiddling, it’s enough. It’s easy to remove containers afterward and do it properly when you know what you need. Running
docker ps after this should display output similar to this.
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e1c42cadffae mysql:5.7 "docker-entrypoint..." 24 hours ago Up 24 hours 0.0.0.0:3307->3306/tcp prisma-db 4bd0e2e15b48 prismagraphql/prisma:1.4 "/bin/sh -c /app/s..." 24 hours ago Up 13 hours 0.0.0.0:4466->4466/tcp local_prisma-database_1
You can then follow section 5 about adding a cluster to Prisma. Note that you cannot use
clusterSecret unless doing that lengthy process from the previous step.
Now another tricky part that took me some time. You need to open network port on AWS machine so Prisma endpoint can be accessed. Luckily it’s super easy with AWS, just go to Security Groups page and you can either modify existing
docker-machine group or create a new one. As far as I know you don’t need any outbound rules and if you don’t want to connect to MySQL directly, you don’t need to expose its port either.
If you have create a new security group, you need to assign it to the instance like this.
You can then follow Digital ocean guide to the end, there is nothing else specific to AWS anymore.
How to setup HTTPS for this? I haven’t figured that out yet and I am not even sure where to start.