# Caveats when deploying to AWS platforms (/docs/orm/v6/prisma-client/deployment/caveats-when-deploying-to-aws-platforms) Location: ORM > v6 > Prisma Client > Deployment > Caveats when deploying to AWS platforms The following describes some caveats you might face when deploying to different AWS platforms. AWS RDS Proxy [#aws-rds-proxy] Prisma ORM is compatible with AWS RDS Proxy. However, there is no benefit in using it for connection pooling with Prisma ORM due to the way RDS Proxy pins connections: > "Your connections to the proxy can enter a state known as pinning. When a connection is pinned, each later transaction uses the same underlying database connection until the session ends. Other client connections also can't reuse that database connection until the session ends. The session ends when Prisma Client's connection is dropped." - [AWS RDS Proxy Docs](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-proxy-pinning.html) [Prepared statements (of any size) or query statements greater than 16 KB cause RDS Proxy to pin the session.](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-proxy-pinning.html) Because Prisma ORM uses prepared statements for all queries, you won't see any benefit when using RDS Proxy with Prisma ORM. AWS Elastic Beanstalk [#aws-elastic-beanstalk] AWS Elastic Beanstalk is a PaaS-like deployment service that abstracts away infrastructure and allows you to deploy applications to AWS quickly. When deploying an app using Prisma Client to AWS Elastic Beanstalk, Prisma ORM generates the Prisma Client code into `node_modules`. This is typically done in a `postinstall` hook defined in a `package.json`. Because Beanstalk limits the ability to write to the filesystem in the `postinstall` hook, you need to create an [`.npmrc`](https://docs.npmjs.com/cli/v6/configuring-npm/npmrc/) file in the root of your project and add the following configuration: ```yaml title=".npmrc" showLineNumbers unsafe-perm=true ``` Enabling `unsafe-perm` forces *npm* to run as *root*, avoiding the filesystem access problem, thereby allowing the `prisma generate` command in the `postinstall` hook to generate your code. Error: @prisma/client did not initialize yet [#error-prismaclient-did-not-initialize-yet] This error happens because AWS Elastic Beanstalk doesn't install `devDependencies`, which means that it doesn't pick up the Prisma CLI. To remedy this you can either: 1. Add the `prisma` CLI package to your `dependencies` instead of the `devDependencies`. (Making sure to run `npm install` afterward to update the `package-lock.json`). 2. Or install your `devDependencies` on AWS Elastic Beanstalk instances. To do this you must set the AWS Elastic Beanstalk `NPM_USE_PRODUCTION` environment property to false. AWS RDS Postgres [#aws-rds-postgres] When using Prisma ORM with AWS RDS Postgres, you may encounter connection issues or the following error during migration or runtime: ```bash Error: P1010: User was denied access on the database ``` Cause [#cause] AWS RDS enforces SSL connections by default, and Prisma parses the database connection string with `rejectUnauthorized: true`, which requires a valid SSL certificate. If the certificate is not configured properly, Prisma cannot connect to the database. Solution [#solution] To resolve this issue, update the `DATABASE_URL` environment variable to include the `sslmode=no-verify` option. This bypasses strict SSL certificate verification and allows Prisma to connect to the database. Update your `.env` file as follows: ```bash DATABASE_URL=postgresql://:@/?sslmode=no-verify&schema=public ``` Why This Works [#why-this-works] The `sslmode=no-verify` setting passes `rejectUnauthorized: false` to the SSL configuration via the [pg-connection-string](https://github.com/brianc/node-postgres/blob/95d7e620ef8b51743b4cbca05dd3c3ce858ecea7/packages/pg-connection-string/README.md?plain=1#L71) package. This disables strict certificate validation, allowing Prisma to establish a connection with the RDS database. Note [#note] While using `sslmode=no-verify` can be a quick fix, it bypasses SSL verification and might not meet security requirements for production environments. In such cases, ensure that a valid SSL certificate is properly configured. AWS Lambda upload limit [#aws-lambda-upload-limit] AWS Lambda defines an **deployment package upload limit**, which includes: * All application code * Binaries like the [Prisma ORM query engine](/orm/v6/more/internals/engines) > [!NOTE] > As of [v6.16.0](https://pris.ly/release/6.16.0), Prisma ORM can be used without Rust engines in production applications. Learn more [here](/orm/v6/prisma-client/setup-and-configuration/no-rust-engine). > > **When enabled, your Prisma Client will be generated without a Rust-based query engine binary**: > > ```prisma > generator client { > provider = "prisma-client-js" // or "prisma-client" > output = "../src/generated/prisma" > engineType = "client" // no Rust engine > } > ``` > > Note that [driver adapters](/orm/v6/overview/databases/database-drivers#driver-adapters) are required if you want to use Prisma ORM without Rust engines. > > You can [read about the performance and DX improvements](https://www.prisma.io/blog/prisma-orm-without-rust-latest-performance-benchmarks) of this change on our blog. The [deployment package (.zip) size limit for lambdas is 50MB](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-limits.html). When you prepare a deployment package, remove any files that the function does not require in production to keep the final .zip as small as possible. This includes some [Prisma ORM engine binaries](#deleting-prisma-orm-engines-that-are-not-required). Deleting Prisma ORM engines that are not required [#deleting-prisma-orm-engines-that-are-not-required] Prisma CLI downloads additional engine binaries that are **not required** in production. You can delete the following files and folders: 1. The entire `node_modules/@prisma/engines` folder (refer to the [sample bash script](https://github.com/prisma/ecosystem-tests/blob/13e74dc47eababa5d3c8f488b73fe7fc8bffead7/platforms-serverless/lambda/run.sh#L16) used by the Prisma end-to-end tests) 2. The **local engine file** for your development platform from the `node_modules/.prisma/client` folder. For example, your schema might define the following `binaryTargets` if you develop on Debian (`native`) but deploy to AWS Lambda (`rhel-openssl-3.0.x`): ```prisma binaryTargets = ["native", "rhel-openssl-3.0.x"] ``` In this scenario: * Keep `node_modules/.prisma/client/query-engine-rhel-openssl-3.0.x`, which is the engine file used by AWS Lambda * Delete `node_modules/.prisma/client/query-engine-debian-openssl-1.1.x`, which is only required locally > **Note**: When using Node.js 18 or earlier, the correct `binaryTarget` for AWS Lambda is `rhel-openssl-1.0.x`. `rhel-openssl-3.0.x` is the correct `binaryTarget` for Node.js versions greater than 18. ## Related pages - [`Deploy migrations from a local environment`](https://www.prisma.io/docs/orm/v6/prisma-client/deployment/deploy-migrations-from-a-local-environment): Learn how to deploy Node.js and TypeScript applications that are using Prisma Client locally. - [`Deploy Prisma ORM`](https://www.prisma.io/docs/orm/v6/prisma-client/deployment/deploy-prisma): Learn more about the different deployment paradigms for Node.js applications and how they affect deploying an application using Prisma Client. - [`Deploy to a different OS`](https://www.prisma.io/docs/orm/v6/prisma-client/deployment/deploy-to-a-different-os): Learn how to deploy Node.js and TypeScript applications that are using Prisma Client to a different operating system. - [`Deploying database changes with Prisma Migrate`](https://www.prisma.io/docs/orm/v6/prisma-client/deployment/deploy-database-changes-with-prisma-migrate): Learn how to deploy database changes with Prisma Migrate. - [`Edge functions`](https://www.prisma.io/docs/orm/v6/prisma-client/deployment/edge): Learn how to deploy your Prisma ORM-backed apps to edge functions like Cloudflare Workers or Vercel Edge Functions