#✅ - Deploying to production account with RDS based schema

I have an amplify gen2 app based on RDS running all fine in our staging account. I want to deploy this now on production, but am failing as the schema.sql.ts defines a vpcConfig that is not found during the build phase as it's the staging environment and thus fails.

I have looked throught documentation regarding the deployment over multiple accounts and read through many other posts but so far to no avail. All I tried is failing, including the re-build of the schema.sql.ts during build phase.

Can I somehow configure the vpcConfig per environment?

I'd appreciate some hints, if this is the right approach or what else I could try.

FYI: I have already setup RDS in production and set SQL_CONNECTION_STRING secret.

what is the exact error it is displaying?
because, I remember once I built without setting the SQL_CONNECTION_STRING as secret and it built successfully, but queries weren't working

That's the output from the build pipeline where I want to recreate the schema.sql.ts for production env:

77
2025-01-23T13:56:09.181Z [WARNING]: ampx generate schema-from-database
78
Generates typescript data schema from a SQL database
79
Stack identifier
80
--stack A stack name that contains an Amplify backend [string]
81
Project identifier
82
--app-id The Amplify App ID of the project [string]
83
--branch A git branch of the Amplify project [string]
84
Schema Generation
85
--out A path to directory where generated schema is wri
86
tten.
87
[string] [default: "amplify/data/schema.sql.ts"]
88
--connection-uri-secret Amplify secret name for the database connection u
89
ri [string] [required]
90
--ssl-cert-secret Amplify secret name for the ssl certificate
91
[string]
92
Options:
93
--debug Print debug logs to the console [boolean] [default: false]
94
--profile An AWS profile name. [string]
95
-h, --help Show help [boolean]
96
2025-01-23T13:56:09.181Z [INFO]: GetSecretsFailedFault: Failed to get secrets. ValidationException: Invalid parameter name. Please use correct syntax for referencing a version/label <name>:<version/label>
97
Cause: {"name":"ValidationException","$fault":"client","$metadata":{"httpStatusCode":400,"requestId":"1d4d674e-a5c8-4d1f-8585-bf4518ed6fa9","attempts":1,"totalRetryDelay":0},"__type":"ValidationException"}

Yet, my question is more general and am wondering if this approach is correct.

Currently schema.sql.ts is based on RDS in staging account.

Now, deploying to production, should I rebuild it during build phase with npx ampx generate schema-from-database --connection-uri-secret $SQL_CONNECTION_STRING --out amplify/data/schema.sql.ts?

This is my build command:

version: 2
backend:
  phases:
    build:
      commands:
        - export SQL_CONNECTION_STRING=$(aws ssm get-parameter --name "/amplify/d1wmoxbhka38py/main-branch-ad28518b8f/SQL_CONNECTION_STRING" --with-decryption --query "Parameter.Value" --output text)
        - echo "SQL_CONNECTION_STRING =$SQL_CONNECTION_STRING"
        - nvm install
        - yarn install --frozen-lockfile
        - npx ampx generate schema-from-database --connection-uri-secret $SQL_CONNECTION_STRING --out amplify/data/schema.sql.ts --branch $AWS_BRANCH --app-id $AWS_APP_ID
        - npx ampx pipeline-deploy --branch $AWS_BRANCH --app-id $AWS_APP_ID
        # - npx ampx generate outputs --branch $AWS_BRANCH --app-id $AWS_APP_ID --format "json" --debug

AWS support:

I understand that you are struggling to deploy your app to the production account and use the corresponding RDS instance due to the VPC configuration differences between staging and production.

Bellow are some potential solutions:

1. VPC Configuration: The issue with the missing VPC configuration in the production account is a common problem when moving between environments. To address this:

• Ensure your production account has the necessary VPC setup.
• Use environment-specific configuration files or environment variables to manage different VPC settings for staging and production.

2. schema.sql.ts Recreation: Recreating schema.sql.ts during deployment is generally not recommended as it can lead to inconsistencies. Instead, consider the following approach:
   - Keep schema.sql.ts in source control, but use it as a base template.
   - Create environment-specific schema files (e.g., schema.staging.sql.ts, schema.production.sql.ts) if there are significant differences between environments.

3. Environment-specific Configurations: To handle different configurations for staging and production:

• Use Amplify's built-in environment management features.
• Create separate environment files (e.g., .env.staging, .env.production) to store environment-specific variables.
• Use these variables in your Amplify configuration files.

4. Deployment Strategy:
   - Use Amplify CLI's multi-environment support to manage deployments to different environments.

• Implement a CI/CD pipeline that selects the appropriate configuration based on the target environment.

5. Best Practices:

• Keep environment-specific configurations separate from your core application code.
• Use feature flags or environment variables to toggle features or configurations between environments.
• Regularly sync your staging and production schemas to minimize drift.
• Implement database migration scripts to handle schema changes between deployments.

Above the AWS Support response, sharing best practices and suggestions, maybe this is helpful to other with similar issues.

✅ - Deploying to production account with RDS based schema