Request-Driven Web Service

List of all available properties for a 'Request-Driven Web Service' manifest.

Sample AWS App Runner manifests
# Deploys a web service accessible at
name: frontend
type: Request-Driven Web Service

  healthcheck: '/_healthcheck'

  build: ./frontend/Dockerfile
  port: 80
cpu: 1024
memory: 2048

  LOG_LEVEL: info
  owner: frontend
  tracing: awsxray
    secretsmanager: 'mysql'

      LOG_LEVEL: debug
# All egress traffic is routed though the environment VPC.
name: frontend
type: Request-Driven Web Service

  build: ./frontend/Dockerfile
  port: 8080
cpu: 1024
memory: 2048

    placement: private
# See
name: refunds
type: Request-Driven Web Service

  build: ./refunds/Dockerfile
  port: 8080

cpu: 1024
memory: 2048

    - name: 'refunds'
    - name: 'orders'
      fifo: true

name String
The name of your service.

type String
The architecture type for your service. A Request-Driven Web Service is an internet-facing service that is deployed on AWS App Runner.

http Map
The http section contains parameters related to the managed load balancer.

http.private Bool or Map Restrict incoming traffic to only your environment. Defaults to false.

http.privateendpoint String The ID of an existing VPC Endpoint to App Runner.

    endpoint: vpce-12345

http.healthcheck String or Map If you specify a string, Copilot interprets it as the path exposed in your container to handle target group health check requests. The default is "/".

  healthcheck: '/'
You can also specify healthcheck as a map:
    path: '/'
    healthy_threshold: 3
    unhealthy_threshold: 2
    interval: 15s
    timeout: 10s

http.healthcheck.path String
The destination that the health check requests are sent to.

http.healthcheck.healthy_threshold Integer
The number of consecutive health check successes required before considering an unhealthy target healthy. The default is 3. Range: 1-20.

http.healthcheck.unhealthy_threshold Integer
The number of consecutive health check failures required before considering a target unhealthy. The default is 3. Range: 1-20.

http.healthcheck.interval Duration
The approximate amount of time, in seconds, between health checks of an individual target. The default is 5s. Range: 1s–20s.

http.healthcheck.timeout Duration
The amount of time, in seconds, during which no response from a target means a failed health check. The default is 2s. Range 1s-20s.

http.alias String
Assign a friendly domain name to your request-driven web services. To learn more see developing/domain.

image Map
The image section contains parameters relating to the Docker build configuration and exposed port. String or Map
If you specify a string, Copilot interprets it as the path to your Dockerfile. It will assume that the dirname of the string you specify should be the build context. The manifest:

  build: path/to/dockerfile
will result in the following call to docker build: $ docker build --file path/to/dockerfile path/to

You can also specify build as a map:

    dockerfile: path/to/dockerfile
    context: context/dir
    target: build-stage
      - image:tag
      key: value
In this case, Copilot will use the context directory you specified and convert the key-value pairs under args to --build-arg overrides. The equivalent docker build call will be: $ docker build --file path/to/dockerfile --target build-stage --cache-from image:tag --build-arg key=value context/dir.

You can omit fields and Copilot will do its best to understand what you mean. For example, if you specify context but not dockerfile, Copilot will run Docker in the context directory and assume that your Dockerfile is named "Dockerfile." If you specify dockerfile but no context, Copilot assumes you want to run Docker in the directory that contains dockerfile.

All paths are relative to your workspace root.

image.location String
Instead of building a container from a Dockerfile, you can specify an existing image name. Mutually exclusive with


Only public images stored in Amazon ECR Public are available with AWS App Runner.

image.port Integer
The port exposed in your Dockerfile. Copilot should parse this value for you from your EXPOSE instruction.

cpu Integer
Number of CPU units reserved for each instance of your service. See the AWS App Runner docs for valid CPU values.

memory Integer
Amount of memory in MiB reserved for each instance of your service. See the AWS App Runner docs for valid memory values.

network Map
The network section contains parameters for connecting the service to AWS resources in the environment's VPC.
By connecting the service to a VPC, you can use service discovery to communicate with other services in your environment, or connect to a database in your VPC such as Amazon Aurora with storage init.

network.vpc Map
Subnets in the VPC to route egress traffic from the service.

network.vpc.placement String
The only valid option today is 'private'. If you prefer the service not to be connected to a VPC, you can remove the network field.

When the placement is 'private', the App Runner service routes egress traffic through the private subnets of the VPC.
If you use a Copilot-generated VPC, Copilot will automatically add NAT Gateways to your environment for internet connectivity. (See pricing.) Alternatively, when running copilot env init, you can import an existing VPC with NAT Gateways, or one with VPC endpoints for isolated workloads. See our custom environment resources page for more.

observability Map
The observability section lets you configure ways to measure your service's current state. Currently, only tracing configuration is supported.

For more details, see the observability page.

observability.tracing String
The vendor to use for tracing. Currently, only awsxray is supported.

command String
Optional. Override the default command in the image.

variables Map
Key-value pairs that represent environment variables that will be passed to your service. Copilot will include a number of environment variables by default for you.

secrets Map
Key-value pairs that represent secret values from AWS Systems Manager Parameter Store or AWS Secrets Manager that will be securely passed to your service as environment variables.

secrets.from_cfn String
The name of a CloudFormation stack export.

publish Map
The publish section allows services to publish messages to one or more SNS topics.

    - name: orderEvents

In the example above, this manifest declares an SNS topic named orderEvents that other worker services deployed to the Copilot environment can subscribe to. An environment variable named COPILOT_SNS_TOPIC_ARNS is injected into your workload as a JSON string.

In JavaScript, you could write:

const {orderEvents} = JSON.parse(process.env.COPILOT_SNS_TOPIC_ARNS)
For more details, see the pub/sub page.

publish.topics Array of topics
List of topic objects.

publish.topics.topic Map
Holds configuration for a single SNS topic. String
Required. The name of the SNS topic. Must contain only upper and lowercase letters, numbers, hyphens, and underscores.

publish.topics.topic.fifo Boolean or Map
FIFO (first in, first out) SNS topic configuration.
If you specify true, Copilot will create the topic with FIFO ordering.

    - name: mytopic
      fifo: true

Alternatively, you can also configure advanced SNS FIFO topic settings.

    - name: mytopic
        content_based_deduplication: true

publish.topics.topic.fifo.content_based_deduplication Boolean
If the message body is guaranteed to be unique for each published message, you can enable content-based deduplication for the SNS FIFO topic.

tags Map
Key-value pairs representing AWS tags that are passed down to your AWS App Runner resources.

count String Specify the name of an existing autoscaling configuration.

count: high-availability/3

environments Map
The environment section lets you override any value in your manifest based on the environment you're in. In the example manifest above, we're overriding the LOG_LEVEL environment variable in our 'test' environment.