This chapter covers AWS Amplify, a development platform that simplifies building full-stack cloud-powered web and mobile applications. For the DVA-C02 exam, Amplify appears in roughly 5-8% of questions, primarily in the Development domain (Objective 1.4: Develop modern applications using AWS services). You will be tested on Amplify's core capabilities: hosting, CI/CD, authentication, API integration, and environment management. Understanding Amplify's architecture and common use cases is critical for scenario-based questions where you must select the most efficient service for rapid full-stack development.
Jump to a section
Imagine you are building a house (your web app). Traditionally, you would hire separate teams: a foundation crew (backend developers) to pour concrete and run plumbing (APIs and databases), a framing crew (frontend developers) to build walls and roof (UI components), and a finishing crew (DevOps) to paint, install fixtures, and connect utilities (deploy and scale). AWS Amplify is like a single general contractor who coordinates all these crews. You provide the blueprints (your source code repository), and Amplify automatically provisions the foundation (AWS AppSync GraphQL API and DynamoDB tables), frames the structure (React/Angular/Vue frontend scaffolding), and finishes the house (hosting with a global CDN, custom domain, and CI/CD pipeline). When you want to add a new feature like user authentication, you tell Amplify, and it automatically installs the wiring (Amazon Cognito user pool) and integrates it with the frontend door lock (auth components). If traffic spikes, Amplify automatically adds more workers (auto-scaling the backend and CDN). Without Amplify, you would need to manually hire each crew, manage their schedules, and ensure compatibility—a complex, error-prone process. Amplify abstracts that orchestration, letting you focus on the design of the house rather than the construction logistics.
What is AWS Amplify?
AWS Amplify is a set of tools and services that enables frontend web and mobile developers to build scalable full-stack applications on AWS without managing infrastructure. It consists of two main components: Amplify Hosting (for hosting static and server-side rendered web apps with a global content delivery network) and Amplify Libraries/UI Components (client-side libraries for interacting with AWS services like authentication, storage, and APIs). The exam focuses on Amplify's ability to accelerate development by providing pre-built integrations and a declarative configuration model.
Why Amplify Exists
Before Amplify, frontend developers needed deep backend and DevOps knowledge to integrate AWS services. They had to manually set up Amazon S3 for hosting, CloudFront for CDN, Cognito for auth, AppSync for GraphQL, and configure CI/CD pipelines. Amplify abstracts these complexities into a unified CLI and console experience, allowing developers to define backend resources using a simple schema (e.g., a GraphQL schema that automatically generates DynamoDB tables and resolvers). The exam tests your ability to identify when Amplify is the right tool: rapid prototyping, MVPs, hackathons, and projects where full-stack development speed outweighs fine-grained control.
How Amplify Works Internally
Amplify operates in two modes: Amplify CLI (local development) and Amplify Console (cloud hosting and CI/CD).
Amplify CLI: You run amplify init in your project directory. This creates a local amplify folder containing configuration files. Commands like amplify add auth scaffold Cognito resources defined in amplify/backend/auth/. When you run amplify push, the CLI synthesizes CloudFormation templates and deploys them to your AWS account. The generated client configuration (e.g., aws-exports.js) is stored locally and imported by your app.
Amplify Console: When you connect a Git repository (GitHub, GitLab, Bitbucket, CodeCommit), Amplify Console automatically detects changes, builds your app (using a specified build image and commands), and deploys to a global network of edge locations (CloudFront + S3). It supports feature branch deployments: each branch gets its own environment (e.g., main → production, dev → development), each with isolated backend resources. The console also provides pull request previews: for each PR, Amplify creates a temporary deployment with a unique URL, allowing testing before merge.
Key Components and Defaults
Amplify Hosting: Default build image is Amazon Linux 2 with Node.js 14, 16, 18, or 20 (configurable). Default build spec is amplify.yml at the repo root. Artifacts are stored in S3 (bucket name like amplify-<appid>-<env>-<random>-deployment) and served via CloudFront with default TTL of 24 hours for static assets.
Amplify Auth: Wraps Amazon Cognito User Pools. Default password policy: minimum 8 characters, requires at least 1 uppercase, 1 lowercase, 1 number, and 1 special character. Multi-factor authentication (MFA) is optional by default.
Amplify API: Supports REST (API Gateway + Lambda) and GraphQL (AppSync). For GraphQL, you define a schema in schema.graphql, and Amplify auto-generates DynamoDB tables, resolvers, and subscriptions. Default DynamoDB table billing mode is PAY_PER_REQUEST.
Amplify Storage: Uses Amazon S3. Default is private access; you can configure public, protected, or private access levels.
Amplify Functions: AWS Lambda functions. Runtime defaults to Node.js 18. Function timeout default is 3 seconds (max 15 minutes). Memory default is 128 MB.
Amplify Environment: Each environment is a separate CloudFormation stack. Environment names must be alphanumeric and up to 10 characters.
Configuration and Verification Commands
amplify configure: Sets up AWS credentials (access key ID and secret access key) on your local machine.
amplify init: Initializes a new Amplify project. Prompts for project name, environment name, and default editor.
amplify add auth: Adds Cognito authentication. Options: default configuration (email as username) or manual (custom attributes).
amplify add api: Adds a REST or GraphQL API. For GraphQL, you provide the schema.
amplify push: Deploys all local backend changes to AWS. You can use amplify push --yes to skip confirmations.
amplify publish: Deploys the frontend to Amplify Hosting.
amplify status: Shows the current state of resources (created, updated, or deleted).
amplify console: Opens the Amplify Console in the browser.
amplify delete: Deletes all Amplify-managed resources for the current environment.
How Amplify Interacts with Related Technologies
Amplify is often compared to the AWS CDK and SAM. While CDK and SAM are infrastructure-as-code tools that require explicit resource definitions, Amplify is higher-level: it generates CloudFormation templates behind the scenes from a declarative schema. For example, a single schema.graphql file can produce an AppSync API, DynamoDB tables, IAM roles, and Lambda resolvers. This abstraction is powerful for rapid development but limits customization. The exam tests this trade-off: if you need fine-grained control over IAM policies or resource configurations, use CDK or SAM; if speed is paramount, use Amplify.
Initialize Amplify project locally
Run `amplify init` in your project root. The CLI prompts for a project name (defaults to directory name), environment name (e.g., 'dev', 'prod'), and default editor. It then creates the `amplify` folder with subdirectories: `backend/`, `hooks/`, and `.config/`. The `.config/project-config.yml` stores environment settings. The CLI also creates a `team-provider-info.json` file (do not commit to Git—it contains sensitive info). This step establishes the connection between your local environment and your AWS account.
Add backend resources (auth, API, storage)
Use `amplify add auth` to add authentication. The CLI asks for default or manual configuration. For default, it creates a Cognito User Pool with email as the sign-in attribute, optional MFA, and a default password policy. For GraphQL API, run `amplify add api`, choose GraphQL, and provide a schema (e.g., `type Todo @model { id: ID! name: String! }`). The `@model` directive auto-generates DynamoDB tables, resolvers, and queries/mutations. For storage, `amplify add storage` creates an S3 bucket with configurable access levels.
Deploy backend to AWS
Run `amplify push`. The CLI synthesizes CloudFormation templates from the local configuration and deploys them. It first checks for IAM permissions (the user must have `amplify:*` permissions). The deployment typically takes 2-5 minutes. After success, a local `aws-exports.js` file is generated containing endpoint URLs, API keys, and Cognito User Pool IDs. This file is imported by your frontend code to configure Amplify libraries.
Connect frontend code to backend
Install the Amplify libraries: `npm install aws-amplify @aws-amplify/ui-react` (for React). In your app's entry point (e.g., `index.js`), import `Amplify` from `aws-amplify` and `aws-exports.js`, then call `Amplify.configure(awsconfig)`. For auth, wrap your app with `withAuthenticator` HOC or use `useAuthenticator` hook. For GraphQL, use `API.graphql` with the generated queries. The libraries handle token refresh, signing requests, and error handling.
Set up CI/CD with Amplify Console
In the AWS Management Console, go to AWS Amplify and choose 'Connect app'. Select your Git provider and repository. Amplify will detect the branch and build settings. You can customize the build image, build commands, and output directory in `amplify.yml`. For example: `version: 1, frontend: phases: preBuild: commands: [npm ci], build: commands: [npm run build], artifacts: baseDirectory: build, files: ['**/*']`. Amplify Console automatically deploys on each push to the connected branch and supports pull request previews.
Manage multiple environments
Create a new environment with `amplify env add` (e.g., `prod`). This clones the current backend configuration and deploys a new set of resources (e.g., a separate Cognito User Pool, DynamoDB tables, S3 bucket). Each environment is isolated. You can switch between environments using `amplify env checkout <env-name>`. In Amplify Console, you can connect multiple branches to different environments (e.g., `main` → `prod`, `develop` → `dev`). This allows separate backend resources for development and production.
Scenario 1: Rapid Prototyping a Mobile App
A startup wants to build a social media app with user profiles, photo uploads, and real-time likes. Using Amplify, they set up authentication (Cognito) in 10 minutes, a GraphQL API (AppSync) with real-time subscriptions in 20 minutes, and S3 storage for photos with public read access. The frontend team uses Amplify UI components to add sign-up/login forms and a photo picker. They deploy to Amplify Hosting with a custom domain (app.example.com) and SSL certificate. The entire prototype is live in one day. Without Amplify, provisioning these services manually would take a week.
Scenario 2: Enterprise Application with Multiple Environments
A large company builds a customer portal. They use Amplify with three environments: dev, staging, and prod. Each environment has its own Cognito User Pool (different user bases), DynamoDB tables (separate data), and S3 buckets. The CI/CD pipeline is configured in Amplify Console: pushes to develop branch deploy to dev, pushes to main deploy to staging, and manual approvals trigger prod. Feature branches create PR previews for testing. The team uses amplify env checkout to test backend changes locally before committing. They also use Amplify Admin UI to manage users and content in the staging environment.
Common Pitfalls
Missing IAM permissions: The IAM user running amplify push must have amplify:* and cloudformation:* permissions. Otherwise, the deployment fails with 'AccessDenied'.
Exceeding resource limits: By default, Amplify creates a single DynamoDB table per model. If a table reaches 10 GB or 10,000 RCUs/WCUs, you may need to use a custom CloudFormation template (by ejecting).
Environment variable leakage: team-provider-info.json contains AWS access keys. Committing this file to Git can expose credentials. Always add it to .gitignore.
Build failures: Incorrect amplify.yml syntax or missing build commands (e.g., npm ci fails if package-lock.json is missing) cause deployment failures. Check build logs in Amplify Console.
DVA-C02 Objective Coverage
The exam tests Amplify under Objective 1.4: Develop modern applications using AWS services. Specific sub-objectives include: 'Use AWS Amplify to develop frontend applications' and 'Integrate AWS services with Amplify Libraries'. Expect 2-3 questions on Amplify, typically scenario-based where you must choose the best service for a given requirement.
Common Wrong Answers
Choosing AWS Elastic Beanstalk instead of Amplify for a static web app: Elastic Beanstalk is for full web applications (e.g., Node.js, Java) with an application server, not for static frontends. Amplify Hosting is designed for static sites (React, Angular, Vue) and server-side rendered apps (Next.js).
Selecting S3 + CloudFront instead of Amplify for a full-stack app: While S3+CloudFront can host static content, they lack backend integration (auth, API, storage) and CI/CD. The exam asks for the 'most efficient' tool; Amplify provides all-in-one.
Proposing AWS CodePipeline + CodeBuild instead of Amplify Console: Amplify Console is a managed CI/CD service specifically for frontend apps. CodePipeline is more generic and requires more configuration. If the app uses Amplify CLI, Amplify Console is the natural CI/CD choice.
Specific Numbers and Terms
Default build image: Amazon Linux 2 with Node.js 14, 16, 18, or 20.
Environment name max length: 10 characters.
Amplify Hosting supports both static and server-side rendering (SSR) apps.
Pull request previews: automatically created for each PR, with a unique URL.
Authentication default: email as username, optional MFA.
Edge Cases
Custom domains: Amplify Hosting supports custom domains with automatic SSL certificate provisioning via ACM. You must verify domain ownership by adding a CNAME record to your DNS provider.
Monorepo support: Amplify Console can deploy apps from monorepos using a root amplify.yml that specifies the app root.
Environment promotion: You cannot directly promote resources from one environment to another; you must redeploy the same code to the new environment.
How to Eliminate Wrong Answers
Focus on the key phrase: 'develop and deploy a full-stack application quickly'. If the question mentions 'rapid prototyping', 'minimal configuration', or 'frontend developer', Amplify is likely the answer. If it mentions 'fine-grained control over IAM policies' or 'custom CloudFormation resources', choose CDK or SAM. If it's only about hosting a static site, S3+CloudFront is simpler. If it's about a backend API only, API Gateway + Lambda may be sufficient.
Amplify is a full-stack development platform that combines hosting, CI/CD, auth, API, and storage.
Use `amplify init` to start, `amplify add <category>` to add resources, and `amplify push` to deploy.
Amplify Console provides automatic deployments from Git branches and pull request previews.
Each Amplify environment is an isolated CloudFormation stack within the same AWS account.
Default auth uses Cognito User Pools with email as username; MFA is optional.
GraphQL API with `@model` directive auto-creates DynamoDB tables, resolvers, and subscriptions.
Amplify Hosting supports static and SSR apps; custom domains with SSL are built-in.
Amplify is not suitable for microservices or scenarios requiring fine-grained IAM control.
These come up on the exam all the time. Here's how to tell them apart.
AWS Amplify
Higher-level abstraction; backend resources auto-generated from schema.
Built-in CI/CD with Amplify Console; automatically builds and deploys.
Pre-built UI components for auth, storage, and API.
Environment management via `amplify env`; isolated stacks.
Best for rapid prototyping and frontend-heavy teams.
AWS CDK + S3/CloudFront
Fine-grained control over all AWS resources via code.
Requires manual setup of CI/CD (CodePipeline, CodeBuild).
No pre-built UI components; you must write integration code.
Environment management via custom stacks or separate accounts.
Best for complex backends with custom IAM policies and resource configurations.
Mistake
Amplify can only host static websites.
Correct
Amplify Hosting also supports server-side rendered (SSR) apps like Next.js, Nuxt.js, and Gatsby (SSR mode). It uses Node.js server functions running on Lambda@Edge for SSR.
Mistake
Amplify creates separate AWS accounts for each environment.
Correct
Environments are separate CloudFormation stacks within the same AWS account. They are isolated but share account-level limits.
Mistake
Amplify CLI requires root AWS credentials.
Correct
You can use an IAM user with appropriate permissions. The CLI prompts for access key ID and secret access key, which can be from an IAM user with `amplify:*` and `cloudformation:*` permissions.
Mistake
Amplify GraphQL API always uses DynamoDB as the data source.
Correct
By default, `@model` directive uses DynamoDB, but you can also connect to existing DynamoDB tables, Lambda functions, or HTTP endpoints using `@key`, `@function`, and `@http` directives.
Mistake
Amplify Console only supports GitHub repositories.
Correct
Amplify Console supports GitHub, GitLab, Bitbucket, AWS CodeCommit, and manual deployment (upload zip).
Reveal each answer, then mark whether you got it right. Score 60%+ to unlock the next chapter.
Amplify Hosting is a managed service that includes CI/CD, custom domains, SSL, and global CDN (CloudFront) out of the box. S3 static website hosting is simpler but requires manual setup of CloudFront, Route53, and CI/CD. Amplify Hosting also supports SSR apps (e.g., Next.js), which S3 cannot. For the exam, choose Amplify Hosting when you need a full deployment pipeline and SSR; choose S3 for simple static sites with no build step.
Run `amplify add auth` and follow the prompts. Choose default configuration for email sign-in. Then run `amplify push` to deploy. In your frontend, install `aws-amplify` and `@aws-amplify/ui-react`, import `Amplify` and `aws-exports.js`, and call `Amplify.configure(awsconfig)`. Use the `withAuthenticator` higher-order component or `useAuthenticator` hook to add login/signup UI. The exam may ask about the default sign-in method (email) and that MFA is optional.
Yes, but you need to use the `@key` directive or manually configure the resource in the backend directory. For example, you can add an existing DynamoDB table by editing the `amplify/backend/api/<api-name>/schema.graphql` to include `@key` with the table name. Alternatively, you can use `amplify import` to import existing resources (not supported for all categories). The exam expects you to know that Amplify typically creates new resources, but you can integrate existing ones with custom configuration.
`amplify.yml` is the build specification file for Amplify Console. It defines the build image, phases (preBuild, build, postBuild), commands, and output artifacts. Example: `version: 1, frontend: phases: preBuild: commands: [npm ci], build: commands: [npm run build], artifacts: baseDirectory: build, files: ['**/*']`. It is located in the root of your repository. The exam may ask how to customize the build process or where to specify build commands.
In Amplify Console, go to App Settings > Domain management. Add a domain (e.g., example.com). Amplify will prompt you to verify ownership by adding a CNAME record to your DNS provider. It then provisions an SSL certificate via ACM (automatic). You can also set up subdomains (e.g., app.example.com). The exam may test that SSL is automatically managed and that you need to add a CNAME record.
When you enable pull request previews in Amplify Console, each pull request automatically triggers a deployment to a temporary URL (e.g., `https://pr-123.d1a2b3c4.amplifyapp.com`). This allows testing changes before merging to the main branch. It is useful for code review and QA. The exam may ask about this feature as a benefit of Amplify Console.
Yes, Amplify Console supports monorepos. In your `amplify.yml`, you can specify the `appRoot` field to point to the subdirectory containing the frontend app. For example: `version: 1, frontend: appRoot: packages/web-app, phases: ...`. The exam may test that you need to set `appRoot` for monorepos.
You've just covered AWS Amplify for Frontend Developers — now see how well it sticks with free DVA-C02 practice questions. Full explanations included, no account needed.
Done with this chapter?