* update: customize subnets * update: doc * fix: bad constant --------- Co-authored-by: GareArc <chen4851@purude.edu>
Dify Enterprise on AWS
Deploy Dify Enterprise on AWS using CDK.
Components
Testing Deployment
| Component | Helm Chart Value | Count | vCPU | Memory (GB) | Storage (GB) | Notes |
|---|---|---|---|---|---|---|
| S3 | persistence | 1 | ||||
| Redis DB | externalRedis | 1 | 2 | 6.38 | ||
| RDS Postgres DB | externalPostgres | 2 | 2 | 8 | ||
| K8S Worker Node | 1 | 4 | 16 | 100 | ||
| EC2 (for Vector DB) | vectorDB | 1 | 4 | 8 | 100 |
Production Deployment
| Component | Helm Chart Value | Count | vCPU | Memory (GB) | Storage (GB) | Notes |
|---|---|---|---|---|---|---|
| S3 | persistence | 1 | ||||
| Redis DB | externalRedis | 1 | 2 | 12.93 | ||
| RDS Postgres DB | externalPostgres | 1 | 4 | 32 | ||
| K8S Worker Node | 6 | 8 | 32 | 100 | ||
| EC2 (for Vector DB) | vectorDB | 3 | 16 | 64 | 100 |
Deployment
-
Configure AWS CLI:
Install and configure the AWS CLI:
aws configure -
Clone this repository:
git clone https://github.com/langgenius/aws-cdk-for-dify.git -
Install NodeJS Dependencies:
npm install -
Configure environment variables:
cp .env.example .envModify the environment variable values in the
.envfile.ENVIRONMENT: Specifies the deployment environment; must be eithertestorprod.CDK_DEFAULT_REGION: The AWS region where Dify Enterprise will be deployed.CDK_DEFAULT_ACCOUNT: Your AWS account ID.DEPLOY_VPC_ID: The ID of an existing VPC for deployment. If not set, CDK will create one for you.- Subnets Configuration (
DEPLOY_VPC_IDrequired, comma-separated without spaces):EKS_CLUSTER_SUBNETS: Subnet IDs for the EKS control plane. Requires at least 2 subnets in different Availability Zones (AZs).EKS_NODES_SUBNETS: Subnet IDs for the EKS worker nodes. Requires at least 2 subnets in different AZs.REDIS_SUBNETS: Subnet IDs for Redis deployment.RDS_SUBNETS: subnet ids for RDS database. (At least 2 with different AZs)OPENSEARCH_SUBNETS: Subnet IDs for OpenSearch deployment.
AWS_EKS_CHART_REPO_URL: (For AWS China regions ONLY) The AWS EKS Helm chart repository URL.RDS_PUBLIC_ACCESSIBLE: Set totrueto make RDS publicly accessible (NOT RECOMMENDED).
Note:
- If you are using AWS China regions, you must configure the
AWS_EKS_CHART_REPO_URLfor proper functionality. Please contact Dify Team for the URL. - It is recommended to use an existing VPC for easier resource access.
-
CDK Bootstrap:
Initialize the CDK environment:
npm run init -
CDK Deploy:
-
Deploy Dify Enterprise:
npm run deploy
-
-
Update AWS EKS Access Permissions:
- Navigate to the EKS Cluster panel, select the "Access" menu, and click on "Manage access":

- In the "Manage access" dialog, select "EKS API and ConfigMap," then click "Save Changes."
- In the IAM Access Entries panel, click "Create access entry":

- Add your IAM user and assign the following permissions:
AmazonEKSAdminPolicyAmazonEKSAdminViewPolicyAmazonEKSClusterAdminPolicy
- Navigate to the EKS Cluster panel, select the "Access" menu, and click on "Manage access":
-
Configure
kubeconfigto access the Kubernetes (K8S) cluster locally:aws eks update-kubeconfig --region <cn-northwest-1> --name <Dify-Testing-DifyStackTest-EKS>Adjust the
regionandnameparameters according to your deployment:- region: The AWS region where your cluster is deployed.
- name: The EKS cluster name (
Dify-Testing-DifyStackTest-EKSorDify-Production-DifyStackProd-EKS).
-
AWS Load Balancer Configuration
It is recommended to use an AWS Application Load Balancer (ALB) for your ingress configuration in the Helm
values.yamlfile. To enable it, modify theingresssection as follows:ingress: enabled: true className: "alb" annotations: { # Existing annotations ... # Add the following annotations alb.ingress.kubernetes.io/target-type: "ip", alb.ingress.kubernetes.io/scheme: "internet-facing", } -
Initialize Postgres Databases
Before installing Helm charts, you need to create the necessary databases in your RDS instance. These database names should correspond to the values specified in the
externalPostgresfield of the Helmvalues.yamlfile. -
CDK Destroy:
Destroy the deployment for the environment specified in the
.envfile underENVIRONMENT.npm run destroy -
Advanced Configuration
To customize deployment configurations, modify the test.ts file for the testing environment or the prod.ts file for the production environment.
