Below is a quick comparison between App Runner, ECS (Elastic Container Service), and EKS (Elastic Kubernetes Service).
App Runner | ECS | EKS | |
|---|---|---|---|
Complexity | Low - fully managed | Medium - requires some configuration | High - steep learning curve |
CI/CD Integration | Built-in (GitHub, ECR support) | Manual setup via pipelines/tools | Manual setup via pipelines/tools |
Scaling | Automatic scaling (up/down) | Manual or with custom config | Requires custom setup (e.g., HPA) |
Use Case Fit | Web apps & APIs | Simple microservices | Complex, large-scale microservices |
Vendor Lock-in | High (AWS-only service) | Medium (ECS APIs are AWS-specific) | Low (based on open-source Kubernetes) |
Ideal Use Cases for AWS App Runner
1. Building a Minimum Viable Product (MVP)
App Runner enables rapid development and testing of MVPs with minimal setup and no infrastructure management, making it well-suited for fast prototyping.
2. Frontend Web Applications
It supports any containerized web application, allowing seamless deployment of modern frameworks such as React, Vue, or Angular.
3. Backend for Frontend (BFF) Architectures
App Runner facilitates the deployment of lightweight, platform-specific backend services, enabling teams to maintain separate APIs for mobile, desktop, or other frontends efficiently.
App Runner Features:
Autoscaling:
You can set a baseline instance with 1 vCPU and 2048 MB of memory, and define minimum and maximum instance counts. App Runner automatically scales up during traffic spikes, maintaining the configured instance specs.
Networking:
Supports both public and private VPCs, enabling your service to be either internet-facing or internal. AWS handles SSL/TLS certificates, so your service URL is HTTPS by default.
Observability:
Built-in integration with AWS CloudWatch provides metrics and logs out of the box. You can also enable distributed tracing using AWS X-Ray for deeper insights.
Security:
Includes Web Application Firewall (WAF) and Access Control Lists (ACL) to protect against common threats like SQL injection and bot attacks, with options for custom rules such as geo-blocking and rate limiting.
CI/CD:
App Runner application source can be either Elastic Container Registry or a remote repository service like GitHub or Bitbucket. It can be set to auto-deploy so it can automatically fetch the newest deployment.
Deploying a Simple Python FastAPI Step by Step:
A simple FastAPI with root and /health path in main.py
from fastapi import FastAPI
import uvicorn
app = FastAPI(title="FastAPI Demo on AWS App Runner")
@app.get("/")
async def root():
"""Root endpoint returning a welcome message."""
return {"message": "Hi from FastAPI running on AWS App Runner!"}
@app.get("/health")
async def health_check():
"""Health check endpoint for AWS App Runner."""
return {"status": "ok"}
if __name__ == "__main__":
uvicorn.run(app, host="0.0.0.0", port=8080)The required modules needed to run FastAPI are listed in requirements.txt. Push both these files to your GitHub repository
fastapi==0.111.0
uvicorn[standard]==0.30.0Select the Source code repository for the source with the provider, which can be either GitHub or Bitbucket. Select Add new to grant access to your source code from the GitHub repository.
A new window will pop up. Log in with your GitHub and grant access to your repository.
Select the GitHub app you just signed in followed by the repository where the source code and branch to use. Set deployment trigger to automatic, this will deploy the latest changes automatically.
For building and running, we can configure it in the AWS console or create a apprunner.yaml file in a github repository. App runner will use the build and start commands from this config file.
For simplicity, I'm going with the first option: Configure all settings here. With Python 3 as runtime
For installing modules, use this in the build command.
pip install -r requirements.txtTo run the fastAPI with expost port on 8080. should be used in the start command
python main.pyThis is the base service, I'm going with the default 1 vCPU and 2GB of Memory.
This is the default scaling with a maximum of 25 instances. To change that, select Create new ASC
This newASC will have a minimum of 1 instance and a maximum of 2 instances, will scale up on 100 concurrent requests.
Change the protocol default from TCP to HTTP for the custom path. I'm using /health for a check.
You can specify the Instance role and other security features.
The service is set to a public endpoint to be accessed publicly, or can be set to private to be accessed only internally.
CloudWatch metrics and logs are turned on by default. We can enable tracing in AWS X-Ray additional cost.
After reviewing it, click create & deploy to deploy your service. It will take approximately 5 minutes for the first time to build and deploy. and can be accessed via the URL under the default domain.
Limitations:
No support for persistent storage or stateful workloads.
Cold starts may cause latency during low or bursty traffic.
Costs can grow quickly at higher traffic volumes.
Tightly integrated with AWS, no multi-cloud support.
Conclusion:
AWS App Runner is a great option for deploying stateless web apps and APIs with minimal setup. It simplifies infrastructure, scales automatically, and is ideal for small teams or projects that need to move fast without managing DevOps.
EzyInfra.dev – Expert DevOps & Infrastructure consulting! We help you set up, optimize, and manage cloud (AWS, GCP) and Kubernetes infrastructure—efficiently and cost-effectively. Need a strategy? Get a free consultation now!
Share this post