· May 22 6m read

Tutorial: Deploy your dockerized application on AWS

Nowadays, most applications are deployed on public cloud services. It brings many advantages including savings in human and material resources, the ability to grow quickly and cheaply, greater availability, reliability, elastic scalability, and options to improve the protection of digital assets. One of the most popular options is AWS. It allows us to deploy our applications usings virtual machines (EC2 service), Docker containers (ECS service), or Kubernetes (EKS service). The first one, instead of utilizing Docker, employs a virtual machine with Windows or Linux where you can install your server and deploy your application.The second and third options use Docker. However, the last one is a better match for large-scale applications with many Docker instances running with the auto-scale option. The second option (ECS), on the other hand, is the best choice for small and medium-scale applications.This article is going to show you how to use, configure and run Docker applications on AWS using ECS service.

Get a Docker application sample to deploy

For our example, we are going to use a ready Docker application from the InterSystems Open Exchange catalog. To get started, follow the next steps:
1. Make sure you have Git installed.
2. Go to
3. Clone/git pull the repo into any local directory:

git clone

The iris-rest-api-template is a backend application with an IRIS database and an IRIS REST API written in ObjectScript. We will deploy this application on the AWS ECS service.

Get your AWS credentials

To get things rolling, you will need an AWS account and a user with an access key. To get that, take the following steps:
1. Go to and click on the top right button Sign in:


2. If you have an AWS account, just log in with it. If you don't possess any, click the button Create a new AWS account. After completing your profile, log in with your new data.
3. On the top Search field, write IAM (AWS Identity and Access Management tool), and click IAM:


4. On the left menu click Users:


5. Click the button Add users:


6. Fill in the field that appeared with the values mentioned below:

  • User name: iris
  • Put a tick next to Provide user access to the AWS Management Console
  • Choose I want to create an IAM user
  • Select Custom password and enter Iris@2023
  • Uncheck Users must create a new password at next sign-in
  • Click the button Next



7. On Permissions options pick Attach policies directly, select AdministratorAccess, and click the Next button:


8. On Review and Create, click the button Create user on the footer:


9. Click the button Download .csv file to save the new user credentials.
10. Now, on the top Search bar look for IAM and click IAM:


11. On the left menu select Users:


12. Click on the user Iris link:


13. Click the tab Security Credentials:


14. Go to the sub-section Access keys (scroll the screen to find it) and click the button Create access key:


15. Select Command Line Interface (CLI), check I understand the above recommendation and want to proceed to create an access key, and click the button Next:


16. Now, click the button Create access key:


17. Copy your Access key and Secret access key to a file on your computer. Use the button Download .csv file and finally click the button Done:


Install the AWS CLI tool and assign the created user created to it

The AWS CLI tool is used to pull the Docker image to AWS ECR (it is a kind of Docker Hub for AWS Docker images). To install it, do the following:

1. Go to and choose the installation instructions for your computer OS.

2. After installation, if you have not done it yet, take the following steps:
a. On your terminal put:

aws configure

b. Set the Access key created above:


c. Set the Secret key assembled earlier:


d. Do not feel the rest of the values. Just accept the default ones:


Upload your Docker app to the AWS ECR

1. On the AWS console Search field, look for ECR, and select Elastic Container Registry:


2. Click the button Get Started in Create Repository section:


3. On Create Repository, put the following values:

  • Visibility settings: Public
  • Repository Name: iris-repo
  • Click the button Create repository


4. Now you have the repository created. Select iris-repo and click View push commands button:


5. Copy the Repository URI (second column - URI) value and store it in a file. You will need it later on as you go through this article.
6. Execute the 4 commands from the dialog in your terminal inside the folder where you cloned the Git project:


a. First command: log in with the IRIS user:


b. Second command: docker build -t iris-repo .

c. Third command: docker tag iris-repo:latest


d. Last command: docker push


Congratulations! Now, your Docker project is a public Docker image on AWS ECR.

Creating the Docker instance on AWS ECS for your new AWS ECR image

It is time for the last steps. We will create a Docker instance running on AWS at this point. To make that happen, do the following:
1. Go to AWS Console and look for ECS on the top search bar. Then click the link to Elastic Container Service:


2. On the left menu select Clusters:


3. Click the button Create cluster:


4. On Create Cluster, add the value iriscluster to the field Cluster name. Accept the remaining values for the other fields and click the Create button:




5. Wait for a few seconds, and you will have a new cluster listed:

6. On the left menu select Task definitions and go to Create new task definition:


7. On Configure task definition and containers, set the values stated below and click the button Next:

  • Task definition family: iristask
  • Container details - Name: irisrepo
  • Container details - Image URI: URI that you stored in a file when you created the image with ECR. In my case, it is
  • Port Mappings - Container Port: 52773, Protocol: TCP.




8. On Configure environment, storage, monitoring, and tags, change the Memory to 4 GB. Task role should be altered to ecsTaskExecutionRole, and Storage - Amount to 30. For the other parameters, accept the default values and click the button Next:






9. On Review and Create, click the button Create:







10. Click the button Deploy > Run Task on the top:


11. On Create, set the values mentioned below and click the button Create:

  • Existing cluster: iriscluster
  • Compute options: Launch type
  • Application Type: Task

12. Expand the section Networking and pick:

  • Security Group: select Create a new security group
  • Security group name: irissec
  • Security group description: irissec
  • Inbound rules - Type: Custom TCP, Port Range: 52773






13. Wait for some time for the creation status (click the button  to check the current status):


14. When the status turns to "Running", click the Task link:


15. Copy the public IP:


16. Open your browser and type (in my case it is
http://<public ip>:52773/csp/sys/%25CSP.Portal.Home.zen
17. The IRIS Management Portal (with user _SYSTEM and password SYS) is active now, and the REST services for the app are functioning as well (Basic Authentication with _SYSTEM and SYS):




You made it! You have your IRIS on AWS now. REMEMBER TO STOP THE TASK, NOT TO BE BILLED. To do that, click the Stop button:

Enjoy it!

Discussion (11)2
Log in or sign up to continue

And thanks again! I went through all the steps and it's working fine!

BTW, @Yuri Marx , the part for creating registry, building and pushing docker image into it could be omitted by using Github Registry.

Github provides a free of charge registry for public images. Everyone can create a public image automatically just by adding one workflow file into the repository, .e.g. this one. And this action builds and publishes x86 image to Github Registry in a form: for iris-rest-api-template repository the image is:

So with AWS we can start from cluster creation and use this image in a task.

Tested it now - works fine!

At this point I would highly recommend just writing a cfn template, rather than clicking through 30 screens.

Great article though.


  1. Split cluster and service/task creations into separate stacks.
  2. By default your cluster would have FARGATE and FARGATE_SPOT capacity providers, but if you use Launch type compute configuration you'll only get Fargate On-Demand. To use Spot you need to use Capacity provider strategy compute configuration and specify Spot.