AWS Managed Resources Reference
By default, Liferay uses several managed services to run background operations when hosting in AWS. These resources facilitate the provisioning and continued use of Liferay DXP in AWS, but are not essential so you can opt out of them. These are the external EKS managed resources included in your Liferay installation:
These resources are not a part of your Liferay subscription and are billed separately by Amazon.
Service Name | Purpose |
---|---|
Amazon CloudWatch | Amazon CloudWatch enables monitoring and observability for logs and JVM metrics. These metrics are usually collected by Prometheus adapter or custom exporters. |
Amazon Elastic Block Store (EBS) | Amazon EBS provides persistent storage for stateful workloads, such as DXP content repositories, Elasticsearch data, or database backups within EKS. |
Amazon Elastic Container Registry (ECR) | Amazon ECR hosts Docker container images for Liferay DXP and its dependencies used in Kubernetes deployment. |
Amazon Elastic Kubernetes Service (EKS) | Amazon EKS hosts and manages Liferay DXP containers, scaling, auto-healing, and orchestration in a Kubernetes-native way. |
Amazon Managed Service for Prometheus (AMP) | AMP collects and stores metrics for Liferay JVM, enabling performance monitoring, alerting, and dashboarding through Amazon Managed Grafana or CloudWatch Metrics. |
Amazon OpenSearch Service | Amazon OpenSearch Service provides full-text search and indexing capabilities for portal content (assets, web content, users, etc.). |
Amazon RDS (PostgreSQL) | Amazon RDS acts as the main relational database for Liferay DXP. It stores portal data, user info, configurations, and object data. |
Amazon Route 53 | Amazon Route 53 is used for service discovery and DNS resolution of internal and external services for cluster communications and tenant routing. |
Amazon S3 | Amazon S3 is used as the file store for Liferay’s documents and media library. It offloads file storage to a durable and scalable object storage. |
AWS Certificate Manager (ACM) | AWS Certificate Manager (ACM) enables secure HTTPS termination at the AWS load balancer layer (ELB/ALB), managing TLS certs without manual renewal. |
AWS Identity and Access Management (IAM) | AWS IAM grants pods scoped permissions to access AWS services like S3, RDS, and OpenSearch using IAM Roles for Service Accounts (IRSA). |
AWS Load Balancer (ELB / ALB) | The AWS Load Balancer manages ingress to Liferay pods, handling traffic routing and termination at the ELB/ALB level. |
AWS Secrets Manager | AWS Secrets Manager securely stores sensitive configuration data (passwords, tokens, access keys) to use in the runtime environment. |
For more information on these resources and their pricing, visit their documentation by clicking the links in the table.