Nextjs
Reference doc for the `sst.aws.Nextjs` component.
The Nextjs
component lets you deploy Next.js apps on AWS. It uses
OpenNext to build your Next.js app, and transforms the build
output to a format that can be deployed to AWS.
Minimal example
Deploy the Next.js app that’s in the project root.
Change the path
Deploys a Next.js app in the my-next-app/
directory.
Add a custom domain
Set a custom domain for your Next.js app.
Redirect www to apex domain
Redirect www.my-app.com
to my-app.com
.
Link resources
Link resources to your Next.js app. This will grant permissions to the resources and allow you to access it in your app.
You can use the SDK to access the linked resources in your Next.js app.
Constructor
Parameters
-
name
string
-
args?
NextjsArgs
-
opts?
ComponentResourceOptions
NextjsArgs
assets?
Type Input
<
Object
>
Default Object
Configure how the Next.js app assets are uploaded to S3.
By default, this is set to the following. Read more about these options below.
Read more about these options below.
assets.fileOptions?
Type Input
<
Object
[]
>
Specify the Content-Type
and Cache-Control
headers for specific files. This allows
you to override the default behavior for specific files using glob patterns.
Apply Cache-Control
and Content-Type
to all zip files.
Apply Cache-Control
to all CSS and JS files except for CSS files with index-
prefix in the main/
directory.
assets.fileOptions[].cacheControl?
Type string
The Cache-Control
header to apply to the matched files.
assets.fileOptions[].contentType?
Type string
The Content-Type
header to apply to the matched files.
assets.fileOptions[].files
Type string
|
string
[]
A glob pattern or array of glob patterns of files to apply these options to.
assets.fileOptions[].ignore?
Type string
|
string
[]
A glob pattern or array of glob patterns of files to exclude from the ones matched
by the files
glob pattern.
assets.nonVersionedFilesCacheHeader?
Type Input
<
string
>
Default “public,max-age=0,s-maxage=86400,stale-while-revalidate=8640”
The Cache-Control
header used for non-versioned files, like index.html
. This is used by both CloudFront and the browser cache.
The default is set to not cache on browsers, and cache for 1 day on CloudFront.
assets.textEncoding?
Type Input
<
“
utf-8
”
|
“
iso-8859-1
”
|
“
windows-1252
”
|
“
ascii
”
|
“
none
”
>
Default “utf-8”
Character encoding for text based assets, like HTML, CSS, JS. This is
used to set the Content-Type
header when these files are served out.
If set to "none"
, then no charset will be returned in header.
assets.versionedFilesCacheHeader?
Type Input
<
string
>
Default “public,max-age=31536000,immutable”
The Cache-Control
header used for versioned files, like main-1234.css
. This is
used by both CloudFront and the browser cache.
The default max-age
is set to 1 year.
buildCommand?
Type Input
<
string
>
Default “npx —yes open-next@OPEN_NEXT_VERSION build”
The command used internally to build your Next.js app. It uses OpenNext with the openNextVersion
.
If you want to use a custom build
script from your package.json
. This is useful if you have a custom build process or want to use a different version of OpenNext.
OpenNext by default uses the build
script for building next-js app in your package.json
. You can customize the build command in OpenNext configuration.
cachePolicy?
Type Input
<
string
>
Default A new cache policy is created
Configure the Next.js app to use an existing CloudFront cache policy.
By default, a new cache policy is created for it. This allows you to reuse an existing policy instead of creating a new one.
dev?
Type false
|
Object
Configure how this component works in sst dev
.
Instead of deploying your Next.js app, this starts it in dev mode. It’s run
as a separate process in the sst dev
multiplexer. Read more about
sst dev
.
To disable dev mode, pass in false
.
dev.autostart?
Type Input
<
boolean
>
Default true
Configure if you want to automatically start this when sst dev
starts. You can still
start it manually later.
dev.command?
Type Input
<
string
>
Default “npm run dev”
The command that sst dev
runs to start this in dev mode.
dev.directory?
Type Input
<
string
>
Default Uses the path
Change the directory from where the command
is run.
dev.title?
Type Input
<
string
>
The title of the tab in the multiplexer.
dev.url?
Type Input
<
string
>
Default “http://url-unavailable-in-dev.mode”
The url
when this is running in dev mode.
Since this component is not deployed in sst dev
, there is no real URL. But if you are
using this component’s url
or linking to this component’s url
, it can be useful to
have a placeholder URL. It avoids having to handle it being undefined
.
domain?
Type Input
<
string
|
Object
>
Set a custom domain for your Next.js app.
Automatically manages domains hosted on AWS Route 53, Cloudflare, and Vercel. For other
providers, you’ll need to pass in a cert
that validates domain ownership and add the
DNS records.
By default this assumes the domain is hosted on Route 53.
For domains hosted on Cloudflare.
Specify a www.
version of the custom domain.
domain.aliases?
Type Input
<
string
[]
>
Alias domains that should be used. Unlike the redirect
option, this keeps your visitors
on this alias domain.
So if your users visit app2.domain.com
, they will stay on app2.domain.com
in their
browser.
domain.cert?
Type Input
<
string
>
The ARN of an ACM (AWS Certificate Manager) certificate that proves ownership of the domain. By default, a certificate is created and validated automatically.
The certificate will be created in the us-east-1
region as required by AWS CloudFront.
If you are creating your own certificate, you must also create it in us-east-1
.
To manually set up a domain on an unsupported provider, you’ll need to:
- Validate that you own the domain by creating an ACM certificate. You can either validate it by setting a DNS record or by verifying an email sent to the domain owner.
- Once validated, set the certificate ARN as the
cert
and setdns
tofalse
. - Add the DNS records in your provider to point to the CloudFront distribution URL.
domain.dns?
Type Input
<
false
|
sst.aws.dns
|
sst.cloudflare.dns
|
sst.vercel.dns
>
Default sst.aws.dns
The DNS provider to use for the domain. Defaults to the AWS.
Takes an adapter that can create the DNS records on the provider. This can automate validating the domain and setting up the DNS routing.
Supports Route 53, Cloudflare, and Vercel adapters. For other providers, you’ll need
to set dns
to false
and pass in a certificate validating ownership via cert
.
Specify the hosted zone ID for the Route 53 domain.
Use a domain hosted on Cloudflare, needs the Cloudflare provider.
Use a domain hosted on Vercel, needs the Vercel provider.
domain.name
Type Input
<
string
>
The custom domain you want to use.
Can also include subdomains based on the current stage.
domain.redirects?
Type Input
<
string
[]
>
Alternate domains to be used. Visitors to the alternate domains will be redirected to the
main name
.
Use this to create a www.
version of your domain and redirect visitors to the apex domain.
environment?
Type Input
<
Record
<
string
, Input
<
string
>
>
>
Set environment variables in your Next.js app. These are made available:
- In
next build
, they are loaded intoprocess.env
. - Locally while running through
sst dev
.
Recall that in Next.js, you need to prefix your environment variables with NEXT_PUBLIC_
to access these in the browser. Read more here.
imageOptimization?
Type Object
Default {memory: “1024 MB”}
Configure the Lambda function used for image optimization.
imageOptimization.memory?
Type “
${number} MB
”
|
“
${number} GB
”
Default “1536 MB”
The amount of memory allocated to the image optimization function. Takes values between 128 MB and 10240 MB in 1 MB increments.
imageOptimization.staticEtag?
Type boolean
Default false
If set to true, a previously computed image will return 304 Not Modified. This means that image needs to be immutable.
The etag will be computed based on the image href, format and width and the next BUILD_ID.
invalidation?
Type Input
<
false
|
Object
>
Default {paths: “all”, wait: false}
Configure how the CloudFront cache invalidations are handled. This is run after your Next.js app has been deployed.
Turn off invalidations.
Wait for all paths to be invalidated.
invalidation.paths?
Type Input
<
string
[]
|
“
all
”
|
“
versioned
”
>
Default “all”
The paths to invalidate.
You can either pass in an array of glob patterns to invalidate specific files. Or you can use one of these built-in options:
all
: All files will be invalidated when any file changesversioned
: Only versioned files will be invalidated when versioned files change
Invalidate the index.html
and all files under the products/
route. This counts as two invalidations.
invalidation.wait?
Type Input
<
boolean
>
Default false
Configure if sst deploy
should wait for the CloudFront cache invalidation to finish.
Waiting for this process to finish ensures that new content will be available after the deploy finishes. However, this process can sometimes take more than 5 mins.
link?
Type Input
<
any
[]
>
Link resources to your Next.js app. This will:
- Grant the permissions needed to access the resources.
- Allow you to access it in your site using the SDK.
Takes a list of resources to link to the function.
openNextVersion?
Type Input
<
string
>
Default The latest version of OpenNext
Configure the OpenNext version used to build the Next.js app.
By default, this is pinned to the version of OpenNext that was released with the SST version you are using. You can find this in the source under DEFAULT_OPEN_NEXT_VERSION
.
path?
Type Input
<
string
>
Default ”.”
Path to the directory where your Next.js app is located. This path is relative to your sst.config.ts
.
By default this assumes your Next.js app is in the root of your SST app.
If your Next.js app is in a package in your monorepo.
permissions?
Type Input
<
Object
[]
>
Permissions and the resources that the server function in your Next.js app needs to access. These permissions are used to create the function’s IAM role.
Allow reading and writing to an S3 bucket called my-bucket
.
Perform all actions on an S3 bucket called my-bucket
.
Grant permissions to access all resources.
permissions[].actions
Type string
[]
The IAM actions that can be performed.
permissions[].effect?
Type “
allow
”
|
“
deny
”
Default “allow”
Configures whether the permission is allowed or denied.
permissions[].resources
Type Input
<
string
>
[]
The resourcess specified using the IAM ARN format.
server?
Type Object
-
edge?
Input
<
Object
>
-
viewerRequest?
Input
<
Object
>
-
viewerResponse?
Input
<
Object
>
-
Default {architecture: “x86_64”, memory: “1024 MB”}
Configure the Lambda function used for server.
server.architecture?
server.edge?
Type Input
<
Object
>
Configure CloudFront Functions to customize the behavior of HTTP requests and responses at the edge.
server.edge.viewerRequest?
Type Input
<
Object
>
Configure the viewer request function.
The viewer request function can be used to modify incoming requests before they reach your origin server. For example, you can redirect users, rewrite URLs, or add headers.
server.edge.viewerRequest.injection
Type Input
<
string
>
The code to inject into the viewer request function.
By default, a viewer request function is created to:
- Disable CloudFront default URL if custom domain is set.
- Add the
x-forwarded-host
header.
The given code will be injected at the end of this function.
To add a custom header to all requests.
You can use this add basic auth, check out an example.
server.edge.viewerRequest.kvStores?
Type Input
<
Input
<
string
>
[]
>
The KV stores to associate with the viewer request function.
Takes a list of CloudFront KeyValueStore ARNs.
server.edge.viewerResponse?
Type Input
<
Object
>
Configure the viewer response function.
The viewer response function can be used to modify outgoing responses before they are sent to the client. For example, you can add security headers or change the response status code.
server.edge.viewerResponse.injection
Type Input
<
string
>
The code to inject into the viewer response function.
By default, no viewer response function is set. A new function will be created with the provided code.
To add a custom header to all responses.
server.edge.viewerResponse.kvStores?
Type Input
<
Input
<
string
>
[]
>
The KV stores to associate with the viewer response function.
Takes a list of CloudFront KeyValueStore ARNs.
server.install?
Type Input
<
string
[]
>
Dependencies that need to be excluded from the server function package.
Certain npm packages cannot be bundled using esbuild. This allows you to exclude them
from the bundle. Instead they’ll be moved into a node_modules/
directory in the
function package.
This will allow your functions to be able to use these dependencies when deployed. They
just won’t be tree shaken. You however still need to have them in your package.json
.
Esbuild will ignore them while traversing the imports in your code. So these are the package names as seen in the imports. It also works on packages that are not directly imported by your code.
server.layers?
Type Input
<
Input
<
string
>
[]
>
A list of Lambda layer ARNs to add to the server function.
server.memory?
Type Input
<
“
${number} MB
”
|
“
${number} GB
”
>
Default “1024 MB”
The amount of memory allocated to the server function. Takes values between 128 MB and 10240 MB in 1 MB increments.
server.runtime?
Type Input
<
“
nodejs18.x
”
|
“
nodejs20.x
”
|
“
nodejs22.x
”
>
Default “nodejs20.x”
The runtime environment for the server function.
transform?
Type Object
Transform how this component creates its underlying resources.
transform.assets?
Type BucketArgs
|
(
args
:
BucketArgs
,
opts
:
ComponentResourceOptions
,
name
:
string
)
=>
void
Transform the Bucket resource used for uploading the assets.
transform.cdn?
Type CdnArgs
|
(
args
:
CdnArgs
,
opts
:
ComponentResourceOptions
,
name
:
string
)
=>
void
Transform the CloudFront CDN resource.
transform.imageOptimization?
Type FunctionArgs
|
(
args
:
FunctionArgs
,
opts
:
ComponentResourceOptions
,
name
:
string
)
=>
void
Transform the image optimization Function resource.
transform.server?
Type FunctionArgs
|
(
args
:
FunctionArgs
,
opts
:
ComponentResourceOptions
,
name
:
string
)
=>
void
Transform the server Function resource.
vpc?
Type Vpc
|
Input
<
Object
>
Configure the server function in your Next.js app to connect to private subnets in a virtual private cloud or VPC. This allows your app to access private resources.
vpc.privateSubnets
Type Input
<
Input
<
string
>
[]
>
A list of VPC subnet IDs.
vpc.securityGroups
Type Input
<
Input
<
string
>
[]
>
A list of VPC security group IDs.
warm?
Type Input
<
number
>
Default 0
The number of instances of the server function to keep warm. This is useful for cases where you are experiencing long cold starts. The default is to not keep any instances warm.
This works by starting a serverless cron job to make n concurrent requests to the server function every few minutes. Where n is the number of instances to keep warm.
Properties
nodes
Type Object
The underlying resources this component creates.
nodes.assets
Type undefined
|
Bucket
The Amazon S3 Bucket that stores the assets.
nodes.cdn
Type undefined
|
Output
<
Cdn
>
The Amazon CloudFront CDN that serves the app.
nodes.revalidationFunction
Type undefined
|
Output
<
undefined
|
Function
>
The Lambda function that processes the ISR revalidation.
nodes.revalidationQueue
Type undefined
|
Output
<
undefined
|
Queue
>
The Amazon SQS queue that triggers the ISR revalidator.
nodes.revalidationTable
Type undefined
|
Output
<
undefined
|
Table
>
The Amazon DynamoDB table that stores the ISR revalidation data.
nodes.server
Type undefined
|
Output
<
Function
>
The AWS Lambda server function that renders the app.
url
Type Output
<
string
>
The URL of the Next.js app.
If the domain
is set, this is the URL with the custom domain.
Otherwise, it’s the autogenerated CloudFront URL.
SDK
Use the SDK in your runtime to interact with your infrastructure.
Links
This is accessible through the Resource
object in the SDK.
-
url
string
The URL of the Next.js app.
If the
domain
is set, this is the URL with the custom domain. Otherwise, it’s the autogenerated CloudFront URL.