This guide will walk you through creating a BYOC app using Docker, Helm, and Terraform, and deploying it to AWS EKS. At the end of this tutorial, you should know how to create a new BYOC deployment offering with your existing application.

All the configuration and component code used in this guide can be found in our Guides repo.


What You Will Create

This tutorial will walk you through creating the following:

Configure App

To configure the app, you will create a TOML config file using our CLI. In each section below we will provide you with configuration snippets for the app itself as well as it’s components.

If you would prefer to use Terraform, see our Terraform Configuration Management guide. We provide Terraform sample code you can use throughout this guide.

Create App

Define the app itself and give it a name. This will create the app in Nuon and generate a config file named nuon.<your-app>.toml. This file will be populated with sample config, which we will update in this guide.

nuon apps create --name=<your-app>


Update the installer config. Installers provide an out-of-the-box installation flow your customers can use to install your app. You will use it later in this guide to create an install yourself.

name               = "My EKS App"
description        = "A demo app that runs on EKS."
documentation_url  = ""
community_url      = ""
github_url         = ""
homepage_url       = ""
demo_url           = ""
logo_url           = ""
og_image_url       = ""
favicon_url        = ""
copyright_markdown = """
© 2024 Nuon.
footer_markdown = """
[Terms of Service](
post_install_markdown = """
# My EKS App

My EKS App is being deployed.
app_ids = ["<your-app-id>"]


Update the sandbox config. The aws-eks sandbox will provide everything you need to run EKS services, from the EKS cluster down to the VPC.

terraform_version = "1.5.4"
directory = "aws-eks"
repo = "nuonco/sandboxes"
branch = "main"


Update the runner config. The aws-eks sandbox requires that we use the aws-eks runner. The runner manages the sandbox, provisioning and deprovisioning AWS resources during deploys.

runner_type = "aws-eks"

Sync App Config to Nuon

You now have a complete Nuon app config. This is a good place to stop and sync it to Nuon.

nuon apps sync --file=nuon.<your-app>.toml

Once the config is synced, select the newly created app using the CLI. This will scope CLI commands to the new app.

nuon apps select

Connect Components

This app consists of three components: one to build the Docker image, one to provision the EKS service, and one to create an HTTPS certificate.

Docker Image

This is a Docker Build component that will build the API and create a Docker image containing it. When released, it will sync the image to each install’s ECR so Helm can pull it when creating pods.

name   = "docker_image"
type = "docker_build"
dockerfile = "Dockerfile"
repo      = "nuonco/guides"
directory = "aws-eks-tutorial/components/docker-image"
branch    = "main"

HTTPS Certificate

This is a Terraform Module component that creates an ACM HTTPS certificate. The Helm chart will use this when creating the ALB.

name   = "certificate"
type = "terraform_module"
terraform_version = "1.5.3"
repo      = "nuonco/guides"
directory = "aws-eks-tutorial/components/certificate"
branch    = "main"
name  = "domain_name"
value = "introspect.{{}}"
name  = "zone_id"
value = "{{.nuon.install.sandbox.outputs.public_domain.zone_id}}"

Helm Chart

This component will create a Helm release in EKS, pulling the Docker image and using it to create a Kubernetes pod. It will also create an ALB to expose the API to the internet.

name   = "helm_chart"
type = "helm_chart"
chart_name = "introspect"
repo      = "nuonco/guides"
directory = "aws-eks-tutorial/components/helm-chart"
branch    = "main"
name  = "image.repository"
value = "{{.nuon.components.docker_image.image.repository.uri}}"
name  = "image.tag"
value = "{{.nuon.components.docker_image.image.tag}}"
name  = "api.nlbs.public_domain_certificate"
value = "{{.nuon.components.certificate.outputs.public_domain_certificate_arn}}"
name  = "api.nlbs.public_domain"
value = "introspect.{{}}"
name  = "app_id"
value = "{{}}"
name  = "org_id"
value = "{{}}"
name  = "install_id"
value = "{{}}"
name  = "vpc_id"
value = "{{}}"

Sync Component Configs to Nuon

Now that you have the components, sync the update config to Nuon.

nuon apps sync --file=nuon.<your-app>.toml

Just like the app, you can use the CLI to verify they were synced successfully.

nuon components list

Initial builds for each component will also have been created. Verify with the CLI that they were successful.

nuon builds list

Create an Install

Creating an install requires two steps: granting access to the AWS account via an IAM role, and then provisioning the install in that account. There are a few ways to do this, but the easiest is to use the installer you configured earlier, via our installer UI template.

You can find the template at Clone that and run it locally following the instructions in the README.

For other approaches, see our guides Install Access Permissions and Create Installs.

Monitor Install Creation

To monitor the install’s status, log into the Dashboard and select your org. You should see a card for the install.

Installs on Dashboard

Click on the card, and use the History to verify that the install is being provisioned. You should see events for the sandbox being provisioned and the components being deployed.

Install Details on Dashboard

Inspect the Install

When the install has provisioned, and the deploys have completed, copy the install ID from the UI and curl the API to verify it’s running.

curl https://api.{install_id}

Wrapping Up and Next Steps

Congratulations, you just deployed an EKS service to AWS! A few suggestions for where to go next:

  • Check out our Release Management guide to learn how to update installs.
  • Dig into our App Configuration guide to learn how to configure more complex apps.
  • Share your installer with a friend and have them install your app in their AWS account.