AWS Database Blog

Deploy an Ethereum node on Amazon Managed Blockchain

Amazon Managed Blockchain support for managed Ethereum nodes makes it possible to build your own decentralized applications (dapps) without having to worry about maintaining reliable Ethereum nodes for relaying blockchain transactions or querying the state of blockchain data.

The decentralized architecture of the Ethereum network makes it possible to create unstoppable applications that can be accessed in a permissionless fashion by any user with an Ethereum wallet. You gain access to a growing array of innovative dapps that offer goods and services in a decentralized way without any gatekeepers or intermediaries. Decentralized financial services (DeFi) is an area of rapid innovation in this space.

In this post, we walk through setting up and connecting to an Ethereum node with Managed Blockchain.

Set up your node

To set up your own managed Ethereum node, complete the following steps:

  1. On the Managed Blockchain console, choose Join public network.
  2. For Blockchain network, you can deploy your managed node on the Ethereum mainnet or the Ropsten and Rinkeby testnets.
  3. For Blockchain instance type, choose the appropriate instance type depending on the level of load you expect your dapp to experience for read requests. As far as write requests are concerned, given the current global constraints on Ethereum transaction rates, a single node is typically sufficient to sustain the number of modifying transactions your users can send to the network.
  4. For Ethereum node type, choose full node.
  5. Choose an Availability Zone.

You can deploy several nodes in different Availability Zones for high availability, load balancing, and failover. Subsequent blog posts will cover these advanced architectures in more detail.

Your Ethereum node takes approximately 30–60 minutes to deploy. This is the time it takes to copy the current state of the blockchain onto a new volume and synchronize the most recent blocks from the ledger.

Connect to your node

After your node becomes available on the Managed Blockchain console, you can see an endpoint that you can use to access the node using either an HTTPS or WebSocket connection.

To connect to your node, you need to authenticate with the node using the AWS Signature Version 4 signing process. You can do this using the popular web3.js library, along with AWS provider NPM packages for HTTPS and WebSockets.

First, generate a NodeJS project in a new directory. This post assumes that you have Node Version Manager (NVM) installed.

  1. Enter the following code into a bash terminal to initialize your project and install the necessary dependencies:
    nvm install 16
    nvm use 16
    mkdir my-ethereum-dapp && cd my-ethereum-dapp
    cat <<EOT > package.json
    {
      "name": "my-ethereum-dapp",
      "version": "1.0.0",
      "description": "Simple dapp for testing Amazon Managed Blockchain",
      "main": "index.js",
      "scripts": {
        "test": "echo \"Error: no test specified\" && exit 1"
      },
      "author": "Alice B. Coder",
      "license": "ISC",
      "dependencies": {
        "web3": "^1.3.5",
        "@aws/web3-http-provider": "^1.0.1"
      }
    }
    EOT
    npm install

    This installs some dependencies that your dapp needs to be able to connect to your node.

  2. Create a file called index.js, which connects to your node:
    const Web3 = require('web3');
    const AWSHttpProvider = require('@aws/web3-http-provider');
    const endpoint = process.env.AMB_HTTP_ENDPOINT;
    const web3 = new Web3(new AWSHttpProvider(endpoint));
    web3.eth.getNodeInfo().then(console.log);

    You need to create an AWS Identity and Access Management (IAM) user with programmatic access and the AmazonManagedBlockchainFullAccess policy attached to it.

  3. On the IAM console, choose User groups in the navigation pane.
  4. Choose Create group.
  5. For User group name, enter a name (for this post, AMBUsers)
  6. Attach the AmazonManagedBlockchainFullAccess policy to the group by entering blockchain into the search filter and selecting the appropriate policy.
  7. Choose Create group.
  8. Add a user called amb-user.
  9. For Access type, select Programmatic access.
  10. Choose Next.
  11. Add the user to the group you just created.
  12. Choose Next until you get to the review page, then create the user.
  13. Save the AWS access key ID and secret access key credentials for later use.
  14. After you create the user, export the user’s credentials into the environment:
    export AWS_ACCESS_KEY_ID=AFAKEID...
    export AWS_SECRET_ACCESS_KEY=AFakeKey...

    You should only do this in a trusted context that will not be loaded in an environment to which your users have access.

  15. Export your node’s endpoint URL:
    export AMB_HTTP_ENDPOINT=https://nd-<node_id>.ethereum.managedblockchain.us-east-1.amazonaws.com
  16. Connect to your node by running the index.js script:
    node index.js
    Geth/v1.9.24-stable-cc05b050/linux-amd64/go1.15.5

    If the script runs properly, it should print out the version of geth (the official Golang implementation of the Ethereum protocol) that is running on the node.

Conclusion

Congratulations! You successfully connected to your managed Ethereum node. Subsequent blog posts will share more advanced architectural patterns that allow you to balance your dapp requests across several managed nodes and provide your users with a public Ethereum API that can be used to provide anonymous access through popular browser wallet extensions, like Metamask. Please reach out to us with your questions, comments, and feature suggestions.


About the author

Carl Youngblood is a Blockchain Solutions Architect with Amazon Web Services.