Deployment
Self-host Carbon on AWS with SST, and run it locally with the crbn CLI.
Carbon deploys to AWS with SST. The two apps — ERP and MES — run as containers on ECS Fargate behind load balancers, defined in sst.config.ts (app carbon, home aws).
What gets provisioned
| Resource | Details |
|---|---|
| VPC + ECS cluster | CarbonVpc2 and CarbonCluster. |
CarbonERPService | 2 vCPU / 4 GB · port 3000 · health check /health · autoscaling 1–10 tasks on CPU and memory. |
CarbonMESService | The same shape, for the MES. |
| WAF web ACL | AppAlbWebAcl — a 1000 requests/IP rate-limit rule plus the AWS managed common rule set. |
Container images are pulled from ECR (carbon/erp and carbon/mes), built and pushed by CI — SST does not build them.
Prerequisites
| Requirement | Details |
|---|---|
| AWS account | With AWS_REGION and AWS_ACCOUNT_ID. |
| ECR images | Pre-built and tagged with IMAGE_TAG. |
| TLS certificates | CERT_ARN_ERP and CERT_ARN_MES; optionally custom domains URL_ERP and URL_MES. |
| Supabase instance | Provisioned out of band, not by SST. Supplies SUPABASE_URL, SUPABASE_DB_URL, the keys, and SUPABASE_JWT_SECRET. |
HEADS UP
The WAF web ACL must be manually associated with the application load balancer after the first deploy — SST creates it but does not attach it.
See Environment variables for the full configuration surface, or Local development to run Carbon locally with the crbn CLI.