Welcome to the OpenClaw AWS Deployment Guide
Integrate OpenClaw with AWS for seamless, automated operations. Empower teams with real-time collaboration and workflow orchestration in trusted, enterprise-ready environments. Let's dive in.
Video Guide
Prerequisites
Before you get started with the OpenClaw AMI, ensure you have the following prerequisites:
- Basic knowledge of AWS services, including EC2 instances and CloudFormation.
- An active AWS account with appropriate permissions.
- Enough vCPU limit to create an instance (Follow this blog to ensure this).
Launching the AMI
Step 1: Find and Select "OpenClaw" AMI
- Log in to your AWS Management Console.
- Navigate to the 'OpenClaw' in AWS Marketplace.
Step 2: Initial Setup & Configuration
- Click the "Continue to Subscribe" button.
- After subscribing, you will need to accept the terms and conditions. Click on "Accept Terms" to proceed.
- Please wait for a few minutes while the processing takes place. Once it's completed, click on "Continue to Configuration".
- Select the "CloudFormation script to deploy OpenClaw" as the fulfilment option and choose your preferred region on the "Configure this software" page. Afterward, click the "Continue to Launch" button.
- From the "Choose Action" dropdown menu in "Launch this software" page, select "Launch CloudFormation" and click "Launch" button.
Create CloudFormation Stack
Step 1: Create stack
- Ensure the "Template is ready" radio button is selected under "Prepare template".
- Click "Next".
Step 2: Specify stack options
Provide the necessary parameters for your OpenClaw deployment. These settings define how your instance will be configured.
| Parameter | Description |
|---|---|
| Stack name | A unique name for your CloudFormation stack (e.g., my-openclaw-deployment). |
| Admin Email | The email address for generating SSL certificates with Let's Encrypt. |
| AdminUsername | Username for the OpenClaw dashboard. |
| AdminPassword | Password for the OpenClaw dashboard. |
| AmiId | The AMI ID for the OpenClaw instance. Keep as default. |
| DeploymentName | A name for your deployment (e.g., openclaw). |
| DomainName | Your public domain name (e.g., openclaw.yourdomain.com). SSL will be set up automatically if the domain is hosted on Route 53. |
| InstanceType | The EC2 instance type. We recommend t3.large or larger for optimal performance. |
| KeyName | The name of your EC2 key pair for SSH access. |
| OpenclawApiKey | Your OpenClaw API key. |
| OpenclawProvider | The provider for your OpenClaw API key. |
| SSHLocation | The IP address range for SSH access. Defaults to 0.0.0.0/0 (open to all). For better security, restrict this to your IP. |
| SubnetCidrBlock | The CIDR block for the subnet. Defaults to 10.0.0.0/24. |
| VpcCidrBlock | The CIDR block for the VPC. Defaults to 10.0.0.0/16. |
Step 3: Configure stack options
- Choose "Roll back all stack resources" and "Delete all newly created resources" under the "Stack failure options" section.
- Click "Next".
Step 4: Review
- Review and verify the details you've entered.
- Tick the box that says, "I acknowledge that AWS CloudFormation might create IAM resources with custom names".
- Click "Submit".
Afterward, you'll be directed to the CloudFormation stacks page. Please wait for 5-10 minutes until the stack has been successfully created.
Quick Video Guide
Update DNS
Step 1: Copy IP Address
Copy the public IP labeled "PublicIp" in the "Outputs" tab.
Step 2: Update DNS
- Go to AWS Route 53 and navigate to "Hosted Zones". Click on the correct hosted zone.
- From there, click on Create record.
- Add the record name and then paste the copied "PublicIp" into the "value" textbox.
- Click "Save".
Access OpenClaw
You can setup the OpenClaw application through the "DashboardUrl" or "DashboardUrlIp" provided in the "Outputs" tab.
502 Bad Gateway Error?
- Enter the Admin Username and Password you previously entered.
- Then you will be redirected to the dashboard.
- You may also access the dashboard through the domain.
Add Channels
- Create a telegram bot and get the token (Please refer to the official documentations for this).
- Replace the "paste-token-here" with the token.
{
"channels": {
"telegram": {
"enabled": true,
"botToken": "paste-token-here",
"dmPolicy": "pairing",
"groups": {
"*": {
"requireMention": true
}
}
}
}
}- Go to Config in OpenClaw dashboard and select the Raw mode.
- Click on reveal sensitive values.
- Paste the above lines after the "update" part in the JSON file and click on save.
- You have to wait several minutes while the service restarts.
- Now you can configure the AI agent to work with the telegram bot.
Generate SSL Manually
Step 1: Copy IP Address
OpenClaw will automatically try to setup SSL; if unsuccessful, you have to setup SSL manually. Proceed with the instructions outlined in the above "Update DNS" section, if you have not already done so. Copy the Public IP address indicated as "PublicIp" in the "Outputs" tab.
Step 2: Log in to the server
- Open the terminal and go to the directory where your private key is located.
- Paste the following command into your terminal and press Enter:
ssh -i <your key name> ubuntu@<Public IP address>
- Type "yes" and press Enter. This will log you into the server.
Step 3: Generate SSL
Paste the following command into your terminal and press Enter and follow the instructions:
sudo /root/certificate_generate_standalone.shAdmin Email is needed to generate SSL certificates.
Check Server Logs
OpenClaw runs as a systemd user service. Use the commands below to diagnose issues.
1. OpenClaw Gateway Logs
Check the status of the OpenClaw gateway service:
systemctl --user status openclaw-gatewayView live logs (follow mode):
journalctl --user -u openclaw-gateway -fView recent logs (last 100 lines):
journalctl --user -u openclaw-gateway -n 1002. Nginx Logs
Check nginx access and error logs:
sudo tail -f /var/log/nginx/access.log
sudo tail -f /var/log/nginx/error.logIf you see 502 Bad Gateway errors, the OpenClaw gateway is not running. Restart it with the following command:
systemctl --user restart openclaw-gateway3. Channel Logs (Telegram, Discord, etc.)
If you have messaging channels configured, view their logs with:
openclaw channels logs4. Restarting the Service
If the gateway is unresponsive or you have updated the configuration:
systemctl --user restart openclaw-gatewayShutting Down OpenClaw
- Click the link labeled "Instance" in the "Resources" tab to access the EC2 instance; you will be directed to the OpenClaw instance in EC2.
- Select the OpenClaw instance by marking the checkbox and click "Stop instance" from the "Instance state" dropdown. You can restart the instance at your convenience by selecting "Start instance".
Remove OpenClaw
Delete the stack that has been created in the AWS Management Console under 'CloudFormation Stacks' by clicking the 'Delete' button.
Upgrades
When there is an upgrade, we will update the product with a newer version. You can check the product version in AWS Marketplace. If a newer version is available, you can remove the previous version and launch the product again using the newer version. Remember to backup the necessary server data before removing.
Troubleshoot
- If you face the following error, please follow this blog to increase vCPU quota.
- If you face the following error (do not have sufficient <instance_type> capacity...) while creating the stack, try changing the region or try creating the stack at a later time.
- If you face the below error, when you try to access the API dashboard, please wait 5-10 minutes and then try.
- Check whether the instance storage is full.
- Log into the server and run the below command
df -h - If the root volume is between 90-100%, it is better to resize EBS volume. Please follow AWS documentation to increase the EBS volume.
- Log into the server and run the below command
- If you cannot use the chat and face "Incorrect API key provided" error,
- You may have added a wrong/revoked API key
- You may have added the correct API key, but selected the wrong provider
ex: In the above screenshot, I have added a correct "anthropic" API key, but selected "openai" as the provider.
Conclusion
The Meetrix OpenClaw Deployment Guide is your definitive resource for launching OpenClaw on AWS with ease. Designed for developers, DevOps engineers, and IT teams, it provides clear, step-by-step instructions to achieve a secure, scalable, and efficient deployment. OpenClaw is a powerful AI application platform that enables organizations to build, manage, and scale AI-driven workflows and agents. Using this guide, you can unlock OpenClaw's full potential, allowing your team to rapidly deploy AI solutions, streamline operations, and create flexible, production-ready systems that evolve with your needs.
Technical Support
Reach out to Meetrix Support (aws@meetrix.io) for assistance with OpenClaw issues.
Deploy OpenClaw on AWS Today
Launch your OpenClaw instance with Meetrix. Empower your team with autonomous AI agent capabilities, real-time collaboration, and enterprise-ready workflow orchestration.
Get Started on AWS MarketplaceFrequently Asked Questions
Can I use my own domain name with OpenClaw?
Yes, OpenClaw supports custom domain names. The deployment guide provides instructions for configuring DNS records to point to your OpenClaw instance.
Is my OpenClaw data secure on AWS?
Absolutely. When you deploy OpenClaw on your AWS account, you retain full control over your data, network security, and access policies, ensuring a secure environment.
Can I integrate OpenClaw with other services?
Yes, OpenClaw is designed to be a flexible AI agent framework. You can configure various channels and integrations as outlined in the 'Add Channels' section of this guide.
How do I scale my OpenClaw deployment?
OpenClaw deployments on AWS leverage scalable infrastructure. You can adjust your EC2 instance type and other AWS resources to handle varying workloads. For advanced scaling, consider configuring auto-scaling groups.
