@aws

Define AWS specific configuration for an entire project or per function.

Syntax

region

AWS region ID where the project will be deployed.

  • Defaults to us-west-2

profile

Local AWS profile name to use with this project, as defined in your local AWS configuration.

  • Can also be specified in AWS_PROFILE environment variable
  • Required to deploy to AWS

runtime

Lambda runtime, as defined by the lambda-runtimes library.

ℹ️ Local Sandbox support is currently limited to Node.js, Python, and Ruby.

Runtime Versions Example Alias1
Node.js 12.x, 14.x (default), 16.x nodejs16.x node nodejs node.js
Python 3.6 - 3.9 python3.9 python py
Ruby 2.7 ruby2.7 ruby rb
.NET 3.1 dotnetcore3.1 dotnet .net
Go 1.x go1.x golang go
Java 8, 8.al2, 11 java11 java
  1. Runtime aliases always use the default runtime version; py is effectively python3.9.

bucket

Bucket name (in same region) for CloudFormation deployment artifacts.

If not specified, a secure deployment bucket will be automatically created.

policies

Configure custom Lambda function policies, enabling granular and specific privileges and access controls.

The policies setting takes one or more IAM policy ARNs or AWS-managed policy names (e.g. AmazonDynamoDBFullAccess).

Configuring one or more policies will completely remove all of Architect’s default Lambda privileges. To restore Architect’s default privileges, include a policy named architect-default-policies.

Note: architect-default-policies is an internal Architect framework setting based on the least-privilege permissions specific to your project. It is not a managed / public IAM policy, and will not be found in your AWS console.

layers

Configure Lambda function layers with max 5 Lambda Layer ARNs. Lambda Layers must be in the same region as they are deployed.

architecture

Lambda CPU Architecture of your functions.

  • x86_64 (default) - 64-bit x86 architecture
  • arm64 - (only available in certain AWS regions) 64-bit ARM architecture

storage

Lambda ephemeral storage (a “scrath” file system in /tmp for each Lambda). A number between 512 (default) - 10240 in MB.

apigateway

API Gateway API type, can be one of:

  • http (default) - HTTP API + Lambda payload format version 2.0
  • httpv2 – aliased of http
  • httpv1 - HTTP API + Lambda payload format version 1.0
  • rest - REST API + original API Gateway payload format

Environment Variables

Alternatively, if you want a less granular approach, you can declare your preferred region and profile in your shell config like .bashrc (more information here).

If you have AWS exports in your shell config and @aws specified in your app.arc project, the @aws section will win.

Examples

For example, to deploy Ruby to the northern California AWS AZ, with your AWS work profile’s credentials, and specific policies use:

arc
@aws
runtime ruby
region us-west-1
profile work
storage 5000 # in MB
architecture arm64
policies
  S3CrudPolicy
  architect-default-policies
json
{
  "aws": {
    "runtime": "ruby",
    "region": "us-west-1",
    "profile": "work",
    "storage": 5000,
    "architecture": "arm64",
    "policies": [
      "S3CrudPolicy",
      "architect-default-policies"
    ]
  }
}
yaml
---
aws:
  runtime: ruby
  region: us-west-1
  profile: work
  storage: 5000
  architecture: arm64
  policies:
      - S3CrudPolicy
      - architect-default-policies

To deploy to Oregon AWS AZ with your AWS default profile’s credential and a custom Lambda runtime (be sure to set runtime to provided), use:

@aws
region us-west-2
profile default
runtime provided
layers arn:aws:lambda:us-west-2:800406105498:layer:nsolid-node-10:6