Define AWS specific configuration for an entire project or per function.



AWS region ID where the project will be deployed.

  • Defaults to us-west-2


Local AWS profile name to use with this project, as defined in your local AWS configuration.

  • Can also be specified in AWS_PROFILE environment variable
  • Required to deploy to AWS


Lambda runtime, as defined by the lambda-runtimes library.

ℹ️ Local Sandbox support is currently limited to Node.js, Python, and Ruby.

Runtime Versions Example Alias1
Node.js 12.x, 14.x nodejs14.x node nodejs node.js
Python 3.6 - 3.9 python3.9 python py
Ruby 2.7 ruby2.7 ruby rb
.NET 3.1 dotnetcore3.1 dotnet .net
Go 1.x go1.x golang go
Java 8, 8.al2, 11 java11 java
  1. Runtime aliases always default to the latest runtime version; py is effectively python3.9.


Bucket name (in same region) for CloudFormation deployment artifacts.

  • If not specified, a secure deployment bucket will be automatically created


Configure custom Lambda function policies, enabling granular and specific privileges and access controls.

The policies setting takes one or more IAM policy ARNs or AWS-managed policy names (e.g. AmazonDynamoDBFullAccess).

Configuring one or more policies will completely remove all of Architect’s default Lambda privileges. To restore Architect’s default privileges, include a policy named architect-default-policies.

Note: architect-default-policies is an internal Architect framework setting based on the least-privilege permissions specific to your project. It is not a managed / public IAM policy, and will not be found in your AWS console.


Configure Lambda function layers with max 5 Lambda Layer ARNs. Lambda Layers must be in the same region as they are deployed.


API Gateway API type, can be one of:

  • http (default) - HTTP API + Lambda payload format version 2.0
  • httpv2 – aliased of http
  • httpv1 - HTTP API + Lambda payload format version 1.0
  • rest - REST API + original API Gateway payload format


Lambda CPU Architecture of your functions. (Added in Architect 9.1)

  • x86_64 (default) - 64-bit x86 architecture
  • arm64 - (only available in certain AWS regions) 64-bit ARM architecture

Environment Variables

Alternatively, if you want a less granular approach, you can declare your preferred region and profile in your shell config like .bashrc (more information here).

If you have AWS exports in your shell config and @aws specified in your app.arc project, the @aws section will win.


For example, to deploy Ruby to the northern California AWS AZ, with your AWS work profile’s credentials, and specific policies use:

runtime ruby
region us-west-1
profile work
  "aws": {
    "runtime": "ruby",
    "region": "us-west-1",
    "profile": "work"
  runtime: ruby
  region: us-west-1
  profile: work

To deploy to Oregon AWS AZ with your AWS default profile’s credential and a custom Lambda runtime (be sure to set runtime to provided), use:

region us-west-2
profile default
runtime provided
layers arn:aws:lambda:us-west-2:800406105498:layer:nsolid-node-10:6