AWS target
The aws target deploys to your own AWS account. Every primitive maps to a real, named AWS resource that you can see in the console.
Target string format:
aws:<region>
Examples: aws:us-east-1, aws:eu-west-2.
Setup
Sprintsail uses the standard AWS SDK credential chain. Whatever works for aws sts get-caller-identity works for sail:
- Environment:
AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY/AWS_SESSION_TOKEN - Shared profile:
AWS_PROFILE=... - Instance role (for CI on EC2)
Required IAM permissions (high level): the SDK provisions Lambda, ECS, RDS, S3, SQS, Secrets Manager, IAM (creates execution roles), API Gateway v2, EventBridge Scheduler, CloudWatch Logs, ECR. A development IAM user with AdministratorAccess works. A production deployment role needs the same as a Terraform/CDK role.
What it provisions
| Primitive | Resource | Identifier pattern |
|---|---|---|
| Function | Lambda | <project>-<name> |
| Worker | Lambda + SQS event source mapping | <project>-<name> |
| CronJob | Lambda + EventBridge Scheduler rule | <project>-<name> |
| WebApp | ECS Express Gateway service | <project>-<name> |
| API | Lambda + API Gateway v2 HTTP API | <project>-<name> |
| Database | RDS instance | <project>-<name> |
| Bucket | S3 bucket | <project>-<name>-<account-id> (account suffix avoids global namespace collisions) |
| Queue | SQS queue | <project>-<name> |
| Secret | Secrets Manager secret | <project>/<name> |
State file: .sail/state.aws.<region>.json.
Costs
All resources are created in your AWS account. Sprintsail doesn't sit between you and AWS; bills come from AWS directly. Estimate quickly:
| Primitive | Typical default cost (USD, idle) |
|---|---|
| Function / Worker / CronJob / API (Lambda) | $0 when not invoked. |
| WebApp (ECS Express) | ~$15–30/mo for 0.25 vCPU + 512 MB, 1 task running. |
| Database (RDS) | ~$15/mo for db.t4g.micro, 20 GB gp3 storage. |
| Bucket (S3) | ~$0.023/GB/mo, plus request pricing. |
| Queue (SQS) | $0 idle. $0.40 per million requests. |
| Secret (Secrets Manager) | $0.40 per secret per month. |
Container images
WebApp + Function (Python) builds Docker images locally and pushes to a per-project ECR repository named sprintsail/<project>-<name>. The repository is created automatically on first push.
For function (Node.js), the SDK ships a zip via S3 instead — no ECR.
What's stable, what isn't
All 9 primitives are stable on AWS in v1.0. The sail target capabilities aws output is the source of truth.
The gap today (planned for v1.1):
- Database
migrateData()is a manual stub; youpg_dump/pg_restoreyourself. sail logsis implemented for AWS but not yet for Runtime.