Releases · localstack/localstack

@MEPalma

Summary

LocalStack 4.4 introduces the Amazon Verified Permissions provider, a native RDS provider for better AWS parity, and a container-based Glue job executor. The release also includes Step Functions service integration mocking, expanded IAM features with service-specific credential APIs and condition keys, and updates to KMS, EMR Serverless, CloudFront Lambda@Edge, and Application Auto Scaling services.

AWS Features

LocalStack now supports Amazon Verified Permissions (AVP) for managing fine-grained access using Cedar policies. You can test authorization logic locally and integrate with services like Cognito. Refer to our documentation to learn more. (🌟 enterprise)
LocalStack now supports AWS Step Functions Local with mocked and emulated service integrations. It works with existing setups and includes support for JSONata, Variables, and mocked task states. Refer to our documentation to learn more.
LocalStack now uses a new native RDS provider by default for better AWS parity. It adds support for advanced features like parameter groups, snapshots, IAM auth, proxies, and Neptune compatibility. (🌟 pro)
LocalStack now runs Glue jobs in Docker using the aws-glue-libs image for better parity, faster startup, and isolated execution. Set GLUE_JOB_EXECUTOR=docker and GLUE_JOB_EXECUTOR_PROVIDER=v2 to enable it. (🌟 pro)
Ruby 3.4 Lambda runtime is now supported in LocalStack.

Enhancements

LocalStack now supports IAM service-specific credential APIs with full CRUD operations. Supported APIs include create, list, update, reset, and delete for service-specific credentials.
LocalStack now supports additional IAM condition keys for fine-grained access control in policies. New keys include iam:PermissionBoundary, aws:RequestTag, sts:ExternalId, aws:username, and others.
KMS provider now includes the following enhancements:
- Enables custom_key_material usage for Elliptic Curve Cryptography (ECC) keys in the KMS service.
- Adds ability to decrypt data encrypted before a key rotation event by preserving the history of key material during RotateKeyOnDemand, maintaining access to all rotated KMS keys.
- Improves KMS PSS signature generation by aligning salt length with RFC 4055, increasing compatibility with external cryptographic libraries.
- Adds support for the dry_run parameter in the GenerateDataKeyPair and GenerateDataKeyPairWithoutPlaintext APIs.
EMR Serverless provider now includes the following enhancements: (🌟 pro)
- EMR Serverless jobs now accept program arguments when running scripts, allowing reuse of functionality and parameterized execution.
- Logs from EMR Serverless jobs are now sent to CloudWatch for better visibility into job execution and easier debugging of failures.
Cloudfront Lambda@Edge feature now includes the following enhancements: (🌟 pro)
- Added support for the IncludeBody parameter.
- Added validations for supported Python and Node.js runtimes.
LocalStack now supports tagging for Application Auto Scaling resources. Supported APIs include TagResource, UntagResource, and ListTagsForResource. (🌟 pro)
LocalStack now runs Apache Flink's JobManager and TaskManager in separate containers to better emulate AWS behavior. Previously, both ran in a single container with a shared filesystem. (🌟 pro)
Support for IAM transitive session tagging is now available. Tags marked as transitive on IAM sessions now propagate correctly and can be used for IAM policy enforcement.
Improvements to AppSync VTL template $utils helpers now include better support for $util.error and added support for $util.appendError. (🌟 pro)
Support for record filtering for MSK & Self-Managed Kafka Event Source Mappings. (🌟 pro)
Support for ListStateMachineAliases pagination is now available in Step Functions. This includes handling of the --next-token and --max-results parameters to paginate results when listing aliases for a state machine.
Implemented automatic registration of ECS tasks with AWS Cloud Map service discovery. Container IP addresses are now correctly registered in the service registry, enabling accurate service discovery and proper task-to-task communication. (🌟 pro)
Support for SES email confirmation from user pools is now available. User pools can now send confirmation emails to new users via SES automatically upon user creation. (🌟 pro)
Enhanced DeleteRepository operation in ECR to correctly honor the --force flag. When --force is specified, repositories containing images can now be deleted without requiring individual image deletion. (🌟 pro)
Enhanced CreateComputeEnvironment API in AWS Batch to automatically create an AWSBatchServiceRole if none is provided. This improves parity with AWS by matching the default behavior where the role is auto-created if not explicitly specified. (🌟 pro)
Enhanced domain name handling to properly normalize escaped character sequences in DNS names. This improves AWS parity by ensuring that all Route 53 encoded domain names are correctly processed before being passed to the DNS server.
Enhanced the OAuth2 authorization flow to generate unique state and code values for each login attempt. This improves CSRF protection for existing users and ensures compliance with OAuth2 specifications. (🌟 pro)
Deleting a FIFO message with an expired receipt handle now raises an error to achieve better parity with AWS.
Added X-Ray trace ID propagation from EventBridge to target services (Lambda and API Gateway), enabling end-to-end request tracing. This also ensures compatibility with existing trace header encoding.
Implemented support for USER_AUTH authentication flow type in Cognito, enabling SMS_OTP, PASSWORD, and PASSWORD_SRP challenge handling to match AWS behavior. (🌟 pro)

LocalStack Features

Replication support for AWS::Route53::HostedZone is now available for the AWS Replicator tool. (🌟 teams)
The --profile flag can now be used anywhere in the CLI command, not just at the top level, improving compatibility with custom tooling.

Deprecations

Older Glue versions (0.9, 1.0, 2.0) are now deprecated.
RDS state created in version 4.3 or earlier using Cloud Pods or standard persistence will not be compatible with the new RDS provider introduced in version 4.4. Recreating the RDS state is recommended for compatibility. (🌟 pro)

What's Changed

Exciting New Features 🎉

CloudFormation: [POC] Support Update Graph Modeling of Mappings and FindInMap by @MEPalma in #12432
CloudFormation: POC Support for Modeling of Outputs Blocks in the Update Graph, Improved Handling of Intrinsic Function Types by @MEPalma in #12443
Lambda: Added Ruby 3.4 Runtime by @anisaoshafi in #12458
Fix(#12318): Fixes a bug in evaluation of JSONPath for wildcard and s… by @marcodallasanta in #12366
CFn: WIP POC v2 executor by @simonrw in #12396
Step Functions: Migrate v2 Test Suite to no_retry aws_client Fixture by @MEPalma in #12461
Reapply reduce requests necessary for log publishing from lambda to cloudwatch logs by @dfangl in #12470
KMS: fix RSA PSS signing issue for salt length by @sannya-singal in #12467
[ESM] Re-initialize shards when NextShardIterator value is empty by @gregfurman in #12483
KMS: add ability to decrypt data with all rotated keys by @sannya-singal ...

@viren-nadkarni

Summary

LocalStack 4.3 is packed with major enhancements! We’ve introduced experimental support for CloudFront Lambda@Edge, added new languages and improved models in Transcribe, and switched Flink to application mode for better AWS parity. Step Functions, SQS, IAM, KMS, and Timestream received significant feature upgrades, and the Web Application now supports stack outputs and graph rendering for Step Functions.

AWS Features

Experimental support for AWS CloudFront Lambda@Edge emulation, which can be enabled by setting CLOUDFRONT_LAMBDA_EDGE=1 in your LocalStack configuration. Learn more about the current features & limitations in our documentation. (🌟 pro)

Enhancements

Support for resource tagging in the EKS provider. (🌟 pro)
Expanded language support in the Transcribe provider with the addition of Catalan, Czech, Gujarati, Kazakh, Korean, Polish, Telugu, Uzbek, and Ukrainian. Additionally, updated language models are now used for Chinese, Farsi, Spanish, Italian, Russian, and Vietnamese, improving transcription accuracy across these languages.
Managed Service for Apache Flink (MSF) now runs in application mode instead of the previous session mode for a better parity with how Flink clusters run on AWS. (🌟 pro)
Step Functions nested MapRun execution now works correctly by making map run components stateless and ensuring proper worker creation for all nested map runs.
Support for AWS Step Functions aliasing features are now available.
Step Functions interpreter now supports JSONata object templates as ItemSelector declaration bodies, ensuring correct evaluation in both JSONPath and JSONata modes.
SQS Messages with an empty body are now rejected, ensuring that only valid messages are processed.
Support for pagination in SQS ListQueues API, implementing MaxResults parameter functionality and NextToken generation.
Basic CRUD functionality for IAM service-specific credentials is now supported.
Service-linked role naming to match AWS pattern (AWSServiceRoleFor<service>) has been improved with added proper policy attachment for greater parity with AWS.
LocalStack’s Event Source Mapping (ESM) implementation now validates the existence of different event source resources.
LocalStack now supports on-demand key rotation for KMS symmetric keys without imported key material, allowing up to 10 rotations per key that don’t affect automatic rotation schedules.
Support for EKS_K3S_FLAGS configuration variable to customize the k3s cluster created by LocalStack to emulate EKS clusters. (🌟 pro)
Support for ListTagsForResource API in the SSO Admin provider. (🌟 pro)
Support for filters in the DescribeInstanceInformation API in the SSM provider.
Support for AppSync Lambda data source batch processing is now available to reduce cold starts by combining queries based on batch size or time window. (🌟 pro)
Support for schema enforcement to the Timestream provider in LocalStack, requiring dimensions marked as REQUIRED for record insertion. Records will be rejected if they’re missing required dimension keys, ensuring compliance with Timestream schema rules. (🌟 pro)
Support for batching of records in Stream Pollers (DynamoDB Streams/Kinesis) based on BatchSize and MaximumBatchingWindowInSeconds.

LocalStack Features

You can now view the stack outputs in the CloudFormation Resource Browser. This feature allows you to view the outputs of a stack in the LocalStack Web Application.
Step Functions Resource Browser now supports rendering graphs with auto-layouting along with improved StateFunction parsing, and has replaced the previous mermaid renderer.
Replication support for AWS::ECR::Repository is now available for the AWS Replicator tool. (🌟 teams)

What's Changed

Exciting New Features 🎉

TaggingService: Allow key value field names to be overridden by @viren-nadkarni in #12306
Add structured metrics instrumentation by @vittoriopolverino in #12230
[ESM] Validate event sources existence by @eLRuLL in #12297
Step Functions: Improve Nested Map Run Stability by @MEPalma in #12343
[ESM] Correctly enable exponential backoff inside stream poller by @gregfurman in #12312
Step Functions: Support for Aliasing by @MEPalma in #12326
Fix Invalid noqa Usage in Step Functions TestState Preprocessor by @MEPalma in #12368
Cloud Formation: [POC] Modeling Stack Operations and Evaluating ChangeSet Descriptions by @MEPalma in #12355
CFn updates: create new v2 provider for new engine by @simonrw in #12375
Implement IAM service specific credentials CRUD by @dfangl in #12351
Transcribe: New language models by @viren-nadkarni in #12336
KMS: on-demand key rotation by @agseco in #12342
Step Functions: Allow JSONata Object Templates in ItemSelector Declarations by @MEPalma in #12327
Match IAM service linked role naming with AWS by @dfangl in #12387
cleanup ServiceNameParser rules by @bentsku in #12358
Step Functions: Lazy Initialization of JVM for JSONata Evaluation by @MEPalma in #12369
Step Functions: Migrate Usage Metrics to New Counter Standards by @MEPalma in #12389
Cloud Formation: [POC] Update Graph with Template Traversal & Intrinsic Function Resolution by @MEPalma in #12378
[ESM] Add configurable poll frequency and log shard info by @gregfurman in #12415
Cloud Formation: [POC] Scoping Mechanism, Base Support for Parameters, Dynamic Parameters, Conditions, Intrinsic Functions, and Type Divergence by @MEPalma in #12405
[Utils] Add a batch policy utility by @gregfurman in #12430
[ESM] Support Stream Poller batching by @gregfurman in #12437
CloudFormation: Fix LoggingConfiguration Parameter Handling in StepFunctions Resource Provider by @MEPalma in #12433

Other Changes

Add Lambda@Edge service principal by @joe4dev in #12313
Util: support building in place for ECR docker images by @simonrw in #11806
Add CodeStarConnections to the client types by @giograno in #12308
Fix vulnerabilities in lambda runtime init by @dfangl in #12316
[ESM] Fix flaky SQS ReportBatchItemFailures test with proper visiblity timeouts by @gregfurman in #12323
[ESM] Fix constantly triggering SQS back-off by @gregfurman in #12319
Skip flaky Kinesis Lambda test by @joe4dev in #12328
APIGW: add validation for AWS ARN in PutIntegration by @bentsku in #12324
[ESM] Fix validation of StartingPosition streams parameter by @gregfurman in #12329
CFn: populate APIGW regional* properties by @simonrw in #12320
ESM: fix CreateESM SQS validation by @bentsku in #12338
fix kms api call response on method get-key-rotation-status by @pureiboi in #12103
add service catalog cache loading from static var by @alexrashed in #12314
add build time service catalog cache generation to s3 image by @alexrashed in #12341
fix flaky transcribe tests by @sannya-singal in #12262
Makes docker healthcheck more robust by @crystalin in #12344
migrate healthcheck enhancements to S3 image by @alexrashed in #12347
move parse_service_name after serve_edge_router_rules by @bentsku in #11800
remove APIGW CORS handler and update global CORS logic by @bentsku in https://github.com/local...

@bentsku

Summary

LocalStack 4.2 is here! This release brings powerful new features and enhancements, including support for AWS Shield, IAM enforcement for Neptune Gremlin queries, and PostgreSQL as a source in DMS. The Bedrock provider now allows on-demand model switching and preloading multiple models at startup. Additionally, we introduce a new AWS Replicator tool to seamlessly copy AWS resources into LocalStack and enhance Cloud Pods with auto-loading from registered remotes. Other improvements span Step Functions, EKS ELB, MWAA, API Gateway, and Apache Flink, making local cloud development even more robust! 🚀

AWS Features

LocalStack now supports AWS Shield, which allows you to create, read, update, and delete Shield protections and subscriptions in your local environment with a mock provider. (🌟 pro)

Enhancements

Neptune will now enforce IAM permission over data for Gremlin queries. When creating a cluster with IAMDatabaseAuthenticationEnabled set to true, your Gremlin queries will need to be signed to perform READ, WRITE, and/or DELETE operations. This only affects users using ENFORCE_IAM and IAM_SOFT_MODE configuration variables. (🌟 pro)
ELB listeners now support any port matching the GATEWAY_LISTEN configuration variable instead of only the first port. (🌟 pro)
You can now use the MWAA_DOCKER_FLAGS configuration variable while starting the LocalStack container to pass extra flags when starting an Airflow container with MWAA. (🌟 pro)
Managed Service for Apache Flink now supports forwarding application logs created with Log4j or SLF4J to CloudWatch Logs. (🌟 pro)
Step Functions provider now features optimized service integration for Glue.
Step Functions interpreter now validates unsupported API actions in optimized service integrations at creation time instead of only at runtime. It also adds logging for missing request/return types and reports errors for unsupported service tasks.
LocalStack now supports PostgreSQL as a source in the Database Migration Service (DMS) provider. (🌟 enterprise)
The Bedrock provider now supports on-demand model switching by specifying a model ID prefixed with ollama. for each request. (🌟 enterprise)
The Bedrock provider now supports pulling multiple models on LocalStack startup with a new BEDROCK_PULL_MODELS configuration option. This option allows you to specify a comma-separated list of model IDs to pull from the Ollama models library on startup. (🌟 enterprise)
Ollama logs from the Bedrock provider are now streamed directly to LocalStack logs. (🌟 enterprise)
EKS now supports Kubernetes versions 1.31 and 1.32. The default version is set to 1.31, in parity with the latest supported version in AWS. (🌟 pro)
LocalStack now supports Binary media for API Gateway REST APIs, allowing payloads to be passed as-is, converted to UTF-8, or base64 encoded/decoded.

LocalStack Features

LocalStack now offers a new AWS Replicator tool that copies AWS resources into a running LocalStack instance. It helps when deploying applications that rely on existing resources like SSM parameters or VPCs, ensuring they are available before deploying the main stack. Read more about this in our documentation. (🌟 teams)
LocalStack now supports auto-loading Cloud Pods from registered remotes. (🌟 teams)

What's Changed

Exciting New Features 🎉

APIGW: binary support for non-proxy integration by @bentsku in #12215
Step Functions: Improve Logging and Error Detection for Unsupported Service Integrations by @MEPalma in #12223
[SQS] Add custom header for overriding WaitTimeSeconds by @gregfurman in #12172
Step Functions: Add Supported Integrations For Glue by @MEPalma in #12248
Update README.md by @hassansuhaib in #12242
add read method to IAM::Role resource provider by @pinzon in #12180
[Utils] Create exponential backoff utility class by @gregfurman in #12264
[ESM] Add backoff between Stream Poller retries by @gregfurman in #12281
Logging mask credentials by @cloutierMat in #12292
fix SNS FIFO ordering by @bentsku in #12285
[ESM] Improve SQS batch collection and flushing by @gregfurman in #12002
[ESM] Add backoff between poll events calls by @gregfurman in #12304

Other Changes

Fix kubernetes dev run script by @dfangl in #12229
[ESM] Dynamically set SQS message override count by @gregfurman in #12233
add product and edition to session analytics by @ackdav in #12198
[ESM] Provide SqsPoller with default parameters by @gregfurman in #12240
[SQS] Cancel pending and future tasks on shutdown by @gregfurman in #12228
Add fixture for creating an IAM role and attaching existing policy by @viren-nadkarni in #12251
[SQS] Improve shutdown capabilities of SqsProvider by @gregfurman in #12252
skip flaky transcribe tests by @alexrashed in #12260
fix ListObjectVersions pagination when version id marker is deleted by @bentsku in #12259
fix ListObjectVersions pagination comparison by @bentsku in #12270
[Events] Skip flaky test against SQS target by @gregfurman in #12273
fix readme run integration individual tests cmd by @alvertogit in #12113
Bump moto-ext to 5.0.28.post6 by @viren-nadkarni in #12245
Lamba: fix unhandled error when SubnetIds is invalid by @bentsku in #12293
APIGW: fix AWS_PROXY payload with Custom Domains by @bentsku in #12296
ElasticSearch: Fix missing JRE in 5.x and 6.x by @viren-nadkarni in #12286
Add test for EBS volume creation without size by @nik-localstack in #12227
Fix failing lambda error reporting test by @dfangl in #12300
refactoring of removal of AWS::NoValue in reference list for CFn by @pinzon in #12288
[ESM] Remove warning when worker shutdown is graceful by @gregfurman in #12307

New Contributors

@hassansuhaib made their first contribution in #12242
@nik-localstack made their first contribution in #12227

Full Changelog: v4.1.1...v4.2.0

@MEPalma

What's Changed

Step Functions: Extended Support for Escape Sequences in String Literals by @MEPalma in #12222
add 4.1 blog to README by @HarshCasper in #12208
raise validationException if resource does not exist in CFn by @pinzon in #12202
Add info about how to enable type hints for testing to dev setup guide by @tiurin in #12211
Add codebuild, codedeploy, and codepipeline to the client types by @giograno in #12209
Update CODEOWNERS by @localstack-bot in #12219
Bump moto-ext to 5.0.28.post1 by @k-a-il in #12213
Changed: adjust validation for scheduler expression by @anisaoshafi in #12220
S3: implement TransitionDefaultMinimumObjectSize for Lifecycle Configuration by @bentsku in #12212
APIGW: add Binary Media support for response in AWS_PROXY by @bentsku in #12199
restructure unit tests by @bentsku in #12221
[SQS] Stop blocking Queue.get() call on LocalStack shutdown by @gregfurman in #12214
Update README CLI output by @gtsiolis in #12225
DynamoDB: disable Scalable Vectors Extensions on arm64 by @tiurin in #12226

Full Changelog: v4.1.0...v4.1.1

Summary

LocalStack 4.1 delivers major enhancements to its local AWS emulation platform, featuring a new Managed Service for Apache Flink provider, improved Step Functions capabilities with Variables and JSONata transformations, and a preview release of the LocalStack SDK for Java. The update includes significant improvements to existing services, such as composite alarm support in CloudWatch and a Python-based Event Rule engine. Other enhancements revolve around services like Glue, S3, and the Web Application, with new Web Application features and a RedShift Resource Browser.

AWS Features

Support for Managed Service for Apache Flink (MSAF) is now available to run Flink applications locally with several AWS-compatible API operations. This service was previously known as Kinesis Data Analytics v2. (🌟 pro)
LocalStack now supports AWS Step Functions Workflow Variables and JSONata transformations, enabling local emulation of enhanced state management and data transformations.
LocalStack now provides basic support for CloudWatch composite alarms, allowing alarm storage and limited evaluation with OR logic, ARN-based references, and SNS notifications.

Enhancements

LocalStack now uses a Python-based Event Rule engine for event pattern matching in EventBridge, Pipes, and Lambda Event Source Mapping, replacing the Java-based AWS event ruler.
LocalStack’s CloudFormation provider now includes these enhancements:
- Added support for the CREATE, and DELETE operations on the AWS::MWAA::Environment, AWS::KinesisAnalyticsV2::Application, and AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption resource type. (🌟 pro)
- Support for the NoEcho attribute in CloudFormation parameters was included to improve parity.
- Improved error messages on template parse or deploy failures.
LocalStack’s Step Functions provider now includes the following enhancements:
- Step Functions interpreter now correctly parses Comment fields within choice rule composite statements (And/Or/Not), matching existing preprocessor behavior.
- Step Functions interpreter now correctly parses and evaluates ContextObject path bindings in ErrorPath and CausePath fields, resolving parse errors.
- Step Functions interpreter now supports cross-account task invocations via Credentials blocks. We have also enhanced sync callback handling for optimized service integrations to prevent States.Runtime exceptions.
- Step Functions interpreter now correctly handles Output blocks in choice rules and properly processes Output/Assign blocks sequentially.
- Improved request encoding in Step Functions for better handling of parameters when using Boto.
- Fixed nested Map state execution in Step Functions to process multiple levels correctly.
- Corrected retrieval of State Machine definitions in CloudFormation during stack updates.
- Ensured Step Functions use State Machine role credentials for service integrations.
- Step Functions now provides clearer error messages for JSONPath operations.
- Improved handling of ItemsPath in Distributed Map states.
- Enhanced timestamp validation in Step Functions.
- Allowed AWS-SDK integrations to retain specific error names for better error handling.
- Fixed parsing of version tokens in Step Functions to prevent conflicts.
LocalStack’s Glue provider now includes the following enhancements: (🌟 pro)
- Support for Glue 5.0 along with the appropriate versioned JAR files.
- Support for Snowflake drivers in Glue jobs.
- Support for the -extra-jars option in AWS Glue within LocalStack. This option allows users to specify additional JAR files that can be included during Glue job execution. These JAR files can be used to extend the functionality of Glue jobs by providing custom libraries or dependencies.
LocalStack’s S3 provider now includes the following enhancements:
- S3 PutObject operations now support the CRC64NVME checksum algorithm and include ChecksumType field, for enhanced data integrity features as released by AWS.
- S3 now supports FULL_OBJECT checksum type for Multipart Uploads using CRC algorithms, enabling simplified checksum validation without tracking individual part checksums. This includes enhanced validation, proper error messaging, and checksum combination logic for parts verification.
- S3 PutObject and CompleteMultipartUpload now supports the new Conditional Write feature with the IfMatch parameter, also known as Compare-and-Swap.
LocalStack container logs are now properly displayed when running with Podman.
LocalStack now supports Cognito User pool deletion protection.
Transparent Endpoint Injection is now supported for the Batch provider. This feature enables your code to connect to other emulated AWS resources without needing to modify the code running in your local Batch jobs.
The DescribeListenerAttributes operations are now supported in the Elastic Load Balancing (ELB) provider.
You can now use the SNS_SES_SENDER_ADDRESS configuration variable to customize the sender of SNS email notifications, defaulting to admin@localstack.com< 8000 /code> if not configured.


Node.js 22 runtime Lambda runtime is now supported in LocalStack.
Error messages from failed ECS task containers now appear in LocalStack logs, removing the need for inspecting the container logs manually using the ECS_REMOVE_CONTAINERS=0 configuration variable.
Failed events from Lambda functions with Amazon Kinesis and Amazon DynamoDB event source mappings (ESMs) can now be sent to S3 buckets as a destination, in addition to the existing SNS and SQS options, as supported by AWS. Unlike with SNS and SQS failure destinations, a complete event payload data is written to S3.
ELB endpoints are now accessible via http://localhost:4566/_aws/elb/<elb-id> path routing, enabling usage without subdomains in Ephemeral Instances or any other environment where subdomains are not supported.
SageMaker provider now supports multiple Production Variants of deployments for A/B testing.
EKS now supports using Minikube as the local cluster to start the Kubernetes cluster backing EKS. This can be achieved by setting the configuration variable EKS_K8S_PROVIDER=local and mounting the $HOME/.kube/config file, which contains the Minikube configuration, into the LocalStack container.
SNS Filter Policy engine has been enhanced, and the support for cidr operator has been added.
AppSync VTL resolver function logs (via $util.log) now appear in LocalStack console for improved debugging experience.
ECS is now supported as a target for EventBridge.
Support for adding custom IDs for IAM roles and policies has been added to the IAM provider.
Support for EventBridge API destinations and connections has been added.
Extended ListFirewallRules API in Route 53 Resolver to support filtering by action and priority parameters.
Default Bedrock model has been switched to smollm2:360m to handle text model invocations.
ELB rules now support all available conditions.


LocalStack Features

Support for the official LocalStack SDK for Java is now available, enabling interaction with our proprietary features through our internal developer endpoints.
LocalStack Web Application now includes a Redshift Resource Browser, offering a visual interface to manage local Redshift clusters.
Users will now see a link to the Web Application every time they start LocalStack from the command line interface (CLI).
Installed extensions will now appear at the top of the list on the Extensions Manager dashboard, making them easier to view and manage.
Chaos Engineering dashboard has been relocated to the Instance Management tab, where it now appears alongside other features to consolidate management tools for easier access.
Support has been added for a new restart button on the Web Application, located under the instance name.
Support has been added for a new Swagger UI button in the instance controls, which links to [`/_localsta...

@localstack-bot

What's Changed

Update CODEOWNERS by @localstack-bot in #11919
Lambda: Fix behaviour for alias update and delete operations by @anisaoshafi in #11878
fix(providers): Removed cloudcontrol provider by @Pive01 in #11920
Events create connection test fix by @zaingz in #11904
Add nodejs22.x AWS Lambda runtime by @dfangl in #11929
Remove custom spec for AWS StepFunctions by @dominikschubert in #11925
Apply IAM patches when loading STS to avoid wrong access key formats by @dfangl in #11931
ci/prevent init file to break packaging by @cloutierMat in #11914
add variable to configure SNS sender by @bentsku in #11930
Apigw fix openapi identity sources by @cloutierMat in #11939
[SFN] Activity Name and Arn Validation Logic by @MEPalma in #11924
fixed java lib path for macos by @macnev2013 in #11892
implement S3 conditional write IfMatch by @bentsku in #11941
fix flaky SES test by @bentsku in #11944
Extend patch decorator to add methods to class types by @giograno in #11932
Add analytics for event rule engine by @joe4dev in #11928
Re-introduce error analytics for EventBridge rule error by @joe4dev in #11935
Add lambda ESM analytics by @joe4dev in #11883
analytics for non-prefixed env var forwarding in CLI by @alexrashed in #11946
StepFunctions: Support Comments in Comparison Composite Statement Lists by @MEPalma in #11956
fix ESM analytics by @bentsku in #11961
Cloudformation implement ssm param read by @cloutierMat in #11962
Handle null value in SES OpenAPI spec by @giograno in #11954
StepFunctions: Fix ErrorName Value for Lambda Task Errors by @MEPalma in #11957
Added test and fix for wrong time format and serialization in events v2 by @zaingz in #11959
StepFunctions: Support for ContextObject Paths Bindings for ErrorPath and CausePath by @MEPalma in #11958
[SFN] Add usage analytics for Variable Workflow and JSONata features by @gregfurman in #11963
[ESM] Fix polling of SQS queue when batch size exceeds 10 by @gregfurman in #11945
implement new native EventBridge EventRuleEngine by @bentsku in #11960
Add deprecation for Java-based event ruler by @joe4dev in #11964
fix: follow-up for null value in SES response by @giograno in #11966
APIGW: fix parsing invalid JSON template in MOCK integration by @cloutierMat in #11967

New Contributors

@anisaoshafi made their first contribution in #11878

Full Changelog: v4.0.2...v4.0.3

@dominikschubert

What's Changed

Fix localstack namespace package by @dominikschubert in #11912
Fix linting issue after namespace package fix by @dominikschubert in #11913

Full Changelog: v4.0.1...v4.0.2

@MEPalma

What's Changed

Add Step Functions support for Variables and JSONata features by @MEPalma and @gregfurman in #11906
Enable EventBridge API destinations and connections by @dfangl in #11896
Re-introduce EventBridge invoke analytics by @joe4dev in #11893
add error replacement for DynamoDBStreams v2 by @bentsku in #11887
Refactor EventBridge ArchiveServices to allow restoration without side effects by @dfangl in #11891
Fix put_targets validation regressions by @joe4dev in #11903
Fix formatting for new sfn features by @dominikschubert in #11907
Disable selected StepFunctions unit tests due to broken imports by @dominikschubert in #11908
Fix provider signature for StepFunctions TestState operation by @dominikschubert in #11909
Fix JVM startup for StepFunctions by @MEPalma in #11910

Full Changelog: v4.0.0...v4.0.1

Summary

This is our fourth major release for LocalStack, bringing a host of new features, enhancements, and breaking changes designed to improve local cloud development & test experience! With LocalStack 4.0, we’re introducing support for foundation models through the new Bedrock provider, enhanced EventBridge & API Gateway support via a native implementation, and opening up the AWS “black box” with Event Studio to give developers the tools to understand, debug, and quickly iterate over their cloud applications.

Additionally, LocalStack's Web Application now includes new features like an improved IAM Policy Stream to generate security policies on the fly, a Stack Overview for quick insights into local cloud resources, and expanded Cloud Pods capabilities for better state management.

Breaking changes include the deprecation of legacy service providers and deprecated FIS actions alongside various Ubuntu AMI, Airflow & PostgreSQL versions. Deprecations are also aimed at improving security and compatibility, such as replacing legacy API keys with Auth Tokens and streamlining environment variable management.

This release reinforces our commitment to creating a comprehensive, reliable local cloud development platform, and continues our mission to become a drop-in replacement for AWS in your local environment, as well as meeting all your enterprise needs.

AWS Features

LocalStack now supports a new Bedrock provider that locally emulates foundation models (FMs) with features like Invoke API, Converse API & Batch processing. (🌟 enterprise)
LocalStack has switched the default implementation for the EventBridge to a new native provider offering improved reliability, performance, and AWS parity. The old EventBridge provider is temporarily available in LocalStack using PROVIDER_OVERRIDE_EVENTS=v1.
LocalStack has switched the default implementation for the API Gateway to a new native provider offering improved reliability, performance, and AWS parity. The old API Gateway provider is temporarily available in LocalStack using PROVIDER_OVERRIDE_APIGATEWAY=legacy.
Python 3.13 Lambda runtime is now supported in LocalStack.

LocalStack Features

LocalStack now features Event Studio in preview, which allows you to view data exchanges between AWS services, collect all events, inspect payloads and metadata, and replay events for all supported services at key steps. (🌟 pro)
Support for the official LocalStack SDK for Python is now available, enabling interaction with emulated services, along with proprietary features through our internal developer endpoints.
Support for hot reloading is now available for the Lambda Debug Mode configuration file. This feature updates the configuration every time modifications are detected, allowing for multiple debugging sessions of the same Lambda function.
Several user experience improvements have been introduced to the preview IAM Policy Stream feature in the LocalStack Web Application. This simplifies permission management by generating a continuous flow of IAM policies based on the AWS API calls your application infrastructure makes. (🌟 pro)
Support for a new Stack Overview feature that provides a summary of deployed resources, categorized services with configurations, and quick access to resource details like identifiers and endpoints. (🌟 pro)
Support for a new EventBridge Pipes Resource Browser, enabling you to set up direct integrations between event producers and consumers directly from your Web Browser or the LocalStack Desktop application. (🌟 pro)
Several new Cloud Pods capabilities have been introduced in the LocalStack Web Application: (🌟 teams)
- Select from merge strategies when loading Cloud Pod states.
- Choose specific services to save when creating a Cloud Pod.
Support for a new Ephemeral Instances CLI experience that allows users to run a LocalStack instance in the cloud, enabling instance creation & management directly from your terminal. (🌟 pro)
Users can now create a Cloud Pod at the shutdown of an Ephemeral Instance, allowing you to resume your application at the state where you left it off. (🌟 teams)
LocalStack Enterprise users can now automatically assign licenses to new workspace members through Single Sign-On. (🌟 enterprise)
Several new features have been introduced in the LocalStack Resource Browsers:
- Edit and view policies directly within the IAM Resource Browser.
- View the value of your API keys in the API Gateway Resource Browser.
- Enable continuous updates and testing without redeployment through Lambda Hot Reloading in the Lambda Resource Browser.
Kubernetes support for major computing and database services has been unified in LocalStack, allowing you to run a broader range of services on Kubernetes. These services include Lambda, ECS, DocumentDB, MWAA, and RDS (MySQL & MSSQL). Use the configuration variable CONTAINER_RUNTIME=kubernetes when starting LocalStack to enable Kubernetes executors for these services. (🌟 enterprise)

Enhancements

CloudFormation Custom Resources now support UPDATE and DELETE operations
KMS now supports deriving shared secrets using key agreement algorithm.
Lambda Event Source Mapping now handles empty invocations from a custom Lambda bootstrap.
Lambda now supports tagging of Event Source Mappings.
LocalStack’s DynamoDB emulation has been upgraded to use the new DynamoDB Local 2.0.

Breaking Changes

The following legacy service providers are being removed. Please update your configurations to use the latest versions by removing the specified settings.

Service	Configuration Being Removed
Step Functions	`PROVIDER_OVERRIDE_STEPFUNCTIONS=legacy`
S3 (v2 Provider)	`PROVIDER_OVERRIDE_S3=legacy_v2`
ElastiCache	`PROVIDER_OVERRIDE_ELASTICACHE=legacy`
Event Source Mapping	`LAMBDA_EVENT_SOURCE_MAPPING=v1`

The following custom LocalStack FIS actions are now removed:
- localstack:generic:api-error



Outages Extension is no longer published on PyPI and will not be maintained anymore. Please follow our documentation to migrate to the Chaos API.


Support for the following deprecated Airflow versions for MWAA have been removed from LocalStack:

v1.10.12
v2.0.2
v2.2.2



Support for RDS PostgreSQL 10 has been removed from LocalStack.


Support for Ubuntu 20.04 AMI (ami-ff0fea8310f3) for EC2 has been removed from LocalStack.


Support for Python 3.8 in the Python distribution of the LocalStack CLI has been removed.


Deprecations

Auth tokens have fully replaced legacy API and CI keys for both personal and CI use, increasing security and enabling more det...

@simonrw

What's Changed

Fix: CFn repeated deployments breaking by @simonrw in #11632
SNS: implement Content-Type logic for http/https target by @bentsku in #11634
Update README with v3.8 by @giograno in #11636
fix Events v2 APIGW target test and update snapshots by @bentsku in #11633
Update CODEOWNERS by @localstack-bot in #11645
ESM-v2: fix IAM service principal by @gregfurman in #11648
[SFN] No Output Reductions for Successful Catch Blocks by @MEPalma in #11552
Add configuration value for manually selecting runtime components by @silv-io in #11616
Fix: CFn improperly formats account_id causing IAM engine to fail when using cdk by @Morijarti in #11624
ESMv2: Fix UpdateEventSourceMapping request and batch size check for SQS by @gregfurman in #11637

Full Changelog: v3.8.0...v3.8.1

Releases: localstack/localstack

v4.4.0

Summary

AWS Features

Enhancements

LocalStack Features

Deprecations

What's Changed

Exciting New Features 🎉

Contributors

v4.3.0

Summary

AWS Features

Enhancements

LocalStack Features

What's Changed

Exciting New Features 🎉

Other Changes

Contributors

v4.2.0

Summary

AWS Features

Enhancements

LocalStack Features

What's Changed

Exciting New Features 🎉

Other Changes

New Contributors

Contributors

v4.1.1

What's Changed

Contributors

v4.1.0

Summary

AWS Features

Enhancements

LocalStack Features

Contributors

v4.0.3

What's Changed

New Contributors

Contributors

v4.0.2

What's Changed

Contributors

v4.0.1

What's Changed

Contributors

v4.0.0

Summary

AWS Features

LocalStack Features

Enhancements

Breaking Changes

Deprecations

Contributors

v3.8.1

What's Changed

Contributors