Download Latest Version v4.6.0 source code.tar.gz (10.9 MB)
Email in envelope

Get an email when there's a new version of LocalStack

Home / v4.4.0
Name Modified Size InfoDownloads / Week
Parent folder
README.md 2025-05-08 21.4 kB
0
v4.4.0 source code.tar.gz 2025-05-08 10.7 MB
0
v4.4.0 source code.zip 2025-05-08 12.5 MB
1 1 weekly downloads
Totals: 3 Items   23.2 MB 1

Summary

LocalStack 4.4 introduces the Amazon Verified Permissions provider, a native RDS provider for better AWS parity, and a container-based Glue job executor. The release also includes Step Functions service integration mocking, expanded IAM features with service-specific credential APIs and condition keys, and updates to KMS, EMR Serverless, CloudFront Lambda@Edge, and Application Auto Scaling services.

AWS Features

  • LocalStack now supports Amazon Verified Permissions (AVP) for managing fine-grained access using Cedar policies. You can test authorization logic locally and integrate with services like Cognito. Refer to our documentation to learn more. (🌟 enterprise)
  • LocalStack now supports AWS Step Functions Local with mocked and emulated service integrations. It works with existing setups and includes support for JSONata, Variables, and mocked task states. Refer to our documentation to learn more.
  • LocalStack now uses a new native RDS provider by default for better AWS parity. It adds support for advanced features like parameter groups, snapshots, IAM auth, proxies, and Neptune compatibility. (🌟 pro)
  • LocalStack now runs Glue jobs in Docker using the aws-glue-libs image for better parity, faster startup, and isolated execution. Set GLUE_JOB_EXECUTOR=docker and GLUE_JOB_EXECUTOR_PROVIDER=v2 to enable it. (🌟 pro)
  • Ruby 3.4 Lambda runtime is now supported in LocalStack.

Enhancements

  • LocalStack now supports IAM service-specific credential APIs with full CRUD operations. Supported APIs include create, list, update, reset, and delete for service-specific credentials.
  • LocalStack now supports additional IAM condition keys for fine-grained access control in policies. New keys include iam:PermissionBoundary, aws:RequestTag, sts:ExternalId, aws:username, and others.
  • KMS provider now includes the following enhancements:
    • Enables custom_key_material usage for Elliptic Curve Cryptography (ECC) keys in the KMS service.
    • Adds ability to decrypt data encrypted before a key rotation event by preserving the history of key material during RotateKeyOnDemand, maintaining access to all rotated KMS keys.
    • Improves KMS PSS signature generation by aligning salt length with RFC 4055, increasing compatibility with external cryptographic libraries.
    • Adds support for the dry_run parameter in the GenerateDataKeyPair and GenerateDataKeyPairWithoutPlaintext APIs.
  • EMR Serverless provider now includes the following enhancements: (🌟 pro)
    • EMR Serverless jobs now accept program arguments when running scripts, allowing reuse of functionality and parameterized execution.
    • Logs from EMR Serverless jobs are now sent to CloudWatch for better visibility into job execution and easier debugging of failures.
  • Cloudfront Lambda@Edge feature now includes the following enhancements: (🌟 pro)
    • Added support for the IncludeBody parameter.
    • Added validations for supported Python and Node.js runtimes.
  • LocalStack now supports tagging for Application Auto Scaling resources. Supported APIs include TagResource, UntagResource, and ListTagsForResource. (🌟 pro)
  • LocalStack now runs Apache Flink's JobManager and TaskManager in separate containers to better emulate AWS behavior. Previously, both ran in a single container with a shared filesystem. (🌟 pro)
  • Support for IAM transitive session tagging is now available. Tags marked as transitive on IAM sessions now propagate correctly and can be used for IAM policy enforcement.
  • Improvements to AppSync VTL template $utils helpers now include better support for $util.error and added support for $util.appendError. (🌟 pro)
  • Support for record filtering for MSK & Self-Managed Kafka Event Source Mappings. (🌟 pro)
  • Support for ListStateMachineAliases pagination is now available in Step Functions. This includes handling of the --next-token and --max-results parameters to paginate results when listing aliases for a state machine.
  • Implemented automatic registration of ECS tasks with AWS Cloud Map service discovery. Container IP addresses are now correctly registered in the service registry, enabling accurate service discovery and proper task-to-task communication. (🌟 pro)
  • Support for SES email confirmation from user pools is now available. User pools can now send confirmation emails to new users via SES automatically upon user creation. (🌟 pro)
  • Enhanced DeleteRepository operation in ECR to correctly honor the --force flag. When --force is specified, repositories containing images can now be deleted without requiring individual image deletion. (🌟 pro)
  • Enhanced CreateComputeEnvironment API in AWS Batch to automatically create an AWSBatchServiceRole if none is provided. This improves parity with AWS by matching the default behavior where the role is auto-created if not explicitly specified. (🌟 pro)
  • Enhanced domain name handling to properly normalize escaped character sequences in DNS names. This improves AWS parity by ensuring that all Route 53 encoded domain names are correctly processed before being passed to the DNS server.
  • Enhanced the OAuth2 authorization flow to generate unique state and code values for each login attempt. This improves CSRF protection for existing users and ensures compliance with OAuth2 specifications. (🌟 pro)
  • Deleting a FIFO message with an expired receipt handle now raises an error to achieve better parity with AWS.
  • Added X-Ray trace ID propagation from EventBridge to target services (Lambda and API Gateway), enabling end-to-end request tracing. This also ensures compatibility with existing trace header encoding.
  • Implemented support for USER_AUTH authentication flow type in Cognito, enabling SMS_OTP, PASSWORD, and PASSWORD_SRP challenge handling to match AWS behavior. (🌟 pro)

LocalStack Features

  • Replication support for AWS::Route53::HostedZone is now available for the AWS Replicator tool. (🌟 teams)
  • The --profile flag can now be used anywhere in the CLI command, not just at the top level, improving compatibility with custom tooling.

Deprecations

  • Older Glue versions (0.9, 1.0, 2.0) are now deprecated.
  • RDS state created in version 4.3 or earlier using Cloud Pods or standard persistence will not be compatible with the new RDS provider introduced in version 4.4. Recreating the RDS state is recommended for compatibility. (🌟 pro)

What's Changed

Exciting New Features 🎉

Other Changes

New Contributors

Full Changelog: https://github.com/localstack/localstack/compare/v4.3.0...v4.4.0

Source: README.md, updated 2025-05-08