Releases · QaidVoid/awsim

14 Jun 07:21

d004c69

Nightly Pre-release

Pre-release

Rolling pre-release rebuilt from main every night.

Commit: d004c692 — fix(cognito): responsive layout for the hosted change/forgot-password pages (#38)
Built: 2026-06-14 07:21:51 UTC

These binaries track main and may be unstable. For tagged releases see https://github.com/QaidVoid/awsim/releases/latest.

Assets 8

02 Jun 06:46

github-actions

0.5.0

8e0a63c

0.5.0 Latest

Latest

0.5.0 — 2026-06-02

Bug Fixes

ui: Pin dynamodb item delete action to right edge
ui: Save changes on alias editor when pricing fields used
qldb: Return HTTP 412 for ResourcePreconditionNotMetException
core: Return 403 SignatureDoesNotMatch for tampered SigV4 requests
elb: Sort Tags.member.N by numeric index for sparse inputs
secretsmanager: InvalidRequest on version/stage mismatch
cloudwatch-logs: Validate DescribeLogStreams orderBy/prefix
iam: Reject Path/Arn mutation via UpdateRole
apigateway: Validate CreateRestApi apiKeySource enum
sqs: Scope FIFO dedup window by message group when configured
ses: Validate MailFromDomain against identity domain
waf: Validate IPSet CIDR shape against IPAddressVersion
ssm: Validate PutParameter DataType and aws:ec2:image format
route53: Cap ChangeResourceRecordSets at 1000 changes / 32000 values
route53: Split public/private hosted zones with VPC requirement
ses: Persist SendEmail ReplyToAddresses and ConfigurationSetName
eventbridge: Validate Connection AuthParameters per auth type
stepfunctions: Validate roleArn shape on create/update
acm: Persist CertificateTransparencyLoggingPreference
kinesis: Paginate ListShards with NextToken cursor
firehose: Validate stream type, buffering, and compression
secretsmanager: Surface owner, region, and version timestamps
cognito: Validate PasswordPolicy MinimumLength and TempPasswordDays
cognito: Set AutoVerifiedAttributes flags on ConfirmSignUp
ecr: Validate and surface CreateRepository encryptionConfiguration
ses: Validate PutSuppressedDestination Reason allowlist
mq: Validate broker name, storage type, and LDAP metadata
eks: Require Nodegroup subnets and validate diskSize
elb: Require certificates on HTTPS/TLS listeners
rds: Persist VpcSecurityGroups on DB cluster
rds: Validate and surface DB instance Iops + StorageThroughput
ecs: Persist Service loadBalancers, deploymentConfiguration, deploymentController, networkConfiguration
ses: Persist account VDM and suppression attributes
cloudformation: Implement Fn::GetAZs intrinsic
apigateway: Persist binaryMediaTypes and validate endpointConfiguration on CreateRestApi
stepfunctions: Persist tracingConfiguration and validate encryptionConfiguration
cloudwatch-metrics: Accept PutMetricData StatisticValues as pre-aggregated mean
cloudwatch-metrics: Apply Dimensions filter on ListMetrics
cloudwatch-logs: Accept and surface logGroupClass on CreateLogGroup
cloudwatch-logs: Reject PutLogEvents entries outside 14d/2h window
eventbridge: Accept Target BatchParameters and round-trip in describe
dynamodb: Cap AttributeName at 255 bytes on CreateTable
ssm: Validate PutParameter Value against AllowedPattern regex
dynamodb: Enforce 4 MB payload cap on TransactWriteItems
secretsmanager: Support owned-by-me and primary-region ListSecrets filters
sts: Enforce SourceIdentity regex and AccessKeyId format
iam: Cap managed policy document at 6144 characters
kinesis: Cap GetRecords response at 10 MB of record bytes
acm: Gate GetCertificate on PENDING_VALIDATION and DeleteCertificate on InUseBy
dynamodb: Enforce 20-GSI cap on UpdateTable Create
secretsmanager: Default PutSecretValue empty VersionStages to AWSCURRENT
sns: Validate MessageAttribute DataType and enforce 256 KB payload cap
lambda: Validate Qualifier against $LATEST/numeric/alias grammar
kinesis: Reject malformed ExplicitHashKey instead of silent fallback
acm: Validate SAN count, dedup, and KeyAlgorithm on RequestCertificate
ecr: Reject duplicate image push with ImageAlreadyExistsException
eventbridge: Enforce per-bus rule and per-rule target caps
kms: Surface InvalidCiphertextException on malformed Decrypt input
kms: Enforce MacAlgorithm / KeySpec compatibility
kms: Enforce SigningAlgorithm / KeySpec compatibility table
sqs: Validate MessageAttribute DataType and value pairing
sns: Align PublishBatch error codes to AWS spec
secretsmanager: UpdateSecret rejects rotation parameters
sts: Evaluate ExternalId / MFA / SourceIp on AssumeRole trust policies
cognito-identity: Emit InvalidParameterException not InvalidParameter
polly,batch,datasync: Align error HTTP status to Smithy
firehose: Return HTTP 400 from every firehose error shape
ssm: Return HTTP 400 from every ssm error shape
ecs: Return HTTP 400 from every ecs error shape
ecr: Return HTTP 400 from every ecr error shape
cognito: Return 403 from NotAuthorizedException per Smithy
kinesis: Return HTTP 400 from every kinesis error shape
sqs: Return HTTP 400 from NonExistentQueue and use full Query code
dynamodb: Return HTTP 400 from ResourceInUse and *AlreadyExists
secretsmanager: Align ResourceNotFound/Exists to HTTP 400
kms: Return 409 from DisabledException
iam: Return 409 from LimitExceededException
tests: Make s3 multipart test AWS-correct and raise body cap
iam: Mark the root user as is_root in principal resolution
operator-auth: Make sign-in work and gate the admin UI
ssm: Honor Tier on PutParameter + enforce per-tier value size cap
rds: Validate DBInstanceIdentifier regex + StorageType enum
kinesis: Validate StreamName + StreamMode + ShardCount on CreateStream
eks: Require roleArn + validate cluster name on CreateCluster
ecr: Validate repository name + imageTagMutability on CreateRepository
ecs: Validate networkMode + requiresCompatibilities on RegisterTaskDefinition
ec2: Validate RunInstances MinCount / MaxCount instead of silent clamp
cloudwatch-logs: Enforce 10000-event PutLogEvents per-request cap
cloudwatch-metrics: Enforce 1000-datum PutMetricData per-request cap
secretsmanager: Reject GetSecretValue with mismatched VersionId+VersionStage
eventbridge: Validate ScheduleExpression at PutRule time
iam: Validate RoleName against AWS regex on CreateRole
lambda: Validate TracingConfig.Mode against AWS enum
kms: Enforce 4 KiB EncryptionContext size + string-value shape
sns: Require MessageGroupId + dedup on FIFO topic Publish
sqs: Reject SetQueueAttributes that flips FifoQueue after creation
dynamodb: Reject ProjectionExpression with AttributesToGet
s3: Enforce 5 MiB minimum part size on non-final multipart parts
core: Emit S3-style bare envelope for REST-XML responses
core: HMAC-sign pagination tokens with 6h expiry
ui: Tighten Models & Aliases tab visuals
ui: Re-seed gateway dialogs on every closed -> open transition
core: Report live IAM enforcement state in /_awsim/config
ui: Scrollable dialog body with slim scrollbar and flush pinned footer
ui: Bound dialog height and scroll long forms
appconfig: Stop AppConfigData clobbering the control plane
ui: Stop one large cell from stretching the table
ui: Make Select root value/open bindable
ui: Point topbar Documentation link at the docs
awsim: Suppress clippy too_many_arguments on register_services
dynamodb: Emit AWS-faithful KeyConditionExpression errors
bedrock: Retry with flattened content on text-only backends

Documentation

core: Document SigV4 verification and bearer-token auth gates
core: Document cross-service event bus pattern
core: Document AWSIM_PARTITION flag in configuration guide
iam: Document AssumeRole trust policy condition variables
theme: Custom motd-style home page
sidebar: Include every service and guide page
Document AWSIM_VERIFY_SIGV4, credentials endpoint, root protection
Document operator auth + new configuration env vars
bedrock: Refresh sample TOML + CHANGELOG for Model Gateway

Features

ui: Define gsis and lsis when creating a dynamodb table
ui: Manage gsi from the dynamodb indexes tab
ui: Show per-call tokens and cost on Activity and Models tabs
bedrock: Track per-call tokens and cost in gateway metrics
ui: Edit gateway pricing per model id and show cost in tester
bedrock: Inject pricing cost into all family translators
bedrock: Per-model token pricing overrides in usage block
efs: Enforce 24h throughput cooldown on UpdateFileSystem
efs: CreationToken idempotency rejects mismatched args
athena: Substitute ExecutionParameters into ? placeholders
athena: ClientRequestToken idempotency on StartQueryExecution
athena: Resolve WorkGroup EngineVersion with AUTO default
servicediscovery: Persist Tags on namespace and service create
servicediscovery: Add TagResource/UntagResource/ListTagsForResource by ARN
appsync: Persist GraphQL APIs, schemas, resolvers, and associations
athena: Persist workgroups, queries, and catalogs via snapshot/restore
acm: Cache RequestCertificate by IdempotencyToken and reject param mismatches
acm: Support PRIVATE certificate type via CertificateAuthorityArn
qldb: Start ledger in CREATING and settle to ACTIVE on Describe/List
memorydb: Start clusters in creating and settle to available on Describe
firehose: Start delivery streams in CREATING and settle to ACTIVE on Describe
firehose: Validate ProcessingConfiguration types and Lambda parameters
efs: Wire AccessPoint ClientToken through IdempotencyCache
efs: Add PutFileSystemPolicy with JSON validation and 20 KiB cap
efs: Reject DeleteFileSystem when access points still reference the FS
efs: Paginate Describe file systems, mount targets, and access points
efs: Reject non-ENABLED/DISABLED BackupPolicy status inputs
efs: Validate LifecyclePolicy transition enu...

Assets 8

11 May 03:09

github-actions

0.4.1

cdce871

0.4.1

0.4.1 — 2026-05-11

Bug Fixes

cognito: Accept user sub as Username in admin operations
cognito-identity: Use preferred_role implicitly + accept AWS-style mapping keys
cognito: Treat empty Description/RoleArn as clear in CreateGroup/UpdateGroup
cognito-identity: Honor cognito:preferred_role for Token role mapping
query-xml: Drop spurious newline from scalar list members
bedrock: Forward upstream backend status to consumers
awsim: Stage ui/build into OUT_DIR so cargo publish --verify works

Documentation

Cross-link Cognito OAuth -> Federation, remove CLAUDE.md, fix dead link
cognito: Federation guide + UI button to register the mock IdP
Alphabetize service table, add TLS flags, refresh billing service count

Features

ui/cognito: Role-arn picker + edit dialog for groups
authz: Track STS-issued temp creds so they resolve under enforcement
ui: Sign requests with awsim-admin credential
authz: Admin access key bypasses IAM enforcement
cognito: Wire OIDC federation into the hosted-UI flow
cognito: Built-in mock OIDC IdP for offline federation
ui/cognito: Attributes tab to declare custom schema attrs
ui/cognito: Adapt create-user dialog to pool schema + username config
cognito: Enforce schema on user attribute writes

Assets 8

08 May 03:01

github-actions

0.4.0

0a15b9f

0.4.0

0.4.0 — 2026-05-08

Bug Fixes

core: Presigned-URL routing beats misleading host segments
bedrock: Unwrap REST-shape model body, not the imaginary body wrapper
opensearch: Handle bool must_not + match terms against array fields
bedrock: Propagate backend errors instead of masking with canned responses
dynamodb: Paren-aware split for nested function args
awsim: 308-redirect prerendered UI routes to the trailing-slash variant
awsim: Route every method through the S3-upload catch-all, not just PUT
cognito: Derive OIDC issuer / endpoints from request scheme + host
dynamodb: Reject GSI / LSI keying on undeclared attribute
dynamodb: Recompute GSI keys on backup restore
dynamodb: Honour GSI / LSI projection type on Query
dynamodb: Backfill GSI columns when UpdateTable adds a GSI
gateway: Apply S3-shaped body cap at the route layer
s3: Cap PutObject body at 5 GiB single-PUT limit
s3: Honour CopySource-If-* preconditions
s3: Drop 5 MiB minimum on non-final multipart parts
dynamodb: Reject empty / duplicate set attributes
cognito: Rate-limit verification code attempts
cognito: Expire MFA and SRP challenge sessions after 5 minutes
cognito: Expire confirmation and reset codes after 24h
cognito: Refuse auth for disabled users
dynamodb: Validate KeyCondition + add attribute_type()
s3: Enforce Object Lock retention and legal hold
s3: Validate Content-MD5 and x-amz-checksum-* against body
dynamodb: Use Decimal not f64 for N attribute math
iam-policy: Match ARNs per segment so wildcards stay scoped
cognito: Verify TOTP and SecretHash, drop bypassable MFA path
cognito: Hash passwords with bcrypt instead of plaintext
cognito: Sign JWTs with real RS256 + verify on use
docker: Drop :nonroot base for broader runtime compat
ci: Recreate nightly release each run so source links track HEAD
cognito: Respect RESET_REQUIRED on hosted UI and Permanent flag on AdminSetUserPassword
docker: Add mold dependency to dockerfile
ui: Prefix internal hrefs and goto() calls with paths.base
awsim: Skip jemalloc on musl targets to unbreak aarch64 cross-compile
bedrock: Request usage stats in OpenAI-compat streaming so token counts surface
s3: Make CompleteMultipartUpload validate parts before consuming the upload
backup,dynamodb: Drop redundant & in format args
s3: Simplify negated is_some_and to is_none_or in object-existence checks
cognito: Preserve username on hosted-UI login error and stop reissuing refresh tokens
dynamodb: Exclude items that failed KeyConditionExpression from ScannedCount
lambda: Distinguish Handled vs Unhandled FunctionError
lambda: Capture last 4KB of logs when LogType=Tail
lambda: Paginate ListFunctions / ListVersionsByFunction / ListAliases / ListEventSourceMappings / ListLayers / ListLayerVersions
iam: Paginate ListUsers / ListRoles / ListGroups / ListPolicies
secretsmanager: Validate secret name format on CreateSecret
sts: Derive AssumeRoleWithSAML/WebIdentity subject from token, not stub
sts: Enforce DurationSeconds bounds on every credential-issuing operation
eventbridge: DeleteRule rejects rules with attached targets unless Force=true
eventbridge: Emit ISO 8601 timestamps on archive/replay/connection state
sts: Validate AssumeRole Policy and PolicyArns inputs
s3: Validate CORS / Lifecycle / Website configurations on Put*
sts: Validate AssumeRole Tags and TransitiveTagKeys
s3: GetObjectTagging/PutObjectTagging/DeleteObjectTagging respect VersionId
s3: Paginate ListObjectVersions with key-marker / version-id-marker
s3: Reject object keys over 1024 UTF-8 bytes (KeyTooLongError)
s3: Honor x-amz-metadata-directive=REPLACE on CopyObject
s3: Validate CreateBucketConfiguration.LocationConstraint
s3: Emit LambdaFunctionConfiguration on GetBucketNotificationConfiguration
iam: GetUser/CreateAccessKey/ListAccessKeys default to caller when UserName omitted
kms: Origin=EXTERNAL keys start in PendingImport, not Enabled
lambda: PublishVersion validates optional CodeSha256 guard
dynamodb: UPDATED_OLD/UPDATED_NEW return only modified attributes
dynamodb: Size() of binary attribute returns decoded byte count
dynamodb: PutItem rejects missing sort key as well as missing hash key
iam: Block DeleteGroup when group has inline policies
lambda: Shape AddPermission Principal correctly per Principal type
sns: Validate FilterPolicy on Subscribe and SetSubscriptionAttributes
sns: Require confirmation token round-trip for HTTP/HTTPS/email/sms subscribers
sns: PublishBatch fans out to subscribers
kms: Reorder resolve_key_id so alias ARNs match before key ARNs
kms: Validate KeyUsage on Sign/Verify/GenerateMac/VerifyMac/DeriveSharedSecret
lambda: Allocate published versions monotonically
lambda: DryRun invocations return HTTP 204 with empty body
lambda: InvocationType=Event runs async with empty 202 body
sqs: Raise QueueAlreadyExists when CreateQueue collides with mismatched attrs
sqs: Set ApproximateFirstReceiveTimestamp on first receive
sqs: Reject SendMessageBatch with total payload over 256 KiB
sqs: Derive FIFO MessageDeduplicationId from sha256(body) when ContentBasedDeduplication=true
sts: Validate AssumeRole RoleArn format, RoleSessionName, DurationSeconds
sts: Derive GetCallerIdentity UserId/Arn from RequestContext
iam: Enforce attachment, key, group, and session-duration limits
sns: Include full notification envelope on SNS→SQS fan-out
s3: Treat Range header on zero-byte object as non-range GET (200)
lambda: Validate Runtime against allow-list and Handler shape
lambda: Include LastUpdateStatus on FunctionConfiguration responses
sqs: Compute MD5OfMessageAttributes per AWS algorithm
lambda: Wire UpdateAlias and GetLayerVersion into operation dispatch
s3: Emit base64 NextContinuationToken on ListObjectsV2
s3: Return 416 InvalidRange with ActualObjectSize on unsatisfiable Range
kms: Use KMSInvalidStateException with HTTP 409 on bad-state errors
s3: Validate bucket name reserved prefixes/suffixes/IP format, add Location header to CreateBucket, clean up multipart data on DeleteBucket
s3: Store content-encoding/cache-control/expires on objects, return CopySourceVersionId, Accept-Ranges header, 206 status for range requests, sanitize stored policy JSON
s3: Add Owner to ListObjects entries, support start-after param, fix list_parts XML element name
s3: HeadObject double meta prefix, correct error responses for unconfigured encryption/public-access-block/object-lock, check delete markers in ACL ops
core: Promote AwsError extras (DeleteMarker, VersionId) to HTTP response headers
s3: Parse part list from CompleteMultipartUpload body, validate ETags and part numbers, capture metadata
s3: Correct pagination token — use last emitted key instead of first skipped key
s3: Preserve tab selection across bucket open/reload instead of resetting to Objects
s3: Use authenticated blob downloads and image previews instead of bare URLs
s3: Use actual account ID in ACL responses instead of hardcoded owner-id
s3: ListObjectsV2 KeyCount should not include CommonPrefixes
s3: Include user metadata (x-amz-meta-*) in HeadObject response
s3: Return proper Error entries in DeleteObjects instead of silently swallowing failures
s3: Correct multipart ETag format (MD5 of per-part MD5s + part count), preserve content-type from initiation, remove double bucket lookup
s3: Add #![deny(warnings)] to lib.rs
dynamodb: Clear items silently on Query tab switch, only toast on explicit Run query click
dynamodb: Return BackupNotFoundException for non-existent backup in DeleteBackup
dynamodb: Use ctx.region/account_id for stream ARN in UpdateTable
dynamodb: Add #![deny(warnings)] to lib.rs
cognito: Clear identity pool state before restore
cognito: Include resource_tags in snapshot, clear state before restore
cognito: Validate allowed_oauth_flows in token endpoint
cognito: Validate confirmation codes in ConfirmSignUp and VerifyUserAttribute
cognito: Reject RESET_REQUIRED users in InitiateAuth/AdminInitiateAuth
cognito: Respect client token validity settings, escape HTML in login page, check user status in OAuth, deny warnings
cognito: Password validation in NEW_PASSWORD_REQUIRED, conditionally include ClientSecret in responses
cognito: Fix identity pool bugs — GetId dedup, GetOpenIdToken pool, ListIdentities filter, ARN parsing
opensearch: Fix 16 backend bugs, add missing query types and operations
iam: Enforce inline policy size limits (user 2048, role 10240, group 5120)
iam: Include PermissionsBoundary in GetUser/GetRole responses
iam: Support multi-value Filter in GetAccountAuthorizationDetails
iam: Add PathPrefix filtering to ListGroups
iam: GetUser without UserName returns first user
iam: Reject DeleteRole when role has inline policies
iam: Reject DeleteUser when user has inline policies
iam: Serialize all state fields in snapshot to prevent data loss on restart
opensearch-ui: Use absolute awsim endpoint, parse _cat JSON correctly
ui: Pull version from workspace Cargo.toml + paginate ListTables
iam: Simulator response parser handles nested tags
iam-simulator: No layout shift, fuller actions list, dropdown not clipped
settings: Cascade backend rename + remove to references
ui: Cognito triggers — pin action bar without bottom gap
ui: Cognito pool detail — let main fill width, not shri...

Assets 8

30 Apr 06:05

github-actions

0.3.0

3df3889

0.3.0

0.3.0 — 2026-04-30

Bug Fixes

cognito: Populate EstimatedNumberOfUsers in DescribeUserPool
ui: Cognito attribute rows — grid layout so long names don't overlap values
ui: Force cognito drawer to 900px override over default sm:max-w-sm
ui: Widen cognito pool drawer + tidy user row layout
ui: Tint toasts by severity via Sonner richColors
billing: Per-character Polly + Comprehend metering
billing: Per-transition Step Functions metering
billing: Per-function Lambda memory for accurate GB-seconds
build: Cfg-gate rlimit calls so Windows builds compile

Documentation

chaos: Guide page + README highlight
Refresh README + guide for billing dashboard + 61 services

Features

ui: Cognito user pool create + delete
ui: Cognito domain create + delete + status
ui: Cognito app-client create + delete + OAuth editor
ui: Cognito group management — create, delete, edit members
ui: Cognito user detail panel with attribute + group editing
ui: Cognito user CRUD — create, set-password, delete
ui: Expand cognito API client with admin + group + client + domain ops
cognito: Hosted-UI logout endpoint
--max-blocking-threads + --max-body-bytes flags for memory tuning
ui: Show SQLite row counts + db size in dashboard insights
storage: /_awsim/storage/sqlite reports row counts + db sizes
ui: /flow burst-grouped activity view
playground: /playground request builder with templates
snapshot: Named state snapshots — save/load/list/delete
replay: Batch replay with status-code histogram in inspect drawer
chaos: Time-window + flap schedules
chaos: Persist rules to data-dir across restarts
chaos: /chaos UI page with presets, rules, sparkline
chaos: Built-in failure-mode presets
chaos: Awsim chaos CLI subcommand
chaos: Admin API for managing rules + injection stats
chaos: Inject errors + latency in the gateway dispatch path
chaos: Scaffold awsim-chaos crate with rule engine
cli: Awsim bill subcommand for terminal-friendly bill output
ui: CSV export for the current bill
ui: Chart polish — Y-axis labels, gridlines, service legend
ui: Per-service stacked area in cost trajectory chart
ui: Cost-explorer features — budget alerts, forecast, top mover
billing: Instance-hour metering for MQ + MemoryDB
billing: Instance-hour metering for EC2 + RDS
billing: Meter Cognito + chart hover tooltip
billing: Cost trajectory sparkline + suppress ghost rows
billing: Meter ECR + CloudWatch Logs at-rest storage
billing: Meter Lambda compute (GB-seconds)
billing: Point-in-time storage metering for S3 + DynamoDB
billing: Meter CloudWatch Logs ingest
billing: Meter Route 53, Kinesis, CloudFront, Firehose
billing: Meter API Gateway, Step Functions, SES, CloudWatch
billing: Meter SQS, SNS, KMS, Secrets Manager, EventBridge
ui: Billing dashboard with per-service breakdown
billing: Wire meter to event stream + /_awsim/billing endpoint
billing: Awsim-billing crate with vendored AWS pricing

Performance

Cap tokio blocking pool + lazy SQLite pools + tighter PRAGMAs
kinesis: Move records to SQLite with retention sweep
cw-metrics: Move datapoints to SQLite with retention sweep
logs: Move log events to SQLite, drop body-store backing
ddb: R2d2 pool, lower mmap/cache, tempdir cleanup, vacuum CLI

Assets 8

29 Apr 11:19

QaidVoid

0.2.0

e97cbe2

0.2.0

0.2.0 — 2026-04-29

Bug Fixes

ui: Unique column keys in DataTable + harden against future dupes
s3: Accept versionId query param spelling for VersionId input
dynamodb: Return existing Item on ConditionalCheckFailedException
sqs: Reject FIFO-only fields on standard queues
dynamodb: Return structured CancellationReasons from TransactWriteItems
dynamodb: Return HTTP 400 for ResourceNotFoundException
lambda: Surface FunctionError via X-Amz-Function-Error header
sqs: Only return attributes when explicitly requested
dynamodb: Create data dir before opening sqlite store
dynamodb: Clippy + rustfmt cleanup
core: Preserve serde_json key order so XML field order matches AWS spec
ui: Hand scroll containment to pages so ServicePage h-full resolves
ui: Correct GitHub link to QaidVoid/awsim

Documentation

servicediscovery: Add Cloud Map service page
xray: Add X-Ray service page
services: Add EFS, Backup, Application Auto Scaling pages
services: Add Pipes service page, update Lambda ESM section
services: Catch up on the recent feature pass
readme: Refresh service list, flags, highlights
services-index: Bump DynamoDB operation count 26 → 57
dynamodb: Document SQLite store + TruncateTable
Document Phase D admin features and own AWSim's framing
Document /_awsim/events SSE endpoint
Document CloudWatch Logs persistence
Document /_awsim/storage endpoint
Document size cap and periodic GC
Document BodyStore startup garbage collection
Document SQS message body persistence
Document ECR layer storage and persistence
Document Lambda function code persistence
Document S3 object persistence

Features

ui: Identity Store — users, groups, memberships
ui: Pinpoint — apps, endpoints, segments, campaigns
ui: Transfer Family — servers, users, SSH keys
ui: QLDB — ledger management
ui: MemoryDB — clusters, users, ACLs
ui: MQ — brokers and users
ui: Glacier — vaults, archives, jobs
ui: AppConfig — applications, environments, profiles, deployments
ui: Cloud Map (Service Discovery) — namespaces, services, instances
ui: X-Ray — traces and service graph
ui: Application Auto Scaling — targets, policies
ui: Backup — vaults, plans, jobs
ui: EFS — file systems, mount targets, access points
identitystore: Users, groups, group memberships
pinpoint: Apps, endpoints, segments, campaigns
transfer: AWS Transfer Family servers, users, SSH keys
qldb: QLDB ledger metadata service
memorydb: MemoryDB for Redis with clusters, users, ACLs, snapshots
rds: Accept docdb and neptune engines on cluster + instance create
mq: Amazon MQ brokers, users, configurations
glacier: Amazon S3 Glacier with vaults, archives, jobs
appconfig: AppConfig + AppConfigData services
servicediscovery: AWS Cloud Map with namespaces, services, instances
xray: X-Ray service with trace ingest, summaries, service graph
application-autoscaling: Scalable targets, scaling policies, scheduled actions
backup: AWS Backup service with vaults, plans, selections, jobs
efs: Amazon EFS service with file systems, mount targets, access points
ui: EventBridge Pipes route and Lambda Event Sources tab
pipes: EventBridge Pipes service with SQS->Lambda runner
lambda: Region-aware poller with FilterCriteria, DLQ, stateful iterator
lambda: Extend ESM model and add UpdateEventSourceMapping
ui: Surface concurrency, global tables, live alarm state
ui: Add Resource Groups Tagging route
ec2: Real instance state machine + start/stop/reboot
cloudwatch: Real alarm state evaluation against metric data
lambda: Reserved + provisioned concurrency
dynamodb: Real CreateGlobalTable / UpdateGlobalTable
cognito: Record auth events and honor compromised-credentials
kms: Honor grants in authz evaluation
cognito: Enforce password policy and account lockout
s3: Persist each version as its own blob
s3: Full multi-version object history
s3: Add UploadPartCopy operation
s3: Assign and surface VersionId on writes when versioning is Enabled
resourcegroupstagging: Add Resource Groups Tagging API service
sqs: Round-trip BinaryValue in MessageAttributes
gateway: Silently 204 known browser probes
dynamodb: Add awsim-only TruncateTable op + UI button
dynamodb: Atomic Transact* over a single sqlite transaction (stage 5)
dynamodb: Drop in-memory items, sqlite is now authoritative (stage 4)
dynamodb: Read GetItem/Query/Scan/BatchGetItem from sqlite (stage 3)
dynamodb: Dual-write item + table ops to sqlite (stage 2 of refactor)
dynamodb: Scaffold sqlite-backed store (stage 1 of refactor)
awsim: Bound in-flight requests + warn before fd exhaustion
awsim: Bump NOFILE rlimit, dual-stack bind, async snapshot saves
apigateway: Wire HTTP / HTTP_PROXY in v1 stage proxy
apigateway: Wire stage invocation proxy for v1 REST APIs
apigateway: Full CRUD for v1 REST APIs + scope proxy under user_request
apigateway: Add v1 (REST APIs) handler alongside the v2 service
Replay any captured request from the inspect drawer
ui: Multi-variant theme picker (default/midnight/slate/solarized + light)
Capture per-request detail + add Inspect drawer
ui: Add vim-style keyboard shortcuts + help overlay
ui/sts: Add typed API + rebuild with caller-identity + assume-role + federation cards
ui/glue: Add typed API + rebuild with databases/tables/crawlers/jobs/connections tabs
ui/organizations: Add typed API + rebuild with accounts/OUs/SCPs tabs
ui/ses: Add send-email composer dialog
ui/ses: Rebuild with identities/config-sets/templates/contacts/suppression tabs
ui/cloudfront: Add origin-access/key-groups/public-keys/functions tabs
ui/cloudfront: Add typed API + rebuild with distributions+policies tabs
ui/datasync: Add typed API + rebuild with locations/tasks/executions tabs
ui/athena: Add typed API + rebuild with query editor + history
ui/ssm: Add maintenance-windows + ops-items tabs
ui/route53: Add typed API + rebuild with zones+records workspace
ui/ssm: Add typed API + rebuild with parameters/documents/activations tabs
ui/batch: Add typed API + rebuild with compute-env/queues/defs/jobs tabs
ui/polly: Add typed API + rebuild with voices/lexicons/synthesize panel
ui/elb: Add typed API + rebuild with LB/target-groups/listeners/rules tabs
ui/sso: Add typed API + rebuild with instances/permission-sets/assignments tabs
ui/cloudformation: Add typed API + rebuild with stack workspace + template viewer
ui/ecr: Rebuild page with decomposed repos+images split view
ui/bedrock: Add invoke playground for runtime API
ui/bedrock: Add provisioned/custom-models/knowledge-bases tabs
ui: Add typed API foundations for bedrock, ecr, ses + bedrock tabs (WIP)
ui/apigateway: Add typed API + rebuild from stub with full workspace
ui/ec2: Add typed API + rebuild with instances/sgs/keys/vpcs/subnets/volumes tabs
ui/scheduler: Add typed API + rebuild with schedules/groups tabs and cron preview
ui/appsync: Add typed API + rebuild with decomposed workspace
ui/waf: Add typed API + rebuild with WebACLs/RuleGroups/IPSets tabs
ui/acm: Add typed API + rebuild with detail sheet
ui/stepfunctions: Add typed API + decomposed workspace
ui/rds: Add typed API + rebuild RDS page with instance/snapshot tabs
ui/secrets: Add typed API + rebuild with show/hide + version history
ui/eks: Add typed EKS API + rebuild with decomposed tabs
ui/kms: Add typed API + rebuild with decomposed keys/aliases + encrypt-decrypt playground
ui/s3: Rebuild S3 page with decomposed components
ui/cloudtrail: Add typed API + rebuild with decomposed trails/events tabs
ui/firehose: Add typed API + rebuild with stream details + put record
ui/ecs: Add typed ECS API + rebuild with decomposed tabs
ui/cognito: Add JWT decoder panel
ui/cognito: Add typed API + rebuild with decomposed pool tabs
ui/dynamodb: Rebuild page with decomposed tabbed workspace
ui/kinesis: Add typed API + rebuild with stream+record explorer
ui/monitoring: Rebuild with decomposed metrics/alarms/dashboards tabs
ui/lambda: Point page at decomposed component workspace
ui/lambda: Rebuild page with decomposed function workspace
ui/iam: Add policy simulator tab (Simulate*Policy)
ui/eventbridge: Add typed API + rebuild with buses/rules/archives + send-event dialog
ui/iam: Rebuild page with decomposed users/roles/groups/policies
ui/monitoring: Add typed Metrics API + sparkline component
ui/cloudwatch: Add Insights query dialog
ui/sns: Add typed API + rebuild with decomposed topics/subs/publish
ui/dynamodb: Add typed DynamoDB API client
ui/cloudwatch: Add typed Logs API + rebuild with decomposed three-pane explorer
ui/sqs: Add typed API + rebuild with decomposed queue/messages workspace
ui/logs: Add Request Log page consuming SSE stream
ui/iam: Add typed IAM API client
ui/lambda: Add typed Lambda API client
ui: Add shared ServicePage / DataTable / EmptyState primitives
ui: Assemble dashboard home page
ui: Add insights panel component
ui: Add service status list component
ui: Add live request stream and detail sheet
ui: Add KPI card component
ui: Add dashboard formatting helpers and event types
ui: Replace home page with dashboard placehold...

Assets 7

24 Apr 08:52

github-actions

0.1.0

19d93dc

0.1.0

0.1.0 — 2026-04-24

Bug Fixes

bedrock: Correct REST routes to match SDK expectations
elb: Remove spurious *Result wrapper in operation responses
cloudfront: Add __xml_root markers to OriginRequestPolicy/KeyGroup/PublicKey/Function ops
ui: Accept optional MFA config in createUserPool API
core: Protocol/json serialization tweak
route53: Add __xml_root markers to Route53 responses
s3: Correct XML root elements for GetBucketTagging, ListParts, ListMultipartUploads
core: Use atomic writes for snapshots to prevent corruption
s3: Preserve trailing slash in object keys for folder markers
s3: Correct HTTP header names for ETag, Content-Type, VersionId etc.
s3: Promote ETag and other S3 fields to HTTP response headers
Raise body size limit to 100 MB for S3 uploads
cognito: Return Expiration as epoch float, add UserAttributes to AdminGetUser
cognito: Match JWT issuer claim to OIDC discovery issuer URL
ui: Commit missing UI changes — auth headers, ASL viewer component
ui: Merge username/email fields in Cognito — auto-detect email from input
ui: Polish Cognito page — fix disabled states, dropdowns, add visual improvements
ui: Add missing Authorization headers to all service pages
core: Robust auth parsing + path-based service detection fallback
core: Add debug logging for unresolved service routing
core: Add missing service target prefixes for Athena, Glue, ACM, WAF, ECR, ECS
kms: Accept epoch timestamp in DeletionDate test assertion
cloudformation: Add missing json! macro import in tests

Documentation

Add IAM enforcement guide and update guide pages
Remove IAM-not-enforced from out-of-scope, add enforcement section
Update Glue, Bedrock, AppSync, ACM service reference pages
Update CloudFormation, RDS, ECS, ECR service pages with new operations
Update service docs for secretsmanager, ssm, cloudwatch-logs, ec2
Update service pages with newly added operations
Enrich all service pages with examples, SDK snippets, and behavior notes
Add dedicated documentation pages for all 37 services
Add VitePress documentation site with guides and service reference
Add VitePress documentation site
Update out-of-scope list — remove services now implemented

Features

lambda: Add FunctionEventInvokeConfig operations
ui: Add 8 new services to sidebar navigation
ui: Add SSO Admin (Identity Center) console page
ui: Add Polly admin console page
ui: Add Organizations admin console page
ui: Add Firehose admin console page
ui: Add EKS admin console page
ui: Add DataSync admin console page
ui: Add CloudTrail admin console page
ui: Add Batch admin console page
authz: Wire Organizations SCP lookup into enforcement
glue: Expand operations and state types
ssm: Add activations, compliance, ops metadata, resource policies
core: Register 8 new services and route their target prefixes
sso-admin: Add Identity Center (SSO) service crate
polly: Add Polly text-to-speech service crate
datasync: Add DataSync service crate
firehose: Add Firehose data delivery service crate
eks: Add Kubernetes (EKS) service crate
organizations: Add AWS Organizations service crate
cloudtrail: Add CloudTrail audit log service crate
batch: Add AWS Batch service crate
core: Add SCP support to IAM enforcement
authz: Wire resource-policy lookups for S3, KMS, SQS, Secrets, Lambda
iam: Validate policy documents on write, real policy simulators
services: Wire iam_action/iam_resource mappings for 8 services
core,iam: Integrate IAM policy enforcement into gateway
iam-policy: Add awsim-iam-policy engine crate
s3: Add object lock, retention, legal hold, attributes, ListObjects v1
route53,cognito-identity,ses: Expand DNS, identity federation, email coverage
sns,sqs,secrets,scheduler: Reach full operation parity for messaging services
ecr,kinesis,kms: Add 39 ops covering registry, streaming, MAC, custom keystores
dynamodb: Add backups, exports, imports, kinesis streaming, resource policies
athena,glue,ecs,elb: Add 32 ops across analytics and compute services
waf,sts: Add WebACL associations, logging configs, federation tokens
appsync,bedrock,cloudfront: Add 52 ops across three services
cognito-idp: Add WebAuthn, terms, client secrets, legacy MFA settings
iam: Add 32 ops covering MFA, signing certs, service-specific creds, permissions boundaries
ssm: Add 29 new operations across patch baselines, automation, sessions, maintenance
conformance: Expand Cognito and IAM+DynamoDB conformance test coverage
iam: Add 10 new operations to raise coverage toward parity
dynamodb: Add 21 new operations to raise coverage from 24% toward parity
kinesis: Add 10 new operations for consumers, monitoring, encryption, and shard count update
scheduler: Add TagResource, UntagResource, ListTagsForResource
ssm: Add documents, associations, maintenance windows, OpsCenter
sns: Add 16 new operations for platform apps, push endpoints, phone numbers, and topic permissions
sqs: Add AddPermission, RemovePermission, StartMessageMoveTask, CancelMessageMoveTask, ListMessageMoveTasks
secretsmanager: Add ListSecretVersionIds and BatchGetSecretValue
kms: Add Sign/Verify, GetPublicKey, data key pairs, key import, tagging
s3: Add 35 new bucket operations (website, replication, analytics, metrics, tiering, inventory, ownership, public-access-block, accelerate, request-payment, SelectObjectContent)
acm: Add ImportCertificate, RenewCertificate, account config
athena: Add data catalogs, prepared statements, batch operations, table metadata
elb: Add target group/LB attributes, listener certs, modify operations
cloudfront: Add invalidations, cache policies, distribution config, OAIs
route53: Add DNS answer testing, DNSSEC, query logging, health check extras
appsync: Add types, functions, resolver updates, API key updates
bedrock: Add logging config, tagging, streaming stubs
glue: Add partitions, connections, job runs, tagging, search
ecr: Add lifecycle policies, repository policies, image scanning, layer ops
ecs: Add tagging, capacity providers, account settings, container agent ops
ec2: Add tagging, RunInstances, DescribeInstances, NAT/VPC endpoints stubs
stepfunctions: Add tagging, activities, task callbacks
cloudwatch-logs: Add subscription filters, metric filters, Insights queries
eventbridge: Add archives, connections, API destinations, replays
ssm: Add inventory, commands, labels
lambda: Add function URLs, tagging, permissions, account settings
secretsmanager: Add RotateSecret, GetRandomPassword, validation stubs
cloudformation: Add GetTemplateSummary, ListStackResources, SignalResource and more
kms: Add key rotation, grants, policies, GenerateRandom
s3: Add ACL, lifecycle, encryption, logging operations
dynamodb: Add DescribeEndpoints, TTL, tagging, continuous backups
sns: Add SMS stubs, verify batch publish and ConfirmSubscription
sqs: Add ChangeMessageVisibilityBatch, ListDeadLetterSourceQueues
cognito: Add persistence for Identity Pools
cognito: Add snapshot-based persistence for user pools
opensearch: Add msearch, update, updateByQuery, reindex, aliases, cluster health
Add S3 pre-signed URL support, Kendra attribute filters, Cognito user list filtering
s3: Add object-level tagging (PutObjectTagging, GetObjectTagging, DeleteObjectTagging)
opensearch: Implement Amazon OpenSearch with Elasticsearch-compatible REST API
kendra: Implement Amazon Kendra with indexes, documents, query, retrieval
comprehend: Implement Amazon Comprehend with entity detection, key phrases, sentiment
ui: Show IAM role claims in tokens, group precedence, Identity Pool role mapping editor
cognito: Add cognito:roles and cognito:preferred_role claims to JWT tokens based on group membership
cognito: Wire Identity Pool credential vending to IAM roles with role mapping rules
ui: Comprehensive IAM management console with policies, access keys, tagging
iam: Add policy versions, inline policy CRUD, attached policy listing, entity queries
ui: Fully editable Cognito settings with MFA, password policy, triggers, domain, providers
cognito: Add device tracking, branding, risk config, import jobs, provider linking (+48 operations)
cognito: Complete Identity Pools with all 23 operations
cognito: Add 40+ missing user pool operations (groups, resources, IdPs, domains, auth challenges)
cognito: Implement TOTP MFA and Lambda trigger invocation
cognito: PKCE, client secret validation, scopes, revoke endpoint, login page
ui: Comprehensive Cognito management console with auth testing and token inspector
sns: Implement subscription filter policies; test: add advanced integration tests
scheduler: Implement EventBridge Scheduler with schedules and schedule groups
waf: Implement WAF v2 with web ACLs, IP sets, rule groups
acm: Implement ACM with certificate request, validation, auto-issuance
sqs: Implement Dead Letter Queues, visibility timeout expiry, message retention
cloudwatch-metrics: Implement CloudWatch Metrics with alarms and dashboards
bedrock: Implement Bedrock with foundation models, guardrails, mock InvokeModel
appsync: Implement AppSync with GraphQL APIs, schemas, data sources, resolvers
glue: Implement Glue Data Catalog with databases, tables, crawlers, jobs
athena: Implement Athena with workgroups, query execution, named queries
cognito: Implement OAuth2/OIDC endpoints for hosted UI auth flows
...

Assets 8

Releases: QaidVoid/awsim

Nightly

Uh oh!

0.5.0

0.5.0 — 2026-06-02

Bug Fixes

Documentation

Features

Uh oh!

0.4.1

0.4.1 — 2026-05-11

Bug Fixes

Documentation

Features

Uh oh!

0.4.0

0.4.0 — 2026-05-08

Bug Fixes

Uh oh!

0.3.0

0.3.0 — 2026-04-30

Bug Fixes

Documentation

Features

Performance

Uh oh!

0.2.0

0.2.0 — 2026-04-29

Bug Fixes

Documentation

Features

Uh oh!

0.1.0

0.1.0 — 2026-04-24

Bug Fixes

Documentation

Features

Uh oh!