1.5.27

🎉 Highlights

This release adds four new services (S3 Vectors, MemoryDB, CodePipeline, EC2 Network ACLs), brings Neptune openCypher via neo4j, lands meaningful DynamoDB conformance work, and ships state persistence across restart for ECS, CodeBuild, and Config. SAM-driven CloudFormation patterns also get a substantial boost. Welcome to the 7 first-time contributors.

🆕 Four new services

• AWS S3 Vectors — vector search service support (#1435)
• Amazon MemoryDB — with mock mode (#1420)
• AWS CodePipeline — emulation lands (#1469)
• EC2 Network ACLs — VPC network ACL support (#1473)

🕸️ Neptune: openCypher via neo4j

Neptune now supports a neo4j backend for openCypher queries, selectable via NEPTUNE_DB_TYPE (#1449). The existing Gremlin-via-TinkerGraph backend remains in place, so graph workloads using either query language work locally.

🪨 DynamoDB conformance pass

A coordinated DynamoDB pass:

• TableId, TableClass, and OnDemandThroughput support, plus deletion-protection error fix (#1457)
• Expression validation: redundant parens rejected, contains() duplicate operands rejected, begins_with non-string rejected (#1442)
• ExclusiveStartKey validated against the key schema (#1443)
• Limit caps scanned items, index scans carry a full cursor (#1456)

💾 State persistence across restart

ECS, CodeBuild, and AWS Config now persist durable resources via StorageBackedMap (#1514, #1515, #1516). Combined with the 1.5.24 storage-backed maps foundation and the 1.5.26 EC2 state persistence, Floci's restart story is significantly stronger.

🧱 CloudFormation: SAM improvements

Two notable SAM-related improvements:

• Implicit API Gateway generated from SAM Api events (#1438)
• SAM Globals merged into resource properties (#1427)

This brings SAM templates that rely on implicit APIs and global defaults much closer to real CloudFormation behavior.

🔐 Cognito + Secrets Manager

• Cognito: token revocation implemented for AdminUserGlobalSignOut (#1407)
• Secrets Manager: automatic secret rotation lifecycle (#1467)

✨ New Features

New services

• feat(s3vectors): add S3 Vectors service support by @kapoorp99 in #1435
• feat(memorydb): add MemoryDB service with mock mode by @ahmedk20 in #1420
• feat(codepipeline): add AWS CodePipeline emulation by @kotov228 in #1469
• feat(ec2): add Network ACL support by @awsvigilante in #1473

Service expansions

• feat(neptune): support neo4j backend for openCypher via NEPTUNE_DB_TYPE by @slang25 in #1449
• feat(dynamodb): TableId, TableClass, OnDemandThroughput; fix deletion-protection error by @hectorvent in #1457
• feat(secretsmanager): implement automatic secret rotation lifecycle by @9046balaji in #1467
• feat(ses): support v2 dedicated IP pools and configuration-set option groups by @okinaka in #1412
• feat(ses): support v1 ConfigurationSet tracking and reputation-metrics options by @okinaka in #1479
• feat(cloudformation): generate implicit API Gateway from SAM Api events by @vishalgoyal-home24 in #1438

🐛 Bug Fixes

DynamoDB

• fix(dynamodb): reject redundant parens, contains() duplicate operands, begins_with non-string by @hectorvent in #1442
• fix(dynamodb): validate ExclusiveStartKey against the key schema by @hectorvent in #1443
• fix(dynamodb): Limit caps scanned items and index scans carry a full cursor by @hectorvent in #1456

Persistence

• fix(ecs): persist durable resources via StorageBackedMap by @hectorvent in #1514
• fix(codebuild): persist projects, report groups, and source credentials by @hectorvent in #1515
• fix(config): persist config rules, conformance packs, recorders, channels, tags by @hectorvent in #1516
• fix(acm): restore ACM certificates after restart by ignoring computed getters (#1428) by @mansiverma897993 in #1440

CloudFormation

• fix(cloudformation): merge SAM Globals into resource properties by @vishalgoyal-home24 in #1427
• fix(cfn): support OAuth and callback configurations in UserPoolClient by @mansiverma897993 in #1458
• fix(cfn): delete EC2 security groups by @codingkiddo in #1472

EC2 / DocDB / Neptune lifecycle

• fix(ec2): omit empty stateReason element in DescribeInstances by @JosemAVSG in #1410
• fix(ec2): user data logging by @Preston-Cai in #1474
• fix(docdb, neptune): stop containers and proxies on emulator shutdown by @ahmedk20 in #1452

Cognito / Athena / RDS / API Gateway v2

• fix(cognito): implement token revocation for AdminUserGlobalSignOut by @9046balaji in #1407
• fix(athena): add partition keys to table metadata response by @kazamage in #1454
• fix(rds): PostgreSQL proxy ignoring requested database name by @afahey03 in #1480
• fix(apigatewayv2): cascade-delete child resources and 404 references to deleted parents by @marvikomo in #1300

Auto Scaling / SSM / UI

• fix(autoscaling): reject launch templates without image IDs by @jvanzyl in #1451
• fix(ssm): reject send-command timeouts below AWS minimum by @jvanzyl in #1511
• fix(floci-ui): resolve readiness probe URL from container endpoint by @slang25 in #1471
• fix(ui): register StatusResponse for native-image reflection by @hectorvent in #1441

🧰 Refactors & Tests

• refactor(kms): use enums for type safety; add algorithms to key metadata by @mhayen in #1430
• test(ec2): stop describeDefaultSecurityGroup flaking on shared store by @hectorvent in #1477

👋 New Contributors

A warm welcome to everyone making their first contribution to Floci:

• @JosemAVSG in #1410
• @kazamage in #1454
• @mhayen in #1430
• @kotov228 in #1469
• @afahey03 in #1480
• @awsvigilante in #1473
• @Preston-Cai in #1474

Full Changelog: 1.5.26...1.5.27