AWS cloud emulator

simfra

A single-container AWS simulator. All services on one port, real cross-service interactions, optional persistence to SQLite.

No AWS account required.

Get started Use cases

106services

5,808operations

Origin

The AWS emulator I relied on started moving features behind a paywall, and even then it didn't offer the depth of simulation I needed for another project. Developing against real AWS wasn't an option.

What started as a weekend experiment quickly got out of hand. A few services turned into 106, and here we are.

How it works

simfra isn't a collection of mocks. Services maintain real state, enforce real policies, and interact with each other the same way they do in AWS.

Cross-service delivery

SNS delivers to SQS. EventBridge routes to Lambda. CloudWatch alarms trigger SNS notifications. Services call each other the same way they do in AWS.

IAM policy enforcement

Identity policies, resource policies, permission boundaries, SCPs, and session policies are evaluated on every API call. iam:PassRole is checked. Service-linked roles are auto-created.

Real cryptography

KMS generates AES-256, RSA, ECDSA, and HMAC keys. Envelope encryption with data key caching. SQS, SNS, S3, DynamoDB, Kinesis, and CloudWatch Logs use it for server-side encryption.

Docker-backed compute

Lambda functions run in containers. EC2 instances backed by Docker. RDS runs real MySQL/PostgreSQL. EKS uses kind for real Kubernetes clusters. ElastiCache runs actual Redis.

Terraform-native

Set AWS_ENDPOINT_URL=http://localhost:4599 and run terraform apply. No skip flags, no special provider configuration, no endpoint blocks.

Web console

Built-in management console for browsing and managing resources. Multi-account, multi-region. Open localhost:4599 in a browser.

Get running in seconds

Infrastructure as code testing

API-only mode. Validate Terraform plans and test infrastructure modules without provisioning real resources.

terraform apply

Application development

Docker-backed services with persistence. Lambda runs your code, RDS runs real databases, EKS creates real Kubernetes clusters.

docker run

Cross-service integrations

These execute at runtime. When SNS delivers a message to SQS, the message actually appears in the queue.

All 106 services →

SNS→SQS, HTTP, Lambda

EventBridge→SQS, SNS, Lambda, Logs

CloudWatch Alarms→SNS

CloudTrail→S3, CloudWatch Logs

Secrets Manager→Lambda rotation

Step Functions→Lambda, SQS, DynamoDB

Scheduler→Lambda, SQS, SNS, ECS

Pipes→9 targets from SQS/Kinesis/DDB

Firehose→S3, Lambda transform

Lambda ESM→SQS, Kinesis, DDB Streams

CodePipeline→CodeBuild, CodeDeploy

SES v2→SNS, EventBridge, Firehose

S3→EventBridge

Config→Lambda, SNS

Cognito→Lambda triggers

CloudWatch Logs→Lambda, Kinesis, Firehose

Glue Crawlers→S3

AppFlow→S3

Bedrock Agents→Lambda

AppSync→Lambda, DynamoDB

Web console

Browse and manage resources through a built-in console at localhost:4599. Multi-account, multi-region.

localhost:4599

Availability

simfra is under active development. The architecture is still evolving and breaking changes are expected. Docker images and documentation are published, but the source code is not yet open source.

If you'd like access to the source, reach out with your use case. Bug reports and feature requests are welcome on the GitHub repository.

Get in touch

Questions or feedback?

Whether you're evaluating simfra for your team or want to report an issue, we'd love to hear from you.