Goal: Instead of setting up a complex API Gateway, use Lambda Function URLs to quickly expose a synchronous HTTP endpoint for web clients. Because LocalStack generates custom subdomains that your local DNS might not recognize, we will use an HTTP Host header trick to route the request successfully.
# 1. Create a Function URL configuration (No auth for testing)
FUNC_URL=$(awslocal lambda create-function-url-config \
--function-name ServerlessProcessor \
--auth-type NONE \
--query 'FunctionUrl' --output text)
FUNC_URL=$(aws lambda create-function-url-config \
--function-name ServerlessProcessor \
--auth-type NONE \
--query 'FunctionUrl' --output text)
# 2. Grant public access to invoke the URL
awslocal lambda add-permission \
--function-name ServerlessProcessor \
--action lambda:InvokeFunctionUrl \
--statement-id FunctionURLAllowPublicAccess \
--principal "*" \
--function-url-auth-type NONE
aws lambda add-permission \
--function-name ServerlessProcessor \
--action lambda:InvokeFunctionUrl \
--statement-id FunctionURLAllowPublicAccess \
--principal "*" \
--function-url-auth-type NONE
echo "Your LocalStack Lambda URL is: $FUNC_URL"
# 3. Extract the hostname to bypass local DNS routing issues
# This strips out the 'http://' and trailing '/' to isolate the raw hostname
HOST_NAME=$(echo $FUNC_URL | awk -F/ '{print $3}' | awk -F: '{print $1}')
# 4. Test the synchronous invocation via cURL using the Host header workaround
# We send the request to localhost directly, but tell LocalStack which function to trigger via the Host header
curl -H "Host: $HOST_NAME" http://localhost:4566/- Lambda Function URLs: A built-in HTTP(S) endpoint for your Lambda function. It's the simplest way to configure an HTTPS endpoint for your function without the overhead of API Gateway or ALB.
- Synchronous Invocation: When you invoke a function using a Function URL, the client waits for the function to process the request and return a response.
- Resource-Based Policies: Using
add-permissionallows you to grant specific entities (like the public*) the right to invoke your function's URL. - LocalStack DNS Workaround: LocalStack uses subdomains (e.g.,
http://<id>.lambda-url.us-east-1.localhost.localstack.cloud:4566) which may not resolve on all local machines. Using theHostheader allows you to route the request to the correct function while sending the traffic tolocalhost:4566. - Use Cases:
- Webhooks.
- Simple APIs.
- Single-function web applications.
lambda create-function-url-config: Creates a Function URL for a specific Lambda function.--function-name: The name of the function.--auth-type: The type of authentication (e.g.,NONEorAWS_IAM).
lambda add-permission: Adds a statement to the function's resource-based policy.--action: The action to allow (e.g.,lambda:InvokeFunctionUrl).--statement-id: A unique identifier for the policy statement.--principal: The entity granted permission (e.g.,*for public).--function-url-auth-type: Must match the auth type of the URL config.
💡 Pro Tip: Using aws instead of awslocal
If you prefer using the standard aws CLI without the awslocal wrapper or repeating the --endpoint-url flag, you can configure a dedicated profile in your AWS config files.
Add the following to your ~/.aws/config file:
[profile localstack]
region = us-east-1
output = json
# This line redirects all commands for this profile to LocalStack
endpoint_url = http://localhost:4566Add matching dummy credentials to your ~/.aws/credentials file:
[localstack]
aws_access_key_id = test
aws_secret_access_key = testYou can now run commands in two ways:
Option A: Pass the profile flag
aws iam create-user --user-name DevUser --profile localstackOption B: Set an environment variable (Recommended)
Set your profile once in your session, and all subsequent aws commands will automatically target LocalStack:
export AWS_PROFILE=localstack
aws iam create-user --user-name DevUser- Precedence: The AWS CLI (v2) supports a global
endpoint_urlsetting within a profile. When this is set, the CLI automatically redirects all API calls for that profile to your local container instead of the real AWS cloud. - Convenience: This allows you to use the standard documentation commands exactly as written, which is helpful if you are copy-pasting examples from AWS labs or tutorials.