Document how to update AppSync API key #1450
Comments
|
@lorensr As a best practice - from the AppSync service, APIKeys should be used in development mode for a short period of time (7 days is recommended which Amplify provides as default). But if you want to customze it, you can use the various parameters available to you by Amplify. Take a look at this reference - https://aws-amplify.github.io/docs/cli/graphql#apikeyexpirationepoch |
kaustavghosh06
added
graphql-transformer-v1
|
@kaustavghosh06 I'm seeing the below, which I imagine works with an existing valid api key? Mine is expired and gone from settings. I'm looking for docs saying how I can tell amplify about the new api key I created.
|
|
@lorensr Did you create the API Key on the console? |
|
In the 'parameters.json |
|
Ah thanks, it's not clear to me from the docs that in the first and third cases, a new api key is automatically created if the current has already expired. |
|
Okay, I'll create an internal request for updating the docs to reflect this. Thank you for bringing this up! |
|
I'm having a similar issue. In the AppSync console I have this message "You don't have any available API keys, please create one under the section API keys." |
|
I am having the same issue, but cannot simply push to resolve it, even with the parameters.json file update.
Is there nay advice you can give on getting things back in sync between the amplify CLI tooling and the CloudFormation deployment? |
|
I'm having an issue with this aswell. After updates |
|
Hey Karl! Have you tried setting APIKeyExpirationEpoch to "0" in
parameters.json?
…On Tue, Jun 4, 2019 at 6:50 PM Karl Danninger ***@***.***> wrote:
I'm having an issue with this aswell. After updates aws-exports i see the
old key in the logs after an amplify push
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#1450?email_source=notifications&email_token=AAB5LGEWZGIEYDXNOT64AJ3PY3WU5A5CNFSM4HMT62LKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODW6C3NY#issuecomment-498871735>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAB5LGHRMHMVBOQ62JZWT3TPY3WU5ANCNFSM4HMT62LA>
.
|
|
Hey @lorensr ❤️that worked. Thanks! I set it to One potential bug I've noticed is if I |
|
any updates |
Yeah I got it to work. You have to add "APIKeyExpirationEpoch": "-1" to the JSON Object in the parameters.json file. Other people in this thread said just change the value to -1, but my json object didn't even have the "APIKeyExpirationEpoch" property, so if it doesn't have it just add it. There are many parameter.json files, but the one I added this to was the backend -> api parameters.json file |
|
I was able to change an expired api key in amplify by...
This worked without an amplify error. |
|
All the steps above for me have failed. The GraphQL ApiKey will not reset no matter if I set the epoch setting to 0, -1 or "0" or "-1".... This is really frustrating. |
|
@kaustavghosh06 Does anyone have any updates on a solid fix for this please? I have tried all of the suggestions on this thread as well as the reference above (#954) and none of them have worked. The only solution that I have at the minute is to completely delete my entire amplify setup every week and then recreate it. Obviously this is less than ideal, and will not work at all in production. Does anyone know if AWS are thinking of fixing this issue? Surely this should be top of the list, as it is a huge flaw in the system and makes Amplify completely unusable? |
|
I'm having the same issue, @ph0ph0, I've tried all the suggestions as well with no success. Did you ever end up finding a fix? |
|
@CyanCode - try adding both then run Worked for me in |
|
Thanks @joekickass, this worked for me in amplify version |
|
Looks like |
|
Tried settings recommended by @joekickass: Abort Deleted expired key from AppSync, set |
|
Based on the official docs this is what you need to do to rotate keys.
https://aws-amplify.github.io/docs/cli-toolchain/graphql#apikeyexpirationepoch |
|
Updated link for the above comment is https://docs.amplify.aws/cli/graphql-transformer/config-params#apikeyexpirationepoch. |
|
I think this is the correct link |
This worked for me after an initial step of disabling API access to my lambda functions first. |
|
At this point I am able to just cycle the key with |
|
Hi, I do not understand why it is not possible to have an api_key without expiration for public datas ? |
|
https://docs.amplify.aws/cli/graphql-transformer/config-params#createapikey As mentioned here, I had to set The property should be added in
|
|
@rudyhadoux the 'CreateAPIKey' parameter will automatically set the expiration date to one week after you create it. I am not quite sure if I answered that question correctly. |
|
This issue has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs. Looking for a help forum? We recommend joining the Amplify Community Discord server |
It seems like the default DX if you add a GraphQL API w/ API key auth is that
amplify pushstops working after 7 days. I can create a new API key in AppSync Settings page, but I'm not finding documentation about how to give the new key toamplify.Alternatively, if
amplifyauto generated new keys to use, that'd be better. Looks like was added with #446, but it's either not working or not enabled by default.The text was updated successfully, but these errors were encountered: