I followed the documentation on creating api keys for my api. After sls deploy, I see that the key was created in api gateway, however it is not associated with any particular api. All the endpoints I marked as private in serverless.yml did have their “API key Required” flag set to true, and the key itself was created, but it is not associated with the api. Is there another property I need to set in serverless.yml? Or, do I need to “hook up” the api key manually?
Has someone verified that this is a problem, or am I simply doing something wrong. Any info would be appreciated.
I’m having the same problem.
Can you post the serverless.yml
files you are using?
I simply added apiKeys property to the serverless.yml file and set the private attribute to true for all the api methods that needed it.
I also tried adding UsagePlan to resources and was able to create a UsagePlan but couldn’t connect the key to the plan.
This is still an issue.
The serverless documentation says that as a result of a CloudFormation limitation, I have to manually connect my api keys to a usage plan. However, according to the CloudFormation documentation, it seems pretty trivial to connect the two. Is this problem really a CloudFormation limitation? If its not, can we get this fixed sooner rather than later? One of my main goals is to be able to create an api without performing manual steps.
Can you share your serverless.yml
(at least just the relevant snippet) as @DavidWells mentioned above?
i already removed everything that I was using to try to do it using serverless. Severless documentation already states that it is not possible to connect an api key to a usage plan. The only thing I am doing now is using serverless to create the usage plan, and the api key. I then connect the two together using the aws console:
UserDbUsagePlan:
Type: AWS::ApiGateway::UsagePlan
DependsOn: ApiGatewayRestApi
Properties:
Description: My Usage plan.
UsagePlanName: my-usage-plan
What I was trying to do is using the resources section of the serverless.yml file and create the resources according to aws documentation:
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-apikey.html
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplan.html
I tried several different approaches, but it seemed to come down to the fact I couldn’t get the proper stageId nor could I get a reference to the keyId of the newly created apiKey.
I haven’t used API Keys personally, so just coming at it from a CFN angle here.
You should be able to Ref
the automatically generated logical ID (i.e. the API Key, which looks like ApiGatewayApiKey{SequentialID}
) to use it in your UsagePlan
in the resources
section of your serverless.yml
, no?
Well, it is working now.
-
Thanks for pointing out the APiGatewayApiKey{SequentialID}. I guess I didn’t really understand the serverless documentation regarding the logical Id naming conventions until you pointed this out.
-
AWS’s documentation regarding AWS::ApiGateway::UsagePlan, can’t be followed exactly according to the YAML example. They use a Ref: StageName. Can’t use Ref. If you do, serverless fails to create the script. I think if the serverless documentation didn’t say that connecting the keys to the plans wasn’t possible, I wouldn’t have given up so easily when I hit this error the first time.
-
Below is what I ended up with:
provider:
name: aws
runtime: nodejs4.3
stage: dev
apiKeys:
- MyApiKey
resources:
Resources:
ApiGatewayRestApi:
Type: AWS::ApiGateway::RestApi
Properties:
Name: my-service-api
MyUsagePlan:
Type: AWS::ApiGateway::UsagePlan
DependsOn: ApiGatewayApiKey1
Properties:
UsagePlanName: my-usage-plan
ApiStages:
- ApiId:
Ref: ApiGatewayRestApi
Stage: ${self:provider.stage}
MyUsagePlanKey:
Type: AWS::ApiGateway::UsagePlanKey
DependsOn: MyUsagePlan
Properties :
KeyId:
Ref: ApiGatewayApiKey1
KeyType: API_KEY
UsagePlanId:
Ref: MyUsagePlan
Making MyUsagePlan dependent upon ApiGatewayApiKey1 was also key. Without it, the attempt to create the plan always happened too soon and cloudformation would fail (API Stage not found). Again, if the serverless documentation didn’t state that connecting the key to the plan wasn’t supported, I wouldn’t have given up so soon when I hit this error the first time.
Thank you for sharing Shawn! However, it isn’t clear to me whether you are also using the serverless.yml file to create the API Keys or does this assume that they already exist?
Can you share a complete file so that we can also see how you are referring to the keys (in the provider section and/or in the functions section)?
So close!!!
The example i shared is from my severless.yml file.
However, this is an old post and my solution is no longer needed. The current version of serverless handles everything automatically.
can you please share how to reuse existing apikey with latest version?