amplify-cli icon indicating copy to clipboard operation
amplify-cli copied to clipboard
verified publisher icon aws-amplify

amplify/cli AWS-EXPORTS.JS in GEN1 and GEN2 apps

Open PixelJunkie33 opened this issue 1 year ago • 3 comments

What is the best way to handle aws-exports.js file that is auto generated with the backend? Does this file contain sensitive data, should it remain in the public directory view or in a secret file for example :


 **You simply store aws-exports.js contents in an environment variable called "secretfile", and then use it inside amplify.yml like this

version: 1
frontend:
  phases:
    preBuild:
      commands:
        - npm ci
    build:
      commands:
        - echo $secretfile > ./src/aws-exports.js
        - npm run build
  artifacts:
    baseDirectory: build
    files:
      - '**/*'
  cache:
    paths:
      - node_modules/**/***

PixelJunkie33 avatar Oct 11 '24 11:10 PixelJunkie33

@PixelJunkie33 the aws-exports file does contain sensitive information and should not be committed to a public repository. Transferring this to the Amplify CLI team for further assistance.

esauerbo avatar Oct 14 '24 14:10 esauerbo

Is the example I shared for configuring amplify.yml in the AWS browser console aligned with AWS guidance and best practices for handling aws-exports.js during deployment?

PixelJunkie33 avatar Oct 15 '24 08:10 PixelJunkie33

Hey @PixelJunkie33, thank you for reaching out. Refer to the files and folders documentation providing information on this file. The file should get auto-generated when running amplify pull or push. Could you provide us some information on your use case? for example, are you trying to utilize an existing backend environment in a different/new application?

ykethan avatar Oct 15 '24 19:10 ykethan

Hey @ykethan thank you!! My application is the run of the mill JS full stack- amplify deployment app. This particular project collects a lot of sensitive data. So ensuring i's are doted and t's are crossed is key.

PixelJunkie33 avatar Oct 20 '24 05:10 PixelJunkie33

@PixelJunkie33 the document linked files and folders should provide information on the files that need to be excluded or can be included. Additionally, if this is a new application i would suggest using Amplify Gen 2.

Closing the issue for now, but do reach out on a new issue if you require any assistance.

ykethan avatar Oct 22 '24 21:10 ykethan

This issue is now closed. Comments on closed issues are hard for our team to see. If you need more assistance, please open a new issue that references this one.

github-actions[bot] avatar Oct 22 '24 21:10 github-actions[bot]