amplify-hosting icon indicating copy to clipboard operation
amplify-hosting copied to clipboard

Published 20 hours ago verified publisher icon aws-amplify

How to access secrets in the nodeJS back end code (AWS Amplify Gen 2)?

Open swbergmann opened this issue 9 months ago • 5 comments

Environment information

I am using NextJS with Amplify Gen 2 and
- created nextjs application via npx create-next-app myapp
- installed all amplify packages via npm create amplify@latest -y
- started the amplify sandbox via npx ampx sandbox
- set two secrets in the AWS Amplify website: Hosting / Secrets (to be used for all branches)

Nothing special about my environment.

Describe the bug

If the application runs locally the access of the secrets works because they are stored in a local .env file. If I hard code the secrets into the application code, it works locally as well as hosted on AWS Amplify Gen 2 (via the deployed URL).

The only scenario that does NOT work is to access the secrets in the application hosted on AWS Amplify Gen 2 (via the deployed URL) from the contact.ts file as shown in the screenshot. Please provide concrete information on how to access the secrets in a running production application using Amplify Gen 2. What concrete setup of files and content is necessary?

Reproduction steps

Reproduction steps: In my application I want to access the secrets created in the AWS Amplify website: Screenshot 2025-01-01 at 23 53 09

In your current (01/01/2025) official documentation - Access secrets there is NO example of how to access a secret from any other function than "defineAuth". However I am not using "defineAuth".

In another bug report () someone wrote that "defineFunction" should be used, so I followed your documentation - Set up a function as described in my screenshots, but still it was not possible to access the secrets in my application code.

resource.ts file with entry point. Apparently only within "defineFunction" the secret() works to access the secret. Screenshot 2025-01-02 at 00 02 36

handler.ts file, code is copied directly from your documentation (Set up a function). I have no idea what "function code" should be here - according to your documentation there should be some code. Screenshot 2025-01-02 at 00 02 53

backend.ts file, I added the "loadSecrets" to this file, as documented in "Set up a function". Screenshot 2025-01-02 at 00 03 05

This is the back end API where I need to use the secrets i.e. line #5 and #6 Screenshot 2025-01-02 at 00 11 14

swbergmann avatar Jan 01 '25 23:01 swbergmann