serverless-offline
serverless-offline copied to clipboard
dherault
Specifying custom API key when used with usage plans
Hi - I am experiencing an issue when trying to specify an API key for private endpoints. Our API keys are linked to usage accounts and have been setup following https://www.serverless.com/framework/docs/providers/aws/events/apigateway#setting-api-keys-for-your-rest-api, under the "You can also setup multiple usage plans for your API. In this case you need to map your usage plans to your api keys. Here's an example how this might look like:" section.
Note this is working successfully as expected when deployed to AWS - the issue being experienced only occurs when running with serverless-offline.
Our application uses a serverless.ts file with various imports to separate out parts. So rather than reference the serverless.yml file I've put the results of the sls print command below.
I am currently using version 11.1.3 of serverless-offline.
Configuration
Results from sls print
service: ....
frameworkVersion: '3'
configValidationMode: error
plugins:
- serverless-auto-swagger
- serverless-esbuild
- serverless-offline
- serverless-iam-roles-per-function
provider:
name: aws
runtime: nodejs14.x
region: eu-west-2
profile: serverlessUser
apiGateway:
minimumCompressionSize: 1024
shouldStartNameWithService: true
apiKeys:
- developmentPlan:
- name: integration_test_key
description: To be used for integration tests only
value: API_KEY_VALUE_FOR_INTEGRATION_TESTS_TO_BE_USED_BY_SERVERLESS_OFFLINE
enabled: true
- productionPlan:
- name: production_key
description: To be used for production environment
enabled: false
usagePlan:
- developmentPlan:
quota:
limit: 500
period: DAY
throttle:
burstLimit: 200
rateLimit: 20
- productionPlan:
quota:
limit: 200
period: WEEK
throttle:
burstLimit: 50
rateLimit: 10
environment:
AWS_NODEJS_CONNECTION_REUSE_ENABLED: '1'
NODE_OPTIONS: '--enable-source-maps --stack-trace-limit=1000'
deploymentBucket: .....
stage: dev
versionFunctions: true
deploymentBucketObject:
....
functions:
....
package:
...
resources:
...
custom:
esbuild:
bundle: true
minify: false
sourcemap: true
exclude:
- aws-sdk
target: node14
define: {}
platform: node
concurrency: 10
....
serverless-offline:
apiKey: iAmAKeyForIntegrationTestsAndShouldOnlyBeUsedForSuch
Behaviour
Running serverless offline shows that the API key being generated is a random value.
Offline [http for lambda] listening on http://localhost:3002
Function names exposed for local invocation by aws-sdk:
.......
Remember to use 'x-api-key' on the request headers.
Key with token: 'd41d8cd98f00b204e9800998ecf8427e'
Desired behaviour is to have the the value API_KEY_VALUE_FOR_INTEGRATION_TESTS_TO_BE_USED_BY_SERVERLESS_OFFLINE used for the x-api-key header
Attempts
I have tried the --apiKey cli parameter as per documentation. However this appears to have been deprecated and is resulting in a
Error:
Detected unrecognized CLI options: "--apiKey".
I have also tried adding the override to the custom section of the serverless file
custom:
serverless-offline:
apiKey: API_KEY_VALUE_FOR_INTEGRATION_TESTS_TO_BE_USED_BY_SERVERLESS_OFFLINE
but still experience the random API key being used
I am currently using version 11.1.3 of serverless-offline. ... I have tried the --apiKey cli parameter as per documentation. However this appears to have been deprecated and is resulting in a
serverless-offline removed --apiKey as a cli parameter as part of v11.0.0. I believe the documentation on https://www.serverless.com/plugins/serverless-offline to be out of date.
MIGRATION: if you want to specify the apiKey value yourself, please define it under provider.apiGateway.apiKeys in the serverless config
I believe @dnalborczyk's response should provide more insight: https://github.com/dherault/serverless-offline/issues/1608#issuecomment-1306200311
