serverless-offline
serverless-offline copied to clipboard
dherault
Serverless offline is not using apiKeys specified in serverless.yml
Bug Report
If i start the lambda with sls offline, I am unable to make a post request to endpoint /api/test. I am getting an unauthorized 403 error. However, I can successfully make a post request if run sls offline --apiKey my-api-key. Is this the intended behavior? I would assume that sls offline would read and register the apiKeys provided in the serverless.yml file and that I wouldn't have to run sls offline --apiKey my-api-key.
service: test
provider:
name: aws
runtime: python3.7
apikeys:
- value: my-api-key
functions:
hello:
handler: handler.main
events:
- http:
method: post
path: /api/test
private: true
plugins:
- serverless-python-requirements
- serverless-offline
custom:
pythonRequirements:
dockerizePip: non-linux
dockerSsh: true
useStaticCache: false
serverless-offline:
httpPort: 4001
Also this behavior is not respected. No matter what, it generates an apiKey randomly and I have to use that one on a private flagged http function
https://www.serverless.com/framework/docs/providers/aws/events/apigateway#setting-api-keys-for-your-rest-api
# api keys (values must be at least 20chars long)
apiGateway:
apiKeys:
- name: ${self:service.name}-${opt:stage, 'dev'}-apiKey
value: ${ssm:/aws/reference/secretsmanager/myapp/dev/apiKey}
This may not help everyone, but you can explicitly set an apiKey to be used by serverless offline.
custom:
serverless-offline:
apiKey: ${env:API_KEY}
provider:
name: aws
apiGateway:
apiKeys:
- ${env:API_KEY}
I want to tackle this issue next. it looks like the flag (option) for setting an apiKey is really not needed, as it can be done with the serverless config itself (as your example is outlining above). it is possible that the apikeys key/value pair in the provider.apiGateway section was not introduced yet in serverless when support was implemented in serverless-offline.
