REMINDER
Rotating/Changing API Key
-
Hello everyone,
I accidentally uploaded a screenshot of a UI where the API key was visible to a public site. I took it down almost immediately, but I have to rotate the API key to sleep better at night.
I am aware of the "Generate new APIKey" feature, but I want to know 'what' is going to break that I might not be aware of.l
What I'm sure will break:
- Any third-party (non-appdrag) integrations
What I'm not sure will break:
- Scheduled tasks that require use of the API Key
Anything else I'm missing??
-
Hi,
All your functions using AppDrag CloudBackend package (https://www.npmjs.com/package/appdrag-cloudbackend) will require you to republish them as it's used to auth your App (with the combination of AppID and APIKey)
-
Thanks @Wassim that helps.
Does that mean the environment vars are 'hardcoded' into the version of the script that is published?
-
@Daniel-Mulroy yes indeed, FYI it's also an option since recently to use global context vars, this way no need to republish each function after a key rotation
-
Thanks. @Wassim what's the correct procedure to "republish" the function? Do I have to re-save and change the published version to force the update?
-
Hey Daniel, indeed, you have to resave each function individually, this will rebuild them with the latest env vars (and API Key)
I recommend you to do that outside of business hours of course -
@Daniel-Mulroy said in Rotating/Changing API Key:
Thanks @Wassim that helps.
Does that mean the environment vars are 'hardcoded' into the version of the script that is published?
more info here :
https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.htmlYou define environment variables on the unpublished version of your function. When you publish a version, the environment variables are locked for that version along with other version-specific configuration.
