Amplify-cli: [Feature] Inject the GraphQL API Id Output to all the Lambdas

I like this idea. The endpoint would also be useful. @kaustavghosh06 can you look into what is needed to push it into the function category?

The generated template in amplify\backend\awscloudformation\nested-cloudformation-stack.yml should pass the GraphQL API Id Output to all the Lambdas as a parameter.

The problem is, that when we create a new env, the generated file is generated :D And the changes are not there anymore?

amplify\backend\awscloudformation\nested-cloudformation-stack.yml is re-generated in every amplify push/publish and others, so, yes, changes added manually will be gone.

It's so cool feature. I would like to inject cognito user pool id too.

Is there any workaround for this??
I I'm setting it manually for now, unfortunately it is removed by amplify publish 😭

Is there way to use like cloudformation's parameters option with push and publish?

[edited]
Hmm, should I use AWS system managers for now?

"Environment": {
    "Variables": {
        "APIID": {
            "Fn::Join": [
                "",
                [
                    "{{resolve:ssm:apiid",
                    "-",
                    {
                        "Ref": "env"
                    },
                    ":1",
                    "}}"
                ]
            ]
        }
    }
},

@bokuweb, yes, you can use AWS System Manager Parameter Store. For a stack that is already created, it will work. But it won't work to create a new stack.

But it won't work to create a new stack.

I see. You're right 😭

Would be a great feature. We are currently hardcoding this within the lambda stacks but setting up a new environment is quiet challenging this way.

@kstro21, you can provide the GraphQLApiIdOutput to the lambdas, just follow something similar to what I mention here: https://github.com/aws-amplify/amplify-cli/issues/1481#issuecomment-493603180

@zjullion that looks like dark magic, lol. I'm with @plaa's comment, how is this functionality hidden and undocumented?. Is it gonna be removed? Editing backend-config.json is safe? I mean, changes won't get lost by running amplify push/publish or others commands?

Anyway, I'm going to give it a try, thanks.

@zjullion that looks like dark magic, lol. I'm with @plaa's comment, how is this functionality hidden and undocumented?. Is it gonna be removed? Editing backend-config.json is safe? I mean, changes won't get lost by running amplify push/publish or others commands?

Anyway, I'm going to give it a try, thanks.

let us know :)

how is this functionality hidden and undocumented?.

I'm not sure why the amplify-cli team has not documented it. I'm just a contributor here (like you!)

Is it gonna be removed? Editing backend-config.json is safe?

I can't say for certain, but I think it's fairly safe. When you add / remove resources via amplify cli, this is the file that gets edited. As well, you'll see dependsOn is used between auth and api resources.

I mean, changes won't get lost by running amplify push/publish or others commands?

For certain, the changes won't get lost.

Just remember to always do an 'amplify env checkout ` after editing the file.

As well, this file can be used to add 100% custom resources to amplify: https://github.com/aws-amplify/amplify-cli/issues/80#issuecomment-492428916

thx @zjullion, I have to try this too, for sure.

Today we released an updated flow as a part of the functions category to pass resource identifiers like the cognito userpool ID or graphql ID (managed and generated by the Amplify CLI) to a lambda function as environment variables and also populate the corresponding lambda execution role to access these resources. You can install the latest version of the CLI and go through the amplify update function flow to update your existing functions to access your Amplify generated resources in the project. We also launched the functions directive today - https://aws-amplify.github.io/docs/cli/graphql#function which should help with this use case.

@kaustavghosh06 I did amplify update function. It asks me select one of the category Like hosting, auth,.. etc. I just need Graphql ID to generate table name and i don't want give my function permission to access appsync api. Is there any way to do it. Thanks

Confirmed that what @zjullion shows in https://github.com/aws-amplify/amplify-cli/issues/1481#issuecomment-493603180 works. It is the same approach used when running amplify function update commented by @kaustavghosh06 in https://github.com/aws-amplify/amplify-cli/issues/1099#issuecomment-497212996

The name of the resulted stack parameter doesn't look nice, but it will do the job.

What I don't like is that invoking amplify function add doesn't list the resources so we can add permissions to the Lambda, after creating the Lambda, we need to invoke amplify function update.

Also, I quite don't understand why to add an environment variable named REGION with the region where the Lambda is when there is a default reserved environment variable named AWS_REGION that contains the same value. See the list here

@kaustavghosh06 why this issue was closed man? _"Today we released an updated flow as a part of the functions category to pass resource identifiers like the cognito userpool ID ..."_ where are the docs (your link is taking me to amplify home page)? I saw this same comment from you many times here in many issues, sorry dude but we're not clairvoyant, we just want to use amplify. Thanks.

@LucasAndrad I've mentioned the solution in my comment above - https://github.com/aws-amplify/amplify-cli/issues/1099#issuecomment-497212996
Were you stuck following those steps? Here are the docs with more information around this - https://docs.amplify.aws/cli/function#signing-a-request-from-lambda

Thanks @kaustavghosh06. After I explored amplify update function a few times I could understand it better.