Option for API Key To Never Expire

[alexwhb]

Environment information

System:
  OS: macOS 14.5
  CPU: (16) arm64 Apple M3 Max
  Memory: 294.78 MB / 48.00 GB
  Shell: /bin/zsh
Binaries:
  Node: 18.18.0 - ~/.nvm/versions/node/v18.18.0/bin/node
  Yarn: undefined - undefined
  npm: 10.8.0 - ~/node_modules/.bin/npm
  pnpm: undefined - undefined
NPM Packages:
  @aws-amplify/backend: 1.0.2
  @aws-amplify/backend-cli: 1.0.3
  aws-amplify: 6.3.4
  aws-cdk: 2.143.0
  aws-cdk-lib: 2.143.0
  typescript: 5.4.2
AWS environment variables:
  AWS_STS_REGIONAL_ENDPOINTS = regional
  AWS_NODEJS_CONNECTION_REUSE_ENABLED = 1
  AWS_SDK_LOAD_CONFIG = 1
No CDK environment variables

Description

So on my server the only possible system connecting to my graphQL system would be AWS Lambda REST handlers. I'm unable to use identityPool auth because I get this error: identityPool-based auth (allow.guest() and allow.authenticated('identityPool')) is not supported with a.handler.custom, so I'm stuck with API keys, but the problem is... my API key expires which makes my service unusable.

[ykethan]

Hey👋 thanks for raising this! I'm going to transfer this over to our API repository for better assistance 🙂

[AnilMaktala]

Hey @alexwhb, Thanks for raising this. Unfortunately, we can't have API validity more than 365 days. However, we will investigate the IAM pool authorization issue related to customer handler and let you know.

[alexwhb]

Awesome! Thanks for taking a look. I think my short term solution is to use a custom lambda authorizer with a secret key which seems to be working well.