search

aws-amplify / amplify-category-api

The AWS Amplify CLI is a toolchain for simplifying serverless web and mobile development. This plugin provides functionality for the API category, allowing for the creation and management of GraphQL and REST based backends for your amplify project.
https://docs.amplify.aws/
Apache License 2.0
88 stars 76 forks source link

GraphQLAPIDefaultApiKey (AWS::AppSync::ApiKey), Event Type: update, Reason: API key not found: #2745

Open squirrelhomie opened 1 month ago

squirrelhomie commented 1 month ago

How did you install the Amplify CLI?

npm

If applicable, what version of Node.js are you using?

16.14.2

Amplify CLI Version

12.12.5

What operating system are you using?

Mac OS

Did you make any manual changes to the cloud resources managed by Amplify? Please describe the changes made.

Deleted App Sync API Key that was linked to my Amplify Project

Describe the bug

I have accidentally deleted my App Sync API Key that was linked to my amplify project. I am now attempting to generate a fresh one. Per the documentation, I am adding the following to my parameters.json file:

CreateAPIKey: 0

When I run amplify push it returns this error:

GraphQLAPIDefaultApiKey (AWS::AppSync::ApiKey), Event Type: update, Reason: API key not found:

even though the documentation states here that it will delete the existing API Key, so that I can then add CreateAPIKey: 1 to generate a fresh one.

I've tried amplify pull --restore and amplify push --force and many other different combinations. In the past for expired keys, I have deleted the deployment-state.json file in my S3 bucket, that is not currently showing up. Additionally, in other posts regarding this issue, it is recommended to remove GraphQLAPIIdOutput from the backend-config.js file. However, that key does not appear in my backend-config.js, but it does in amplify-dependant-resources-ref.d.ts

There does not seem to be a clear way for me to generate a fresh api key for my amplify project. Please advice.

Expected behavior

Adding CreateAPIKey: 0 to parameters.json and then running amplify push should remove the API Key. Then updating CreateAPIKey: 1 in parameters.json and running amplify push should generate a fresh one.

Reproduction steps

  1. Create amplify project
  2. Delete api key from app sync
  3. Add CreateAPIKey: 0 to parameters.json
  4. Run amplify push

Project Identifier

No response

Log output

``` # Put your logs below this line Embedded stack arn:aws:cloudformation:us-east-1::stack/stack-name was not successfully updated. Currently in UPDATE_ROLLBACK_IN_PROGRESS with reason: The following resource(s) failed to create: [api7XXXXXXXXXResponseXXXXXX, apiXXXXXXResponseXXXXXX] ```

Additional information

My current cloudformation stack is in a UPDATE_ROLLBACK_COMPLETE state

Before submitting, please confirm:

squirrelhomie commented 1 month ago

Would it help the team here if I run amplify diagnose --send-report ?

AnilMaktala commented 1 month ago

Hi @squirrelhomie, please send the diagnosis report and will work on reproducing this issue today.

squirrelhomie commented 1 month ago

Hi @squirrelhomie, please send the diagnosis report and will work on reproducing this issue today.

@AnilMaktala Thank you! I have run amplify diagnose --send-report

Is it safe to share the project identifier here?

AnilMaktala commented 1 month ago

Yes , Please share the identifier.

squirrelhomie commented 1 month ago

@AnilMaktala Project Identifier: 5ad1e5b598397420098aebae1cdca019

AnilMaktala commented 1 month ago

Hey @squirrelhomie, Thanks for sharing the details. I was able to recreate the new API key by following these steps. Could you please try them and let me know if it resolves the issue?

  1. Add CreateAPIKey: 0 to parameters.json.
  2. Run amplify push.
  3. Once successful, update CreateAPIKey: 1 in parameters.json.
  4. Run amplify push again.
image image
squirrelhomie commented 1 month ago

Hey @squirrelhomie, Thanks for sharing the details. I was able to recreate the new API key by following these steps. Could you please try them and let me know if it resolves the issue?

  1. Add CreateAPIKey: 0 to parameters.json.
  2. Run amplify push.
  3. Once successful, update CreateAPIKey: 1 in parameters.json.
  4. Run amplify push again.

image image

@AnilMaktala Running the steps you shared above returns this error for me when adding --debug 

DeploymentFault: Resource is not in the state stackUpdateComplete
    at Object.run (/snapshot/amplify-cli/build/node_modules/@aws-amplify/amplify-provider-awscloudformation/lib/push-resources.js:362:11)
    at async /snapshot/amplify-cli/build/node_modules/@aws-amplify/cli-internal/lib/extensions/amplify-helpers/push-resources.js:137:16
    at async Promise.all (index 0)
    at async providersPush (/snapshot/amplify-cli/build/node_modules/@aws-amplify/cli-internal/lib/extensions/amplify-helpers/push-resources.js:133:5)
    at async AmplifyToolkit.pushResources (/snapshot/amplify-cli/build/node_modules/@aws-amplify/cli-internal/lib/extensions/amplify-helpers/push-resources.js:107:13)
    at async Object.executeAmplifyCommand (/snapshot/amplify-cli/build/node_modules/@aws-amplify/cli-internal/lib/index.js:194:9)
    at async executePluginModuleCommand (/snapshot/amplify-cli/build/node_modules/@aws-amplify/cli-internal/lib/execution-manager.js:139:5)
    at async executeCommand (/snapshot/amplify-cli/build/node_modules/@aws-amplify/cli-internal/lib/execution-manager.js:37:9)
    at async Object.run (/snapshot/amplify-cli/build/node_modules/@aws-amplify/cli-internal/lib/index.js:121:5)

Resource is not in the state stackUpdateComplete
ResourceNotReady: Resource is not in the state stackUpdateComplete
    at constructor.setError (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/resource_waiter.js:182:47)
    at Request.CHECK_ACCEPTORS (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/resource_waiter.js:44:12)
    at Request.callListeners (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/sequential_executor.js:106:20)
    at Request.emit (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
    at Request.emit (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/request.js:686:14)
    at Request.transition (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/request.js:22:10)
    at AcceptorStateMachine.runTo (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/state_machine.js:14:12)
    at /snapshot/amplify-cli/build/node_modules/aws-sdk/lib/state_machine.js:26:10
    at Request.<anonymous> (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/request.js:38:9)
    at Request.<anonymous> (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/request.js:688:12)
    at Request.callListeners (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/sequential_executor.js:116:18)
    at Request.emit (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
    at Request.emit (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/request.js:686:14)
    at Request.transition (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/request.js:22:10)
    at AcceptorStateMachine.runTo (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/state_machine.js:14:12)
    at /snapshot/amplify-cli/build/node_modules/aws-sdk/lib/state_machine.js:26:10
    at Request.<anonymous> (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/request.js:38:9)
    at Request.<anonymous> (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/request.js:688:12)
    at Request.callListeners (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/sequential_executor.js:116:18)
    at callNextListener (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/sequential_executor.js:96:12)
    at IncomingMessage.onEnd (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/event_listeners.js:417:13)
    at IncomingMessage.emit (node:events:525:35)
    at IncomingMessage.emit (node:domain:489:12)
    at endReadableNT (node:internal/streams/readable:1359:12)
    at process.processTicksAndRejections (node:internal/process/task_queues:82:21)

In CloudFormation my stack event status says

Embedded stack arn:aws:cloudformation:us-east-1:145104990895:stack/<app-name> was not successfully updated. Currently in UPDATE_ROLLBACK_IN_PROGRESS with reason: The following resource(s) failed to create: [api<key>, api<key>].

In one of my NestedStacks I see this error

Resource handler returned message: "Invalid API identifier specified <id> (Service: ApiGateway, Status Code: 404, Request ID: 1eab9b71-8828-41b7-948e-0ec85afbf030)" (RequestToken: 448fb72f-c9d7-0286-690c-d8efa9fc4053, HandlerErrorCode: NotFound)

squirrelhomie commented 1 month ago

@AnilMaktala Is there anything else I can do to help get this figured out? This is a complete show stopper for our project and we are over a week behind at this point.

AnilMaktala commented 1 month ago

Hey @squirrelhomie, Is Step 2 was successful for you?

squirrelhomie commented 1 month ago

@AnilMaktala No, I can not successfully run amplify push without receiving the errors shared above.

I've tried CreateAPIKey: 0, CreateAPIKey: 1, I've tried neither and just updating my schema.graphql with a dummy field. Completely unable to run amplify push at this time and the error has been consistent

AnilMaktala commented 1 month ago

@squirrelhomie Are you on Discord by any chance? It would be easier to connect there.

squirrelhomie commented 1 month ago

@AnilMaktala Yes, you can find me on discord under squirrelhomie. Would you like to move over to discord now?

squirrelhomie commented 1 month ago

@AnilMaktala After many attempts, I was finally able to get amplify push to work and generate a new API Key by first running it with CreateAPIKey: 0 and then CreateAPIKey: 1 However, I don't think my 'solution' was a real solution.

I had a test API in API Gateway set up that after running amplify remove api <RESOURCE_NAME> amplify push worked. But, it is unclear why this worked and why amplify is not set up to take whatever edge case this was in to account when generating a new api key.

I have enjoyed using amplify and it has streamlined our development process a lot. But the process of generating a new API Key should be improved. I am lucky that the problematic API was not needed, but what if it was? Defintely causes some concerns once we get to production and we'll need to think if some kind of mitigation plan to reduce the risk of this happening once we're live.

Thank you @AnilMaktala for all of your help on this!