4

I am using an AWS Lambda function to create an API key using Boto3.

Testing locally with the following is successful:

import boto3

client = boto3.client('apigateway')

response = client.create_api_key(
    name='test_user_from_boto',
    description='This is the description',
    enabled=True,
    generateDistinctId=True,
    value='',
    stageKeys=[{
        'restApiId':'aaa',
        'stageName':'beta'
    }]
)

This works no problem returning a dictionary as expected. The return dictionary includes a value key that has the generated api key value which is what I'm after.

When doing something similar in AWS Lambda, the return dictionary does not include the value key.

This is my Lambda hander function.

import boto3


api_id = 'zzz'
plan_id_map = {
    'trial': 'aaa', 
    'basic': 'bbb', 
    'professional': 'ccc'
}

def handler(event, context):
    user_name = event['user_name']
    stage = event['stage']
    plan = event['plan']

    client = boto3.client('apigateway')
    api_key_response = client.create_api_key(
        name=user_name, 
        description='', 
        enabled=True, 
        # generateDistinctId=True, # including this argument throws an error
        # value='', # including this argument throws an error
        stageKeys=[{
            'restApiId': api_id, 
            'stageName': stage
        }]
    )

    user_key_id = api_key_response['id']
    user_api_key = api_key_response['value'] # throws a key error here

    plan_response = client.create_usage_plan_key(
        usagePlanId=plan_id_map[plan],
        keyId=user_key_id,
        keyType='API_KEY')    

    return {
        'user_name': user_name,
        'user_key_id': user_key_id,
        'user_api_key': user_api_key
    }

The results from printing api_key_response is the following:

{
    u'name': u'test_user_from_lambda', 
    'ResponseMetadata': {
        'HTTPStatusCode': 201, 
        'RequestId': 'b8298d38-7aec-11e6-8322-5bc341fc4b73', 
        'HTTPHeaders': {
            'x-amzn-requestid': 'b8298d38-7aec-11e6-8322-5bc341fc4b73',
            'date': 'Thu, 15 Sep 2016 02:33:00 GMT', 
            'content-length': '203', 
            'content-type': 'application/json'
        }
    },
    u'createdDate': datetime.datetime(2016, 9, 15, 2, 33, tzinfo=tzlocal()), 
    u'lastUpdatedDate': datetime.datetime(2016, 9, 15, 2, 33, tzinfo=tzlocal()), 
    u'enabled': True, 
    u'id': u'xyzxyz', 
    u'stageKeys': [u'abcabc/beta']
}

When attempting to use get_api_key, I get a parameter validation error:

get_api_key_response = client.get_api_key(
    apiKey='585yw0f1tk',
    includeValue=True
)

Unknown parameter in input: "includeValue", must be one of: apiKey: ParamValidationError

Is the AWSboto3 module modified to exclude the value key? How to return the generated api key?

Improve this question
4
  • What error does it throw? Commented Sep 14, 2016 at 13:17
  • It's not an error, the key value just does get returned in the dictionary in the AWS Lambda implementation where it does otherwise. Commented Sep 14, 2016 at 14:01
  • 1
    So what does api_key_response look like at that point? Try printing it Commented Sep 14, 2016 at 14:02
  • Updated OP with the results Commented Sep 15, 2016 at 2:38

1 Answer 1

Reset to default
3

The difference here can be attributed to different versions of the AWS SDK in your Lambda environment vs your development environment.

In newer versions of the SDK, the API key value is omitted from certain responses as a security measure. You can retrieve the API Key value via a separate call to get_api_key with includeValue=True

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

I've tried using get_api_key with the includeValue=True argument and includeValue fails parameter validation. See OP.
I should note that I'm using boto3 v1.3.1 on my dev environment which is the same as the AWS implementation.
I would suggest to bundle the latest version of the SDK (1.4) in your Lambda function. Lambda tends to lag behind on SDK releases. See docs.aws.amazon.com/lambda/latest/dg/…

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.