https://serverless-stack.com/ logo
Join Slack
Powered by
Hi all. Could anyone tell me how to spread ```REGI...
# sst
i
Hi all. Could anyone tell me how to spread
Copy code
REGION: stack.region,
USER_POOL_ID: auth.userPoolId,
IDENTITY_POOL_ID: auth.cognitoIdentityPoolId,
USER_POOL_CLIENT_ID: auth.userPoolClientId,
among lambda functions in SST? My stacks are being called in the following way:
Copy code
app
  .stack(ApiStack)
  .stack(StorageStack)
  .stack(AuthStack)
  .stack(SocketStack)
  .stack(FrontendStack)
This is a new SST API so I had to use 
API Stack
in 
Auth Stack
via 
sst.use
What is interesting is 
API Stack
had being imported in 
Auth Stack
to attach permissions. BUT when I am trying to do smth like this:
Copy code
const lambda = api.getFunction('POST /routeName')

lambda?.addEnvironment(
 'USER_POOL_ID',
 auth.userPoolId
)
I am getting the following error in the terminal
Copy code
Error: 'dev-ApiStack' depends on 'dev-sst-AuthStack' (dev-sst-ApiStack -> dev-sst-AuthStack/Auth/UserPool/Resource.Ref, dev-sst-ApiStack -> dev-\sst-AuthStack/Auth/IdentityPool.Ref, dev-sst-ApiStack -> dev-sst-AuthStack/Auth/UserPoolClient/Resource.Ref). Adding this dependency (dev-sst-AuthStack -> dev-sst-ApiStack/API/Api/Resource.Ref) would create a cyclic reference.
d
I gave up on this one.
I thought it might be possible to read and write it from AWS SSM, but that didn’t work.
We ended up using the AWS SDK to go fetch these values.
I’m not happy with our solution, but it worked. It’s much slower than passing in the variables like you’re trying to do.
Hope you find a better solution
i
I haven't found the solution except of deploying both stages to DEV & PROD and preserve outputs in 
.env
file. But this is a bad solution because I need to save DEV_variables & PROD_variables + using 
env.IS_LOCAL
to distinguish the environment etc.. I remember in SST versions 
0.60x
it could be easily done. Hope someone can help me to find a better way
f
@Ivan Roskoshnyi can you show me what the AuthStack looks like?
i
@Frank
f
The cyclic reference happens b/c: • When u do 
auth.attachPermissionsForAuthUsers([api])
, this makes the AuthStack depends on the ApiStack, b/c AuthStack is creating an IAM role whose 
resources
field references the Api’s id. • And when u do
Copy code
lambda?.addEnvironment(
 'USER_POOL_ID',
 auth.userPoolId
)
this makes the ApiStack depends on the AuthStack, b/c ApiStack is creating a Lambda function whose 
environment
field references the User Pool’s id. Hence the cyclic dependency. Both stacks need the other stack to be deployed first 😞
Two ways to work around this issue: 1. Merging 
AuthStack
and 
ApiStack
, this way 
Auth
and 
Api
are created within the same stack; 2. Or, store the User Pool ID to an SSM parameter. And have the Lambda function read the SSM parameter value at runtime.
Let me know if that makes sense.
d
Glad to hear Option 2 is a Frank approved solution.
f
An upside of Option 2 is that when testing the function code, the value for the User Pool ID will similarly be loaded from SSM. As opposed to needing to manually figure out and set the environment variables (ie. 
USER_POOL_ID
).
i
@Frank Thanks for the help! Is there any guide of using SSM with SST?
b
Would another alternative be to: • move the 
.stack(AuthStack)
to the top of the list in index.ts • 
sst.use(AuthStack)
in ApiStack & StorageStack and attach the permissions in those stacks instead of using them in the AuthStack. That would make the AuthStack generic and allow you to define how and what resources you apply it to in their respective stacks.
Open in Slack
PreviousNext
Powered by