vercel/next.js

Edge Runtime and AWS SDK credentials

r007 opened this issue · 1 comments

r007 commented

Link to the code that reproduces this issue

https://github.com/r007/next-aws-sdk-middleware-issue

To Reproduce

For example, if I want to get a variable from AWS Systems Manager Parameter Store, I can use this code:

import {NextResponse} from 'next/server'
import {SSMClient, GetParameterCommand} from '@aws-sdk/client-ssm'

export async function middleware() {
  const ssm = new SSMClient({region: 'us-east-1'})
  const command = new GetParameterCommand({Name: 'put-some-variable-here'})
  const response = await ssm.send(command)
  console.log(response)

  return NextResponse.next()
}

export const config = {
  matcher: ['/:path*']
}

It'll throw a Credential is missing error, because the edge runtime can't get AWS credentials from local file.

Current vs. Expected behavior

Hi guys,

I want to use AWS SDK API in my next.js middleware to get parameters. The reason for this is that Edge@Lambda doesn't support environment variables, so I have to use AWS Parameter Store instead.

Next.js Edge runtime doesn't work with AWS SDK at all. Simply because it uses node.js API behind the scene to get credentials (access key + secret access key). It reads a local file with credentials, but since the Edge runtime can't read anything, it fails to get access key + secret key needed to make an API call.

Any suggestions? Possible solutions?

Best regards,
Sergey

Provide environment information

Node.js v20.12.2

Operating System:
  Platform: linux
  Arch: x64
  Version: #58-Ubuntu SMP Thu Oct 13 08:03:55 UTC 2022
  Available memory (MB): 7911
  Available CPU cores: 8
Binaries:
  Node: 20.12.2
  npm: 10.7.0
  Yarn: 1.22.22
  pnpm: N/A
Relevant Packages:
  next: 14.2.3 // Latest available version is detected (14.2.3).
  eslint-config-next: N/A
  react: 18.3.1
  react-dom: 18.3.1
  typescript: N/A
Next.js Config:
  output: N/A

Which area(s) are affected? (Select all that apply)

Middleware, Runtime

Which stage(s) are affected? (Select all that apply)

next dev (local), next build (local), next start (local), Vercel (Deployed), Other (Deployed)

Additional context

I'm trying to implement authentication with AWS Cognito inside the middleware + token renewal.

masonembry commented

I'm trying to do the same thing. I've been paying a hefty "Next tax" lately. Looks like this is something we simply can't do. Middleware for auth doesn't seem like that weird of a use case...

  • 👍2