Simple AWS Appsync app hits already 50k+ AWS Key Management Service requests

Question

Last month we developed an Ionic app using AmplifyJS. It basically runs on top of an AWS Appsync API.

It was an unpleasant journey so far, especially the @connections between DynamoDB tables.

For example you want to connect tables Team > Members > Tasks together. Maybe this is not the right way to do it, because we basically build SQL structures on top of a noSQL database.

Anyways we managed to get it work with multiple @connections: https://aws-amplify.github.io/docs/cli-toolchain/graphql#connection

The problem is that we face already 50k+ AWS Key Management Service requests during one month of testing by only two developers.

Does it request a key for every database query?

How did this go for you? I am seeing similar problems on my end. — Jam1, Feb 19 '20 at 14:43
I had to change DynamoDB settings how it handles KMS: https://github.com/aws-amplify/amplify-cli/issues/1867 — user3411864, Feb 21 '20 at 12:52

score 0 · Accepted Answer · answered Feb 21 '20 at 12:54

Go to your DynamoDB tables on the AWS Console which are provisioned by the CLI as a part of your GraphQL API. In the Overview tab, select the “Manage Encryption” options, and select the “Default” option in the modal which opens up.

This will disable the use of custom KMS keys and potentially address the costs concerns, while still keeping the server-side encryption intact without using a custom KMS key. This value will not be overwritten on the next 'amplify push'.

Simple AWS Appsync app hits already 50k+ AWS Key Management Service requests

1 Answers1