[Released] Increase maximum size of environment variables (4kb)

[amille14]

_Edit: This has shipped https://github.com/orgs/vercel/discussions/207#discussioncomment-3360373

---

The size limit on environment variables is too small when you have several public/private pem keys stored in your environment variables. Is there any way around this?

I've tried storing the keys in secrets instead of env vars but it doesn't seem like secrets can be assigned separately to production/preview/development environments, so this doesn't really work for my purposes.

It would be great if this size limitation could be removed or at least increased to accomodate larger environment variables. If anyone has a good workaround please let me know.

[mattiasw]

I just reached this limit too. I tried putting it in secrets but got the same error message there so it seems the limit still applies. I haven't seen any reasoning behind the seemingly arbitrary 4 KB number so this just feels like really bad developer experience. One workaround could be to encrypt the values and put the encrypted values in the code and the keys in the environment variables, but come on...

[amille14]

Yeah, I ended up going the encrypted values route but it's such a bad developer experience and just adds an extra layer of headache. Vercel really needs to change the 4kb limit.

[msw93]

I believe this is due to AWS, but still would be nice for vercel to come up with an official workaround!

The encrypting values solution is a horrible dev experience and makes branching/deploys much more complicated.

[msw93]

bump on this discussion.

[samcx]

The limit is unfortunately, due to AWS.

We do have a Support Article for this → https://vercel.com/support/articles/how-do-i-workaround-vercel-s-4-kb-environment-variables-limit.

[nublson]

Hi @samsisle , I'm facing this problem, I've read the article you indicated and I managed to encrypt my environment variable, now I want to know, how do I use it?

I'm accessing the BuyMeACoffee API to read in real-time the number of active members in my community.

I leave here an example of the code where I use the BMaC Access Token:

const buyMeACoffee = axios.create({
  baseURL: "https://developers.buymeacoffee.com/api/v1",
  headers: {
    Authorization: `Bearer ${process.env.BUY_ME_A_COFFEE_ACCESS_TOKEN}`,
  },
});

My problem now is, how to use the encrypted key in this case?

[samcx]

@nublson Were you not able to decrypt your encrypted Environment Variables and use it your application → https://vercel.com/support/articles/how-do-i-workaround-vercel-s-4-kb-environment-variables-limit#step-4:-use-the-api-route-to-decrypt-the-encrypted-content?

[anmdotdev]

The limit is unfortunately, due to AWS.

We do have a Support Article for this → https://vercel.com/support/articles/how-do-i-workaround-vercel-s-4-kb-environment-variables-limit.

The support article only makes it easy to do this with a next.js project, where its easy to add an api route to the project. Can we not build the solution mentioned in this article, into the Vercel UI somehow? This would make things very convenient.

[samcx]

@anmdotdev You can make Serverless Function in non-Next.js projects by just creating a root /api directory.

[larskarbo]

Vercel has the 4kb limit because of the underlying limitation on AWS Lambda. They have detailed a workaround but it doesn't seem like a good solution for all use cases (as it relies on manual work and api calls for fetching envs).

They say in a tweet that they are working on it.

In the meantime, one option is to use an external secrets manager (like Doppler), and fetch secrets and serialize to .env in the build step.

// package.json
"scripts": {
    ...
    "build": "fetch-secrets-to-env && npm run build",
}

As long as fetch-secrets-to-env writes all secrets to .env, they will be available like usual in the runtimes on Vercel.

Another option, is to do this 👆 but add some security by encrypting all values and decrypting in runtime. I wrote a blog post about this approach and made a working example repo.

[MFCo]

Hi there! Wanted to update you on this issue. The limit has now been increased to 64KB. Here is the changelog