@aws-amplify/graphql-api-construct
Advanced tools
AppSync GraphQL Api Construct using Amplify GraphQL Transformer.
This package vends an L3 CDK Construct wrapping the behavior of the Amplify GraphQL Transformer. This enables quick development and interation of AppSync APIs which support the Amplify GraphQL Directives. For more information on schema modeling in GraphQL, please refer to the amplify developer docs.
The primary way to use this construct is to invoke it with a provided schema (either as an inline graphql string, or as one or more appsync.SchemaFile) objects, and with authorization config provided. There are 5 supported methods for authorization of an AppSync API, all of which are supported by this construct. For more information on authorization rule definitions in Amplify, refer to the authorization docs. Note: currently at least one authorization rule is required, and if multiple are specified, a defaultAuthorizationMode must be specified on the api as well. Specified authorization modes must be a superset of those configured in the graphql schema.
In this example, we create a single model, which will use user pool auth in order to allow logged in users to create and manage their own todos privately.
We create a cdk App and Stack, though you may be deploying this to a custom stack, this is purely illustrative for a concise demo.
We then wire this through to import a user pool which was already deployed (creating and deploying is out of scope for this example).
import { App, Stack } from 'aws-cdk-lib';
import { UserPool } from 'aws-cdk-lib/aws-cognito';
import { AmplifyGraphqlApi, AmplifyGraphqlDefinition } from '@aws-amplify/graphql-api-construct';
const app = new App();
const stack = new Stack(app, 'TodoStack');
new AmplifyGraphqlApi(stack, 'TodoApp', {
definition: AmplifyGraphqlDefinition.fromString(/* GraphQL */ `
type Todo @model @auth(rules: [{ allow: owner }]) {
description: String!
completed: Boolean
}
`),
authorizationModes: {
userPoolConfig: {
userPool: UserPool.fromUserPoolId(stack, 'ImportedUserPool', '<YOUR_USER_POOL_ID>'),
},
},
});
In this example, we create a two related models, which will use which logged in users in the 'Author' and 'Admin' user groups will have full access to, and customers requesting with api key will only have read permissions on.
import { App, Stack } from 'aws-cdk-lib';
import { UserPool } from 'aws-cdk-lib/aws-cognito';
import { AmplifyGraphqlApi, AmplifyGraphqlDefinition } from '@aws-amplify/graphql-api-construct';
const app = new App();
const stack = new Stack(app, 'BlogStack');
new AmplifyGraphqlApi(stack, 'BlogApp', {
definition: AmplifyGraphqlDefinition.fromString(/* GraphQL */ `
type Blog @model @auth(rules: [{ allow: public, operations: [read] }, { allow: groups, groups: ["Author", "Admin"] }]) {
title: String!
description: String
posts: [Post] @hasMany
}
type Post @model @auth(rules: [{ allow: public, operations: [read] }, { allow: groups, groups: ["Author", "Admin"] }]) {
title: String!
content: [String]
blog: Blog @belongsTo
}
`),
authorizationModes: {
defaultAuthorizationMode: 'API_KEY',
apiKeyConfig: {
description: 'Api Key for public access',
expires: cdk.Duration.days(7),
},
userPoolConfig: {
userPool: UserPool.fromUserPoolId(stack, 'ImportedUserPool', '<YOUR_USER_POOL_ID>'),
},
},
});
In this example, we import the schema definition itself from one or more local files, rather than an inline graphql string.
# todo.graphql
type Todo @model @auth(rules: [{ allow: owner }]) {
content: String!
done: Boolean
}
# blog.graphql
type Blog @model @auth(rules: [{ allow: owner }, { allow: public, operations: [read] }]) {
title: String!
description: String
posts: [Post] @hasMany
}
type Post @model @auth(rules: [{ allow: owner }, { allow: public, operations: [read] }]) {
title: String!
content: [String]
blog: Blog @belongsTo
}
// app.ts
import { App, Stack } from 'aws-cdk-lib';
import { UserPool } from 'aws-cdk-lib/aws-cognito';
import { AmplifyGraphqlApi, AmplifyGraphqlDefinition } from '@aws-amplify/graphql-api-construct';
const app = new App();
const stack = new Stack(app, 'MultiFileStack');
new AmplifyGraphqlApi(stack, 'MultiFileDefinition', {
definition: AmplifyGraphqlDefinition.fromFiles(path.join(__dirname, 'todo.graphql'), path.join(__dirname, 'blog.graphql')),
authorizationModes: {
defaultAuthorizationMode: 'API_KEY',
apiKeyConfig: {
description: 'Api Key for public access',
expires: cdk.Duration.days(7),
},
userPoolConfig: {
userPool: UserPool.fromUserPoolId(stack, 'ImportedUserPool', '<YOUR_USER_POOL_ID>'),
},
},
});
L3 Construct which invokes the Amplify Transformer Pattern over an input Graphql Schema.
This can be used to quickly define appsync apis which support full CRUD+List and Subscriptions, relationships, auth, search over data, the ability to inject custom business logic and query/mutation operations, and connect to ML services.
For more information, refer to the docs links below: Data Modeling - https://docs.amplify.aws/cli/graphql/data-modeling/ Authorization - https://docs.amplify.aws/cli/graphql/authorization-rules/ Custom Business Logic - https://docs.amplify.aws/cli/graphql/custom-business-logic/ Search - https://docs.amplify.aws/cli/graphql/search-and-result-aggregations/ ML Services - https://docs.amplify.aws/cli/graphql/connect-to-machine-learning-services/
For a full reference of the supported custom graphql directives - https://docs.amplify.aws/cli/graphql/directives-reference/
The output of this construct is a mapping of L2 or L1 resources generated by the transformer, which generally follow the access pattern
const api = new AmplifyGraphQlApi(this, 'api', { <params> });
// Access L2 resources under `.resources`
api.resources.tables["Todo"].tableArn;
// Access L1 resources under `.resources.cfnResources`
api.resources.cfnResources.cfnGraphqlApi.xrayEnabled = true;
Object.values(api.resources.cfnResources.cfnTables).forEach(table => {
table.pointInTimeRecoverySpecification = { pointInTimeRecoveryEnabled: false };
});
resources.<ResourceType>.<ResourceName> - you can then perform any CDK action on these resulting resoureces.
import { AmplifyGraphqlApi } from '@aws-amplify/graphql-api-construct'
new AmplifyGraphqlApi(scope: Construct, id: string, props: AmplifyGraphqlApiProps)
| Name | Type | Description |
|---|---|---|
scope | constructs.Construct | the scope to create this construct within. |
id | string | the id to use for this api. |
props | AmplifyGraphqlApiProps | the properties used to configure the generated api. |
scopeRequired the scope to create this construct within.
idRequired the id to use for this api.
propsRequired the properties used to configure the generated api.
| Name | Description |
|---|---|
toString | Returns a string representation of this construct. |
addDynamoDbDataSource | Add a new DynamoDB data source to this API. |
addElasticsearchDataSource | Add a new elasticsearch data source to this API. |
addEventBridgeDataSource | Add an EventBridge data source to this api. |
addFunction | Add an appsync function to the api. |
addHttpDataSource | Add a new http data source to this API. |
addLambdaDataSource | Add a new Lambda data source to this API. |
addNoneDataSource | Add a new dummy data source to this API. |
addOpenSearchDataSource | dd a new OpenSearch data source to this API. |
addRdsDataSource | Add a new Rds data source to this API. |
addResolver | Add a resolver to the api. |
toString public toString(): string
Returns a string representation of this construct.
addDynamoDbDataSource public addDynamoDbDataSource(id: string, table: ITable, options?: DataSourceOptions): DynamoDbDataSource
Add a new DynamoDB data source to this API.
This is a proxy method to the L2 GraphqlApi Construct.
idRequired The data source's id.
tableRequired The DynamoDB table backing this data source.
optionsOptional The optional configuration for this data source.
addElasticsearchDataSourcepublic addElasticsearchDataSource(id: string, domain: IDomain, options?: DataSourceOptions): ElasticsearchDataSource
Add a new elasticsearch data source to this API.
This is a proxy method to the L2 GraphqlApi Construct.
idRequired The data source's id.
domainRequired The elasticsearch domain for this data source.
optionsOptional The optional configuration for this data source.
addEventBridgeDataSource public addEventBridgeDataSource(id: string, eventBus: IEventBus, options?: DataSourceOptions): EventBridgeDataSource
Add an EventBridge data source to this api.
This is a proxy method to the L2 GraphqlApi Construct.
idRequired The data source's id.
eventBusRequired The EventBridge EventBus on which to put events.
optionsOptional The optional configuration for this data source.
addFunction public addFunction(id: string, props: AddFunctionProps): AppsyncFunction
Add an appsync function to the api.
idRequired the function's id.
propsRequired addHttpDataSource public addHttpDataSource(id: string, endpoint: string, options?: HttpDataSourceOptions): HttpDataSource
Add a new http data source to this API.
This is a proxy method to the L2 GraphqlApi Construct.
idRequired The data source's id.
endpointRequired The http endpoint.
optionsOptional The optional configuration for this data source.
addLambdaDataSource public addLambdaDataSource(id: string, lambdaFunction: IFunction, options?: DataSourceOptions): LambdaDataSource
Add a new Lambda data source to this API.
This is a proxy method to the L2 GraphqlApi Construct.
idRequired The data source's id.
lambdaFunctionRequired The Lambda function to call to interact with this data source.
optionsOptional The optional configuration for this data source.
addNoneDataSource public addNoneDataSource(id: string, options?: DataSourceOptions): NoneDataSource
Add a new dummy data source to this API.
This is a proxy method to the L2 GraphqlApi Construct. Useful for pipeline resolvers and for backend changes that don't require a data source.
idRequired The data source's id.
optionsOptional The optional configuration for this data source.
addOpenSearchDataSource public addOpenSearchDataSource(id: string, domain: IDomain, options?: DataSourceOptions): OpenSearchDataSource
dd a new OpenSearch data source to this API.
This is a proxy method to the L2 GraphqlApi Construct.
idRequired The data source's id.
domainRequired The OpenSearch domain for this data source.
optionsOptional The optional configuration for this data source.
addRdsDataSource public addRdsDataSource(id: string, serverlessCluster: IServerlessCluster, secretStore: ISecret, databaseName?: string, options?: DataSourceOptions): RdsDataSource
Add a new Rds data source to this API.
This is a proxy method to the L2 GraphqlApi Construct.
idRequired The data source's id.
serverlessClusterRequired The serverless cluster to interact with this data source.
secretStoreRequired The secret store that contains the username and password for the serverless cluster.
databaseNameOptional The optional name of the database to use within the cluster.
optionsOptional The optional configuration for this data source.
addResolver public addResolver(id: string, props: ExtendedResolverProps): Resolver
Add a resolver to the api.
This is a proxy method to the L2 GraphqlApi Construct.
idRequired The resolver's id.
propsRequired the resolver properties.
| Name | Description |
|---|---|
isConstruct | Checks if x is a construct. |
isConstructimport { AmplifyGraphqlApi } from '@aws-amplify/graphql-api-construct'
AmplifyGraphqlApi.isConstruct(x: any)
Checks if x is a construct.
xRequired Any object.
| Name | Type | Description |
|---|---|---|
node | constructs.Node | The tree node. |
apiId | string | Generated Api Id. |
generatedFunctionSlots | MutationFunctionSlot | QueryFunctionSlot | SubscriptionFunctionSlot[] | Resolvers generated by the transform process, persisted on the side in order to facilitate pulling a manifest for the purposes of inspecting and producing overrides. |
graphqlUrl | string | Graphql URL For the generated API. |
realtimeUrl | string | Realtime URL For the generated API. |
resources | AmplifyGraphqlApiResources | Generated L1 and L2 CDK resources. |
apiKey | string | Generated Api Key if generated. |
nodeRequired public readonly node: Node;
The tree node.
apiIdRequired public readonly apiId: string;
Generated Api Id.
May be a CDK Token.
generatedFunctionSlotsRequired public readonly generatedFunctionSlots: MutationFunctionSlot | QueryFunctionSlot | SubscriptionFunctionSlot[];
Resolvers generated by the transform process, persisted on the side in order to facilitate pulling a manifest for the purposes of inspecting and producing overrides.
graphqlUrlRequired public readonly graphqlUrl: string;
Graphql URL For the generated API.
May be a CDK Token.
realtimeUrlRequired public readonly realtimeUrl: string;
Realtime URL For the generated API.
May be a CDK Token.
resourcesRequired public readonly resources: AmplifyGraphqlApiResources;
Generated L1 and L2 CDK resources.
apiKeyOptional public readonly apiKey: string;
Generated Api Key if generated.
May be a CDK Token.
Input type properties when adding a new appsync.AppsyncFunction to the generated API. This is equivalent to the Omit<appsync.AppsyncFunctionProps, 'api'>.
import { AddFunctionProps } from '@aws-amplify/graphql-api-construct'
const addFunctionProps: AddFunctionProps = { ... }
| Name | Type | Description |
|---|---|---|
dataSource | aws-cdk-lib.aws_appsync.BaseDataSource | the data source linked to this AppSync Function. |
name | string | the name of the AppSync Function. |
code | aws-cdk-lib.aws_appsync.Code | The function code. |
description | string | the description for this AppSync Function. |
requestMappingTemplate | aws-cdk-lib.aws_appsync.MappingTemplate | the request mapping template for the AppSync Function. |
responseMappingTemplate | aws-cdk-lib.aws_appsync.MappingTemplate | the response mapping template for the AppSync Function. |
runtime | aws-cdk-lib.aws_appsync.FunctionRuntime | The functions runtime. |
dataSourceRequired public readonly dataSource: BaseDataSource;
the data source linked to this AppSync Function.
nameRequired public readonly name: string;
the name of the AppSync Function.
codeOptional public readonly code: Code;
The function code.
descriptionOptional public readonly description: string;
the description for this AppSync Function.
requestMappingTemplateOptional public readonly requestMappingTemplate: MappingTemplate;
the request mapping template for the AppSync Function.
responseMappingTemplateOptional public readonly responseMappingTemplate: MappingTemplate;
the response mapping template for the AppSync Function.
runtimeOptional public readonly runtime: FunctionRuntime;
The functions runtime.
Use custom resource type 'Custom::AmplifyDynamoDBTable' to provision table.
import { AmplifyDynamoDbModelDataSourceStrategy } from '@aws-amplify/graphql-api-construct'
const amplifyDynamoDbModelDataSourceStrategy: AmplifyDynamoDbModelDataSourceStrategy = { ... }
| Name | Type | Description |
|---|---|---|
dbType | string | No description. |
provisionStrategy | string | No description. |
dbTypeRequired public readonly dbType: string;
provisionStrategyRequired public readonly provisionStrategy: string;
L1 CDK resources from the Api which were generated as part of the transform.
These are potentially stored under nested stacks, but presented organized by type instead.
import { AmplifyGraphqlApiCfnResources } from '@aws-amplify/graphql-api-construct'
const amplifyGraphqlApiCfnResources: AmplifyGraphqlApiCfnResources = { ... }
| Name | Type | Description |
|---|---|---|
additionalCfnResources | {[ key: string ]: aws-cdk-lib.CfnResource} | Remaining L1 resources generated, keyed by logicalId. |
amplifyDynamoDbTables | {[ key: string ]: AmplifyDynamoDbTableWrapper} | The Generated Amplify DynamoDb Table L1 resource wrapper, keyed by model type name. |
cfnDataSources | {[ key: string ]: aws-cdk-lib.aws_appsync.CfnDataSource} | The Generated AppSync DataSource L1 Resources, keyed by logicalId. |
cfnFunctionConfigurations | {[ key: string ]: aws-cdk-lib.aws_appsync.CfnFunctionConfiguration} | The Generated AppSync Function L1 Resources, keyed by logicalId. |
cfnFunctions | {[ key: string ]: aws-cdk-lib.aws_lambda.CfnFunction} | The Generated Lambda Function L1 Resources, keyed by function name. |
cfnGraphqlApi | aws-cdk-lib.aws_appsync.CfnGraphQLApi | The Generated AppSync Api L1 Resource. |
cfnGraphqlSchema | aws-cdk-lib.aws_appsync.CfnGraphQLSchema | The Generated AppSync Schema L1 Resource. |
cfnResolvers | {[ key: string ]: aws-cdk-lib.aws_appsync.CfnResolver} | The Generated AppSync Resolver L1 Resources, keyed by logicalId. |
cfnRoles | {[ key: string ]: aws-cdk-lib.aws_iam.CfnRole} | The Generated IAM Role L1 Resources, keyed by logicalId. |
cfnTables | {[ key: string ]: aws-cdk-lib.aws_dynamodb.CfnTable} | The Generated DynamoDB Table L1 Resources, keyed by logicalId. |
cfnApiKey | aws-cdk-lib.aws_appsync.CfnApiKey | The Generated AppSync Api Key L1 Resource. |
additionalCfnResourcesRequired public readonly additionalCfnResources: {[ key: string ]: CfnResource};
Remaining L1 resources generated, keyed by logicalId.
amplifyDynamoDbTablesRequired public readonly amplifyDynamoDbTables: {[ key: string ]: AmplifyDynamoDbTableWrapper};
The Generated Amplify DynamoDb Table L1 resource wrapper, keyed by model type name.
cfnDataSourcesRequired public readonly cfnDataSources: {[ key: string ]: CfnDataSource};
The Generated AppSync DataSource L1 Resources, keyed by logicalId.
cfnFunctionConfigurationsRequired public readonly cfnFunctionConfigurations: {[ key: string ]: CfnFunctionConfiguration};
The Generated AppSync Function L1 Resources, keyed by logicalId.
cfnFunctionsRequired public readonly cfnFunctions: {[ key: string ]: CfnFunction};
The Generated Lambda Function L1 Resources, keyed by function name.
cfnGraphqlApiRequired public readonly cfnGraphqlApi: CfnGraphQLApi;
The Generated AppSync Api L1 Resource.
cfnGraphqlSchemaRequired public readonly cfnGraphqlSchema: CfnGraphQLSchema;
The Generated AppSync Schema L1 Resource.
cfnResolversRequired public readonly cfnResolvers: {[ key: string ]: CfnResolver};
The Generated AppSync Resolver L1 Resources, keyed by logicalId.
cfnRolesRequired public readonly cfnRoles: {[ key: string ]: CfnRole};
The Generated IAM Role L1 Resources, keyed by logicalId.
cfnTablesRequired public readonly cfnTables: {[ key: string ]: CfnTable};
The Generated DynamoDB Table L1 Resources, keyed by logicalId.
cfnApiKeyOptional public readonly cfnApiKey: CfnApiKey;
The Generated AppSync Api Key L1 Resource.
Input props for the AmplifyGraphqlApi construct.
Specifies what the input to transform into an Api, and configurations for the transformation process.
import { AmplifyGraphqlApiProps } from '@aws-amplify/graphql-api-construct'
const amplifyGraphqlApiProps: AmplifyGraphqlApiProps = { ... }
| Name | Type | Description |
|---|---|---|
authorizationModes | AuthorizationModes | Required auth modes for the Api. |
definition | IAmplifyGraphqlDefinition | The definition to transform in a full Api. |
apiName | string | Name to be used for the AppSync Api. |
conflictResolution | ConflictResolution | Configure conflict resolution on the Api, which is required to enable DataStore Api functionality. |
dataStoreConfiguration | DataStoreConfiguration | Configure DataStore conflict resolution on the Api. |
disableOutputStorage | boolean | Disables storing construct output. |
functionNameMap | {[ key: string ]: aws-cdk-lib.aws_lambda.IFunction} | Lambda functions referenced in the definitions's. |
functionSlots | MutationFunctionSlot | QueryFunctionSlot | SubscriptionFunctionSlot[] | Overrides for a given slot in the generated resolver pipelines. |
outputStorageStrategy | IBackendOutputStorageStrategy | Strategy to store construct outputs. |
predictionsBucket | aws-cdk-lib.aws_s3.IBucket | If using predictions, a bucket must be provided which will be used to search for assets. |
stackMappings | {[ key: string ]: string} | StackMappings override the assigned nested stack on a per-resource basis. |
transformerPlugins | any[] | Provide a list of additional custom transformers which are injected into the transform process. |
translationBehavior | PartialTranslationBehavior | This replaces feature flags from the Api construct, for general information on what these parameters do, refer to https://docs.amplify.aws/cli/reference/feature-flags/#graphQLTransformer. |
authorizationModesRequired public readonly authorizationModes: AuthorizationModes;
Required auth modes for the Api.
This object must be a superset of the configured auth providers in the Api definition. For more information, refer to https://docs.amplify.aws/cli/graphql/authorization-rules/
definitionRequired public readonly definition: IAmplifyGraphqlDefinition;
The definition to transform in a full Api.
Can be constructed via the AmplifyGraphqlDefinition class.
apiNameOptional public readonly apiName: string;
Name to be used for the AppSync Api.
Default: construct id.
conflictResolutionpublic readonly conflictResolution: ConflictResolution;
Configure conflict resolution on the Api, which is required to enable DataStore Api functionality.
For more information, refer to https://docs.amplify.aws/lib/datastore/getting-started/q/platform/js/
dataStoreConfigurationOptional public readonly dataStoreConfiguration: DataStoreConfiguration;
Configure DataStore conflict resolution on the Api.
Conflict resolution is required to enable DataStore Api functionality. For more information, refer to https://docs.amplify.aws/lib/datastore/getting-started/q/platform/js/
disableOutputStorageOptional public readonly disableOutputStorage: boolean;
Disables storing construct output.
Output storage should be disabled when creating multiple GraphQL APIs in a single CDK synthesis. outputStorageStrategy will be ignored if this is set to true.
functionNameMapOptional public readonly functionNameMap: {[ key: string ]: IFunction};
Lambda functions referenced in the definitions's.
functionSlotsOptional public readonly functionSlots: MutationFunctionSlot | QueryFunctionSlot | SubscriptionFunctionSlot[];
Overrides for a given slot in the generated resolver pipelines.
For more information about what slots are available, refer to https://docs.amplify.aws/cli/graphql/custom-business-logic/#override-amplify-generated-resolvers.
outputStorageStrategyOptional public readonly outputStorageStrategy: IBackendOutputStorageStrategy;
Strategy to store construct outputs.
If no outputStorageStrategey is provided a default strategy will be used.
predictionsBucketOptional public readonly predictionsBucket: IBucket;
If using predictions, a bucket must be provided which will be used to search for assets.
stackMappingsOptional public readonly stackMappings: {[ key: string ]: string};
StackMappings override the assigned nested stack on a per-resource basis.
Only applies to resolvers, and takes the form { : } It is not recommended to use this parameter unless you are encountering stack resource count limits, and worth noting that after initial deployment AppSync resolvers cannot be moved between nested stacks, they will need to be removed from the app, then re-added from a new stack.
transformerPluginsOptional public readonly transformerPlugins: any[];
Provide a list of additional custom transformers which are injected into the transform process.
These custom transformers must be implemented with aws-cdk-lib >=2.80.0, and
translationBehaviorOptional public readonly translationBehavior: PartialTranslationBehavior;
This replaces feature flags from the Api construct, for general information on what these parameters do, refer to https://docs.amplify.aws/cli/reference/feature-flags/#graphQLTransformer.
Accessible resources from the Api which were generated as part of the transform.
These are potentially stored under nested stacks, but presented organized by type instead.
import { AmplifyGraphqlApiResources } from '@aws-amplify/graphql-api-construct'
const amplifyGraphqlApiResources: AmplifyGraphqlApiResources = { ... }
| Name | Type | Description |
|---|---|---|
cfnResources | AmplifyGraphqlApiCfnResources | L1 Cfn Resources, for when dipping down a level of abstraction is desirable. |
functions | {[ key: string ]: aws-cdk-lib.aws_lambda.IFunction} | The Generated Lambda Function L1 Resources, keyed by function name. |
graphqlApi | aws-cdk-lib.aws_appsync.IGraphqlApi | The Generated AppSync Api L2 Resource, includes the Schema. |
nestedStacks | {[ key: string ]: aws-cdk-lib.NestedStack} | Nested Stacks generated by the Api Construct. |
roles | {[ key: string ]: aws-cdk-lib.aws_iam.IRole} | The Generated IAM Role L2 Resources, keyed by logicalId. |
tables | {[ key: string ]: aws-cdk-lib.aws_dynamodb.ITable} | The Generated DynamoDB Table L2 Resources, keyed by logicalId. |
cfnResourcesRequired public readonly cfnResources: AmplifyGraphqlApiCfnResources;
L1 Cfn Resources, for when dipping down a level of abstraction is desirable.
functionsRequired public readonly functions: {[ key: string ]: IFunction};
The Generated Lambda Function L1 Resources, keyed by function name.
graphqlApiRequired public readonly graphqlApi: IGraphqlApi;
The Generated AppSync Api L2 Resource, includes the Schema.
nestedStacksRequired public readonly nestedStacks: {[ key: string ]: NestedStack};
Nested Stacks generated by the Api Construct.
rolesRequired public readonly roles: {[ key: string ]: IRole};
The Generated IAM Role L2 Resources, keyed by logicalId.
tablesRequired public readonly tables: {[ key: string ]: ITable};
The Generated DynamoDB Table L2 Resources, keyed by logicalId.
Configuration for Api Keys on the Graphql Api.
import { ApiKeyAuthorizationConfig } from '@aws-amplify/graphql-api-construct'
const apiKeyAuthorizationConfig: ApiKeyAuthorizationConfig = { ... }
| Name | Type | Description |
|---|---|---|
expires | aws-cdk-lib.Duration | A duration representing the time from Cloudformation deploy until expiry. |
description | string | Optional description for the Api Key to attach to the Api. |
expiresRequired public readonly expires: Duration;
A duration representing the time from Cloudformation deploy until expiry.
descriptionOptional public readonly description: string;
Optional description for the Api Key to attach to the Api.
Authorization Modes to apply to the Api.
At least one modes must be provided, and if more than one are provided a defaultAuthorizationMode must be specified. For more information on Amplify Api auth, refer to https://docs.amplify.aws/cli/graphql/authorization-rules/#authorization-strategies
import { AuthorizationModes } from '@aws-amplify/graphql-api-construct'
const authorizationModes: AuthorizationModes = { ... }
| Name | Type | Description |
|---|---|---|
adminRoles | aws-cdk-lib.aws_iam.IRole[] | A list of roles granted full R/W access to the Api. |
apiKeyConfig | ApiKeyAuthorizationConfig | AppSync Api Key config, required if a 'apiKey' auth provider is specified in the Api. |
defaultAuthorizationMode | string | Default auth mode to provide to the Api, required if more than one config type is specified. |
iamConfig | IAMAuthorizationConfig | IAM Auth config, required if an 'iam' auth provider is specified in the Api. |
lambdaConfig | LambdaAuthorizationConfig | Lambda config, required if a 'function' auth provider is specified in the Api. |
oidcConfig | OIDCAuthorizationConfig | Cognito OIDC config, required if a 'oidc' auth provider is specified in the Api. |
userPoolConfig | UserPoolAuthorizationConfig | Cognito UserPool config, required if a 'userPools' auth provider is specified in the Api. |
adminRolespublic readonly adminRoles: IRole[];
A list of roles granted full R/W access to the Api.
apiKeyConfigOptional public readonly apiKeyConfig: ApiKeyAuthorizationConfig;
AppSync Api Key config, required if a 'apiKey' auth provider is specified in the Api.
Applies to 'public' auth strategy.
defaultAuthorizationModeOptional public readonly defaultAuthorizationMode: string;
Default auth mode to provide to the Api, required if more than one config type is specified.
iamConfigOptional public readonly iamConfig: IAMAuthorizationConfig;
IAM Auth config, required if an 'iam' auth provider is specified in the Api.
Applies to 'public' and 'private' auth strategies.
lambdaConfigOptional public readonly lambdaConfig: LambdaAuthorizationConfig;
Lambda config, required if a 'function' auth provider is specified in the Api.
Applies to 'custom' auth strategy.
oidcConfigOptional public readonly oidcConfig: OIDCAuthorizationConfig;
Cognito OIDC config, required if a 'oidc' auth provider is specified in the Api.
Applies to 'owner', 'private', and 'group' auth strategies.
userPoolConfigOptional public readonly userPoolConfig: UserPoolAuthorizationConfig;
Cognito UserPool config, required if a 'userPools' auth provider is specified in the Api.
Applies to 'owner', 'private', and 'group' auth strategies.
Enable optimistic concurrency on the project.
import { AutomergeConflictResolutionStrategy } from '@aws-amplify/graphql-api-construct'
const automergeConflictResolutionStrategy: AutomergeConflictResolutionStrategy = { ... }
| Name | Type | Description |
|---|---|---|
detectionType | string | The conflict detection type used for resolution. |
handlerType | string | This conflict resolution strategy executes an auto-merge. |
detectionTypeRequired public readonly detectionType: string;
The conflict detection type used for resolution.
handlerTypeRequired public readonly handlerType: string;
This conflict resolution strategy executes an auto-merge.
For more information, refer to https://docs.aws.amazon.com/appsync/latest/devguide/conflict-detection-and-sync.html#conflict-detection-and-resolution
Project level configuration for conflict resolution.
import { ConflictResolution } from '@aws-amplify/graphql-api-construct'
const conflictResolution: ConflictResolution = { ... }
| Name | Type | Description |
|---|---|---|
models | {[ key: string ]: AutomergeConflictResolutionStrategy | OptimisticConflictResolutionStrategy | CustomConflictResolutionStrategy} | Model-specific conflict resolution overrides. |
project | AutomergeConflictResolutionStrategy | OptimisticConflictResolutionStrategy | CustomConflictResolutionStrategy | Project-wide config for conflict resolution. |
modelspublic readonly models: {[ key: string ]: AutomergeConflictResolutionStrategy | OptimisticConflictResolutionStrategy | CustomConflictResolutionStrategy};
Model-specific conflict resolution overrides.
projectpublic readonly project: AutomergeConflictResolutionStrategy | OptimisticConflictResolutionStrategy | CustomConflictResolutionStrategy;
Project-wide config for conflict resolution.
Applies to all non-overridden models.
Common parameters for conflict resolution.
import { ConflictResolutionStrategyBase } from '@aws-amplify/graphql-api-construct'
const conflictResolutionStrategyBase: ConflictResolutionStrategyBase = { ... }
| Name | Type | Description |
|---|---|---|
detectionType | string | The conflict detection type used for resolution. |
detectionTypeRequired public readonly detectionType: string;
The conflict detection type used for resolution.
Enable custom sync on the project, powered by a lambda.
import { CustomConflictResolutionStrategy } from '@aws-amplify/graphql-api-construct'
const customConflictResolutionStrategy: CustomConflictResolutionStrategy = { ... }
| Name | Type | Description |
|---|---|---|
detectionType | string | The conflict detection type used for resolution. |
conflictHandler | aws-cdk-lib.aws_lambda.IFunction | The function which will be invoked for conflict resolution. |
handlerType | string | This conflict resolution strategy uses a lambda handler type. |
detectionTypeRequired public readonly detectionType: string;
The conflict detection type used for resolution.
conflictHandlerRequired public readonly conflictHandler: IFunction;
The function which will be invoked for conflict resolution.
handlerTypeRequired public readonly handlerType: string;
This conflict resolution strategy uses a lambda handler type.
For more information, refer to https://docs.aws.amazon.com/appsync/latest/devguide/conflict-detection-and-sync.html#conflict-detection-and-resolution
The input type for defining a ModelDataSourceStrategy used to resolve a field annotated with a @sql directive.
Although this is a
public type, you should rarely need to use this. The AmplifyGraphqlDefinition factory methods (e.g., fromString,
fromFilesAndStrategy) will automatically construct this structure for you.
import { CustomSqlDataSourceStrategy } from '@aws-amplify/graphql-api-construct'
const customSqlDataSourceStrategy: CustomSqlDataSourceStrategy = { ... }
| Name | Type | Description |
|---|---|---|
fieldName | string | The field name with which the custom SQL is associated. |
strategy | SQLLambdaModelDataSourceStrategy | The strategy used to create the datasource that will resolve the custom SQL statement. |
typeName | string | The built-in type (either "Query" or "Mutation") with which the custom SQL is associated. |
fieldNameRequired public readonly fieldName: string;
The field name with which the custom SQL is associated.
strategyRequired public readonly strategy: SQLLambdaModelDataSourceStrategy;
The strategy used to create the datasource that will resolve the custom SQL statement.
typeNameRequired public readonly typeName: string;
The built-in type (either "Query" or "Mutation") with which the custom SQL is associated.
Project level configuration for DataStore.
import { DataStoreConfiguration } from '@aws-amplify/graphql-api-construct'
const dataStoreConfiguration: DataStoreConfiguration = { ... }
| Name | Type | Description |
|---|---|---|
models | {[ key: string ]: AutomergeConflictResolutionStrategy | OptimisticConflictResolutionStrategy | CustomConflictResolutionStrategy} | Model-specific conflict resolution overrides. |
project | AutomergeConflictResolutionStrategy | OptimisticConflictResolutionStrategy | CustomConflictResolutionStrategy | Project-wide config for conflict resolution. |
modelsOptional public readonly models: {[ key: string ]: AutomergeConflictResolutionStrategy | OptimisticConflictResolutionStrategy | CustomConflictResolutionStrategy};
Model-specific conflict resolution overrides.
projectOptional public readonly project: AutomergeConflictResolutionStrategy | OptimisticConflictResolutionStrategy | CustomConflictResolutionStrategy;
Project-wide config for conflict resolution.
Applies to all non-overridden models.
Use default CloudFormation type 'AWS::DynamoDB::Table' to provision table.
import { DefaultDynamoDbModelDataSourceStrategy } from '@aws-amplify/graphql-api-construct'
const defaultDynamoDbModelDataSourceStrategy: DefaultDynamoDbModelDataSourceStrategy = { ... }
| Name | Type | Description |
|---|---|---|
dbType | string | No description. |
provisionStrategy | string | No description. |
dbTypeRequired public readonly dbType: string;
provisionStrategyRequired public readonly provisionStrategy: string;
Common slot parameters.
import { FunctionSlotBase } from '@aws-amplify/graphql-api-construct'
const functionSlotBase: FunctionSlotBase = { ... }
| Name | Type | Description |
|---|---|---|
fieldName | string | The field to attach this function to on the Api definition. |
function | FunctionSlotOverride | The overridden behavior for this slot. |
slotIndex | number | The slot index to use to inject this into the execution pipeline. |
fieldNameRequired public readonly fieldName: string;
The field to attach this function to on the Api definition.
functionRequired public readonly function: FunctionSlotOverride;
The overridden behavior for this slot.
slotIndexRequired public readonly slotIndex: number;
The slot index to use to inject this into the execution pipeline.
For more information on slotting, refer to https://docs.amplify.aws/cli/graphql/custom-business-logic/#extend-amplify-generated-resolvers
Params exposed to support configuring and overriding pipelined slots.
This allows configuration of the underlying function, including the request and response mapping templates.
import { FunctionSlotOverride } from '@aws-amplify/graphql-api-construct'
const functionSlotOverride: FunctionSlotOverride = { ... }
| Name | Type | Description |
|---|---|---|
requestMappingTemplate | aws-cdk-lib.aws_appsync.MappingTemplate | Override request mapping template for the function slot. |
responseMappingTemplate | aws-cdk-lib.aws_appsync.MappingTemplate | Override response mapping template for the function slot. |
requestMappingTemplateOptional public readonly requestMappingTemplate: MappingTemplate;
Override request mapping template for the function slot.
Executed before the datasource is invoked.
responseMappingTemplateOptional public readonly responseMappingTemplate: MappingTemplate;
Override response mapping template for the function slot.
Executed after the datasource is invoked.
Configuration for IAM Authorization on the Graphql Api.
import { IAMAuthorizationConfig } from '@aws-amplify/graphql-api-construct'
const iAMAuthorizationConfig: IAMAuthorizationConfig = { ... }
| Name | Type | Description |
|---|---|---|
authenticatedUserRole | aws-cdk-lib.aws_iam.IRole | Authenticated user role, applies to { provider: iam, allow: private } access. |
identityPoolId | string | ID for the Cognito Identity Pool vending auth and unauth roles. |
unauthenticatedUserRole | aws-cdk-lib.aws_iam.IRole | Unauthenticated user role, applies to { provider: iam, allow: public } access. |
allowListedRoles | string | aws-cdk-lib.aws_iam.IRole[] | A list of IAM roles which will be granted full read/write access to the generated model if IAM auth is enabled. |
authenticatedUserRoleRequired public readonly authenticatedUserRole: IRole;
Authenticated user role, applies to { provider: iam, allow: private } access.
identityPoolIdRequired public readonly identityPoolId: string;
ID for the Cognito Identity Pool vending auth and unauth roles.
Format: <region>:<id string>
unauthenticatedUserRoleRequired public readonly unauthenticatedUserRole: IRole;
Unauthenticated user role, applies to { provider: iam, allow: public } access.
allowListedRolesOptional public readonly allowListedRoles: string | IRole[];
A list of IAM roles which will be granted full read/write access to the generated model if IAM auth is enabled.
If an IRole is provided, the role name will be used for matching.
If a string is provided, the raw value will be used for matching.
Configuration for Custom Lambda authorization on the Graphql Api.
import { LambdaAuthorizationConfig } from '@aws-amplify/graphql-api-construct'
const lambdaAuthorizationConfig: LambdaAuthorizationConfig = { ... }
| Name | Type | Description |
|---|---|---|
function | aws-cdk-lib.aws_lambda.IFunction | The authorizer lambda function. |
ttl | aws-cdk-lib.Duration | How long the results are cached. |
functionRequired public readonly function: IFunction;
The authorizer lambda function.
ttlRequired public readonly ttl: Duration;
How long the results are cached.
Slot types for Mutation Resolvers.
import { MutationFunctionSlot } from '@aws-amplify/graphql-api-construct'
const mutationFunctionSlot: MutationFunctionSlot = { ... }
| Name | Type | Description |
|---|---|---|
fieldName | string | The field to attach this function to on the Api definition. |
function | FunctionSlotOverride | The overridden behavior for this slot. |
slotIndex | number | The slot index to use to inject this into the execution pipeline. |
slotName | string | The slot name to inject this behavior into. |
typeName | string | This slot type applies to the Mutation type on the Api definition. |
fieldNameRequired public readonly fieldName: string;
The field to attach this function to on the Api definition.
functionRequired public readonly function: FunctionSlotOverride;
The overridden behavior for this slot.
slotIndexRequired public readonly slotIndex: number;
The slot index to use to inject this into the execution pipeline.
For more information on slotting, refer to https://docs.amplify.aws/cli/graphql/custom-business-logic/#extend-amplify-generated-resolvers
slotNameRequired public readonly slotName: string;
The slot name to inject this behavior into.
For more information on slotting, refer to https://docs.amplify.aws/cli/graphql/custom-business-logic/#extend-amplify-generated-resolvers
typeNameRequired public readonly typeName: string;
This slot type applies to the Mutation type on the Api definition.
Configuration for OpenId Connect Authorization on the Graphql Api.
import { OIDCAuthorizationConfig } from '@aws-amplify/graphql-api-construct'
const oIDCAuthorizationConfig: OIDCAuthorizationConfig = { ... }
| Name | Type | Description |
|---|---|---|
oidcIssuerUrl | string | Url for the OIDC token issuer. |
oidcProviderName | string | The issuer for the OIDC configuration. |
tokenExpiryFromAuth | aws-cdk-lib.Duration | The duration an OIDC token is valid after being authenticated by OIDC provider. |
tokenExpiryFromIssue | aws-cdk-lib.Duration | The duration an OIDC token is valid after being issued to a user. |
clientId | string | The client identifier of the Relying party at the OpenID identity provider. |
oidcIssuerUrlRequired public readonly oidcIssuerUrl: string;
Url for the OIDC token issuer.
oidcProviderNameRequired public readonly oidcProviderName: string;
The issuer for the OIDC configuration.
tokenExpiryFromAuthRequired public readonly tokenExpiryFromAuth: Duration;
The duration an OIDC token is valid after being authenticated by OIDC provider.
auth_time claim in OIDC token is required for this validation to work.
tokenExpiryFromIssueRequired public readonly tokenExpiryFromIssue: Duration;
The duration an OIDC token is valid after being issued to a user.
This validation uses iat claim of OIDC token.
clientIdOptional public readonly clientId: string;
The client identifier of the Relying party at the OpenID identity provider.
A regular expression can be specified so AppSync can validate against multiple client identifiers at a time. Example
Enable automerge on the project.
import { OptimisticConflictResolutionStrategy } from '@aws-amplify/graphql-api-construct'
const optimisticConflictResolutionStrategy: OptimisticConflictResolutionStrategy = { ... }
| Name | Type | Description |
|---|---|---|
detectionType | string | The conflict detection type used for resolution. |
handlerType | string | This conflict resolution strategy the _version to perform optimistic concurrency. |
detectionTypeRequired public readonly detectionType: string;
The conflict detection type used for resolution.
handlerTypeRequired public readonly handlerType: string;
This conflict resolution strategy the _version to perform optimistic concurrency.
For more information, refer to https://docs.aws.amazon.com/appsync/latest/devguide/conflict-detection-and-sync.html#conflict-detection-and-resolution
A utility interface equivalent to Partial.
import { PartialTranslationBehavior } from '@aws-amplify/graphql-api-construct'
const partialTranslationBehavior: PartialTranslationBehavior = { ... }
| Name | Type | Description |
|---|---|---|
allowDestructiveGraphqlSchemaUpdates | boolean | The following schema updates require replacement of the underlying DynamoDB table:. |
disableResolverDeduping | boolean | Disable resolver deduping, this can sometimes cause problems because dedupe ordering isn't stable today, which can lead to circular dependencies across stacks if models are reordered. |
enableAutoIndexQueryNames | boolean | Automate generation of query names, and as a result attaching all indexes as queries to the generated Api. |
enableSearchNodeToNodeEncryption | boolean | If enabled, set nodeToNodeEncryption on the searchable domain (if one exists). |
enableTransformerCfnOutputs | boolean | When enabled, internal cfn outputs which existed in Amplify-generated apps will continue to be emitted. |
populateOwnerFieldForStaticGroupAuth | boolean | Ensure that the owner field is still populated even if a static iam or group authorization applies. |
replaceTableUponGsiUpdate | boolean | This behavior will only come into effect when both "allowDestructiveGraphqlSchemaUpdates" and this value are set to true. |
respectPrimaryKeyAttributesOnConnectionField | boolean | Enable custom primary key support, there's no good reason to disable this unless trying not to update a legacy app. |
sandboxModeEnabled | boolean | Enabling sandbox mode will enable api key auth on all models in the transformed schema. |
secondaryKeyAsGSI | boolean | If disabled, generated. |
shouldDeepMergeDirectiveConfigDefaults | boolean | Restore parity w/ GQLv1. |
suppressApiKeyGeneration | boolean | If enabled, disable api key resource generation even if specified as an auth rule on the construct. |
useSubUsernameForDefaultIdentityClaim | boolean | Ensure that oidc and userPool auth use the sub field in the for the username field, which disallows new users with the same id to access data from a deleted user in the pool. |
allowDestructiveGraphqlSchemaUpdatesOptional public readonly allowDestructiveGraphqlSchemaUpdates: boolean;
The following schema updates require replacement of the underlying DynamoDB table:.
Removing or renaming a model
ALL DATA WILL BE LOST when the table replacement happens. When enabled, destructive updates are allowed. This will only affect DynamoDB tables with provision strategy "AMPLIFY_TABLE".
disableResolverDedupingOptional public readonly disableResolverDeduping: boolean;
Disable resolver deduping, this can sometimes cause problems because dedupe ordering isn't stable today, which can lead to circular dependencies across stacks if models are reordered.
enableAutoIndexQueryNamesOptional public readonly enableAutoIndexQueryNames: boolean;
Automate generation of query names, and as a result attaching all indexes as queries to the generated Api.
If enabled,
enableSearchNodeToNodeEncryptionOptional public readonly enableSearchNodeToNodeEncryption: boolean;
If enabled, set nodeToNodeEncryption on the searchable domain (if one exists).
Not recommended for use, prefer to use `Object.values(resources.additionalResources['AWS::Elasticsearch::Domain']).forEach((domain: CfnDomain) => { domain.NodeToNodeEncryptionOptions = { Enabled: True }; });
enableTransformerCfnOutputsOptional public readonly enableTransformerCfnOutputs: boolean;
When enabled, internal cfn outputs which existed in Amplify-generated apps will continue to be emitted.
populateOwnerFieldForStaticGroupAuthOptional public readonly populateOwnerFieldForStaticGroupAuth: boolean;
Ensure that the owner field is still populated even if a static iam or group authorization applies.
replaceTableUponGsiUpdateOptional public readonly replaceTableUponGsiUpdate: boolean;
This behavior will only come into effect when both "allowDestructiveGraphqlSchemaUpdates" and this value are set to true.
When enabled, any global secondary index update operation will replace the table instead of iterative deployment, which will WIPE ALL EXISTING DATA but cost much less time for deployment This will only affect DynamoDB tables with provision strategy "AMPLIFY_TABLE".
respectPrimaryKeyAttributesOnConnectionFieldOptional public readonly respectPrimaryKeyAttributesOnConnectionField: boolean;
Enable custom primary key support, there's no good reason to disable this unless trying not to update a legacy app.
sandboxModeEnabledOptional public readonly sandboxModeEnabled: boolean;
Enabling sandbox mode will enable api key auth on all models in the transformed schema.
secondaryKeyAsGSIOptional public readonly secondaryKeyAsGSI: boolean;
If disabled, generated.
shouldDeepMergeDirectiveConfigDefaultsOptional public readonly shouldDeepMergeDirectiveConfigDefaults: boolean;
Restore parity w/ GQLv1.
suppressApiKeyGenerationOptional public readonly suppressApiKeyGeneration: boolean;
If enabled, disable api key resource generation even if specified as an auth rule on the construct.
This is a legacy parameter from the Graphql Transformer existing in Amplify CLI, not recommended to change.
useSubUsernameForDefaultIdentityClaimOptional public readonly useSubUsernameForDefaultIdentityClaim: boolean;
Ensure that oidc and userPool auth use the sub field in the for the username field, which disallows new users with the same id to access data from a deleted user in the pool.
The configuration for the provisioned concurrency of the Lambda.
import { ProvisionedConcurrencyConfig } from '@aws-amplify/graphql-api-construct'
const provisionedConcurrencyConfig: ProvisionedConcurrencyConfig = { ... }
| Name | Type | Description |
|---|---|---|
provisionedConcurrentExecutions | number | The amount of provisioned concurrency to allocate. |
provisionedConcurrentExecutionsRequired public readonly provisionedConcurrentExecutions: number;
The amount of provisioned concurrency to allocate.
Wrapper for provisioned throughput config in DDB.
import { ProvisionedThroughput } from '@aws-amplify/graphql-api-construct'
const provisionedThroughput: ProvisionedThroughput = { ... }
| Name | Type | Description |
|---|---|---|
readCapacityUnits | number | The read capacity units on the table or index. |
writeCapacityUnits | number | The write capacity units on the table or index. |
readCapacityUnitsRequired public readonly readCapacityUnits: number;
The read capacity units on the table or index.
writeCapacityUnitsRequired public readonly writeCapacityUnits: number;
The write capacity units on the table or index.
Slot types for Query Resolvers.
import { QueryFunctionSlot } from '@aws-amplify/graphql-api-construct'
const queryFunctionSlot: QueryFunctionSlot = { ... }
| Name | Type | Description |
|---|---|---|
fieldName | string | The field to attach this function to on the Api definition. |
function | FunctionSlotOverride | The overridden behavior for this slot. |
slotIndex | number | The slot index to use to inject this into the execution pipeline. |
slotName | string | The slot name to inject this behavior into. |
typeName | string | This slot type applies to the Query type on the Api definition. |
fieldNameRequired public readonly fieldName: string;
The field to attach this function to on the Api definition.
functionRequired public readonly function: FunctionSlotOverride;
The overridden behavior for this slot.
slotIndexRequired public readonly slotIndex: number;
The slot index to use to inject this into the execution pipeline.
For more information on slotting, refer to https://docs.amplify.aws/cli/graphql/custom-business-logic/#extend-amplify-generated-resolvers
slotNameRequired public readonly slotName: string;
The slot name to inject this behavior into.
For more information on slotting, refer to https://docs.amplify.aws/cli/graphql/custom-business-logic/#extend-amplify-generated-resolvers
typeNameRequired public readonly typeName: string;
This slot type applies to the Query type on the Api definition.
A strategy that creates a Lambda to connect to a pre-existing SQL table to resolve model data.
import { SQLLambdaModelDataSourceStrategy } from '@aws-amplify/graphql-api-construct'
const sQLLambdaModelDataSourceStrategy: SQLLambdaModelDataSourceStrategy = { ... }
| Name | Type | Description |
|---|---|---|
dbConnectionConfig | SqlModelDataSourceSecretsManagerDbConnectionConfig | SqlModelDataSourceSsmDbConnectionConfig | The parameters the Lambda data source will use to connect to the database. |
dbType | string | The type of the SQL database used to process model operations for this definition. |
name | string | The name of the strategy. |
customSqlStatements | {[ key: string ]: string} | Custom SQL statements. |
sqlLambdaProvisionedConcurrencyConfig | ProvisionedConcurrencyConfig | The configuration for the provisioned concurrency of the Lambda. |
vpcConfiguration | VpcConfig | The configuration of the VPC into which to install the Lambda. |
dbConnectionConfigRequired public readonly dbConnectionConfig: SqlModelDataSourceSecretsManagerDbConnectionConfig | SqlModelDataSourceSsmDbConnectionConfig;
The parameters the Lambda data source will use to connect to the database.
dbTypeRequired public readonly dbType: string;
The type of the SQL database used to process model operations for this definition.
nameRequired public readonly name: string;
The name of the strategy.
This will be used to name the AppSync DataSource itself, plus any associated resources like resolver Lambdas. This name must be unique across all schema definitions in a GraphQL API.
customSqlStatementsOptional public readonly customSqlStatements: {[ key: string ]: string};
Custom SQL statements.
The key is the value of the references attribute of the @sql directive in the schema; the value is the SQL
to be executed.
sqlLambdaProvisionedConcurrencyConfigOptional public readonly sqlLambdaProvisionedConcurrencyConfig: ProvisionedConcurrencyConfig;
The configuration for the provisioned concurrency of the Lambda.
vpcConfigurationOptional public readonly vpcConfiguration: VpcConfig;
The configuration of the VPC into which to install the Lambda.
The credentials stored in Secrets Manager that the lambda data source will use to connect to the database.
The managed secret should be in the same region as the lambda.
import { SqlModelDataSourceSecretsManagerDbConnectionConfig } from '@aws-amplify/graphql-api-construct'
const sqlModelDataSourceSecretsManagerDbConnectionConfig: SqlModelDataSourceSecretsManagerDbConnectionConfig = { ... }
| Name | Type | Description |
|---|---|---|
databaseName | string | The database name. |
hostname | string | The hostame of the database. |
port | number | The port number of the database proxy, cluster, or instance. |
secretArn | string | The ARN of the managed secret with username, password, and hostname to use when connecting to the database. |
keyArn | string | The ARN of the customer managed encryption key for the secret. |
databaseNameRequired public readonly databaseName: string;
The database name.
hostnameRequired public readonly hostname: string;
The hostame of the database.
portRequired public readonly port: number;
The port number of the database proxy, cluster, or instance.
secretArnRequired public readonly secretArn: string;
The ARN of the managed secret with username, password, and hostname to use when connecting to the database.
keyArnOptional public readonly keyArn: string;
The ARN of the customer managed encryption key for the secret.
If not supplied, the secret is expected to be encrypted with the default AWS-managed key. *
The Secure Systems Manager parameter paths the Lambda data source will use to connect to the database.
These parameters are retrieved from Secure Systems Manager in the same region as the Lambda.
import { SqlModelDataSourceSsmDbConnectionConfig } from '@aws-amplify/graphql-api-construct'
const sqlModelDataSourceSsmDbConnectionConfig: SqlModelDataSourceSsmDbConnectionConfig = { ... }
| Name | Type | Description |
|---|---|---|
databaseNameSsmPath | string | The Secure Systems Manager parameter containing the database name. |
hostnameSsmPath | string | The Secure Systems Manager parameter containing the hostname of the database. |
passwordSsmPath | string | The Secure Systems Manager parameter containing the password to use when connecting to the database. |
portSsmPath | string | The Secure Systems Manager parameter containing the port number of the database proxy, cluster, or instance. |
usernameSsmPath | string | The Secure Systems Manager parameter containing the username to use when connecting to the database. |
databaseNameSsmPathRequired public readonly databaseNameSsmPath: string;
The Secure Systems Manager parameter containing the database name.
hostnameSsmPathRequired public readonly hostnameSsmPath: string;
The Secure Systems Manager parameter containing the hostname of the database.
For RDS-based SQL data sources, this can be the hostname of a database proxy, cluster, or instance.
passwordSsmPathRequired public readonly passwordSsmPath: string;
The Secure Systems Manager parameter containing the password to use when connecting to the database.
portSsmPathRequired public readonly portSsmPath: string;
The Secure Systems Manager parameter containing the port number of the database proxy, cluster, or instance.
usernameSsmPathRequired public readonly usernameSsmPath: string;
The Secure Systems Manager parameter containing the username to use when connecting to the database.
Represents the settings used to enable server-side encryption.
import { SSESpecification } from '@aws-amplify/graphql-api-construct'
const sSESpecification: SSESpecification = { ... }
| Name | Type | Description |
|---|---|---|
sseEnabled | boolean | Indicates whether server-side encryption is done using an AWS managed key or an AWS owned key. |
kmsMasterKeyId | string | The AWS KMS key that should be used for the AWS KMS encryption. |
sseType | SSEType | Server-side encryption type. |
sseEnabledRequired public readonly sseEnabled: boolean;
Indicates whether server-side encryption is done using an AWS managed key or an AWS owned key.
If enabled (true), server-side encryption type is set to KMS and an AWS managed key is used ( AWS KMS charges apply).
If disabled (false) or not specified, server-side encryption is set to AWS owned key.
kmsMasterKeyIdOptional public readonly kmsMasterKeyId: string;
The AWS KMS key that should be used for the AWS KMS encryption.
To specify a key, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. Note that you should only provide
this parameter if the key is different from the default DynamoDB key alias/aws/dynamodb .
sseTypeOptional public readonly sseType: SSEType;
Server-side encryption type.
The only supported value is:
KMS Server-side encryption that uses AWS Key Management Service.
The key is stored in your account and is managed by AWS KMS ( AWS KMS charges apply).
Represents the DynamoDB Streams configuration for a table in DynamoDB.
import { StreamSpecification } from '@aws-amplify/graphql-api-construct'
const streamSpecification: StreamSpecification = { ... }
| Name | Type | Description |
|---|---|---|
streamViewType | aws-cdk-lib.aws_dynamodb.StreamViewType | When an item in the table is modified, StreamViewType determines what information is written to the stream for this table. |
streamViewTypeRequired public readonly streamViewType: StreamViewType;
When an item in the table is modified, StreamViewType determines what information is written to the stream for this table.
Valid values for StreamViewType are:
KEYS_ONLY - Only the key attributes of the modified item are written to the stream.NEW_IMAGE - The entire item, as it appears after it was modified, is written to the stream.OLD_IMAGE - The entire item, as it appeared before it was modified, is written to the stream.NEW_AND_OLD_IMAGES - Both the new and the old item images of the item are written to the stream.Subnet configuration for VPC endpoints used by a Lambda resolver for a SQL-based data source.
Although it is possible to create multiple subnets in a single availability zone, VPC service endpoints may only be deployed to a single subnet in a given availability zone. This structure ensures that the Lambda function and VPC service endpoints are mutually consistent.
import { SubnetAvailabilityZone } from '@aws-amplify/graphql-api-construct'
const subnetAvailabilityZone: SubnetAvailabilityZone = { ... }
| Name | Type | Description |
|---|---|---|
availabilityZone | string | The availability zone of the subnet. |
subnetId | string | The subnet ID to install the Lambda data source in. |
availabilityZoneRequired public readonly availabilityZone: string;
The availability zone of the subnet.
subnetIdRequired public readonly subnetId: string;
The subnet ID to install the Lambda data source in.
Slot types for Subscription Resolvers.
import { SubscriptionFunctionSlot } from '@aws-amplify/graphql-api-construct'
const subscriptionFunctionSlot: SubscriptionFunctionSlot = { ... }
| Name | Type | Description |
|---|---|---|
fieldName | string | The field to attach this function to on the Api definition. |
function | FunctionSlotOverride | The overridden behavior for this slot. |
slotIndex | number | The slot index to use to inject this into the execution pipeline. |
slotName | string | The slot name to inject this behavior into. |
typeName | string | This slot type applies to the Subscription type on the Api definition. |
fieldNameRequired public readonly fieldName: string;
The field to attach this function to on the Api definition.
functionRequired public readonly function: FunctionSlotOverride;
The overridden behavior for this slot.
slotIndexRequired public readonly slotIndex: number;
The slot index to use to inject this into the execution pipeline.
For more information on slotting, refer to https://docs.amplify.aws/cli/graphql/custom-business-logic/#extend-amplify-generated-resolvers
slotNameRequired public readonly slotName: string;
The slot name to inject this behavior into.
For more information on slotting, refer to https://docs.amplify.aws/cli/graphql/custom-business-logic/#extend-amplify-generated-resolvers
typeNameRequired public readonly typeName: string;
This slot type applies to the Subscription type on the Api definition.
Shape for TTL config.
import { TimeToLiveSpecification } from '@aws-amplify/graphql-api-construct'
const timeToLiveSpecification: TimeToLiveSpecification = { ... }
| Name | Type | Description |
|---|---|---|
enabled | boolean | Boolean determining if the ttl is enabled or not. |
attributeName | string | Attribute name to apply to the ttl spec. |
enabledRequired public readonly enabled: boolean;
Boolean determining if the ttl is enabled or not.
attributeNameOptional public readonly attributeName: string;
Attribute name to apply to the ttl spec.
Strongly typed set of shared parameters for all transformers, and core layer.
This is intended to replace feature flags, to ensure param coercion happens in a single location, and isn't spread around the transformers, where they can have different default behaviors.
import { TranslationBehavior } from '@aws-amplify/graphql-api-construct'
const translationBehavior: TranslationBehavior = { ... }
| Name | Type | Description |
|---|---|---|
allowDestructiveGraphqlSchemaUpdates | boolean | The following schema updates require replacement of the underlying DynamoDB table:. |
disableResolverDeduping | boolean | Disable resolver deduping, this can sometimes cause problems because dedupe ordering isn't stable today, which can lead to circular dependencies across stacks if models are reordered. |
enableAutoIndexQueryNames | boolean | Automate generation of query names, and as a result attaching all indexes as queries to the generated Api. |
enableSearchNodeToNodeEncryption | boolean | No description. |
enableTransformerCfnOutputs | boolean | When enabled, internal cfn outputs which existed in Amplify-generated apps will continue to be emitted. |
populateOwnerFieldForStaticGroupAuth | boolean | Ensure that the owner field is still populated even if a static iam or group authorization applies. |
replaceTableUponGsiUpdate | boolean | This behavior will only come into effect when both "allowDestructiveGraphqlSchemaUpdates" and this value are set to true. |
respectPrimaryKeyAttributesOnConnectionField | boolean | Enable custom primary key support, there's no good reason to disable this unless trying not to update a legacy app. |
sandboxModeEnabled | boolean | Enabling sandbox mode will enable api key auth on all models in the transformed schema. |
secondaryKeyAsGSI | boolean | If disabled, generated. |
shouldDeepMergeDirectiveConfigDefaults | boolean | Restore parity w/ GQLv1. |
suppressApiKeyGeneration | boolean | If enabled, disable api key resource generation even if specified as an auth rule on the construct. |
useSubUsernameForDefaultIdentityClaim | boolean | Ensure that oidc and userPool auth use the sub field in the for the username field, which disallows new users with the same id to access data from a deleted user in the pool. |
allowDestructiveGraphqlSchemaUpdatesRequired public readonly allowDestructiveGraphqlSchemaUpdates: boolean;
The following schema updates require replacement of the underlying DynamoDB table:.
Removing or renaming a model
ALL DATA WILL BE LOST when the table replacement happens. When enabled, destructive updates are allowed. This will only affect DynamoDB tables with provision strategy "AMPLIFY_TABLE".
disableResolverDedupingRequired public readonly disableResolverDeduping: boolean;
Disable resolver deduping, this can sometimes cause problems because dedupe ordering isn't stable today, which can lead to circular dependencies across stacks if models are reordered.
enableAutoIndexQueryNamesRequired public readonly enableAutoIndexQueryNames: boolean;
Automate generation of query names, and as a result attaching all indexes as queries to the generated Api.
If enabled,
enableSearchNodeToNodeEncryptionRequired public readonly enableSearchNodeToNodeEncryption: boolean;
enableTransformerCfnOutputsRequired public readonly enableTransformerCfnOutputs: boolean;
When enabled, internal cfn outputs which existed in Amplify-generated apps will continue to be emitted.
populateOwnerFieldForStaticGroupAuthRequired public readonly populateOwnerFieldForStaticGroupAuth: boolean;
Ensure that the owner field is still populated even if a static iam or group authorization applies.
replaceTableUponGsiUpdateRequired public readonly replaceTableUponGsiUpdate: boolean;
This behavior will only come into effect when both "allowDestructiveGraphqlSchemaUpdates" and this value are set to true.
When enabled, any GSI update operation will replace the table instead of iterative deployment, which will WIPE ALL EXISTING DATA but cost much less time for deployment This will only affect DynamoDB tables with provision strategy "AMPLIFY_TABLE".
respectPrimaryKeyAttributesOnConnectionFieldRequired public readonly respectPrimaryKeyAttributesOnConnectionField: boolean;
Enable custom primary key support, there's no good reason to disable this unless trying not to update a legacy app.
sandboxModeEnabledRequired public readonly sandboxModeEnabled: boolean;
Enabling sandbox mode will enable api key auth on all models in the transformed schema.
secondaryKeyAsGSIRequired public readonly secondaryKeyAsGSI: boolean;
If disabled, generated.
shouldDeepMergeDirectiveConfigDefaultsRequired public readonly shouldDeepMergeDirectiveConfigDefaults: boolean;
Restore parity w/ GQLv1.
suppressApiKeyGenerationRequired public readonly suppressApiKeyGeneration: boolean;
If enabled, disable api key resource generation even if specified as an auth rule on the construct.
This is a legacy parameter from the Graphql Transformer existing in Amplify CLI, not recommended to change.
useSubUsernameForDefaultIdentityClaimRequired public readonly useSubUsernameForDefaultIdentityClaim: boolean;
Ensure that oidc and userPool auth use the sub field in the for the username field, which disallows new users with the same id to access data from a deleted user in the pool.
Configuration for Cognito UserPool Authorization on the Graphql Api.
import { UserPoolAuthorizationConfig } from '@aws-amplify/graphql-api-construct'
const userPoolAuthorizationConfig: UserPoolAuthorizationConfig = { ... }
| Name | Type | Description |
|---|---|---|
userPool | aws-cdk-lib.aws_cognito.IUserPool | The Cognito User Pool which is used to authenticated JWT tokens, and vends group and user information. |
userPoolRequired public readonly userPool: IUserPool;
The Cognito User Pool which is used to authenticated JWT tokens, and vends group and user information.
Configuration of the VPC in which to install a Lambda to resolve queries against a SQL-based data source.
The SQL Lambda will be deployed into the specified VPC, subnets, and security groups. The specified subnets and security groups must be in the same VPC. The VPC must have at least one subnet. The construct will also create VPC service endpoints in the specified subnets, as well as inbound security rules, to allow traffic on port 443 within each security group. This allows the Lambda to read database connection information from Secure Systems Manager.
import { VpcConfig } from '@aws-amplify/graphql-api-construct'
const vpcConfig: VpcConfig = { ... }
| Name | Type | Description |
|---|---|---|
securityGroupIds | string[] | The security groups to install the Lambda data source in. |
subnetAvailabilityZoneConfig | SubnetAvailabilityZone[] | The subnets to install the Lambda data source in, one per availability zone. |
vpcId | string | The VPC to install the Lambda data source in. |
securityGroupIdsRequired public readonly securityGroupIds: string[];
The security groups to install the Lambda data source in.
subnetAvailabilityZoneConfigRequired public readonly subnetAvailabilityZoneConfig: SubnetAvailabilityZone[];
The subnets to install the Lambda data source in, one per availability zone.
vpcIdRequired public readonly vpcId: string;
The VPC to install the Lambda data source in.
Wrapper class around Custom::AmplifyDynamoDBTable custom resource, to simplify the override experience a bit.
This is NOT a construct, just an easier way to access
the generated construct.
This is a wrapper intended to mimic the aws_cdk_lib.aws_dynamodb.Table functionality more-or-less.
Notable differences is the addition of TKTK properties, to account for the fact that they're constructor props
in the CDK construct, as well as the removal of all from*, grant*, and metric* methods implemented by Table.
import { AmplifyDynamoDbTableWrapper } from '@aws-amplify/graphql-api-construct'
new AmplifyDynamoDbTableWrapper(resource: CfnResource)
| Name | Type | Description |
|---|---|---|
resource | aws-cdk-lib.CfnResource | the Cfn resource. |
resourceRequired the Cfn resource.
| Name | Description |
|---|---|
applyRemovalPolicy | Set the deletion policy of the resource based on the removal policy specified. |
setGlobalSecondaryIndexProvisionedThroughput | Set the provisionedThroughtput for a specified GSI by name. |
applyRemovalPolicy public applyRemovalPolicy(policy: RemovalPolicy): void
Set the deletion policy of the resource based on the removal policy specified.
policyRequired removal policy to set.
setGlobalSecondaryIndexProvisionedThroughput public setGlobalSecondaryIndexProvisionedThroughput(indexName: string, provisionedThroughput: ProvisionedThroughput): void
Set the provisionedThroughtput for a specified GSI by name.
indexNameRequired the index to specify a provisionedThroughput config for.
provisionedThroughputRequired the config to set.
| Name | Description |
|---|---|
isAmplifyDynamoDbTableResource | Return true and perform type narrowing if a given input appears to be capable of. |
isAmplifyDynamoDbTableResource import { AmplifyDynamoDbTableWrapper } from '@aws-amplify/graphql-api-construct'
AmplifyDynamoDbTableWrapper.isAmplifyDynamoDbTableResource(x: any)
Return true and perform type narrowing if a given input appears to be capable of.
xRequired the object to check.
| Name | Type | Description |
|---|---|---|
billingMode | aws-cdk-lib.aws_dynamodb.BillingMode | Specify how you are charged for read and write throughput and how you manage capacity. |
deletionProtectionEnabled | boolean | Set table deletion protection. |
pointInTimeRecoveryEnabled | boolean | Whether point-in-time recovery is enabled. |
provisionedThroughput | ProvisionedThroughput | Update the provisioned throughput for the base table. |
sseSpecification | SSESpecification | Set the ddb server-side encryption specification on the table. |
streamSpecification | StreamSpecification | Set the ddb stream specification on the table. |
timeToLiveAttribute | TimeToLiveSpecification | The name of TTL attribute. |
billingModeRequired public readonly billingMode: BillingMode;
Specify how you are charged for read and write throughput and how you manage capacity.
deletionProtectionEnabledRequired public readonly deletionProtectionEnabled: boolean;
Set table deletion protection.
pointInTimeRecoveryEnabledRequired public readonly pointInTimeRecoveryEnabled: boolean;
Whether point-in-time recovery is enabled.
provisionedThroughputRequired public readonly provisionedThroughput: ProvisionedThroughput;
Update the provisioned throughput for the base table.
sseSpecificationRequired public readonly sseSpecification: SSESpecification;
Set the ddb server-side encryption specification on the table.
streamSpecificationRequired public readonly streamSpecification: StreamSpecification;
Set the ddb stream specification on the table.
timeToLiveAttributeRequired public readonly timeToLiveAttribute: TimeToLiveSpecification;
The name of TTL attribute.
Class exposing utilities to produce IAmplifyGraphqlDefinition objects given various inputs.
import { AmplifyGraphqlDefinition } from '@aws-amplify/graphql-api-construct'
new AmplifyGraphqlDefinition()
| Name | Type | Description |
|---|
| Name | Description |
|---|---|
combine | Combines multiple IAmplifyGraphqlDefinitions into a single definition. |
fromFiles | Convert one or more appsync SchemaFile objects into an Amplify Graphql Schema, binding them to a DynamoDB data source. |
fromFilesAndStrategy | Convert one or more appsync SchemaFile objects into an Amplify Graphql Schema. |
fromString | Produce a schema definition from a string input. |
combine import { AmplifyGraphqlDefinition } from '@aws-amplify/graphql-api-construct'
AmplifyGraphqlDefinition.combine(definitions: IAmplifyGraphqlDefinition[])
Combines multiple IAmplifyGraphqlDefinitions into a single definition.
definitionsRequired the definitions to combine.
fromFiles import { AmplifyGraphqlDefinition } from '@aws-amplify/graphql-api-construct'
AmplifyGraphqlDefinition.fromFiles(filePaths: string)
Convert one or more appsync SchemaFile objects into an Amplify Graphql Schema, binding them to a DynamoDB data source.
filePathsRequired one or more paths to the graphql files to process.
fromFilesAndStrategy import { AmplifyGraphqlDefinition } from '@aws-amplify/graphql-api-construct'
AmplifyGraphqlDefinition.fromFilesAndStrategy(filePaths: string | string[], dataSourceStrategy?: DefaultDynamoDbModelDataSourceStrategy | AmplifyDynamoDbModelDataSourceStrategy | SQLLambdaModelDataSourceStrategy)
Convert one or more appsync SchemaFile objects into an Amplify Graphql Schema.
filePathsRequired one or more paths to the graphql files to process.
dataSourceStrategyOptional the provisioning definition for datasources that resolve @models in this schema.
The DynamoDB from CloudFormation will be used by default.
fromString import { AmplifyGraphqlDefinition } from '@aws-amplify/graphql-api-construct'
AmplifyGraphqlDefinition.fromString(schema: string, dataSourceStrategy?: DefaultDynamoDbModelDataSourceStrategy | AmplifyDynamoDbModelDataSourceStrategy | SQLLambdaModelDataSourceStrategy)
Produce a schema definition from a string input.
schemaRequired the graphql input as a string.
dataSourceStrategyOptional the provisioning definition for datasources that resolve @models and custom SQL statements in this schema.
The DynamoDB from CloudFormation will be used by default.
Class exposing utilities to produce SQLLambdaModelDataSourceStrategy objects given various inputs.
import { SQLLambdaModelDataSourceStrategyFactory } from '@aws-amplify/graphql-api-construct'
new SQLLambdaModelDataSourceStrategyFactory()
| Name | Type | Description |
|---|
| Name | Description |
|---|---|
fromCustomSqlFiles | Creates a SQLLambdaModelDataSourceStrategy where the binding's customSqlStatements are populated from sqlFiles. |
fromCustomSqlFiles import { SQLLambdaModelDataSourceStrategyFactory } from '@aws-amplify/graphql-api-construct'
SQLLambdaModelDataSourceStrategyFactory.fromCustomSqlFiles(sqlFiles: string[], options: SQLLambdaModelDataSourceStrategy)
Creates a SQLLambdaModelDataSourceStrategy where the binding's customSqlStatements are populated from sqlFiles.
The key
of the customSqlStatements record is the file's base name (that is, the name of the file minus the directory and extension).
sqlFilesRequired the list of files to load SQL statements from.
optionsRequired the remaining SQLLambdaModelDataSourceStrategy options.
Graphql Api definition, which can be implemented in multiple ways.
| Name | Type | Description |
|---|---|---|
dataSourceStrategies | {[ key: string ]: DefaultDynamoDbModelDataSourceStrategy | AmplifyDynamoDbModelDataSourceStrategy | SQLLambdaModelDataSourceStrategy} | Retrieve the datasource strategy mapping. |
functionSlots | MutationFunctionSlot | QueryFunctionSlot | SubscriptionFunctionSlot[] | Retrieve any function slots defined explicitly in the Api definition. |
schema | string | Return the schema definition as a graphql string, with amplify directives allowed. |
customSqlDataSourceStrategies | CustomSqlDataSourceStrategy[] | An array of custom Query or Mutation SQL commands to the data sources that resolves them. |
referencedLambdaFunctions | {[ key: string ]: aws-cdk-lib.aws_lambda.IFunction} | Retrieve the references to any lambda functions used in the definition. |
dataSourceStrategiesRequired public readonly dataSourceStrategies: {[ key: string ]: DefaultDynamoDbModelDataSourceStrategy | AmplifyDynamoDbModelDataSourceStrategy | SQLLambdaModelDataSourceStrategy};
Retrieve the datasource strategy mapping.
The default strategy is to use DynamoDB from CloudFormation.
functionSlotsRequired public readonly functionSlots: MutationFunctionSlot | QueryFunctionSlot | SubscriptionFunctionSlot[];
Retrieve any function slots defined explicitly in the Api definition.
schemaRequired public readonly schema: string;
Return the schema definition as a graphql string, with amplify directives allowed.
customSqlDataSourceStrategiesOptional public readonly customSqlDataSourceStrategies: CustomSqlDataSourceStrategy[];
An array of custom Query or Mutation SQL commands to the data sources that resolves them.
referencedLambdaFunctionsOptional public readonly referencedLambdaFunctions: {[ key: string ]: IFunction};
Retrieve the references to any lambda functions used in the definition.
Useful for wiring through aws_lambda.Function constructs into the definition directly, and generated references to invoke them.
Entry representing the required output from the backend for codegen generate commands to work.
| Name | Type | Description |
|---|---|---|
payload | {[ key: string ]: string} | The string-map payload of generated config values. |
version | string | The protocol version for this backend output. |
payloadRequired public readonly payload: {[ key: string ]: string};
The string-map payload of generated config values.
versionRequired public readonly version: string;
The protocol version for this backend output.
Backend output strategy used to write config required for codegen tasks.
| Name | Description |
|---|---|
addBackendOutputEntry | Add an entry to backend output. |
addBackendOutputEntry public addBackendOutputEntry(keyName: string, backendOutputEntry: IBackendOutputEntry): void
Add an entry to backend output.
keyNameRequired the key.
backendOutputEntryRequired the record to store in the backend output.
Server Side Encryption Type Values - KMS - Server-side encryption that uses AWS KMS.
The key is stored in your account and is managed by KMS (AWS KMS charges apply).
| Name | Description |
|---|---|
KMS | No description. |
KMS FAQs
AppSync GraphQL Api Construct using Amplify GraphQL Transformer.
The npm package @aws-amplify/graphql-api-construct receives a total of 38,840 weekly downloads. As such, @aws-amplify/graphql-api-construct popularity was classified as popular.
We found that @aws-amplify/graphql-api-construct demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.