@aws-amplify/graphql-model-transformer - npm Package Compare versions

lib/resources/amplify-dynamodb-table/amplify-table-manager-lambda/cfn-response.d.ts

lib/resources/amplify-dynamodb-table/amplify-table-manager-lambda/cfn-response.d.ts.map

lib/resources/amplify-dynamodb-table/amplify-table-manager-lambda/cfn-response.js

lib/resources/amplify-dynamodb-table/amplify-table-manager-lambda/cfn-response.js.map

lib/resources/amplify-dynamodb-table/amplify-table-manager-lambda/outbound.d.ts

lib/resources/amplify-dynamodb-table/amplify-table-manager-lambda/outbound.d.ts.map

lib/resources/amplify-dynamodb-table/amplify-table-manager-lambda/outbound.js

lib/resources/amplify-dynamodb-table/amplify-table-manager-lambda/outbound.js.map

lib/resources/amplify-dynamodb-table/amplify-table-manager-lambda/util.d.ts

lib/resources/amplify-dynamodb-table/amplify-table-manager-lambda/util.d.ts.map

lib/resources/amplify-dynamodb-table/amplify-table-manager-lambda/util.js

lib/resources/amplify-dynamodb-table/amplify-table-manager-lambda/util.js.map

lib/resources/amplify-dynamodb-table/provider.d.ts

lib/resources/amplify-dynamodb-table/provider.d.ts.map

lib/resources/amplify-dynamodb-table/provider.js

lib/resources/amplify-dynamodb-table/provider.js.map

lib/resources/amplify-dynamodb-table/waiter-state-machine.d.ts

lib/resources/amplify-dynamodb-table/waiter-state-machine.d.ts.map

lib/resources/amplify-dynamodb-table/waiter-state-machine.js

lib/resources/amplify-dynamodb-table/waiter-state-machine.js.map

2

API.md

		@@ -204,3 +204,3 @@ ## API Report File for "@aws-amplify/graphql-model-transformer"
		// (undocumented)
		createIAMRole: (context: TransformerContextProvider, def: ObjectTypeDefinitionNode, stack: cdk.Stack, tableName: string) => iam.Role;
		createIAMRole: (context: TransformerContextProvider, def: ObjectTypeDefinitionNode, stack: cdk.Stack, tableName: string) => iam.IRole;
		// (undocumented)
		@@ -207,0 +207,0 @@ ensureModelSortDirectionEnum: (ctx: TransformerValidationStepContextProvider) => void;

11

CHANGELOG.md

		@@ -6,2 +6,13 @@ # Change Log

		## [2.9.1-cdk-upgrade-2.129.0.0](https://github.com/aws-amplify/amplify-category-api/compare/@aws-amplify/graphql-model-transformer@2.9.0...@aws-amplify/graphql-model-transformer@2.9.1-cdk-upgrade-2.129.0.0) (2024-05-01)

		### Bug Fixes

		- graphql-relational-transformer: nullability enforcement for references relational fields ([#2510](https://github.com/aws-amplify/amplify-category-api/issues/2510)) ([d540097](https://github.com/aws-amplify/amplify-category-api/commit/d54009736092410b2d6e78ebf116a38298bf03ce))
		- set installLatestAwsSdk on AwsCustomResource to false ([#2509](https://github.com/aws-amplify/amplify-category-api/issues/2509)) ([53665c0](https://github.com/aws-amplify/amplify-category-api/commit/53665c05122ce2339c8c5358b9b6b57395e4de87))

		### Performance Improvements

		- graphql-model-transformer: minimal provider framework and inline policies ([#2490](https://github.com/aws-amplify/amplify-category-api/issues/2490)) ([a86c816](https://github.com/aws-amplify/amplify-category-api/commit/a86c816ceb288376c4dfa9b1d12413edd28cf75e))

		# [2.9.0](https://github.com/aws-amplify/amplify-category-api/compare/@aws-amplify/graphql-model-transformer@2.8.0...@aws-amplify/graphql-model-transformer@2.9.0) (2024-04-26)
		@@ -8,0 +19,0 @@

2

lib/graphql-model-transformer.d.ts

		@@ -69,3 +69,3 @@ import { TransformerModelBase } from '@aws-amplify/graphql-transformer-core';
		}) => ObjectTypeDefinitionNode;
		createIAMRole: (context: TransformerContextProvider, def: ObjectTypeDefinitionNode, stack: cdk.Stack, tableName: string) => iam.Role;
		createIAMRole: (context: TransformerContextProvider, def: ObjectTypeDefinitionNode, stack: cdk.Stack, tableName: string) => iam.IRole;
		private createNonModelInputs;
		@@ -72,0 +72,0 @@ private isModelField;

2

lib/resolvers/rds/resolver.js

		@@ -99,2 +99,3 @@ "use strict";
		}),
		installLatestAwsSdk: false,
		});
		@@ -124,2 +125,3 @@ return customResource;
		}),
		installLatestAwsSdk: false,
		});
		@@ -126,0 +128,0 @@ return customResource;

1

lib/resources/amplify-dynamodb-table/amplify-dynamo-model-resource-generator.d.ts

		@@ -8,3 +8,2 @@ import { TransformerContextProvider } from '@aws-amplify/graphql-transformer-interfaces';
		private customResourceServiceToken;
		private ddbManagerPolicy?;
		generateResources(ctx: TransformerContextProvider): void;
		@@ -11,0 +10,0 @@ protected createCustomProviderResource(scope: Construct, context: TransformerContextProvider): void;

99

lib/resources/amplify-dynamodb-table/amplify-dynamo-model-resource-generator.js

		@@ -35,2 +35,4 @@ "use strict";
		const amplify_dynamodb_table_construct_1 = require("./amplify-dynamodb-table-construct");
		const waiter_state_machine_1 = require("./waiter-state-machine");
		const provider_1 = require("./provider");
		exports.ITERATIVE_TABLE_STACK_NAME = 'AmplifyTableManager';
		@@ -43,3 +45,2 @@ class AmplifyDynamoModelResourceGenerator extends dynamo_model_resource_generator_1.DynamoModelResourceGenerator {
		generateResources(ctx) {
		var _a;
		if (!this.isEnabled()) {
		@@ -60,49 +61,63 @@ return;
		});
		if (this.ddbManagerPolicy) {
		(_a = this.ddbManagerPolicy) === null \|\| _a === void 0 ? void 0 : _a.addStatements(new aws_cdk_lib_1.aws_iam.PolicyStatement({
		actions: [
		'dynamodb:CreateTable',
		'dynamodb:UpdateTable',
		'dynamodb:DeleteTable',
		'dynamodb:DescribeTable',
		'dynamodb:DescribeContinuousBackups',
		'dynamodb:DescribeTimeToLive',
		'dynamodb:UpdateContinuousBackups',
		'dynamodb:UpdateTimeToLive',
		],
		resources: [
		cdk.Fn.sub('arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/*-${apiId}-${envName}', {
		apiId: ctx.api.apiId,
		envName: ctx.synthParameters.amplifyEnvironmentName,
		}),
		],
		}));
		}
		this.generateResolvers(ctx);
		}
		createCustomProviderResource(scope, context) {
		this.ddbManagerPolicy = new aws_cdk_lib_1.aws_iam.Policy(scope, 'CreateUpdateDeleteTablesPolicy');
		const lambdaCode = aws_cdk_lib_1.aws_lambda.Code.fromAsset(path.join(__dirname, '..', '..', '..', 'lib', 'resources', 'amplify-dynamodb-table', 'amplify-table-manager-lambda'));
		const gsiOnEventHandler = new aws_cdk_lib_1.aws_lambda.Function(scope, graphql_transformer_common_1.ResourceConstants.RESOURCES.TableManagerOnEventHandlerLogicalID, {
		runtime: aws_cdk_lib_1.aws_lambda.Runtime.NODEJS_18_X,
		code: lambdaCode,
		handler: 'amplify-table-manager-handler.onEvent',
		timeout: aws_cdk_lib_1.Duration.minutes(14),
		const lambdaCode = aws_cdk_lib_1.aws_lambda.Code.fromAsset(path.join(__dirname, '..', '..', '..', 'lib', 'resources', 'amplify-dynamodb-table', 'amplify-table-manager-lambda'), { exclude: ['*.ts'] });
		const lambdaPolicyDocument = new aws_cdk_lib_1.aws_iam.PolicyDocument({
		statements: [
		new aws_cdk_lib_1.aws_iam.PolicyStatement({
		actions: [
		'dynamodb:CreateTable',
		'dynamodb:UpdateTable',
		'dynamodb:DeleteTable',
		'dynamodb:DescribeTable',
		'dynamodb:DescribeContinuousBackups',
		'dynamodb:DescribeTimeToLive',
		'dynamodb:UpdateContinuousBackups',
		'dynamodb:UpdateTimeToLive',
		],
		resources: [
		cdk.Fn.sub('arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/*-${apiId}-${envName}', {
		apiId: context.api.apiId,
		envName: context.synthParameters.amplifyEnvironmentName,
		}),
		],
		}),
		],
		});
		const gsiIsCompleteHandler = new aws_cdk_lib_1.aws_lambda.Function(scope, graphql_transformer_common_1.ResourceConstants.RESOURCES.TableManagerIsCompleteHandlerLogicalID, {
		runtime: aws_cdk_lib_1.aws_lambda.Runtime.NODEJS_18_X,
		code: lambdaCode,
		handler: 'amplify-table-manager-handler.isComplete',
		timeout: aws_cdk_lib_1.Duration.minutes(14),
		const isCompleteRole = new aws_cdk_lib_1.aws_iam.Role(scope, 'AmplifyManagedTableIsCompleteRole', {
		assumedBy: new aws_cdk_lib_1.aws_iam.ServicePrincipal('lambda.amazonaws.com'),
		managedPolicies: [aws_cdk_lib_1.aws_iam.ManagedPolicy.fromAwsManagedPolicyName('service-role/AWSLambdaBasicExecutionRole')],
		inlinePolicies: {
		CreateUpdateDeleteTablesPolicy: lambdaPolicyDocument,
		},
		}).withoutPolicyUpdates();
		const onEventRole = new aws_cdk_lib_1.aws_iam.Role(scope, 'AmplifyManagedTableOnEventRole', {
		assumedBy: new aws_cdk_lib_1.aws_iam.ServicePrincipal('lambda.amazonaws.com'),
		managedPolicies: [aws_cdk_lib_1.aws_iam.ManagedPolicy.fromAwsManagedPolicyName('service-role/AWSLambdaBasicExecutionRole')],
		inlinePolicies: {
		CreateUpdateDeleteTablesPolicy: lambdaPolicyDocument,
		},
		});
		this.ddbManagerPolicy.attachToRole(gsiOnEventHandler.role);
		this.ddbManagerPolicy.attachToRole(gsiIsCompleteHandler.role);
		const customResourceProvider = new aws_cdk_lib_1.custom_resources.Provider(scope, graphql_transformer_common_1.ResourceConstants.RESOURCES.TableManagerCustomProviderLogicalID, {
		onEventHandler: gsiOnEventHandler,
		isCompleteHandler: gsiIsCompleteHandler,
		logRetention: aws_cdk_lib_1.aws_logs.RetentionDays.ONE_MONTH,
		queryInterval: aws_cdk_lib_1.Duration.seconds(30),
		totalTimeout: aws_cdk_lib_1.Duration.hours(2),
		const customResourceProvider = new provider_1.Provider(scope, graphql_transformer_common_1.ResourceConstants.RESOURCES.TableManagerCustomProviderLogicalID, {
		lambdaCode,
		onEventHandlerName: 'amplify-table-manager-handler.onEvent',
		onEventRole,
		isCompleteHandlerName: 'amplify-table-manager-handler.isComplete',
		isCompleteRole,
		});
		this.customResourceServiceToken = customResourceProvider.serviceToken;
		const { onEventHandler, isCompleteHandler, serviceToken } = customResourceProvider;
		const queryInterval = aws_cdk_lib_1.Duration.seconds(10);
		const totalTimeout = aws_cdk_lib_1.Duration.hours(1);
		const stateMachineProps = {
		isCompleteHandler,
		queryInterval,
		totalTimeout,
		maxAttempts: totalTimeout.toSeconds() / queryInterval.toSeconds(),
		backoffRate: 1,
		};
		const waiterStateMachine = new waiter_state_machine_1.WaiterStateMachine(scope, 'AmplifyTableWaiterStateMachine', stateMachineProps);
		onEventHandler.addEnvironment('WAITER_STATE_MACHINE_ARN', waiterStateMachine.stateMachineArn);
		waiterStateMachine.grantStartExecution(onEventHandler);
		this.customResourceServiceToken = serviceToken;
		}
		@@ -109,0 +124,0 @@ createModelTable(scope, def, context) {

4

lib/resources/amplify-dynamodb-table/amplify-table-manager-lambda/amplify-table-manager-handler.d.ts

		import { ContinuousBackupsDescription, CreateTableCommandInput, TableDescription, TimeToLiveDescription, UpdateContinuousBackupsCommandInput, UpdateTableCommandInput, UpdateTimeToLiveCommandInput } from '@aws-sdk/client-dynamodb';
		export declare const onEvent: (event: AWSCDKAsyncCustomResource.OnEventRequest) => Promise<AWSCDKAsyncCustomResource.OnEventResponse>;
		export declare const isComplete: (event: AWSCDKAsyncCustomResource.IsCompleteRequest) => Promise<AWSCDKAsyncCustomResource.IsCompleteResponse>;
		export declare const onEvent: (event: any) => Promise<void>;
		export declare const isComplete: (event: any) => Promise<void>;
		export declare const getNextAtomicUpdate: (currentState: TableDescription, endState: CustomDDB.Input) => UpdateTableCommandInput \| undefined;
		@@ -5,0 +5,0 @@ export declare const getStreamUpdate: (currentState: TableDescription, endState: CustomDDB.Input) => Promise<UpdateTableCommandInput \| undefined>;

128

lib/resources/amplify-dynamodb-table/amplify-table-manager-lambda/amplify-table-manager-handler.js

		"use strict";
		var __createBinding = (this && this.__createBinding) \|\| (Object.create ? (function(o, m, k, k2) {
		if (k2 === undefined) k2 = k;
		var desc = Object.getOwnPropertyDescriptor(m, k);
		if (!desc \|\| ("get" in desc ? !m.__esModule : desc.writable \|\| desc.configurable)) {
		desc = { enumerable: true, get: function() { return m[k]; } };
		}
		Object.defineProperty(o, k2, desc);
		}) : (function(o, m, k, k2) {
		if (k2 === undefined) k2 = k;
		o[k2] = m[k];
		}));
		var __setModuleDefault = (this && this.__setModuleDefault) \|\| (Object.create ? (function(o, v) {
		Object.defineProperty(o, "default", { enumerable: true, value: v });
		}) : function(o, v) {
		o["default"] = v;
		});
		var __importStar = (this && this.__importStar) \|\| function (mod) {
		if (mod && mod.__esModule) return mod;
		var result = {};
		if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
		__setModuleDefault(result, mod);
		return result;
		};
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.isTtlModified = exports.toCreateTableInput = exports.extractOldTableInputFromEvent = exports.extractTableInputFromEvent = exports.getPointInTimeRecoveryUpdate = exports.getTtlUpdate = exports.getDeletionProtectionUpdate = exports.getSseUpdate = exports.getStreamUpdate = exports.getNextAtomicUpdate = exports.isComplete = exports.onEvent = void 0;
		const client_dynamodb_1 = require("@aws-sdk/client-dynamodb");
		const cfnResponse = __importStar(require("./cfn-response"));
		const outbound_1 = require("./outbound");
		const util_1 = require("./util");
		const ddbClient = new client_dynamodb_1.DynamoDB();
		@@ -12,6 +38,50 @@ const finished = {
		};
		const log = (msg, ...other) => {
		console.log(msg, other.map((o) => (typeof o === 'object' ? JSON.stringify(o, undefined, 2) : o)));
		};
		const onEvent = async (event) => {
		exports.onEvent = cfnResponse.safeHandler(onEventHandler);
		exports.isComplete = cfnResponse.safeHandler(isCompleteHandler);
		async function onEventHandler(cfnRequest) {
		const sanitizedRequest = { ...cfnRequest, ResponseURL: '[redacted]' };
		(0, util_1.log)('onEventHandler', sanitizedRequest);
		cfnRequest.ResourceProperties = cfnRequest.ResourceProperties \|\| {};
		const onEventResult = await processOnEvent(sanitizedRequest);
		(0, util_1.log)('onEvent returned:', onEventResult);
		const resourceEvent = createResponseEvent(cfnRequest, onEventResult);
		if (cfnRequest.RequestType == 'Delete') {
		(0, util_1.log)('Submitting response to CloudFormation');
		await cfnResponse.submitResponse('SUCCESS', resourceEvent, { noEcho: resourceEvent.NoEcho });
		}
		else {
		const waiter = {
		stateMachineArn: (0, util_1.getEnv)('WAITER_STATE_MACHINE_ARN'),
		name: resourceEvent.RequestId,
		input: JSON.stringify(resourceEvent),
		};
		(0, util_1.log)('starting waiter', {
		stateMachineArn: waiter.stateMachineArn,
		name: resourceEvent.RequestId,
		});
		await (0, outbound_1.startExecution)(waiter);
		}
		}
		async function isCompleteHandler(event) {
		const sanitizedRequest = { ...event, ResponseURL: '[redacted]' };
		(0, util_1.log)('isComplete', sanitizedRequest);
		const isCompleteResult = await processIsComplete(sanitizedRequest);
		(0, util_1.log)('isComplete result', isCompleteResult);
		if (!isCompleteResult.IsComplete) {
		if (isCompleteResult.Data && Object.keys(isCompleteResult.Data).length > 0) {
		throw new Error('"Data" is not allowed if "IsComplete" is "False"');
		}
		throw new cfnResponse.Retry(JSON.stringify(event));
		}
		const response = {
		...event,
		...isCompleteResult,
		Data: {
		...event.Data,
		...isCompleteResult.Data,
		},
		};
		await cfnResponse.submitResponse('SUCCESS', response, { noEcho: event.NoEcho });
		}
		const processOnEvent = async (event) => {
		var _a;
		@@ -48,3 +118,3 @@ console.log({ ...event, ResponseURL: '[redacted]' });
		}
		log('Current table state: ', describeTableResult);
		(0, util_1.log)('Current table state: ', describeTableResult);
		if (isKeySchemaModified(describeTableResult.Table.KeySchema, tableDef.keySchema)) {
		@@ -70,3 +140,3 @@ console.log('Detected table key schema change. Update requires replacement');
		if (pointInTimeUpdate) {
		log('Computed point in time recovery update', pointInTimeUpdate);
		(0, util_1.log)('Computed point in time recovery update', pointInTimeUpdate);
		await ddbClient.updateContinuousBackups(pointInTimeUpdate);
		@@ -78,3 +148,3 @@ await retry(async () => await isTableReady(event.PhysicalResourceId), (res) => res === true);
		if (deletionProtectionUpdate) {
		log('Computed deletion protection update', deletionProtectionUpdate);
		(0, util_1.log)('Computed deletion protection update', deletionProtectionUpdate);
		await ddbClient.updateTable(deletionProtectionUpdate);
		@@ -86,3 +156,3 @@ await retry(async () => await isTableReady(event.PhysicalResourceId), (res) => res === true);
		if (sseUpdate) {
		log('Computed server side encryption update', sseUpdate);
		(0, util_1.log)('Computed server side encryption update', sseUpdate);
		await ddbClient.updateTable(sseUpdate);
		@@ -94,3 +164,3 @@ await retry(async () => await isTableReady(event.PhysicalResourceId), (res) => res === true);
		if (streamUpdate) {
		log('Computed stream specification update', streamUpdate);
		(0, util_1.log)('Computed stream specification update', streamUpdate);
		await ddbClient.updateTable(streamUpdate);
		@@ -105,3 +175,3 @@ await retry(async () => await isTableReady(event.PhysicalResourceId), (res) => res === true);
		if (ttlUpdate) {
		log('Computed time to live update', ttlUpdate);
		(0, util_1.log)('Computed time to live update', ttlUpdate);
		console.log('Initiating TTL update');
		@@ -122,3 +192,3 @@ await ddbClient.updateTimeToLive(ttlUpdate);
		if (nextGsiUpdate) {
		log('Computed next update', nextGsiUpdate);
		(0, util_1.log)('Computed next update', nextGsiUpdate);
		console.log('Initiating table GSI update');
		@@ -164,6 +234,5 @@ await ddbClient.updateTable(nextGsiUpdate);
		};
		exports.onEvent = onEvent;
		const isComplete = async (event) => {
		const processIsComplete = async (event) => {
		var _a, _b, _c;
		log('got event', { ...event, ResponseURL: '[redacted]' });
		(0, util_1.log)('got event', { ...event, ResponseURL: '[redacted]' });
		if (event.RequestType === 'Delete') {
		@@ -208,3 +277,3 @@ console.log('Delete is finished');
		const nextUpdate = (0, exports.getNextAtomicUpdate)(describeTableResult.Table, endState);
		log('Computed next update', nextUpdate);
		(0, util_1.log)('Computed next update', nextUpdate);
		if (!nextUpdate) {
		@@ -218,3 +287,2 @@ console.log('No additional updates needed. Update finished');
		};
		exports.isComplete = isComplete;
		const replaceTable = async (currentState, endState) => {
		@@ -240,5 +308,31 @@ if (currentState.DeletionProtectionEnabled === true) {
		};
		log('Returning result', result);
		(0, util_1.log)('Returning result', result);
		return result;
		};
		const createResponseEvent = (cfnRequest, onEventResult) => {
		onEventResult = onEventResult \|\| {};
		const physicalResourceId = onEventResult.PhysicalResourceId \|\| defaultPhysicalResourceId(cfnRequest);
		if (cfnRequest.RequestType === 'Delete' && physicalResourceId != cfnRequest.PhysicalResourceId) {
		throw new Error(`DELETE: cannot change the physical resource ID from "${cfnRequest.PhysicalResourceId} to "${onEventResult.PhysicalResourceId}" during deletion"`);
		}
		if (cfnRequest.RequestType === 'Update' && physicalResourceId !== cfnRequest.PhysicalResourceId) {
		(0, util_1.log)(`UPDATE: changing physical resource ID from "${cfnRequest.PhysicalResourceId}" to "${onEventResult.PhysicalResourceId}"`);
		}
		return {
		...cfnRequest,
		...onEventResult,
		PhysicalResourceId: physicalResourceId,
		};
		};
		const defaultPhysicalResourceId = (req) => {
		switch (req.RequestType) {
		case 'Create':
		return req.RequestId;
		case 'Update':
		case 'Delete':
		return req.PhysicalResourceId;
		default:
		throw new Error(`Invalid "RequestType" in request "${JSON.stringify(req)}"`);
		}
		};
		const getNextAtomicUpdate = (currentState, endState) => {
		@@ -245,0 +339,0 @@ var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l;

4

lib/resources/dynamo-model-resource-generator.d.ts

		@@ -14,6 +14,6 @@ import * as cdk from 'aws-cdk-lib';
		protected createModelTable(scope: Construct, def: ObjectTypeDefinitionNode, context: TransformerContextProvider): void;
		protected createModelTableDataSource(def: ObjectTypeDefinitionNode, context: TransformerContextProvider, table: ITable, scope: Construct, role: iam.Role, dataSourceLogicalName: string): void;
		protected createModelTableDataSource(def: ObjectTypeDefinitionNode, context: TransformerContextProvider, table: ITable, scope: Construct, role: iam.IRole, dataSourceLogicalName: string): void;
		protected createDynamoDBParameters(scope: Construct, isNestedStack: boolean): Record<string, cdk.CfnParameter>;
		createIAMRole: (context: TransformerContextProvider, def: ObjectTypeDefinitionNode, scope: Construct, tableName: string) => iam.Role;
		createIAMRole: (context: TransformerContextProvider, def: ObjectTypeDefinitionNode, scope: Construct, tableName: string) => iam.IRole;
		}
		//# sourceMappingURL=dynamo-model-resource-generator.d.ts.map

72

lib/resources/dynamo-model-resource-generator.js

		@@ -40,43 +40,49 @@ "use strict";
		const roleName = context.resourceHelper.generateIAMRoleName(graphql_transformer_common_1.ModelResourceIDs.ModelTableIAMRoleID(def.name.value));
		const amplifyDataStoreTableName = context.resourceHelper.generateTableName(graphql_transformer_common_1.SyncResourceIDs.syncTableName);
		const role = new iam.Role(scope, graphql_transformer_common_1.ModelResourceIDs.ModelTableIAMRoleID(def.name.value), {
		roleName,
		assumedBy: new iam.ServicePrincipal('appsync.amazonaws.com'),
		});
		(0, graphql_transformer_core_1.setResourceName)(role, { name: graphql_transformer_common_1.ModelResourceIDs.ModelTableIAMRoleID(def.name.value), setOnDefaultChild: true });
		const amplifyDataStoreTableName = context.resourceHelper.generateTableName(graphql_transformer_common_1.SyncResourceIDs.syncTableName);
		role.attachInlinePolicy(new iam.Policy(scope, 'DynamoDBAccess', {
		statements: [
		new iam.PolicyStatement({
		effect: iam.Effect.ALLOW,
		actions: [
		'dynamodb:BatchGetItem',
		'dynamodb:BatchWriteItem',
		'dynamodb:PutItem',
		'dynamodb:DeleteItem',
		'dynamodb:GetItem',
		'dynamodb:Scan',
		'dynamodb:Query',
		'dynamodb:UpdateItem',
		],
		resources: [
		cdk.Fn.sub('arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/${tablename}', {
		tablename: tableName,
		}),
		cdk.Fn.sub('arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/${tablename}/*', {
		tablename: tableName,
		}),
		...(context.isProjectUsingDataStore()
		? [
		inlinePolicies: {
		DynamoDBAccess: new iam.PolicyDocument({
		statements: [
		new iam.PolicyStatement({
		effect: iam.Effect.ALLOW,
		actions: [
		'dynamodb:BatchGetItem',
		'dynamodb:BatchWriteItem',
		'dynamodb:PutItem',
		'dynamodb:DeleteItem',
		'dynamodb:GetItem',
		'dynamodb:Scan',
		'dynamodb:Query',
		'dynamodb:UpdateItem',
		'dynamodb:ConditionCheckItem',
		'dynamodb:DescribeTable',
		'dynamodb:GetRecords',
		'dynamodb:GetShardIterator',
		],
		resources: [
		cdk.Fn.sub('arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/${tablename}', {
		tablename: amplifyDataStoreTableName,
		tablename: tableName,
		}),
		cdk.Fn.sub('arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/${tablename}/*', {
		tablename: amplifyDataStoreTableName,
		tablename: tableName,
		}),
		]
		: []),
		...(context.isProjectUsingDataStore()
		? [
		cdk.Fn.sub('arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/${tablename}', {
		tablename: amplifyDataStoreTableName,
		}),
		cdk.Fn.sub('arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/${tablename}/*', {
		tablename: amplifyDataStoreTableName,
		}),
		]
		: []),
		],
		}),
		],
		}),
		],
		}));
		},
		});
		(0, graphql_transformer_core_1.setResourceName)(role, { name: graphql_transformer_common_1.ModelResourceIDs.ModelTableIAMRoleID(def.name.value), setOnDefaultChild: true });
		const syncConfig = graphql_transformer_core_1.SyncUtils.getSyncConfig(context, def.name.value);
		@@ -86,3 +92,3 @@ if (syncConfig && graphql_transformer_core_1.SyncUtils.isLambdaSyncConfig(syncConfig)) {
		}
		return role;
		return role.withoutPolicyUpdates();
		};
		@@ -89,0 +95,0 @@ }

17

package.json

		{
		"name": "@aws-amplify/graphql-model-transformer",
		"version": "2.9.0",
		"version": "2.9.1-cdk-upgrade-2.129.0.0",
		"description": "Amplify graphql @model transformer",
		@@ -36,4 +36,4 @@ "repository": {
		"@aws-amplify/graphql-directives": "1.1.0",
		"@aws-amplify/graphql-transformer-core": "2.7.0",
		"@aws-amplify/graphql-transformer-interfaces": "3.7.0",
		"@aws-amplify/graphql-transformer-core": "2.7.1-cdk-upgrade-2.129.0.0",
		"@aws-amplify/graphql-transformer-interfaces": "3.7.1-cdk-upgrade-2.129.0.0",
		"graphql": "^15.5.0",
		@@ -44,8 +44,9 @@ "graphql-mapping-template": "4.20.16",
		"peerDependencies": {
		"aws-cdk-lib": "^2.80.0",
		"constructs": "^10.0.5"
		"aws-cdk-lib": "^2.129.0",
		"constructs": "^10.3.0"
		},
		"devDependencies": {
		"@aws-amplify/graphql-transformer-test-utils": "0.5.1",
		"@aws-amplify/graphql-transformer-test-utils": "0.5.2-cdk-upgrade-2.129.0.0",
		"@aws-sdk/client-dynamodb": "^3.431.0",
		"@aws-sdk/client-sfn": "^3.431.0",
		"@types/aws-lambda": "8.10.119",
		@@ -72,3 +73,3 @@ "@types/node": "^12.12.6"
		"branches": 65,
		"functions": 77,
		"functions": 76,
		"lines": 73
		@@ -93,3 +94,3 @@ }
		},
		"gitHead": "ef703418f9e1b9af08a746c602bc67ee1d3baaab"
		"gitHead": "4e83897590ee38d2488a3c081a8928741ab6c1d6"
		}

lib/graphql-model-transformer.d.ts.map