aws-sdk-appsync 1.41.0 → 1.45.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5f6abeafdc0788ba74469d684352e3365ba6c6c073550f6ebb48d1f042629bd5
-  data.tar.gz: fdc01d2c263bbb1b45e97239afde2329b6e347ac1ad46b89419a8e4d23a13dab
+  metadata.gz: abd8e3b9f6bb1ffd9e3bb43044b8be065f54f2b4cdbe05275329b5526ee91ff1
+  data.tar.gz: bfb4e574030d434a9ed107d6cc00b609f2d444a4771206d4b31dc8a1897e33fd
 SHA512:
-  metadata.gz: 61ee7f64b76a109ce086b3fbb8c4d347b81f65a3faf907100b74b4f765cc5090bc1a3bc00af8deb85cc4feec9eafe9aa2c506ed5388505104bace9e391cf9d98
-  data.tar.gz: c27a29b5a52642991081523a708695a707f4bca60b0a3c4d3dfbb7119cc53a50d175ca0a5289b3631e035e62fccada189377166da2248e4279fcf14e70cfecdc
+  metadata.gz: aa5554c713aea57952dd33c68bfefd735efd6125ee18940e716ec751005697e61ccbadc9e831e57c2ad344ea16e72dbc11690598d953aec638ccffc9d621c965
+  data.tar.gz: 67dc19ceb56281b8ee59f3ecb14c8a63ef210b4991d3f4c226f6655676f6b760e5e861bba30cecff24a9d1fa6a22cc1a457b931b4903d5bc716ce6d301fe8c4f

data/CHANGELOG.md

@@ -1,6 +1,26 @@
 Unreleased Changes
 ------------------
 
+1.45.0 (2021-10-18)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.44.0 (2021-09-23)
+------------------
+
+* Feature - Documented the new OpenSearchServiceDataSourceConfig data type. Added deprecation notes to the ElasticsearchDataSourceConfig data type.
+
+1.43.0 (2021-09-01)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.42.0 (2021-07-30)
+------------------
+
+* Feature - AWS AppSync now supports a new authorization mode allowing you to define your own authorization logic using an AWS Lambda function.
+
 1.41.0 (2021-07-28)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.41.0
+1.45.0

data/lib/aws-sdk-appsync/client.rb

@@ -484,17 +484,25 @@ module Aws::AppSync
     #   The type of the `DataSource`.
     #
     # @option params [String] :service_role_arn
-    #   The AWS IAM service role ARN for the data source. The system assumes
-    #   this role when accessing the data source.
+    #   The Identity and Access Management service role ARN for the data
+    #   source. The system assumes this role when accessing the data source.
     #
     # @option params [Types::DynamodbDataSourceConfig] :dynamodb_config
     #   Amazon DynamoDB settings.
     #
     # @option params [Types::LambdaDataSourceConfig] :lambda_config
-    #   AWS Lambda settings.
+    #   Amazon Web Services Lambda settings.
     #
     # @option params [Types::ElasticsearchDataSourceConfig] :elasticsearch_config
-    #   Amazon Elasticsearch Service settings.
+    #   Amazon OpenSearch Service settings.
+    #
+    #   As of September 2021, Amazon Elasticsearch service is Amazon
+    #   OpenSearch Service. This configuration is deprecated. For new data
+    #   sources, use CreateDataSourceRequest$openSearchServiceConfig to create
+    #   an OpenSearch data source.
+    #
+    # @option params [Types::OpenSearchServiceDataSourceConfig] :open_search_service_config
+    #   Amazon OpenSearch Service settings.
     #
     # @option params [Types::HttpDataSourceConfig] :http_config
     #   HTTP endpoint settings.
@@ -512,7 +520,7 @@ module Aws::AppSync
     #     api_id: "String", # required
     #     name: "ResourceName", # required
     #     description: "String",
-    #     type: "AWS_LAMBDA", # required, accepts AWS_LAMBDA, AMAZON_DYNAMODB, AMAZON_ELASTICSEARCH, NONE, HTTP, RELATIONAL_DATABASE
+    #     type: "AWS_LAMBDA", # required, accepts AWS_LAMBDA, AMAZON_DYNAMODB, AMAZON_ELASTICSEARCH, NONE, HTTP, RELATIONAL_DATABASE, AMAZON_OPENSEARCH_SERVICE
     #     service_role_arn: "String",
     #     dynamodb_config: {
     #       table_name: "String", # required
@@ -532,6 +540,10 @@ module Aws::AppSync
     #       endpoint: "String", # required
     #       aws_region: "String", # required
     #     },
+    #     open_search_service_config: {
+    #       endpoint: "String", # required
+    #       aws_region: "String", # required
+    #     },
     #     http_config: {
     #       endpoint: "String",
     #       authorization_config: {
@@ -559,7 +571,7 @@ module Aws::AppSync
     #   resp.data_source.data_source_arn #=> String
     #   resp.data_source.name #=> String
     #   resp.data_source.description #=> String
-    #   resp.data_source.type #=> String, one of "AWS_LAMBDA", "AMAZON_DYNAMODB", "AMAZON_ELASTICSEARCH", "NONE", "HTTP", "RELATIONAL_DATABASE"
+    #   resp.data_source.type #=> String, one of "AWS_LAMBDA", "AMAZON_DYNAMODB", "AMAZON_ELASTICSEARCH", "NONE", "HTTP", "RELATIONAL_DATABASE", "AMAZON_OPENSEARCH_SERVICE"
     #   resp.data_source.service_role_arn #=> String
     #   resp.data_source.dynamodb_config.table_name #=> String
     #   resp.data_source.dynamodb_config.aws_region #=> String
@@ -571,6 +583,8 @@ module Aws::AppSync
     #   resp.data_source.lambda_config.lambda_function_arn #=> String
     #   resp.data_source.elasticsearch_config.endpoint #=> String
     #   resp.data_source.elasticsearch_config.aws_region #=> String
+    #   resp.data_source.open_search_service_config.endpoint #=> String
+    #   resp.data_source.open_search_service_config.aws_region #=> String
     #   resp.data_source.http_config.endpoint #=> String
     #   resp.data_source.http_config.authorization_config.authorization_type #=> String, one of "AWS_IAM"
     #   resp.data_source.http_config.authorization_config.aws_iam_config.signing_region #=> String
@@ -680,8 +694,8 @@ module Aws::AppSync
     #   The Amazon CloudWatch Logs configuration.
     #
     # @option params [required, String] :authentication_type
-    #   The authentication type: API key, AWS IAM, OIDC, or Amazon Cognito
-    #   user pools.
+    #   The authentication type: API key, Identity and Access Management,
+    #   OIDC, Amazon Cognito user pools, or Amazon Web Services Lambda.
     #
     # @option params [Types::UserPoolConfig] :user_pool_config
     #   The Amazon Cognito user pool configuration.
@@ -700,6 +714,9 @@ module Aws::AppSync
     #   A flag indicating whether to enable X-Ray tracing for the
     #   `GraphqlApi`.
     #
+    # @option params [Types::LambdaAuthorizerConfig] :lambda_authorizer_config
+    #   Configuration for Amazon Web Services Lambda function authorization.
+    #
     # @return [Types::CreateGraphqlApiResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateGraphqlApiResponse#graphql_api #graphql_api} => Types::GraphqlApi
@@ -713,7 +730,7 @@ module Aws::AppSync
     #       cloud_watch_logs_role_arn: "String", # required
     #       exclude_verbose_content: false,
     #     },
-    #     authentication_type: "API_KEY", # required, accepts API_KEY, AWS_IAM, AMAZON_COGNITO_USER_POOLS, OPENID_CONNECT
+    #     authentication_type: "API_KEY", # required, accepts API_KEY, AWS_IAM, AMAZON_COGNITO_USER_POOLS, OPENID_CONNECT, AWS_LAMBDA
     #     user_pool_config: {
     #       user_pool_id: "String", # required
     #       aws_region: "String", # required
@@ -731,7 +748,7 @@ module Aws::AppSync
     #     },
     #     additional_authentication_providers: [
     #       {
-    #         authentication_type: "API_KEY", # accepts API_KEY, AWS_IAM, AMAZON_COGNITO_USER_POOLS, OPENID_CONNECT
+    #         authentication_type: "API_KEY", # accepts API_KEY, AWS_IAM, AMAZON_COGNITO_USER_POOLS, OPENID_CONNECT, AWS_LAMBDA
     #         open_id_connect_config: {
     #           issuer: "String", # required
     #           client_id: "String",
@@ -743,16 +760,26 @@ module Aws::AppSync
     #           aws_region: "String", # required
     #           app_id_client_regex: "String",
     #         },
+    #         lambda_authorizer_config: {
+    #           authorizer_result_ttl_in_seconds: 1,
+    #           authorizer_uri: "String", # required
+    #           identity_validation_expression: "String",
+    #         },
     #       },
     #     ],
     #     xray_enabled: false,
+    #     lambda_authorizer_config: {
+    #       authorizer_result_ttl_in_seconds: 1,
+    #       authorizer_uri: "String", # required
+    #       identity_validation_expression: "String",
+    #     },
     #   })
     #
     # @example Response structure
     #
     #   resp.graphql_api.name #=> String
     #   resp.graphql_api.api_id #=> String
-    #   resp.graphql_api.authentication_type #=> String, one of "API_KEY", "AWS_IAM", "AMAZON_COGNITO_USER_POOLS", "OPENID_CONNECT"
+    #   resp.graphql_api.authentication_type #=> String, one of "API_KEY", "AWS_IAM", "AMAZON_COGNITO_USER_POOLS", "OPENID_CONNECT", "AWS_LAMBDA"
     #   resp.graphql_api.log_config.field_log_level #=> String, one of "NONE", "ERROR", "ALL"
     #   resp.graphql_api.log_config.cloud_watch_logs_role_arn #=> String
     #   resp.graphql_api.log_config.exclude_verbose_content #=> Boolean
@@ -770,7 +797,7 @@ module Aws::AppSync
     #   resp.graphql_api.tags #=> Hash
     #   resp.graphql_api.tags["TagKey"] #=> String
     #   resp.graphql_api.additional_authentication_providers #=> Array
-    #   resp.graphql_api.additional_authentication_providers[0].authentication_type #=> String, one of "API_KEY", "AWS_IAM", "AMAZON_COGNITO_USER_POOLS", "OPENID_CONNECT"
+    #   resp.graphql_api.additional_authentication_providers[0].authentication_type #=> String, one of "API_KEY", "AWS_IAM", "AMAZON_COGNITO_USER_POOLS", "OPENID_CONNECT", "AWS_LAMBDA"
     #   resp.graphql_api.additional_authentication_providers[0].open_id_connect_config.issuer #=> String
     #   resp.graphql_api.additional_authentication_providers[0].open_id_connect_config.client_id #=> String
     #   resp.graphql_api.additional_authentication_providers[0].open_id_connect_config.iat_ttl #=> Integer
@@ -778,8 +805,14 @@ module Aws::AppSync
     #   resp.graphql_api.additional_authentication_providers[0].user_pool_config.user_pool_id #=> String
     #   resp.graphql_api.additional_authentication_providers[0].user_pool_config.aws_region #=> String
     #   resp.graphql_api.additional_authentication_providers[0].user_pool_config.app_id_client_regex #=> String
+    #   resp.graphql_api.additional_authentication_providers[0].lambda_authorizer_config.authorizer_result_ttl_in_seconds #=> Integer
+    #   resp.graphql_api.additional_authentication_providers[0].lambda_authorizer_config.authorizer_uri #=> String
+    #   resp.graphql_api.additional_authentication_providers[0].lambda_authorizer_config.identity_validation_expression #=> String
     #   resp.graphql_api.xray_enabled #=> Boolean
     #   resp.graphql_api.waf_web_acl_arn #=> String
+    #   resp.graphql_api.lambda_authorizer_config.authorizer_result_ttl_in_seconds #=> Integer
+    #   resp.graphql_api.lambda_authorizer_config.authorizer_uri #=> String
+    #   resp.graphql_api.lambda_authorizer_config.identity_validation_expression #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/appsync-2017-07-25/CreateGraphqlApi AWS API Documentation
     #
@@ -1203,7 +1236,7 @@ module Aws::AppSync
     #   resp.data_source.data_source_arn #=> String
     #   resp.data_source.name #=> String
     #   resp.data_source.description #=> String
-    #   resp.data_source.type #=> String, one of "AWS_LAMBDA", "AMAZON_DYNAMODB", "AMAZON_ELASTICSEARCH", "NONE", "HTTP", "RELATIONAL_DATABASE"
+    #   resp.data_source.type #=> String, one of "AWS_LAMBDA", "AMAZON_DYNAMODB", "AMAZON_ELASTICSEARCH", "NONE", "HTTP", "RELATIONAL_DATABASE", "AMAZON_OPENSEARCH_SERVICE"
     #   resp.data_source.service_role_arn #=> String
     #   resp.data_source.dynamodb_config.table_name #=> String
     #   resp.data_source.dynamodb_config.aws_region #=> String
@@ -1215,6 +1248,8 @@ module Aws::AppSync
     #   resp.data_source.lambda_config.lambda_function_arn #=> String
     #   resp.data_source.elasticsearch_config.endpoint #=> String
     #   resp.data_source.elasticsearch_config.aws_region #=> String
+    #   resp.data_source.open_search_service_config.endpoint #=> String
+    #   resp.data_source.open_search_service_config.aws_region #=> String
     #   resp.data_source.http_config.endpoint #=> String
     #   resp.data_source.http_config.authorization_config.authorization_type #=> String, one of "AWS_IAM"
     #   resp.data_source.http_config.authorization_config.aws_iam_config.signing_region #=> String
@@ -1296,7 +1331,7 @@ module Aws::AppSync
     #
     #   resp.graphql_api.name #=> String
     #   resp.graphql_api.api_id #=> String
-    #   resp.graphql_api.authentication_type #=> String, one of "API_KEY", "AWS_IAM", "AMAZON_COGNITO_USER_POOLS", "OPENID_CONNECT"
+    #   resp.graphql_api.authentication_type #=> String, one of "API_KEY", "AWS_IAM", "AMAZON_COGNITO_USER_POOLS", "OPENID_CONNECT", "AWS_LAMBDA"
     #   resp.graphql_api.log_config.field_log_level #=> String, one of "NONE", "ERROR", "ALL"
     #   resp.graphql_api.log_config.cloud_watch_logs_role_arn #=> String
     #   resp.graphql_api.log_config.exclude_verbose_content #=> Boolean
@@ -1314,7 +1349,7 @@ module Aws::AppSync
     #   resp.graphql_api.tags #=> Hash
     #   resp.graphql_api.tags["TagKey"] #=> String
     #   resp.graphql_api.additional_authentication_providers #=> Array
-    #   resp.graphql_api.additional_authentication_providers[0].authentication_type #=> String, one of "API_KEY", "AWS_IAM", "AMAZON_COGNITO_USER_POOLS", "OPENID_CONNECT"
+    #   resp.graphql_api.additional_authentication_providers[0].authentication_type #=> String, one of "API_KEY", "AWS_IAM", "AMAZON_COGNITO_USER_POOLS", "OPENID_CONNECT", "AWS_LAMBDA"
     #   resp.graphql_api.additional_authentication_providers[0].open_id_connect_config.issuer #=> String
     #   resp.graphql_api.additional_authentication_providers[0].open_id_connect_config.client_id #=> String
     #   resp.graphql_api.additional_authentication_providers[0].open_id_connect_config.iat_ttl #=> Integer
@@ -1322,8 +1357,14 @@ module Aws::AppSync
     #   resp.graphql_api.additional_authentication_providers[0].user_pool_config.user_pool_id #=> String
     #   resp.graphql_api.additional_authentication_providers[0].user_pool_config.aws_region #=> String
     #   resp.graphql_api.additional_authentication_providers[0].user_pool_config.app_id_client_regex #=> String
+    #   resp.graphql_api.additional_authentication_providers[0].lambda_authorizer_config.authorizer_result_ttl_in_seconds #=> Integer
+    #   resp.graphql_api.additional_authentication_providers[0].lambda_authorizer_config.authorizer_uri #=> String
+    #   resp.graphql_api.additional_authentication_providers[0].lambda_authorizer_config.identity_validation_expression #=> String
     #   resp.graphql_api.xray_enabled #=> Boolean
     #   resp.graphql_api.waf_web_acl_arn #=> String
+    #   resp.graphql_api.lambda_authorizer_config.authorizer_result_ttl_in_seconds #=> Integer
+    #   resp.graphql_api.lambda_authorizer_config.authorizer_uri #=> String
+    #   resp.graphql_api.lambda_authorizer_config.identity_validation_expression #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/appsync-2017-07-25/GetGraphqlApi AWS API Documentation
     #
@@ -1574,7 +1615,7 @@ module Aws::AppSync
     #   resp.data_sources[0].data_source_arn #=> String
     #   resp.data_sources[0].name #=> String
     #   resp.data_sources[0].description #=> String
-    #   resp.data_sources[0].type #=> String, one of "AWS_LAMBDA", "AMAZON_DYNAMODB", "AMAZON_ELASTICSEARCH", "NONE", "HTTP", "RELATIONAL_DATABASE"
+    #   resp.data_sources[0].type #=> String, one of "AWS_LAMBDA", "AMAZON_DYNAMODB", "AMAZON_ELASTICSEARCH", "NONE", "HTTP", "RELATIONAL_DATABASE", "AMAZON_OPENSEARCH_SERVICE"
     #   resp.data_sources[0].service_role_arn #=> String
     #   resp.data_sources[0].dynamodb_config.table_name #=> String
     #   resp.data_sources[0].dynamodb_config.aws_region #=> String
@@ -1586,6 +1627,8 @@ module Aws::AppSync
     #   resp.data_sources[0].lambda_config.lambda_function_arn #=> String
     #   resp.data_sources[0].elasticsearch_config.endpoint #=> String
     #   resp.data_sources[0].elasticsearch_config.aws_region #=> String
+    #   resp.data_sources[0].open_search_service_config.endpoint #=> String
+    #   resp.data_sources[0].open_search_service_config.aws_region #=> String
     #   resp.data_sources[0].http_config.endpoint #=> String
     #   resp.data_sources[0].http_config.authorization_config.authorization_type #=> String, one of "AWS_IAM"
     #   resp.data_sources[0].http_config.authorization_config.aws_iam_config.signing_region #=> String
@@ -1685,7 +1728,7 @@ module Aws::AppSync
     #   resp.graphql_apis #=> Array
     #   resp.graphql_apis[0].name #=> String
     #   resp.graphql_apis[0].api_id #=> String
-    #   resp.graphql_apis[0].authentication_type #=> String, one of "API_KEY", "AWS_IAM", "AMAZON_COGNITO_USER_POOLS", "OPENID_CONNECT"
+    #   resp.graphql_apis[0].authentication_type #=> String, one of "API_KEY", "AWS_IAM", "AMAZON_COGNITO_USER_POOLS", "OPENID_CONNECT", "AWS_LAMBDA"
     #   resp.graphql_apis[0].log_config.field_log_level #=> String, one of "NONE", "ERROR", "ALL"
     #   resp.graphql_apis[0].log_config.cloud_watch_logs_role_arn #=> String
     #   resp.graphql_apis[0].log_config.exclude_verbose_content #=> Boolean
@@ -1703,7 +1746,7 @@ module Aws::AppSync
     #   resp.graphql_apis[0].tags #=> Hash
     #   resp.graphql_apis[0].tags["TagKey"] #=> String
     #   resp.graphql_apis[0].additional_authentication_providers #=> Array
-    #   resp.graphql_apis[0].additional_authentication_providers[0].authentication_type #=> String, one of "API_KEY", "AWS_IAM", "AMAZON_COGNITO_USER_POOLS", "OPENID_CONNECT"
+    #   resp.graphql_apis[0].additional_authentication_providers[0].authentication_type #=> String, one of "API_KEY", "AWS_IAM", "AMAZON_COGNITO_USER_POOLS", "OPENID_CONNECT", "AWS_LAMBDA"
     #   resp.graphql_apis[0].additional_authentication_providers[0].open_id_connect_config.issuer #=> String
     #   resp.graphql_apis[0].additional_authentication_providers[0].open_id_connect_config.client_id #=> String
     #   resp.graphql_apis[0].additional_authentication_providers[0].open_id_connect_config.iat_ttl #=> Integer
@@ -1711,8 +1754,14 @@ module Aws::AppSync
     #   resp.graphql_apis[0].additional_authentication_providers[0].user_pool_config.user_pool_id #=> String
     #   resp.graphql_apis[0].additional_authentication_providers[0].user_pool_config.aws_region #=> String
     #   resp.graphql_apis[0].additional_authentication_providers[0].user_pool_config.app_id_client_regex #=> String
+    #   resp.graphql_apis[0].additional_authentication_providers[0].lambda_authorizer_config.authorizer_result_ttl_in_seconds #=> Integer
+    #   resp.graphql_apis[0].additional_authentication_providers[0].lambda_authorizer_config.authorizer_uri #=> String
+    #   resp.graphql_apis[0].additional_authentication_providers[0].lambda_authorizer_config.identity_validation_expression #=> String
     #   resp.graphql_apis[0].xray_enabled #=> Boolean
     #   resp.graphql_apis[0].waf_web_acl_arn #=> String
+    #   resp.graphql_apis[0].lambda_authorizer_config.authorizer_result_ttl_in_seconds #=> Integer
+    #   resp.graphql_apis[0].lambda_authorizer_config.authorizer_uri #=> String
+    #   resp.graphql_apis[0].lambda_authorizer_config.identity_validation_expression #=> String
     #   resp.next_token #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/appsync-2017-07-25/ListGraphqlApis AWS API Documentation
@@ -2163,10 +2212,18 @@ module Aws::AppSync
     #   The new Amazon DynamoDB configuration.
     #
     # @option params [Types::LambdaDataSourceConfig] :lambda_config
-    #   The new AWS Lambda configuration.
+    #   The new Amazon Web Services Lambda configuration.
     #
     # @option params [Types::ElasticsearchDataSourceConfig] :elasticsearch_config
-    #   The new Elasticsearch Service configuration.
+    #   The new OpenSearch configuration.
+    #
+    #   As of September 2021, Amazon Elasticsearch service is Amazon
+    #   OpenSearch Service. This configuration is deprecated. Instead, use
+    #   UpdateDataSourceRequest$openSearchServiceConfig to update an
+    #   OpenSearch data source.
+    #
+    # @option params [Types::OpenSearchServiceDataSourceConfig] :open_search_service_config
+    #   The new OpenSearch configuration.
     #
     # @option params [Types::HttpDataSourceConfig] :http_config
     #   The new HTTP endpoint configuration.
@@ -2184,7 +2241,7 @@ module Aws::AppSync
     #     api_id: "String", # required
     #     name: "ResourceName", # required
     #     description: "String",
-    #     type: "AWS_LAMBDA", # required, accepts AWS_LAMBDA, AMAZON_DYNAMODB, AMAZON_ELASTICSEARCH, NONE, HTTP, RELATIONAL_DATABASE
+    #     type: "AWS_LAMBDA", # required, accepts AWS_LAMBDA, AMAZON_DYNAMODB, AMAZON_ELASTICSEARCH, NONE, HTTP, RELATIONAL_DATABASE, AMAZON_OPENSEARCH_SERVICE
     #     service_role_arn: "String",
     #     dynamodb_config: {
     #       table_name: "String", # required
@@ -2204,6 +2261,10 @@ module Aws::AppSync
     #       endpoint: "String", # required
     #       aws_region: "String", # required
     #     },
+    #     open_search_service_config: {
+    #       endpoint: "String", # required
+    #       aws_region: "String", # required
+    #     },
     #     http_config: {
     #       endpoint: "String",
     #       authorization_config: {
@@ -2231,7 +2292,7 @@ module Aws::AppSync
     #   resp.data_source.data_source_arn #=> String
     #   resp.data_source.name #=> String
     #   resp.data_source.description #=> String
-    #   resp.data_source.type #=> String, one of "AWS_LAMBDA", "AMAZON_DYNAMODB", "AMAZON_ELASTICSEARCH", "NONE", "HTTP", "RELATIONAL_DATABASE"
+    #   resp.data_source.type #=> String, one of "AWS_LAMBDA", "AMAZON_DYNAMODB", "AMAZON_ELASTICSEARCH", "NONE", "HTTP", "RELATIONAL_DATABASE", "AMAZON_OPENSEARCH_SERVICE"
     #   resp.data_source.service_role_arn #=> String
     #   resp.data_source.dynamodb_config.table_name #=> String
     #   resp.data_source.dynamodb_config.aws_region #=> String
@@ -2243,6 +2304,8 @@ module Aws::AppSync
     #   resp.data_source.lambda_config.lambda_function_arn #=> String
     #   resp.data_source.elasticsearch_config.endpoint #=> String
     #   resp.data_source.elasticsearch_config.aws_region #=> String
+    #   resp.data_source.open_search_service_config.endpoint #=> String
+    #   resp.data_source.open_search_service_config.aws_region #=> String
     #   resp.data_source.http_config.endpoint #=> String
     #   resp.data_source.http_config.authorization_config.authorization_type #=> String, one of "AWS_IAM"
     #   resp.data_source.http_config.authorization_config.aws_iam_config.signing_region #=> String
@@ -2373,6 +2436,9 @@ module Aws::AppSync
     #   A flag indicating whether to enable X-Ray tracing for the
     #   `GraphqlApi`.
     #
+    # @option params [Types::LambdaAuthorizerConfig] :lambda_authorizer_config
+    #   Configuration for Amazon Web Services Lambda function authorization.
+    #
     # @return [Types::UpdateGraphqlApiResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::UpdateGraphqlApiResponse#graphql_api #graphql_api} => Types::GraphqlApi
@@ -2387,7 +2453,7 @@ module Aws::AppSync
     #       cloud_watch_logs_role_arn: "String", # required
     #       exclude_verbose_content: false,
     #     },
-    #     authentication_type: "API_KEY", # accepts API_KEY, AWS_IAM, AMAZON_COGNITO_USER_POOLS, OPENID_CONNECT
+    #     authentication_type: "API_KEY", # accepts API_KEY, AWS_IAM, AMAZON_COGNITO_USER_POOLS, OPENID_CONNECT, AWS_LAMBDA
     #     user_pool_config: {
     #       user_pool_id: "String", # required
     #       aws_region: "String", # required
@@ -2402,7 +2468,7 @@ module Aws::AppSync
     #     },
     #     additional_authentication_providers: [
     #       {
-    #         authentication_type: "API_KEY", # accepts API_KEY, AWS_IAM, AMAZON_COGNITO_USER_POOLS, OPENID_CONNECT
+    #         authentication_type: "API_KEY", # accepts API_KEY, AWS_IAM, AMAZON_COGNITO_USER_POOLS, OPENID_CONNECT, AWS_LAMBDA
     #         open_id_connect_config: {
     #           issuer: "String", # required
     #           client_id: "String",
@@ -2414,16 +2480,26 @@ module Aws::AppSync
     #           aws_region: "String", # required
     #           app_id_client_regex: "String",
     #         },
+    #         lambda_authorizer_config: {
+    #           authorizer_result_ttl_in_seconds: 1,
+    #           authorizer_uri: "String", # required
+    #           identity_validation_expression: "String",
+    #         },
     #       },
     #     ],
     #     xray_enabled: false,
+    #     lambda_authorizer_config: {
+    #       authorizer_result_ttl_in_seconds: 1,
+    #       authorizer_uri: "String", # required
+    #       identity_validation_expression: "String",
+    #     },
     #   })
     #
     # @example Response structure
     #
     #   resp.graphql_api.name #=> String
     #   resp.graphql_api.api_id #=> String
-    #   resp.graphql_api.authentication_type #=> String, one of "API_KEY", "AWS_IAM", "AMAZON_COGNITO_USER_POOLS", "OPENID_CONNECT"
+    #   resp.graphql_api.authentication_type #=> String, one of "API_KEY", "AWS_IAM", "AMAZON_COGNITO_USER_POOLS", "OPENID_CONNECT", "AWS_LAMBDA"
     #   resp.graphql_api.log_config.field_log_level #=> String, one of "NONE", "ERROR", "ALL"
     #   resp.graphql_api.log_config.cloud_watch_logs_role_arn #=> String
     #   resp.graphql_api.log_config.exclude_verbose_content #=> Boolean
@@ -2441,7 +2517,7 @@ module Aws::AppSync
     #   resp.graphql_api.tags #=> Hash
     #   resp.graphql_api.tags["TagKey"] #=> String
     #   resp.graphql_api.additional_authentication_providers #=> Array
-    #   resp.graphql_api.additional_authentication_providers[0].authentication_type #=> String, one of "API_KEY", "AWS_IAM", "AMAZON_COGNITO_USER_POOLS", "OPENID_CONNECT"
+    #   resp.graphql_api.additional_authentication_providers[0].authentication_type #=> String, one of "API_KEY", "AWS_IAM", "AMAZON_COGNITO_USER_POOLS", "OPENID_CONNECT", "AWS_LAMBDA"
     #   resp.graphql_api.additional_authentication_providers[0].open_id_connect_config.issuer #=> String
     #   resp.graphql_api.additional_authentication_providers[0].open_id_connect_config.client_id #=> String
     #   resp.graphql_api.additional_authentication_providers[0].open_id_connect_config.iat_ttl #=> Integer
@@ -2449,8 +2525,14 @@ module Aws::AppSync
     #   resp.graphql_api.additional_authentication_providers[0].user_pool_config.user_pool_id #=> String
     #   resp.graphql_api.additional_authentication_providers[0].user_pool_config.aws_region #=> String
     #   resp.graphql_api.additional_authentication_providers[0].user_pool_config.app_id_client_regex #=> String
+    #   resp.graphql_api.additional_authentication_providers[0].lambda_authorizer_config.authorizer_result_ttl_in_seconds #=> Integer
+    #   resp.graphql_api.additional_authentication_providers[0].lambda_authorizer_config.authorizer_uri #=> String
+    #   resp.graphql_api.additional_authentication_providers[0].lambda_authorizer_config.identity_validation_expression #=> String
     #   resp.graphql_api.xray_enabled #=> Boolean
     #   resp.graphql_api.waf_web_acl_arn #=> String
+    #   resp.graphql_api.lambda_authorizer_config.authorizer_result_ttl_in_seconds #=> Integer
+    #   resp.graphql_api.lambda_authorizer_config.authorizer_uri #=> String
+    #   resp.graphql_api.lambda_authorizer_config.identity_validation_expression #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/appsync-2017-07-25/UpdateGraphqlApi AWS API Documentation
     #
@@ -2624,7 +2706,7 @@ module Aws::AppSync
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-appsync'
-      context[:gem_version] = '1.41.0'
+      context[:gem_version] = '1.45.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-appsync/client_api.rb

@@ -102,6 +102,7 @@ module Aws::AppSync
     GraphqlApis = Shapes::ListShape.new(name: 'GraphqlApis')
     HttpDataSourceConfig = Shapes::StructureShape.new(name: 'HttpDataSourceConfig')
     InternalFailureException = Shapes::StructureShape.new(name: 'InternalFailureException')
+    LambdaAuthorizerConfig = Shapes::StructureShape.new(name: 'LambdaAuthorizerConfig')
     LambdaConflictHandlerConfig = Shapes::StructureShape.new(name: 'LambdaConflictHandlerConfig')
     LambdaDataSourceConfig = Shapes::StructureShape.new(name: 'LambdaDataSourceConfig')
     LimitExceededException = Shapes::StructureShape.new(name: 'LimitExceededException')
@@ -128,6 +129,7 @@ module Aws::AppSync
     MaxResults = Shapes::IntegerShape.new(name: 'MaxResults')
     NotFoundException = Shapes::StructureShape.new(name: 'NotFoundException')
     OpenIDConnectConfig = Shapes::StructureShape.new(name: 'OpenIDConnectConfig')
+    OpenSearchServiceDataSourceConfig = Shapes::StructureShape.new(name: 'OpenSearchServiceDataSourceConfig')
     OutputType = Shapes::StringShape.new(name: 'OutputType')
     PaginationToken = Shapes::StringShape.new(name: 'PaginationToken')
     PipelineConfig = Shapes::StructureShape.new(name: 'PipelineConfig')
@@ -144,6 +146,7 @@ module Aws::AppSync
     StartSchemaCreationResponse = Shapes::StructureShape.new(name: 'StartSchemaCreationResponse')
     String = Shapes::StringShape.new(name: 'String')
     SyncConfig = Shapes::StructureShape.new(name: 'SyncConfig')
+    TTL = Shapes::IntegerShape.new(name: 'TTL')
     TagKey = Shapes::StringShape.new(name: 'TagKey')
     TagKeyList = Shapes::ListShape.new(name: 'TagKeyList')
     TagMap = Shapes::MapShape.new(name: 'TagMap')
@@ -178,6 +181,7 @@ module Aws::AppSync
     AdditionalAuthenticationProvider.add_member(:authentication_type, Shapes::ShapeRef.new(shape: AuthenticationType, location_name: "authenticationType"))
     AdditionalAuthenticationProvider.add_member(:open_id_connect_config, Shapes::ShapeRef.new(shape: OpenIDConnectConfig, location_name: "openIDConnectConfig"))
     AdditionalAuthenticationProvider.add_member(:user_pool_config, Shapes::ShapeRef.new(shape: CognitoUserPoolConfig, location_name: "userPoolConfig"))
+    AdditionalAuthenticationProvider.add_member(:lambda_authorizer_config, Shapes::ShapeRef.new(shape: LambdaAuthorizerConfig, location_name: "lambdaAuthorizerConfig"))
     AdditionalAuthenticationProvider.struct_class = Types::AdditionalAuthenticationProvider
 
     AdditionalAuthenticationProviders.member = Shapes::ShapeRef.new(shape: AdditionalAuthenticationProvider)
@@ -259,6 +263,7 @@ module Aws::AppSync
     CreateDataSourceRequest.add_member(:dynamodb_config, Shapes::ShapeRef.new(shape: DynamodbDataSourceConfig, location_name: "dynamodbConfig"))
     CreateDataSourceRequest.add_member(:lambda_config, Shapes::ShapeRef.new(shape: LambdaDataSourceConfig, location_name: "lambdaConfig"))
     CreateDataSourceRequest.add_member(:elasticsearch_config, Shapes::ShapeRef.new(shape: ElasticsearchDataSourceConfig, location_name: "elasticsearchConfig"))
+    CreateDataSourceRequest.add_member(:open_search_service_config, Shapes::ShapeRef.new(shape: OpenSearchServiceDataSourceConfig, location_name: "openSearchServiceConfig"))
     CreateDataSourceRequest.add_member(:http_config, Shapes::ShapeRef.new(shape: HttpDataSourceConfig, location_name: "httpConfig"))
     CreateDataSourceRequest.add_member(:relational_database_config, Shapes::ShapeRef.new(shape: RelationalDatabaseDataSourceConfig, location_name: "relationalDatabaseConfig"))
     CreateDataSourceRequest.struct_class = Types::CreateDataSourceRequest
@@ -287,6 +292,7 @@ module Aws::AppSync
     CreateGraphqlApiRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagMap, location_name: "tags"))
     CreateGraphqlApiRequest.add_member(:additional_authentication_providers, Shapes::ShapeRef.new(shape: AdditionalAuthenticationProviders, location_name: "additionalAuthenticationProviders"))
     CreateGraphqlApiRequest.add_member(:xray_enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "xrayEnabled"))
+    CreateGraphqlApiRequest.add_member(:lambda_authorizer_config, Shapes::ShapeRef.new(shape: LambdaAuthorizerConfig, location_name: "lambdaAuthorizerConfig"))
     CreateGraphqlApiRequest.struct_class = Types::CreateGraphqlApiRequest
 
     CreateGraphqlApiResponse.add_member(:graphql_api, Shapes::ShapeRef.new(shape: GraphqlApi, location_name: "graphqlApi"))
@@ -323,6 +329,7 @@ module Aws::AppSync
     DataSource.add_member(:dynamodb_config, Shapes::ShapeRef.new(shape: DynamodbDataSourceConfig, location_name: "dynamodbConfig"))
     DataSource.add_member(:lambda_config, Shapes::ShapeRef.new(shape: LambdaDataSourceConfig, location_name: "lambdaConfig"))
     DataSource.add_member(:elasticsearch_config, Shapes::ShapeRef.new(shape: ElasticsearchDataSourceConfig, location_name: "elasticsearchConfig"))
+    DataSource.add_member(:open_search_service_config, Shapes::ShapeRef.new(shape: OpenSearchServiceDataSourceConfig, location_name: "openSearchServiceConfig"))
     DataSource.add_member(:http_config, Shapes::ShapeRef.new(shape: HttpDataSourceConfig, location_name: "httpConfig"))
     DataSource.add_member(:relational_database_config, Shapes::ShapeRef.new(shape: RelationalDatabaseDataSourceConfig, location_name: "relationalDatabaseConfig"))
     DataSource.struct_class = Types::DataSource
@@ -480,6 +487,7 @@ module Aws::AppSync
     GraphqlApi.add_member(:additional_authentication_providers, Shapes::ShapeRef.new(shape: AdditionalAuthenticationProviders, location_name: "additionalAuthenticationProviders"))
     GraphqlApi.add_member(:xray_enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "xrayEnabled"))
     GraphqlApi.add_member(:waf_web_acl_arn, Shapes::ShapeRef.new(shape: String, location_name: "wafWebAclArn"))
+    GraphqlApi.add_member(:lambda_authorizer_config, Shapes::ShapeRef.new(shape: LambdaAuthorizerConfig, location_name: "lambdaAuthorizerConfig"))
     GraphqlApi.struct_class = Types::GraphqlApi
 
     GraphqlApis.member = Shapes::ShapeRef.new(shape: GraphqlApi)
@@ -491,6 +499,11 @@ module Aws::AppSync
     InternalFailureException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
     InternalFailureException.struct_class = Types::InternalFailureException
 
+    LambdaAuthorizerConfig.add_member(:authorizer_result_ttl_in_seconds, Shapes::ShapeRef.new(shape: TTL, location_name: "authorizerResultTtlInSeconds"))
+    LambdaAuthorizerConfig.add_member(:authorizer_uri, Shapes::ShapeRef.new(shape: String, required: true, location_name: "authorizerUri"))
+    LambdaAuthorizerConfig.add_member(:identity_validation_expression, Shapes::ShapeRef.new(shape: String, location_name: "identityValidationExpression"))
+    LambdaAuthorizerConfig.struct_class = Types::LambdaAuthorizerConfig
+
     LambdaConflictHandlerConfig.add_member(:lambda_conflict_handler_arn, Shapes::ShapeRef.new(shape: String, location_name: "lambdaConflictHandlerArn"))
     LambdaConflictHandlerConfig.struct_class = Types::LambdaConflictHandlerConfig
 
@@ -588,6 +601,10 @@ module Aws::AppSync
     OpenIDConnectConfig.add_member(:auth_ttl, Shapes::ShapeRef.new(shape: Long, location_name: "authTTL"))
     OpenIDConnectConfig.struct_class = Types::OpenIDConnectConfig
 
+    OpenSearchServiceDataSourceConfig.add_member(:endpoint, Shapes::ShapeRef.new(shape: String, required: true, location_name: "endpoint"))
+    OpenSearchServiceDataSourceConfig.add_member(:aws_region, Shapes::ShapeRef.new(shape: String, required: true, location_name: "awsRegion"))
+    OpenSearchServiceDataSourceConfig.struct_class = Types::OpenSearchServiceDataSourceConfig
+
     PipelineConfig.add_member(:functions, Shapes::ShapeRef.new(shape: FunctionsIds, location_name: "functions"))
     PipelineConfig.struct_class = Types::PipelineConfig
 
@@ -683,6 +700,7 @@ module Aws::AppSync
     UpdateDataSourceRequest.add_member(:dynamodb_config, Shapes::ShapeRef.new(shape: DynamodbDataSourceConfig, location_name: "dynamodbConfig"))
     UpdateDataSourceRequest.add_member(:lambda_config, Shapes::ShapeRef.new(shape: LambdaDataSourceConfig, location_name: "lambdaConfig"))
     UpdateDataSourceRequest.add_member(:elasticsearch_config, Shapes::ShapeRef.new(shape: ElasticsearchDataSourceConfig, location_name: "elasticsearchConfig"))
+    UpdateDataSourceRequest.add_member(:open_search_service_config, Shapes::ShapeRef.new(shape: OpenSearchServiceDataSourceConfig, location_name: "openSearchServiceConfig"))
     UpdateDataSourceRequest.add_member(:http_config, Shapes::ShapeRef.new(shape: HttpDataSourceConfig, location_name: "httpConfig"))
     UpdateDataSourceRequest.add_member(:relational_database_config, Shapes::ShapeRef.new(shape: RelationalDatabaseDataSourceConfig, location_name: "relationalDatabaseConfig"))
     UpdateDataSourceRequest.struct_class = Types::UpdateDataSourceRequest
@@ -712,6 +730,7 @@ module Aws::AppSync
     UpdateGraphqlApiRequest.add_member(:open_id_connect_config, Shapes::ShapeRef.new(shape: OpenIDConnectConfig, location_name: "openIDConnectConfig"))
     UpdateGraphqlApiRequest.add_member(:additional_authentication_providers, Shapes::ShapeRef.new(shape: AdditionalAuthenticationProviders, location_name: "additionalAuthenticationProviders"))
     UpdateGraphqlApiRequest.add_member(:xray_enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "xrayEnabled"))
+    UpdateGraphqlApiRequest.add_member(:lambda_authorizer_config, Shapes::ShapeRef.new(shape: LambdaAuthorizerConfig, location_name: "lambdaAuthorizerConfig"))
     UpdateGraphqlApiRequest.struct_class = Types::UpdateGraphqlApiRequest
 
     UpdateGraphqlApiResponse.add_member(:graphql_api, Shapes::ShapeRef.new(shape: GraphqlApi, location_name: "graphqlApi"))

data/lib/aws-sdk-appsync/types.rb

@@ -29,7 +29,7 @@ module Aws::AppSync
     #   data as a hash:
     #
     #       {
-    #         authentication_type: "API_KEY", # accepts API_KEY, AWS_IAM, AMAZON_COGNITO_USER_POOLS, OPENID_CONNECT
+    #         authentication_type: "API_KEY", # accepts API_KEY, AWS_IAM, AMAZON_COGNITO_USER_POOLS, OPENID_CONNECT, AWS_LAMBDA
     #         open_id_connect_config: {
     #           issuer: "String", # required
     #           client_id: "String",
@@ -41,11 +41,16 @@ module Aws::AppSync
     #           aws_region: "String", # required
     #           app_id_client_regex: "String",
     #         },
+    #         lambda_authorizer_config: {
+    #           authorizer_result_ttl_in_seconds: 1,
+    #           authorizer_uri: "String", # required
+    #           identity_validation_expression: "String",
+    #         },
     #       }
     #
     # @!attribute [rw] authentication_type
-    #   The authentication type: API key, AWS IAM, OIDC, or Amazon Cognito
-    #   user pools.
+    #   The authentication type: API key, Identity and Access Management,
+    #   OIDC, Amazon Cognito user pools, or Amazon Web Services Lambda.
     #   @return [String]
     #
     # @!attribute [rw] open_id_connect_config
@@ -56,12 +61,17 @@ module Aws::AppSync
     #   The Amazon Cognito user pool configuration.
     #   @return [Types::CognitoUserPoolConfig]
     #
+    # @!attribute [rw] lambda_authorizer_config
+    #   Configuration for Amazon Web Services Lambda function authorization.
+    #   @return [Types::LambdaAuthorizerConfig]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/appsync-2017-07-25/AdditionalAuthenticationProvider AWS API Documentation
     #
     class AdditionalAuthenticationProvider < Struct.new(
       :authentication_type,
       :open_id_connect_config,
-      :user_pool_config)
+      :user_pool_config,
+      :lambda_authorizer_config)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -163,8 +173,8 @@ module Aws::AppSync
 
     # Describes an API key.
     #
-    # Customers invoke AWS AppSync GraphQL API operations with API keys as
-    # an identity mechanism. There are two key versions:
+    # Customers invoke AppSync GraphQL API operations with API keys as an
+    # identity mechanism. There are two key versions:
     #
     # **da1**\: This version was introduced at launch in November 2017.
     # These keys always expire after 7 days. Key expiration is managed by
@@ -301,7 +311,7 @@ module Aws::AppSync
     #   @return [String]
     #
     # @!attribute [rw] aws_iam_config
-    #   The AWS IAM settings.
+    #   The Identity and Access Management settings.
     #   @return [Types::AwsIamConfig]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/appsync-2017-07-25/AuthorizationConfig AWS API Documentation
@@ -313,7 +323,7 @@ module Aws::AppSync
       include Aws::Structure
     end
 
-    # The AWS IAM configuration.
+    # The Identity and Access Management configuration.
     #
     # @note When making an API call, you may pass AwsIamConfig
     #   data as a hash:
@@ -324,11 +334,12 @@ module Aws::AppSync
     #       }
     #
     # @!attribute [rw] signing_region
-    #   The signing region for AWS IAM authorization.
+    #   The signing region for Identity and Access Management authorization.
     #   @return [String]
     #
     # @!attribute [rw] signing_service_name
-    #   The signing service name for AWS IAM authorization.
+    #   The signing service name for Identity and Access Management
+    #   authorization.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/appsync-2017-07-25/AwsIamConfig AWS API Documentation
@@ -402,7 +413,7 @@ module Aws::AppSync
     #   @return [String]
     #
     # @!attribute [rw] aws_region
-    #   The AWS Region in which the user pool was created.
+    #   The Amazon Web Services Region in which the user pool was created.
     #   @return [String]
     #
     # @!attribute [rw] app_id_client_regex
@@ -598,7 +609,7 @@ module Aws::AppSync
     #         api_id: "String", # required
     #         name: "ResourceName", # required
     #         description: "String",
-    #         type: "AWS_LAMBDA", # required, accepts AWS_LAMBDA, AMAZON_DYNAMODB, AMAZON_ELASTICSEARCH, NONE, HTTP, RELATIONAL_DATABASE
+    #         type: "AWS_LAMBDA", # required, accepts AWS_LAMBDA, AMAZON_DYNAMODB, AMAZON_ELASTICSEARCH, NONE, HTTP, RELATIONAL_DATABASE, AMAZON_OPENSEARCH_SERVICE
     #         service_role_arn: "String",
     #         dynamodb_config: {
     #           table_name: "String", # required
@@ -618,6 +629,10 @@ module Aws::AppSync
     #           endpoint: "String", # required
     #           aws_region: "String", # required
     #         },
+    #         open_search_service_config: {
+    #           endpoint: "String", # required
+    #           aws_region: "String", # required
+    #         },
     #         http_config: {
     #           endpoint: "String",
     #           authorization_config: {
@@ -657,8 +672,8 @@ module Aws::AppSync
     #   @return [String]
     #
     # @!attribute [rw] service_role_arn
-    #   The AWS IAM service role ARN for the data source. The system assumes
-    #   this role when accessing the data source.
+    #   The Identity and Access Management service role ARN for the data
+    #   source. The system assumes this role when accessing the data source.
     #   @return [String]
     #
     # @!attribute [rw] dynamodb_config
@@ -666,13 +681,22 @@ module Aws::AppSync
     #   @return [Types::DynamodbDataSourceConfig]
     #
     # @!attribute [rw] lambda_config
-    #   AWS Lambda settings.
+    #   Amazon Web Services Lambda settings.
     #   @return [Types::LambdaDataSourceConfig]
     #
     # @!attribute [rw] elasticsearch_config
-    #   Amazon Elasticsearch Service settings.
+    #   Amazon OpenSearch Service settings.
+    #
+    #   As of September 2021, Amazon Elasticsearch service is Amazon
+    #   OpenSearch Service. This configuration is deprecated. For new data
+    #   sources, use CreateDataSourceRequest$openSearchServiceConfig to
+    #   create an OpenSearch data source.
     #   @return [Types::ElasticsearchDataSourceConfig]
     #
+    # @!attribute [rw] open_search_service_config
+    #   Amazon OpenSearch Service settings.
+    #   @return [Types::OpenSearchServiceDataSourceConfig]
+    #
     # @!attribute [rw] http_config
     #   HTTP endpoint settings.
     #   @return [Types::HttpDataSourceConfig]
@@ -692,6 +716,7 @@ module Aws::AppSync
       :dynamodb_config,
       :lambda_config,
       :elasticsearch_config,
+      :open_search_service_config,
       :http_config,
       :relational_database_config)
       SENSITIVE = []
@@ -805,7 +830,7 @@ module Aws::AppSync
     #           cloud_watch_logs_role_arn: "String", # required
     #           exclude_verbose_content: false,
     #         },
-    #         authentication_type: "API_KEY", # required, accepts API_KEY, AWS_IAM, AMAZON_COGNITO_USER_POOLS, OPENID_CONNECT
+    #         authentication_type: "API_KEY", # required, accepts API_KEY, AWS_IAM, AMAZON_COGNITO_USER_POOLS, OPENID_CONNECT, AWS_LAMBDA
     #         user_pool_config: {
     #           user_pool_id: "String", # required
     #           aws_region: "String", # required
@@ -823,7 +848,7 @@ module Aws::AppSync
     #         },
     #         additional_authentication_providers: [
     #           {
-    #             authentication_type: "API_KEY", # accepts API_KEY, AWS_IAM, AMAZON_COGNITO_USER_POOLS, OPENID_CONNECT
+    #             authentication_type: "API_KEY", # accepts API_KEY, AWS_IAM, AMAZON_COGNITO_USER_POOLS, OPENID_CONNECT, AWS_LAMBDA
     #             open_id_connect_config: {
     #               issuer: "String", # required
     #               client_id: "String",
@@ -835,9 +860,19 @@ module Aws::AppSync
     #               aws_region: "String", # required
     #               app_id_client_regex: "String",
     #             },
+    #             lambda_authorizer_config: {
+    #               authorizer_result_ttl_in_seconds: 1,
+    #               authorizer_uri: "String", # required
+    #               identity_validation_expression: "String",
+    #             },
     #           },
     #         ],
     #         xray_enabled: false,
+    #         lambda_authorizer_config: {
+    #           authorizer_result_ttl_in_seconds: 1,
+    #           authorizer_uri: "String", # required
+    #           identity_validation_expression: "String",
+    #         },
     #       }
     #
     # @!attribute [rw] name
@@ -849,8 +884,8 @@ module Aws::AppSync
     #   @return [Types::LogConfig]
     #
     # @!attribute [rw] authentication_type
-    #   The authentication type: API key, AWS IAM, OIDC, or Amazon Cognito
-    #   user pools.
+    #   The authentication type: API key, Identity and Access Management,
+    #   OIDC, Amazon Cognito user pools, or Amazon Web Services Lambda.
     #   @return [String]
     #
     # @!attribute [rw] user_pool_config
@@ -875,6 +910,10 @@ module Aws::AppSync
     #   `GraphqlApi`.
     #   @return [Boolean]
     #
+    # @!attribute [rw] lambda_authorizer_config
+    #   Configuration for Amazon Web Services Lambda function authorization.
+    #   @return [Types::LambdaAuthorizerConfig]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/appsync-2017-07-25/CreateGraphqlApiRequest AWS API Documentation
     #
     class CreateGraphqlApiRequest < Struct.new(
@@ -885,7 +924,8 @@ module Aws::AppSync
       :open_id_connect_config,
       :tags,
       :additional_authentication_providers,
-      :xray_enabled)
+      :xray_enabled,
+      :lambda_authorizer_config)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -1082,13 +1122,17 @@ module Aws::AppSync
     # @!attribute [rw] type
     #   The type of the data source.
     #
+    #   * **AWS\_LAMBDA**\: The data source is an Amazon Web Services Lambda
+    #     function.
+    #
     #   * **AMAZON\_DYNAMODB**\: The data source is an Amazon DynamoDB
     #     table.
     #
     #   * **AMAZON\_ELASTICSEARCH**\: The data source is an Amazon
-    #     Elasticsearch Service domain.
+    #     OpenSearch Service domain.
     #
-    #   * **AWS\_LAMBDA**\: The data source is an AWS Lambda function.
+    #   * **AMAZON\_OPENSEARCH\_SERVICE**\: The data source is an Amazon
+    #     OpenSearch Service domain.
     #
     #   * **NONE**\: There is no data source. This type is used when you
     #     wish to invoke a GraphQL operation without connecting to a data
@@ -1102,8 +1146,8 @@ module Aws::AppSync
     #   @return [String]
     #
     # @!attribute [rw] service_role_arn
-    #   The AWS IAM service role ARN for the data source. The system assumes
-    #   this role when accessing the data source.
+    #   The Identity and Access Management service role ARN for the data
+    #   source. The system assumes this role when accessing the data source.
     #   @return [String]
     #
     # @!attribute [rw] dynamodb_config
@@ -1111,13 +1155,17 @@ module Aws::AppSync
     #   @return [Types::DynamodbDataSourceConfig]
     #
     # @!attribute [rw] lambda_config
-    #   AWS Lambda settings.
+    #   Amazon Web Services Lambda settings.
     #   @return [Types::LambdaDataSourceConfig]
     #
     # @!attribute [rw] elasticsearch_config
-    #   Amazon Elasticsearch Service settings.
+    #   Amazon OpenSearch Service settings.
     #   @return [Types::ElasticsearchDataSourceConfig]
     #
+    # @!attribute [rw] open_search_service_config
+    #   Amazon OpenSearch Service settings.
+    #   @return [Types::OpenSearchServiceDataSourceConfig]
+    #
     # @!attribute [rw] http_config
     #   HTTP endpoint settings.
     #   @return [Types::HttpDataSourceConfig]
@@ -1137,6 +1185,7 @@ module Aws::AppSync
       :dynamodb_config,
       :lambda_config,
       :elasticsearch_config,
+      :open_search_service_config,
       :http_config,
       :relational_database_config)
       SENSITIVE = []
@@ -1400,7 +1449,7 @@ module Aws::AppSync
     #   @return [String]
     #
     # @!attribute [rw] aws_region
-    #   The AWS Region.
+    #   The Amazon Web Services Region.
     #   @return [String]
     #
     # @!attribute [rw] use_caller_credentials
@@ -1428,7 +1477,12 @@ module Aws::AppSync
       include Aws::Structure
     end
 
-    # Describes an Elasticsearch data source configuration.
+    # Describes an OpenSearch data source configuration.
+    #
+    # As of September 2021, Amazon Elasticsearch service is Amazon
+    # OpenSearch Service. This configuration is deprecated. For new data
+    # sources, use OpenSearchServiceDataSourceConfig to specify an
+    # OpenSearch data source.
     #
     # @note When making an API call, you may pass ElasticsearchDataSourceConfig
     #   data as a hash:
@@ -1443,7 +1497,7 @@ module Aws::AppSync
     #   @return [String]
     #
     # @!attribute [rw] aws_region
-    #   The AWS Region.
+    #   The Amazon Web Services Region.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/appsync-2017-07-25/ElasticsearchDataSourceConfig AWS API Documentation
@@ -1920,10 +1974,14 @@ module Aws::AppSync
     #   @return [Boolean]
     #
     # @!attribute [rw] waf_web_acl_arn
-    #   The ARN of the AWS Web Application Firewall (WAF) ACL associated
-    #   with this `GraphqlApi`, if one exists.
+    #   The ARN of the WAF ACL associated with this `GraphqlApi`, if one
+    #   exists.
     #   @return [String]
     #
+    # @!attribute [rw] lambda_authorizer_config
+    #   Configuration for Amazon Web Services Lambda function authorization.
+    #   @return [Types::LambdaAuthorizerConfig]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/appsync-2017-07-25/GraphqlApi AWS API Documentation
     #
     class GraphqlApi < Struct.new(
@@ -1938,7 +1996,8 @@ module Aws::AppSync
       :tags,
       :additional_authentication_providers,
       :xray_enabled,
-      :waf_web_acl_arn)
+      :waf_web_acl_arn,
+      :lambda_authorizer_config)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -1962,8 +2021,8 @@ module Aws::AppSync
     # @!attribute [rw] endpoint
     #   The HTTP URL endpoint. You can either specify the domain name or IP,
     #   and port combination, and the URL scheme must be HTTP or HTTPS. If
-    #   the port is not specified, AWS AppSync uses the default port 80 for
-    #   the HTTP endpoint and port 443 for HTTPS endpoints.
+    #   the port is not specified, AppSync uses the default port 80 for the
+    #   HTTP endpoint and port 443 for HTTPS endpoints.
     #   @return [String]
     #
     # @!attribute [rw] authorization_config
@@ -1980,7 +2039,7 @@ module Aws::AppSync
       include Aws::Structure
     end
 
-    # An internal AWS AppSync error occurred. Try your request again.
+    # An internal AppSync error occurred. Try your request again.
     #
     # @!attribute [rw] message
     #   @return [String]
@@ -1993,6 +2052,57 @@ module Aws::AppSync
       include Aws::Structure
     end
 
+    # A `LambdaAuthorizerConfig` holds configuration on how to authorize
+    # AppSync API access when using the `AWS_LAMBDA` authorizer mode. Be
+    # aware that an AppSync API may have only one Lambda authorizer
+    # configured at a time.
+    #
+    # @note When making an API call, you may pass LambdaAuthorizerConfig
+    #   data as a hash:
+    #
+    #       {
+    #         authorizer_result_ttl_in_seconds: 1,
+    #         authorizer_uri: "String", # required
+    #         identity_validation_expression: "String",
+    #       }
+    #
+    # @!attribute [rw] authorizer_result_ttl_in_seconds
+    #   The number of seconds a response should be cached for. The default
+    #   is 5 minutes (300 seconds). The Lambda function can override this by
+    #   returning a `ttlOverride` key in its response. A value of 0 disables
+    #   caching of responses.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] authorizer_uri
+    #   The ARN of the Lambda function to be called for authorization. This
+    #   may be a standard Lambda ARN, a version ARN (`.../v3`) or alias ARN.
+    #
+    #   *Note*\: This Lambda function must have the following resource-based
+    #   policy assigned to it. When configuring Lambda authorizers in the
+    #   Console, this is done for you. To do so with the Amazon Web Services
+    #   CLI, run the following:
+    #
+    #   `aws lambda add-permission --function-name
+    #   "arn:aws:lambda:us-east-2:111122223333:function:my-function"
+    #   --statement-id "appsync" --principal appsync.amazonaws.com --action
+    #   lambda:InvokeFunction`
+    #   @return [String]
+    #
+    # @!attribute [rw] identity_validation_expression
+    #   A regular expression for validation of tokens before the Lambda
+    #   function is called.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/appsync-2017-07-25/LambdaAuthorizerConfig AWS API Documentation
+    #
+    class LambdaAuthorizerConfig < Struct.new(
+      :authorizer_result_ttl_in_seconds,
+      :authorizer_uri,
+      :identity_validation_expression)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # The `LambdaConflictHandlerConfig` object when configuring LAMBDA as
     # the Conflict Handler.
     #
@@ -2015,7 +2125,7 @@ module Aws::AppSync
       include Aws::Structure
     end
 
-    # Describes an AWS Lambda data source configuration.
+    # Describes an Amazon Web Services Lambda data source configuration.
     #
     # @note When making an API call, you may pass LambdaDataSourceConfig
     #   data as a hash:
@@ -2486,7 +2596,7 @@ module Aws::AppSync
     #   @return [String]
     #
     # @!attribute [rw] cloud_watch_logs_role_arn
-    #   The service role that AWS AppSync will assume to publish to Amazon
+    #   The service role that AppSync will assume to publish to Amazon
     #   CloudWatch logs in your account.
     #   @return [String]
     #
@@ -2541,7 +2651,7 @@ module Aws::AppSync
     #   The client identifier of the Relying party at the OpenID identity
     #   provider. This identifier is typically obtained when the Relying
     #   party is registered with the OpenID identity provider. You can
-    #   specify a regular expression so the AWS AppSync can validate against
+    #   specify a regular expression so the AppSync can validate against
     #   multiple client identifiers at a time.
     #   @return [String]
     #
@@ -2566,6 +2676,33 @@ module Aws::AppSync
       include Aws::Structure
     end
 
+    # Describes an OpenSearch data source configuration.
+    #
+    # @note When making an API call, you may pass OpenSearchServiceDataSourceConfig
+    #   data as a hash:
+    #
+    #       {
+    #         endpoint: "String", # required
+    #         aws_region: "String", # required
+    #       }
+    #
+    # @!attribute [rw] endpoint
+    #   The endpoint.
+    #   @return [String]
+    #
+    # @!attribute [rw] aws_region
+    #   The Amazon Web Services Region.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/appsync-2017-07-25/OpenSearchServiceDataSourceConfig AWS API Documentation
+    #
+    class OpenSearchServiceDataSourceConfig < Struct.new(
+      :endpoint,
+      :aws_region)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # The pipeline configuration for a resolver of kind `PIPELINE`.
     #
     # @note When making an API call, you may pass PipelineConfig
@@ -2601,7 +2738,7 @@ module Aws::AppSync
     #       }
     #
     # @!attribute [rw] aws_region
-    #   AWS Region for RDS HTTP endpoint.
+    #   Amazon Web Services Region for RDS HTTP endpoint.
     #   @return [String]
     #
     # @!attribute [rw] db_cluster_identifier
@@ -2617,7 +2754,7 @@ module Aws::AppSync
     #   @return [String]
     #
     # @!attribute [rw] aws_secret_store_arn
-    #   AWS secret store ARN for database credentials.
+    #   Amazon Web Services secret store ARN for database credentials.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/appsync-2017-07-25/RdsHttpEndpointConfig AWS API Documentation
@@ -3094,7 +3231,7 @@ module Aws::AppSync
     #         api_id: "String", # required
     #         name: "ResourceName", # required
     #         description: "String",
-    #         type: "AWS_LAMBDA", # required, accepts AWS_LAMBDA, AMAZON_DYNAMODB, AMAZON_ELASTICSEARCH, NONE, HTTP, RELATIONAL_DATABASE
+    #         type: "AWS_LAMBDA", # required, accepts AWS_LAMBDA, AMAZON_DYNAMODB, AMAZON_ELASTICSEARCH, NONE, HTTP, RELATIONAL_DATABASE, AMAZON_OPENSEARCH_SERVICE
     #         service_role_arn: "String",
     #         dynamodb_config: {
     #           table_name: "String", # required
@@ -3114,6 +3251,10 @@ module Aws::AppSync
     #           endpoint: "String", # required
     #           aws_region: "String", # required
     #         },
+    #         open_search_service_config: {
+    #           endpoint: "String", # required
+    #           aws_region: "String", # required
+    #         },
     #         http_config: {
     #           endpoint: "String",
     #           authorization_config: {
@@ -3161,13 +3302,22 @@ module Aws::AppSync
     #   @return [Types::DynamodbDataSourceConfig]
     #
     # @!attribute [rw] lambda_config
-    #   The new AWS Lambda configuration.
+    #   The new Amazon Web Services Lambda configuration.
     #   @return [Types::LambdaDataSourceConfig]
     #
     # @!attribute [rw] elasticsearch_config
-    #   The new Elasticsearch Service configuration.
+    #   The new OpenSearch configuration.
+    #
+    #   As of September 2021, Amazon Elasticsearch service is Amazon
+    #   OpenSearch Service. This configuration is deprecated. Instead, use
+    #   UpdateDataSourceRequest$openSearchServiceConfig to update an
+    #   OpenSearch data source.
     #   @return [Types::ElasticsearchDataSourceConfig]
     #
+    # @!attribute [rw] open_search_service_config
+    #   The new OpenSearch configuration.
+    #   @return [Types::OpenSearchServiceDataSourceConfig]
+    #
     # @!attribute [rw] http_config
     #   The new HTTP endpoint configuration.
     #   @return [Types::HttpDataSourceConfig]
@@ -3187,6 +3337,7 @@ module Aws::AppSync
       :dynamodb_config,
       :lambda_config,
       :elasticsearch_config,
+      :open_search_service_config,
       :http_config,
       :relational_database_config)
       SENSITIVE = []
@@ -3307,7 +3458,7 @@ module Aws::AppSync
     #           cloud_watch_logs_role_arn: "String", # required
     #           exclude_verbose_content: false,
     #         },
-    #         authentication_type: "API_KEY", # accepts API_KEY, AWS_IAM, AMAZON_COGNITO_USER_POOLS, OPENID_CONNECT
+    #         authentication_type: "API_KEY", # accepts API_KEY, AWS_IAM, AMAZON_COGNITO_USER_POOLS, OPENID_CONNECT, AWS_LAMBDA
     #         user_pool_config: {
     #           user_pool_id: "String", # required
     #           aws_region: "String", # required
@@ -3322,7 +3473,7 @@ module Aws::AppSync
     #         },
     #         additional_authentication_providers: [
     #           {
-    #             authentication_type: "API_KEY", # accepts API_KEY, AWS_IAM, AMAZON_COGNITO_USER_POOLS, OPENID_CONNECT
+    #             authentication_type: "API_KEY", # accepts API_KEY, AWS_IAM, AMAZON_COGNITO_USER_POOLS, OPENID_CONNECT, AWS_LAMBDA
     #             open_id_connect_config: {
     #               issuer: "String", # required
     #               client_id: "String",
@@ -3334,9 +3485,19 @@ module Aws::AppSync
     #               aws_region: "String", # required
     #               app_id_client_regex: "String",
     #             },
+    #             lambda_authorizer_config: {
+    #               authorizer_result_ttl_in_seconds: 1,
+    #               authorizer_uri: "String", # required
+    #               identity_validation_expression: "String",
+    #             },
     #           },
     #         ],
     #         xray_enabled: false,
+    #         lambda_authorizer_config: {
+    #           authorizer_result_ttl_in_seconds: 1,
+    #           authorizer_uri: "String", # required
+    #           identity_validation_expression: "String",
+    #         },
     #       }
     #
     # @!attribute [rw] api_id
@@ -3375,6 +3536,10 @@ module Aws::AppSync
     #   `GraphqlApi`.
     #   @return [Boolean]
     #
+    # @!attribute [rw] lambda_authorizer_config
+    #   Configuration for Amazon Web Services Lambda function authorization.
+    #   @return [Types::LambdaAuthorizerConfig]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/appsync-2017-07-25/UpdateGraphqlApiRequest AWS API Documentation
     #
     class UpdateGraphqlApiRequest < Struct.new(
@@ -3385,7 +3550,8 @@ module Aws::AppSync
       :user_pool_config,
       :open_id_connect_config,
       :additional_authentication_providers,
-      :xray_enabled)
+      :xray_enabled,
+      :lambda_authorizer_config)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -3581,7 +3747,7 @@ module Aws::AppSync
     #   @return [String]
     #
     # @!attribute [rw] aws_region
-    #   The AWS Region in which the user pool was created.
+    #   The Amazon Web Services Region in which the user pool was created.
     #   @return [String]
     #
     # @!attribute [rw] default_action

data/lib/aws-sdk-appsync.rb

@@ -48,6 +48,6 @@ require_relative 'aws-sdk-appsync/customizations'
 # @!group service
 module Aws::AppSync
 
-  GEM_VERSION = '1.41.0'
+  GEM_VERSION = '1.45.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-appsync
 version: !ruby/object:Gem::Version
-  version: 1.41.0
+  version: 1.45.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-07-28 00:00:00.000000000 Z
+date: 2021-10-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core
@@ -19,7 +19,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.118.0
+        version: 3.121.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.118.0
+        version: 3.121.2
 - !ruby/object:Gem::Dependency
   name: aws-sigv4
   requirement: !ruby/object:Gem::Requirement
@@ -76,7 +76,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.3'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="