@aws-amplify/core 6.5.4-unstable.7402f60.0 → 6.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (71) hide show
  1. package/dist/cjs/Platform/types.js +2 -0
  2. package/dist/cjs/Platform/types.js.map +1 -1
  3. package/dist/cjs/Platform/version.js +1 -1
  4. package/dist/cjs/Platform/version.js.map +1 -1
  5. package/dist/cjs/clients/internal/composeServiceApi.js +38 -2
  6. package/dist/cjs/clients/internal/composeServiceApi.js.map +1 -1
  7. package/dist/cjs/clients/middleware/retry/defaultRetryDecider.js +5 -2
  8. package/dist/cjs/clients/middleware/retry/defaultRetryDecider.js.map +1 -1
  9. package/dist/cjs/clients/middleware/retry/middleware.js +4 -1
  10. package/dist/cjs/clients/middleware/retry/middleware.js.map +1 -1
  11. package/dist/cjs/clients/middleware/retry/types.js +6 -0
  12. package/dist/cjs/clients/middleware/retry/types.js.map +1 -0
  13. package/dist/cjs/clients/middleware/signing/middleware.js +6 -2
  14. package/dist/cjs/clients/middleware/signing/middleware.js.map +1 -1
  15. package/dist/cjs/parseAmplifyOutputs.js +4 -2
  16. package/dist/cjs/parseAmplifyOutputs.js.map +1 -1
  17. package/dist/esm/Platform/types.d.ts +3 -1
  18. package/dist/esm/Platform/types.mjs +2 -0
  19. package/dist/esm/Platform/types.mjs.map +1 -1
  20. package/dist/esm/Platform/version.d.ts +1 -1
  21. package/dist/esm/Platform/version.mjs +1 -1
  22. package/dist/esm/Platform/version.mjs.map +1 -1
  23. package/dist/esm/awsClients/cognitoIdentity/base.d.ts +1 -1
  24. package/dist/esm/awsClients/cognitoIdentity/getCredentialsForIdentity.d.ts +1 -1
  25. package/dist/esm/awsClients/cognitoIdentity/getId.d.ts +1 -1
  26. package/dist/esm/awsClients/pinpoint/base.d.ts +1 -1
  27. package/dist/esm/awsClients/pinpoint/getInAppMessages.d.ts +2 -2
  28. package/dist/esm/awsClients/pinpoint/putEvents.d.ts +2 -2
  29. package/dist/esm/awsClients/pinpoint/updateEndpoint.d.ts +2 -2
  30. package/dist/esm/clients/index.d.ts +2 -2
  31. package/dist/esm/clients/internal/composeServiceApi.d.ts +62 -2
  32. package/dist/esm/clients/internal/composeServiceApi.mjs +38 -2
  33. package/dist/esm/clients/internal/composeServiceApi.mjs.map +1 -1
  34. package/dist/esm/clients/middleware/retry/defaultRetryDecider.d.ts +2 -1
  35. package/dist/esm/clients/middleware/retry/defaultRetryDecider.mjs +5 -2
  36. package/dist/esm/clients/middleware/retry/defaultRetryDecider.mjs.map +1 -1
  37. package/dist/esm/clients/middleware/retry/index.d.ts +1 -0
  38. package/dist/esm/clients/middleware/retry/middleware.d.ts +3 -1
  39. package/dist/esm/clients/middleware/retry/middleware.mjs +4 -1
  40. package/dist/esm/clients/middleware/retry/middleware.mjs.map +1 -1
  41. package/dist/esm/clients/middleware/retry/types.d.ts +4 -0
  42. package/dist/esm/clients/middleware/retry/types.mjs +2 -0
  43. package/dist/esm/clients/middleware/retry/types.mjs.map +1 -0
  44. package/dist/esm/clients/middleware/signing/index.d.ts +1 -1
  45. package/dist/esm/clients/middleware/signing/middleware.d.ts +10 -2
  46. package/dist/esm/clients/middleware/signing/middleware.mjs +6 -2
  47. package/dist/esm/clients/middleware/signing/middleware.mjs.map +1 -1
  48. package/dist/esm/clients/types/core.d.ts +5 -0
  49. package/dist/esm/clients/types/index.d.ts +1 -1
  50. package/dist/esm/parseAmplifyOutputs.mjs +4 -2
  51. package/dist/esm/parseAmplifyOutputs.mjs.map +1 -1
  52. package/dist/esm/singleton/AmplifyOutputs/types.d.ts +6 -0
  53. package/dist/esm/singleton/Auth/types.d.ts +5 -1
  54. package/dist/esm/singleton/Storage/types.d.ts +2 -0
  55. package/package.json +3 -3
  56. package/src/Platform/types.ts +2 -0
  57. package/src/Platform/version.ts +1 -1
  58. package/src/clients/index.ts +6 -1
  59. package/src/clients/internal/composeServiceApi.ts +66 -6
  60. package/src/clients/middleware/retry/defaultRetryDecider.ts +11 -4
  61. package/src/clients/middleware/retry/index.ts +1 -0
  62. package/src/clients/middleware/retry/middleware.ts +16 -2
  63. package/src/clients/middleware/retry/types.ts +7 -0
  64. package/src/clients/middleware/signing/index.ts +5 -1
  65. package/src/clients/middleware/signing/middleware.ts +21 -3
  66. package/src/clients/types/core.ts +5 -0
  67. package/src/clients/types/index.ts +1 -0
  68. package/src/parseAmplifyOutputs.ts +17 -12
  69. package/src/singleton/AmplifyOutputs/types.ts +5 -1
  70. package/src/singleton/Auth/types.ts +5 -1
  71. package/src/singleton/Storage/types.ts +2 -0
@@ -61,6 +61,8 @@ export interface AuthTokens {
61
61
  export type AuthStandardAttributeKey = 'address' | 'birthdate' | 'email_verified' | 'family_name' | 'gender' | 'given_name' | 'locale' | 'middle_name' | 'name' | 'nickname' | 'phone_number_verified' | 'picture' | 'preferred_username' | 'profile' | 'sub' | 'updated_at' | 'website' | 'zoneinfo' | AuthVerifiableAttributeKey;
62
62
  export type LegacyUserAttributeKey = Uppercase<AuthStandardAttributeKey>;
63
63
  export type AuthVerifiableAttributeKey = 'email' | 'phone_number';
64
+ type UserGroupName = string;
65
+ type UserGroupPrecedence = Record<string, number>;
64
66
  export type AuthConfigUserAttributes = Partial<Record<AuthStandardAttributeKey, {
65
67
  required: boolean;
66
68
  }>>;
@@ -76,6 +78,7 @@ export interface AuthIdentityPoolConfig {
76
78
  userAttributes?: never;
77
79
  mfa?: never;
78
80
  passwordFormat?: never;
81
+ groups?: never;
79
82
  };
80
83
  }
81
84
  export interface CognitoIdentityPoolConfig {
@@ -113,6 +116,7 @@ export interface CognitoUserPoolConfig {
113
116
  requireNumbers?: boolean;
114
117
  requireSpecialCharacters?: boolean;
115
118
  };
119
+ groups?: Record<UserGroupName, UserGroupPrecedence>[];
116
120
  }
117
121
  export interface OAuthConfig {
118
122
  domain: string;
@@ -127,7 +131,7 @@ interface CustomProvider {
127
131
  custom: string;
128
132
  }
129
133
  type CustomScope = string & NonNullable<unknown>;
130
- export type OAuthScope = 'email' | 'openid' | 'phone' | 'email' | 'profile' | 'aws.cognito.signin.user.admin' | CustomScope;
134
+ export type OAuthScope = 'email' | 'openid' | 'phone' | 'profile' | 'aws.cognito.signin.user.admin' | CustomScope;
131
135
  export type CognitoUserPoolWithOAuthConfig = CognitoUserPoolConfig & {
132
136
  loginWith: {
133
137
  oauth: OAuthConfig;
@@ -7,6 +7,8 @@ export interface BucketInfo {
7
7
  bucketName: string;
8
8
  /** Region of the bucket */
9
9
  region: string;
10
+ /** Paths to object with access permissions */
11
+ paths?: Record<string, Record<string, string[] | undefined>>;
10
12
  }
11
13
  export interface S3ProviderConfig {
12
14
  S3: {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@aws-amplify/core",
3
- "version": "6.5.4-unstable.7402f60.0+7402f60",
3
+ "version": "6.6.0",
4
4
  "description": "Core category of aws-amplify",
5
5
  "main": "./dist/cjs/index.js",
6
6
  "module": "./dist/esm/index.mjs",
@@ -60,7 +60,7 @@
60
60
  "uuid": "^9.0.0"
61
61
  },
62
62
  "devDependencies": {
63
- "@aws-amplify/react-native": "1.1.7-unstable.7402f60.0+7402f60",
63
+ "@aws-amplify/react-native": "1.1.6",
64
64
  "@types/js-cookie": "3.0.2",
65
65
  "genversion": "^2.2.0",
66
66
  "typescript": "5.0.2"
@@ -192,5 +192,5 @@
192
192
  ]
193
193
  }
194
194
  },
195
- "gitHead": "7402f607443786750c9b2da63461739f974b594b"
195
+ "gitHead": "30abdbd853b2d237c491c4e3e1390b1ed449fb47"
196
196
  }
@@ -133,6 +133,8 @@ export enum StorageAction {
133
133
  Remove = '5',
134
134
  GetProperties = '6',
135
135
  GetUrl = '7',
136
+ GetDataAccess = '8',
137
+ ListCallerAccessGrants = '9',
136
138
  }
137
139
 
138
140
  interface ActionMap {
@@ -1,2 +1,2 @@
1
1
  // generated by genversion
2
- export const version = '6.8.3-unstable.7402f60.0+7402f60';
2
+ export const version = '6.9.0';
@@ -15,9 +15,14 @@ export {
15
15
  } from './middleware/signing/signer/signatureV4';
16
16
  export { EMPTY_HASH as EMPTY_SHA256_HASH } from './middleware/signing/signer/signatureV4/constants';
17
17
  export { extendedEncodeURIComponent } from './middleware/signing/utils/extendedEncodeURIComponent';
18
- export { signingMiddlewareFactory, SigningOptions } from './middleware/signing';
18
+ export {
19
+ signingMiddlewareFactory,
20
+ SigningOptions,
21
+ CredentialsProviderOptions,
22
+ } from './middleware/signing';
19
23
  export {
20
24
  getRetryDecider,
25
+ RetryDeciderOutput,
21
26
  jitteredBackoff,
22
27
  retryMiddlewareFactory,
23
28
  RetryOptions,
@@ -5,6 +5,42 @@ import { ServiceClientOptions } from '../types/aws';
5
5
  import { Endpoint, TransferHandler } from '../types/core';
6
6
  import { HttpRequest, HttpResponse } from '../types/http';
7
7
 
8
+ /**
9
+ * Compose a service API handler that accepts input as defined shape and responds conforming to defined output shape.
10
+ * A service API handler is composed with:
11
+ * * A transfer handler
12
+ * * A serializer function
13
+ * * A deserializer function
14
+ * * A default config object
15
+ *
16
+ * The returned service API handler, when called, will trigger the following workflow:
17
+ * 1. When calling the service API handler function, the default config object is merged into the input config
18
+ * object to assign the default values of some omitted configs, resulting to a resolved config object.
19
+ * 2. The `endpointResolver` function from the default config object will be invoked with the resolved config object and
20
+ * API input object resulting to an endpoint instance.
21
+ * 3. The serializer function is invoked with API input object and the endpoint instance resulting to an HTTP request
22
+ * instance.
23
+ * 4. The HTTP request instance and the resolved config object is passed to the transfer handler function.
24
+ * 5. The transfer handler function resolves to an HTTP response instance(can be either successful or failed status code).
25
+ * 6. The deserializer function is invoked with the HTTP response instance resulting to the API output object, and
26
+ * return to the caller.
27
+ *
28
+ *
29
+ * @param transferHandler Async function for dispatching HTTP requests and returning HTTP response.
30
+ * @param serializer Async function for converting object in defined input shape into HTTP request targeting a given
31
+ * endpoint.
32
+ * @param deserializer Async function for converting HTTP response into output object in defined output shape, or error
33
+ * shape.
34
+ * @param defaultConfig object containing default options to be consumed by transfer handler, serializer and
35
+ * deserializer.
36
+ * @returns a async service API handler function that accepts a config object and input object in defined shape, returns
37
+ * an output object in defined shape. It may also throw error instance in defined shape in deserializer. The config
38
+ * object type is composed with options type of transferHandler, endpointResolver function as well as endpointResolver
39
+ * function's input options type, region string. The config object property will be marked as optional if it's also
40
+ * defined in defaultConfig.
41
+ *
42
+ * @internal
43
+ */
8
44
  export const composeServiceApi = <
9
45
  TransferHandlerOptions,
10
46
  Input,
@@ -26,9 +62,9 @@ export const composeServiceApi = <
26
62
  return async (
27
63
  config: OptionalizeKey<
28
64
  TransferHandlerOptions &
29
- ServiceClientOptions &
30
- Partial<DefaultConfig> &
31
- InferEndpointResolverOptionType<DefaultConfig>,
65
+ ServiceClientOptions & // Required configs(e.g. endpointResolver, region) to serialize input shapes into requests
66
+ InferEndpointResolverOptionType<DefaultConfig> & // Required inputs for endpointResolver
67
+ Partial<DefaultConfig>, // Properties defined in default configs, we need to allow overwriting them when invoking the service API handler
32
68
  DefaultConfig
33
69
  >,
34
70
  input: Input,
@@ -37,8 +73,8 @@ export const composeServiceApi = <
37
73
  ...defaultConfig,
38
74
  ...config,
39
75
  } as unknown as TransferHandlerOptions & ServiceClientOptions;
40
- // We may want to allow different endpoints from given config(other than region) and input.
41
- // Currently S3 supports additional `useAccelerateEndpoint` option to use accelerate endpoint.
76
+ // We need to allow different endpoints based on both given config(other than region) and input.
77
+ // However for most of non-S3 services, region is the only input for endpoint resolver.
42
78
  const endpoint = await resolvedConfig.endpointResolver(
43
79
  resolvedConfig,
44
80
  input,
@@ -55,6 +91,30 @@ export const composeServiceApi = <
55
91
  };
56
92
  };
57
93
 
94
+ /**
95
+ * Type helper to make a given key optional in a given type. For all the keys in the `InputDefaultsType`, if its value
96
+ * is assignable to the value of the same key in `InputType`, we will mark the key in `InputType` is optional. If
97
+ * the `InputType` and `InputDefaultsType` has the same key but un-assignable types, the resulting type is `never` to
98
+ * trigger a type error down the line.
99
+ *
100
+ * @example
101
+ * type InputType = {
102
+ * a: string;
103
+ * b: number;
104
+ * c: string;
105
+ * };
106
+ * type InputDefaultsType = {
107
+ * a: string;
108
+ * b: number;
109
+ * };
110
+ * type OutputType = OptionalizeKey<InputType, InputDefaultsType>;
111
+ * OutputType equals to:
112
+ * {
113
+ * a?: string;
114
+ * b?: number;
115
+ * c: string;
116
+ * }
117
+ */
58
118
  type OptionalizeKey<InputType, InputDefaultsType> = {
59
119
  [KeyWithDefaultValue in keyof InputDefaultsType]?: KeyWithDefaultValue extends keyof InputType
60
120
  ? InputType[KeyWithDefaultValue]
@@ -67,7 +127,7 @@ type OptionalizeKey<InputType, InputDefaultsType> = {
67
127
  };
68
128
 
69
129
  type InferEndpointResolverOptionType<T> = T extends {
70
- endpointResolver(options: infer EndpointOptions): any;
130
+ endpointResolver(options: infer EndpointOptions, input: any): any;
71
131
  }
72
132
  ? EndpointOptions
73
133
  : never;
@@ -5,6 +5,7 @@ import { AmplifyErrorCode } from '../../../types';
5
5
  import { ErrorParser, HttpResponse } from '../../types';
6
6
 
7
7
  import { isClockSkewError } from './isClockSkewError';
8
+ import { RetryDeciderOutput } from './types';
8
9
 
9
10
  /**
10
11
  * Get retry decider function
@@ -12,7 +13,10 @@ import { isClockSkewError } from './isClockSkewError';
12
13
  */
13
14
  export const getRetryDecider =
14
15
  (errorParser: ErrorParser) =>
15
- async (response?: HttpResponse, error?: unknown): Promise<boolean> => {
16
+ async (
17
+ response?: HttpResponse,
18
+ error?: unknown,
19
+ ): Promise<RetryDeciderOutput> => {
16
20
  const parsedError =
17
21
  (error as Error & { code: string }) ??
18
22
  (await errorParser(response)) ??
@@ -20,12 +24,15 @@ export const getRetryDecider =
20
24
  const errorCode = parsedError?.code || parsedError?.name;
21
25
  const statusCode = response?.statusCode;
22
26
 
23
- return (
27
+ const isRetryable =
24
28
  isConnectionError(error) ||
25
29
  isThrottlingError(statusCode, errorCode) ||
26
30
  isClockSkewError(errorCode) ||
27
- isServerSideError(statusCode, errorCode)
28
- );
31
+ isServerSideError(statusCode, errorCode);
32
+
33
+ return {
34
+ retryable: isRetryable,
35
+ };
29
36
  };
30
37
 
31
38
  // reference: https://github.com/aws/aws-sdk-js-v3/blob/ab0e7be36e7e7f8a0c04834357aaad643c7912c3/packages/service-error-classification/src/constants.ts#L22-L37
@@ -4,3 +4,4 @@
4
4
  export { RetryOptions, retryMiddlewareFactory } from './middleware';
5
5
  export { jitteredBackoff } from './jitteredBackoff';
6
6
  export { getRetryDecider } from './defaultRetryDecider';
7
+ export { RetryDeciderOutput } from './types';
@@ -8,6 +8,8 @@ import {
8
8
  Response,
9
9
  } from '../../types/core';
10
10
 
11
+ import { RetryDeciderOutput } from './types';
12
+
11
13
  const DEFAULT_RETRY_ATTEMPTS = 3;
12
14
 
13
15
  /**
@@ -19,9 +21,14 @@ export interface RetryOptions<TResponse = Response> {
19
21
  *
20
22
  * @param response Optional response of the request.
21
23
  * @param error Optional error thrown from previous attempts.
24
+ * @param middlewareContext Optional context object to store data between retries.
22
25
  * @returns True if the request should be retried.
23
26
  */
24
- retryDecider(response?: TResponse, error?: unknown): Promise<boolean>;
27
+ retryDecider(
28
+ response?: TResponse,
29
+ error?: unknown,
30
+ middlewareContext?: MiddlewareContext,
31
+ ): Promise<RetryDeciderOutput>;
25
32
  /**
26
33
  * Function to compute the delay in milliseconds before the next retry based
27
34
  * on the number of attempts.
@@ -87,7 +94,14 @@ export const retryMiddlewareFactory = <TInput = Request, TOutput = Response>({
87
94
  ? (context.attemptsCount ?? 0)
88
95
  : attemptsCount + 1;
89
96
  context.attemptsCount = attemptsCount;
90
- if (await retryDecider(response, error)) {
97
+ const { isCredentialsExpiredError, retryable } = await retryDecider(
98
+ response,
99
+ error,
100
+ context,
101
+ );
102
+ if (retryable) {
103
+ // Setting isCredentialsInvalid flag to notify signing middleware to forceRefresh credentials provider.
104
+ context.isCredentialsExpired = !!isCredentialsExpiredError;
91
105
  if (!abortSignal?.aborted && attemptsCount < maxAttempts) {
92
106
  // prevent sleep for last attempt or cancelled request;
93
107
  const delay = computeDelay(attemptsCount);
@@ -0,0 +1,7 @@
1
+ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
2
+ // SPDX-License-Identifier: Apache-2.0
3
+
4
+ export interface RetryDeciderOutput {
5
+ retryable: boolean;
6
+ isCredentialsExpiredError?: boolean;
7
+ }
@@ -1,4 +1,8 @@
1
1
  // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
2
2
  // SPDX-License-Identifier: Apache-2.0
3
3
 
4
- export { signingMiddlewareFactory, SigningOptions } from './middleware';
4
+ export {
5
+ signingMiddlewareFactory,
6
+ SigningOptions,
7
+ CredentialsProviderOptions,
8
+ } from './middleware';
@@ -7,16 +7,27 @@ import {
7
7
  HttpResponse,
8
8
  MiddlewareHandler,
9
9
  } from '../../types';
10
+ import { MiddlewareContext } from '../../types/core';
10
11
 
11
12
  import { signRequest } from './signer/signatureV4';
12
13
  import { getSkewCorrectedDate } from './utils/getSkewCorrectedDate';
13
14
  import { getUpdatedSystemClockOffset } from './utils/getUpdatedSystemClockOffset';
14
15
 
16
+ /**
17
+ * Options type for the async callback function returning aws credentials. This
18
+ * function is used by SigV4 signer to resolve the aws credentials
19
+ */
20
+ export interface CredentialsProviderOptions {
21
+ forceRefresh?: boolean;
22
+ }
23
+
15
24
  /**
16
25
  * Configuration of the signing middleware
17
26
  */
18
27
  export interface SigningOptions {
19
- credentials: Credentials | (() => Promise<Credentials>);
28
+ credentials:
29
+ | Credentials
30
+ | ((options?: CredentialsProviderOptions) => Promise<Credentials>);
20
31
  region: string;
21
32
  service: string;
22
33
 
@@ -41,12 +52,19 @@ export const signingMiddlewareFactory = ({
41
52
  }: SigningOptions) => {
42
53
  let currentSystemClockOffset: number;
43
54
 
44
- return (next: MiddlewareHandler<HttpRequest, HttpResponse>) =>
55
+ return (
56
+ next: MiddlewareHandler<HttpRequest, HttpResponse>,
57
+ context: MiddlewareContext,
58
+ ) =>
45
59
  async function signingMiddleware(request: HttpRequest) {
46
60
  currentSystemClockOffset = currentSystemClockOffset ?? 0;
47
61
  const signRequestOptions = {
48
62
  credentials:
49
- typeof credentials === 'function' ? await credentials() : credentials,
63
+ typeof credentials === 'function'
64
+ ? await credentials({
65
+ forceRefresh: !!context?.isCredentialsExpired,
66
+ })
67
+ : credentials,
50
68
  signingDate: getSkewCorrectedDate(currentSystemClockOffset),
51
69
  signingRegion: region,
52
70
  signingService: service,
@@ -30,6 +30,11 @@ export type MiddlewareHandler<Input, Output> = (
30
30
  * The context object to store states across the middleware chain.
31
31
  */
32
32
  export interface MiddlewareContext {
33
+ /**
34
+ * Whether an error indicating expired credentials has been returned from server-side.
35
+ * This is set by the retry middleware.
36
+ */
37
+ isCredentialsExpired?: boolean;
33
38
  /**
34
39
  * The number of times the request has been attempted. This is set by retry middleware
35
40
  */
@@ -4,6 +4,7 @@
4
4
  export {
5
5
  Middleware,
6
6
  MiddlewareHandler,
7
+ MiddlewareContext,
7
8
  Request,
8
9
  Response,
9
10
  TransferHandler,
@@ -88,12 +88,14 @@ function parseAuth(
88
88
  oauth,
89
89
  username_attributes,
90
90
  standard_required_attributes,
91
+ groups,
91
92
  } = amplifyOutputsAuthProperties;
92
93
 
93
94
  const authConfig = {
94
95
  Cognito: {
95
96
  userPoolId: user_pool_id,
96
97
  userPoolClientId: user_pool_client_id,
98
+ groups,
97
99
  },
98
100
  } as AuthConfig;
99
101
 
@@ -373,18 +375,21 @@ function createBucketInfoMap(
373
375
  ): Record<string, BucketInfo> {
374
376
  const mappedBuckets: Record<string, BucketInfo> = {};
375
377
 
376
- buckets.forEach(({ name, bucket_name: bucketName, aws_region: region }) => {
377
- if (name in mappedBuckets) {
378
- throw new Error(
379
- `Duplicate friendly name found: ${name}. Name must be unique.`,
380
- );
381
- }
382
-
383
- mappedBuckets[name] = {
384
- bucketName,
385
- region,
386
- };
387
- });
378
+ buckets.forEach(
379
+ ({ name, bucket_name: bucketName, aws_region: region, paths }) => {
380
+ if (name in mappedBuckets) {
381
+ throw new Error(
382
+ `Duplicate friendly name found: ${name}. Name must be unique.`,
383
+ );
384
+ }
385
+
386
+ mappedBuckets[name] = {
387
+ bucketName,
388
+ region,
389
+ paths,
390
+ };
391
+ },
392
+ );
388
393
 
389
394
  return mappedBuckets;
390
395
  }
@@ -13,7 +13,8 @@ export type AmplifyOutputsAuthMFAConfiguration =
13
13
  | 'NONE';
14
14
 
15
15
  export type AmplifyOutputsAuthMFAMethod = 'SMS' | 'TOTP';
16
-
16
+ type UserGroupName = string;
17
+ type UserGroupPrecedence = Record<string, number>;
17
18
  export interface AmplifyOutputsAuthProperties {
18
19
  aws_region: string;
19
20
  authentication_flow_type?: 'USER_SRP_AUTH' | 'CUSTOM_AUTH';
@@ -41,6 +42,7 @@ export interface AmplifyOutputsAuthProperties {
41
42
  unauthenticated_identities_enabled?: boolean;
42
43
  mfa_configuration?: string;
43
44
  mfa_methods?: string[];
45
+ groups?: Record<UserGroupName, UserGroupPrecedence>[];
44
46
  }
45
47
 
46
48
  export interface AmplifyOutputsStorageBucketProperties {
@@ -50,6 +52,8 @@ export interface AmplifyOutputsStorageBucketProperties {
50
52
  bucket_name: string;
51
53
  /** Region for the bucket */
52
54
  aws_region: string;
55
+ /** Paths to object with access permissions */
56
+ paths?: Record<string, Record<string, string[] | undefined>>;
53
57
  }
54
58
  export interface AmplifyOutputsStorageProperties {
55
59
  /** Default region for Storage */
@@ -108,6 +108,9 @@ export type LegacyUserAttributeKey = Uppercase<AuthStandardAttributeKey>;
108
108
 
109
109
  export type AuthVerifiableAttributeKey = 'email' | 'phone_number';
110
110
 
111
+ type UserGroupName = string;
112
+ type UserGroupPrecedence = Record<string, number>;
113
+
111
114
  export type AuthConfigUserAttributes = Partial<
112
115
  Record<AuthStandardAttributeKey, { required: boolean }>
113
116
  >;
@@ -130,6 +133,7 @@ export interface AuthIdentityPoolConfig {
130
133
  userAttributes?: never;
131
134
  mfa?: never;
132
135
  passwordFormat?: never;
136
+ groups?: never;
133
137
  };
134
138
  }
135
139
 
@@ -171,6 +175,7 @@ export interface CognitoUserPoolConfig {
171
175
  requireNumbers?: boolean;
172
176
  requireSpecialCharacters?: boolean;
173
177
  };
178
+ groups?: Record<UserGroupName, UserGroupPrecedence>[];
174
179
  }
175
180
 
176
181
  export interface OAuthConfig {
@@ -194,7 +199,6 @@ export type OAuthScope =
194
199
  | 'email'
195
200
  | 'openid'
196
201
  | 'phone'
197
- | 'email'
198
202
  | 'profile'
199
203
  | 'aws.cognito.signin.user.admin'
200
204
  | CustomScope;
@@ -12,6 +12,8 @@ export interface BucketInfo {
12
12
  bucketName: string;
13
13
  /** Region of the bucket */
14
14
  region: string;
15
+ /** Paths to object with access permissions */
16
+ paths?: Record<string, Record<string, string[] | undefined>>;
15
17
  }
16
18
  export interface S3ProviderConfig {
17
19
  S3: {