@aws-amplify/graphql-api-construct 1.6.0-secrets-manager.0 → 1.7.0-iam-auth.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (207) hide show
  1. package/.jsii +484 -421
  2. package/API.md +30 -21
  3. package/CHANGELOG.md +17 -2
  4. package/README.md +17 -75
  5. package/lib/amplify-dynamodb-table-wrapper.d.ts +6 -1
  6. package/lib/amplify-dynamodb-table-wrapper.js +9 -2
  7. package/lib/amplify-graphql-api.d.ts +2 -2
  8. package/lib/amplify-graphql-api.js +11 -7
  9. package/lib/amplify-graphql-definition.js +1 -1
  10. package/lib/index.d.ts +1 -1
  11. package/lib/index.js +1 -1
  12. package/lib/internal/authorization-modes.d.ts +2 -1
  13. package/lib/internal/authorization-modes.js +37 -7
  14. package/lib/internal/construct-exports.js +13 -3
  15. package/lib/internal/data-source-config.js +4 -37
  16. package/lib/model-datasource-strategy-types.d.ts +1 -25
  17. package/lib/model-datasource-strategy-types.js +1 -1
  18. package/lib/sql-model-datasource-strategy.d.ts +1 -13
  19. package/lib/sql-model-datasource-strategy.js +4 -26
  20. package/lib/types.d.ts +68 -10
  21. package/lib/types.js +1 -1
  22. package/node_modules/@aws-amplify/graphql-auth-transformer/API.md +2 -0
  23. package/node_modules/@aws-amplify/graphql-auth-transformer/CHANGELOG.md +17 -1
  24. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/graphql-auth-transformer.d.ts.map +1 -1
  25. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/graphql-auth-transformer.js +36 -3
  26. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/graphql-auth-transformer.js.map +1 -1
  27. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/utils/definitions.d.ts +1 -0
  28. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/utils/definitions.d.ts.map +1 -1
  29. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/utils/definitions.js.map +1 -1
  30. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/utils/index.d.ts.map +1 -1
  31. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/utils/index.js +2 -1
  32. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/utils/index.js.map +1 -1
  33. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/utils/validations.d.ts.map +1 -1
  34. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/utils/validations.js +0 -3
  35. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/utils/validations.js.map +1 -1
  36. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/ddb-vtl-generator.d.ts +1 -1
  37. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/ddb-vtl-generator.d.ts.map +1 -1
  38. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/ddb-vtl-generator.js +1 -1
  39. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/ddb-vtl-generator.js.map +1 -1
  40. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/field.d.ts +1 -1
  41. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/field.d.ts.map +1 -1
  42. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/field.js +14 -7
  43. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/field.js.map +1 -1
  44. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/helpers.d.ts +2 -1
  45. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/helpers.d.ts.map +1 -1
  46. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/helpers.js +14 -3
  47. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/helpers.js.map +1 -1
  48. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/mutation.create.d.ts.map +1 -1
  49. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/mutation.create.js +3 -3
  50. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/mutation.create.js.map +1 -1
  51. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/mutation.delete.d.ts.map +1 -1
  52. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/mutation.delete.js +3 -3
  53. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/mutation.delete.js.map +1 -1
  54. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/mutation.update.d.ts.map +1 -1
  55. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/mutation.update.js +3 -3
  56. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/mutation.update.js.map +1 -1
  57. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/query.d.ts.map +1 -1
  58. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/query.js +2 -2
  59. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/query.js.map +1 -1
  60. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/search.d.ts.map +1 -1
  61. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/search.js +3 -3
  62. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/search.js.map +1 -1
  63. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/subscriptions.d.ts.map +1 -1
  64. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/subscriptions.js +1 -1
  65. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/subscriptions.js.map +1 -1
  66. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/rds-vtl-generator.d.ts +1 -1
  67. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/rds-vtl-generator.d.ts.map +1 -1
  68. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/rds-vtl-generator.js +2 -2
  69. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/rds-vtl-generator.js.map +1 -1
  70. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/resolvers/common.d.ts +3 -2
  71. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/resolvers/common.d.ts.map +1 -1
  72. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/resolvers/common.js +29 -9
  73. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/resolvers/common.js.map +1 -1
  74. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/resolvers/mutation.d.ts.map +1 -1
  75. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/resolvers/mutation.js +5 -5
  76. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/resolvers/mutation.js.map +1 -1
  77. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/resolvers/query.d.ts.map +1 -1
  78. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/resolvers/query.js +6 -5
  79. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/resolvers/query.js.map +1 -1
  80. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/resolvers/subscription.js +1 -1
  81. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/resolvers/subscription.js.map +1 -1
  82. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/vtl-generator.d.ts +1 -1
  83. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/vtl-generator.d.ts.map +1 -1
  84. package/node_modules/@aws-amplify/graphql-auth-transformer/package.json +20 -14
  85. package/node_modules/@aws-amplify/graphql-default-value-transformer/CHANGELOG.md +15 -1
  86. package/node_modules/@aws-amplify/graphql-default-value-transformer/package.json +15 -9
  87. package/node_modules/@aws-amplify/graphql-function-transformer/CHANGELOG.md +9 -1
  88. package/node_modules/@aws-amplify/graphql-function-transformer/package.json +14 -8
  89. package/node_modules/@aws-amplify/graphql-http-transformer/CHANGELOG.md +9 -1
  90. package/node_modules/@aws-amplify/graphql-http-transformer/package.json +14 -8
  91. package/node_modules/@aws-amplify/graphql-index-transformer/CHANGELOG.md +13 -1
  92. package/node_modules/@aws-amplify/graphql-index-transformer/package.json +15 -9
  93. package/node_modules/@aws-amplify/graphql-maps-to-transformer/CHANGELOG.md +13 -1
  94. package/node_modules/@aws-amplify/graphql-maps-to-transformer/lib/assets/mapping-lambda.zip +0 -0
  95. package/node_modules/@aws-amplify/graphql-maps-to-transformer/package.json +16 -14
  96. package/node_modules/@aws-amplify/graphql-model-transformer/API.md +3 -3
  97. package/node_modules/@aws-amplify/graphql-model-transformer/CHANGELOG.md +16 -3
  98. package/node_modules/@aws-amplify/graphql-model-transformer/lib/definitions.d.ts +2 -0
  99. package/node_modules/@aws-amplify/graphql-model-transformer/lib/definitions.d.ts.map +1 -1
  100. package/node_modules/@aws-amplify/graphql-model-transformer/lib/definitions.js +9 -1
  101. package/node_modules/@aws-amplify/graphql-model-transformer/lib/definitions.js.map +1 -1
  102. package/node_modules/@aws-amplify/graphql-model-transformer/lib/graphql-model-transformer.d.ts.map +1 -1
  103. package/node_modules/@aws-amplify/graphql-model-transformer/lib/graphql-model-transformer.js +51 -25
  104. package/node_modules/@aws-amplify/graphql-model-transformer/lib/graphql-model-transformer.js.map +1 -1
  105. package/node_modules/@aws-amplify/graphql-model-transformer/lib/graphql-types/common.d.ts +1 -1
  106. package/node_modules/@aws-amplify/graphql-model-transformer/lib/graphql-types/common.d.ts.map +1 -1
  107. package/node_modules/@aws-amplify/graphql-model-transformer/lib/graphql-types/common.js +11 -7
  108. package/node_modules/@aws-amplify/graphql-model-transformer/lib/graphql-types/common.js.map +1 -1
  109. package/node_modules/@aws-amplify/graphql-model-transformer/lib/graphql-types/mutation.d.ts +1 -1
  110. package/node_modules/@aws-amplify/graphql-model-transformer/lib/graphql-types/mutation.d.ts.map +1 -1
  111. package/node_modules/@aws-amplify/graphql-model-transformer/lib/graphql-types/mutation.js +9 -1
  112. package/node_modules/@aws-amplify/graphql-model-transformer/lib/graphql-types/mutation.js.map +1 -1
  113. package/node_modules/@aws-amplify/graphql-model-transformer/lib/rds-lambda.zip +0 -0
  114. package/node_modules/@aws-amplify/graphql-model-transformer/lib/rds-notification-lambda.zip +0 -0
  115. package/node_modules/@aws-amplify/graphql-model-transformer/lib/rds-patching-lambda.zip +0 -0
  116. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resolvers/common.d.ts +1 -1
  117. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resolvers/common.d.ts.map +1 -1
  118. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resolvers/common.js +15 -7
  119. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resolvers/common.js.map +1 -1
  120. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resolvers/rds/resolver.d.ts +1 -5
  121. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resolvers/rds/resolver.d.ts.map +1 -1
  122. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resolvers/rds/resolver.js +26 -71
  123. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resolvers/rds/resolver.js.map +1 -1
  124. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resources/amplify-dynamodb-table/amplify-dynamo-model-resource-generator.d.ts.map +1 -1
  125. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resources/amplify-dynamodb-table/amplify-dynamo-model-resource-generator.js +1 -0
  126. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resources/amplify-dynamodb-table/amplify-dynamo-model-resource-generator.js.map +1 -1
  127. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resources/model-resource-generator.d.ts.map +1 -1
  128. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resources/model-resource-generator.js +3 -3
  129. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resources/model-resource-generator.js.map +1 -1
  130. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resources/rds-model-resource-generator.d.ts.map +1 -1
  131. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resources/rds-model-resource-generator.js +7 -21
  132. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resources/rds-model-resource-generator.js.map +1 -1
  133. package/node_modules/@aws-amplify/graphql-model-transformer/package.json +17 -11
  134. package/node_modules/@aws-amplify/graphql-predictions-transformer/CHANGELOG.md +9 -1
  135. package/node_modules/@aws-amplify/graphql-predictions-transformer/lib/predictionsLambdaFunction.zip +0 -0
  136. package/node_modules/@aws-amplify/graphql-predictions-transformer/package.json +14 -8
  137. package/node_modules/@aws-amplify/graphql-relational-transformer/CHANGELOG.md +15 -1
  138. package/node_modules/@aws-amplify/graphql-relational-transformer/lib/schema.d.ts.map +1 -1
  139. package/node_modules/@aws-amplify/graphql-relational-transformer/lib/schema.js +13 -3
  140. package/node_modules/@aws-amplify/graphql-relational-transformer/lib/schema.js.map +1 -1
  141. package/node_modules/@aws-amplify/graphql-relational-transformer/package.json +17 -11
  142. package/node_modules/@aws-amplify/graphql-searchable-transformer/CHANGELOG.md +15 -1
  143. package/node_modules/@aws-amplify/graphql-searchable-transformer/lib/streaming-lambda.zip +0 -0
  144. package/node_modules/@aws-amplify/graphql-searchable-transformer/package.json +15 -9
  145. package/node_modules/@aws-amplify/graphql-sql-transformer/CHANGELOG.md +13 -1
  146. package/node_modules/@aws-amplify/graphql-sql-transformer/package.json +16 -10
  147. package/node_modules/@aws-amplify/graphql-transformer/CHANGELOG.md +13 -3
  148. package/node_modules/@aws-amplify/graphql-transformer/package.json +23 -17
  149. package/node_modules/@aws-amplify/graphql-transformer-core/API.md +12 -0
  150. package/node_modules/@aws-amplify/graphql-transformer-core/CHANGELOG.md +11 -1
  151. package/node_modules/@aws-amplify/graphql-transformer-core/lib/index.d.ts +1 -1
  152. package/node_modules/@aws-amplify/graphql-transformer-core/lib/index.d.ts.map +1 -1
  153. package/node_modules/@aws-amplify/graphql-transformer-core/lib/index.js +6 -2
  154. package/node_modules/@aws-amplify/graphql-transformer-core/lib/index.js.map +1 -1
  155. package/node_modules/@aws-amplify/graphql-transformer-core/lib/transformer-context/output.d.ts +2 -0
  156. package/node_modules/@aws-amplify/graphql-transformer-core/lib/transformer-context/output.d.ts.map +1 -1
  157. package/node_modules/@aws-amplify/graphql-transformer-core/lib/transformer-context/output.js +14 -0
  158. package/node_modules/@aws-amplify/graphql-transformer-core/lib/transformer-context/output.js.map +1 -1
  159. package/node_modules/@aws-amplify/graphql-transformer-core/lib/utils/index.d.ts +1 -1
  160. package/node_modules/@aws-amplify/graphql-transformer-core/lib/utils/index.d.ts.map +1 -1
  161. package/node_modules/@aws-amplify/graphql-transformer-core/lib/utils/index.js +5 -1
  162. package/node_modules/@aws-amplify/graphql-transformer-core/lib/utils/index.js.map +1 -1
  163. package/node_modules/@aws-amplify/graphql-transformer-core/lib/utils/model-util.d.ts +4 -0
  164. package/node_modules/@aws-amplify/graphql-transformer-core/lib/utils/model-util.d.ts.map +1 -1
  165. package/node_modules/@aws-amplify/graphql-transformer-core/lib/utils/model-util.js +18 -1
  166. package/node_modules/@aws-amplify/graphql-transformer-core/lib/utils/model-util.js.map +1 -1
  167. package/node_modules/@aws-amplify/graphql-transformer-core/package.json +14 -8
  168. package/node_modules/@aws-amplify/graphql-transformer-interfaces/API.md +6 -27
  169. package/node_modules/@aws-amplify/graphql-transformer-interfaces/CHANGELOG.md +6 -2
  170. package/node_modules/@aws-amplify/graphql-transformer-interfaces/lib/model-datasource/types.d.ts +1 -12
  171. package/node_modules/@aws-amplify/graphql-transformer-interfaces/lib/model-datasource/types.d.ts.map +1 -1
  172. package/node_modules/@aws-amplify/graphql-transformer-interfaces/lib/model-datasource/types.js +0 -22
  173. package/node_modules/@aws-amplify/graphql-transformer-interfaces/lib/model-datasource/types.js.map +1 -1
  174. package/node_modules/@aws-amplify/graphql-transformer-interfaces/lib/transformer-context/synth-parameters.d.ts +1 -0
  175. package/node_modules/@aws-amplify/graphql-transformer-interfaces/lib/transformer-context/synth-parameters.d.ts.map +1 -1
  176. package/node_modules/@aws-amplify/graphql-transformer-interfaces/lib/transformer-context/transformer-context-output-provider.d.ts +2 -0
  177. package/node_modules/@aws-amplify/graphql-transformer-interfaces/lib/transformer-context/transformer-context-output-provider.d.ts.map +1 -1
  178. package/node_modules/@aws-amplify/graphql-transformer-interfaces/package.json +8 -2
  179. package/node_modules/@aws-amplify/graphql-transformer-interfaces/src/model-datasource/types.ts +1 -76
  180. package/node_modules/@aws-amplify/graphql-transformer-interfaces/src/transformer-context/synth-parameters.ts +1 -0
  181. package/node_modules/@aws-amplify/graphql-transformer-interfaces/src/transformer-context/transformer-context-output-provider.ts +4 -0
  182. package/node_modules/@aws-amplify/graphql-transformer-interfaces/tsconfig.tsbuildinfo +1 -1
  183. package/node_modules/graphql-mapping-template/CHANGELOG.md +8 -0
  184. package/node_modules/graphql-mapping-template/LICENSE +201 -0
  185. package/node_modules/graphql-mapping-template/package.json +12 -5
  186. package/node_modules/graphql-transformer-common/API.md +14 -0
  187. package/node_modules/graphql-transformer-common/CHANGELOG.md +14 -0
  188. package/node_modules/graphql-transformer-common/LICENSE +201 -0
  189. package/node_modules/graphql-transformer-common/lib/TypescriptSchemaConstants.d.ts +13 -0
  190. package/node_modules/graphql-transformer-common/lib/TypescriptSchemaConstants.d.ts.map +1 -0
  191. package/node_modules/graphql-transformer-common/lib/TypescriptSchemaConstants.js +16 -0
  192. package/node_modules/graphql-transformer-common/lib/TypescriptSchemaConstants.js.map +1 -0
  193. package/node_modules/graphql-transformer-common/lib/index.d.ts +1 -0
  194. package/node_modules/graphql-transformer-common/lib/index.d.ts.map +1 -1
  195. package/node_modules/graphql-transformer-common/lib/index.js +1 -0
  196. package/node_modules/graphql-transformer-common/lib/index.js.map +1 -1
  197. package/node_modules/graphql-transformer-common/package.json +13 -6
  198. package/package.json +27 -21
  199. package/src/amplify-dynamodb-table-wrapper.ts +9 -1
  200. package/src/amplify-graphql-api.ts +17 -7
  201. package/src/index.ts +2 -0
  202. package/src/internal/authorization-modes.ts +47 -8
  203. package/src/internal/construct-exports.ts +14 -4
  204. package/src/internal/data-source-config.ts +9 -42
  205. package/src/model-datasource-strategy-types.ts +1 -33
  206. package/src/sql-model-datasource-strategy.ts +1 -32
  207. package/src/types.ts +75 -11
package/src/types.ts CHANGED
@@ -28,25 +28,68 @@ export interface IAMAuthorizationConfig {
28
28
  /**
29
29
  * ID for the Cognito Identity Pool vending auth and unauth roles.
30
30
  * Format: `<region>:<id string>`
31
+ *
32
+ * @deprecated Use 'IdentityPoolAuthorizationConfig.identityPoolId' instead.
33
+ * See https://docs.amplify.aws/cli/react/tools/cli/migration/iam-auth-updates-for-cdk-construct for details.
31
34
  */
32
- readonly identityPoolId: string;
35
+ readonly identityPoolId?: string;
33
36
 
34
37
  /**
35
38
  * Authenticated user role, applies to { provider: iam, allow: private } access.
39
+ *
40
+ * @deprecated Use 'IdentityPoolAuthorizationConfig.authenticatedUserRole' instead.
41
+ * See https://docs.amplify.aws/cli/react/tools/cli/migration/iam-auth-updates-for-cdk-construct for details.
36
42
  */
37
- readonly authenticatedUserRole: IRole;
43
+ readonly authenticatedUserRole?: IRole;
38
44
 
39
45
  /**
40
46
  * Unauthenticated user role, applies to { provider: iam, allow: public } access.
47
+ *
48
+ * @deprecated Use 'IdentityPoolAuthorizationConfig.unauthenticatedUserRole' instead.
49
+ * See https://docs.amplify.aws/cli/react/tools/cli/migration/iam-auth-updates-for-cdk-construct for details.
41
50
  */
42
- readonly unauthenticatedUserRole: IRole;
51
+ readonly unauthenticatedUserRole?: IRole;
43
52
 
44
53
  /**
45
54
  * A list of IAM roles which will be granted full read/write access to the generated model if IAM auth is enabled.
46
55
  * If an IRole is provided, the role `name` will be used for matching.
47
56
  * If a string is provided, the raw value will be used for matching.
57
+ *
58
+ * @deprecated Use 'enableIamAuthorizationMode' and IAM Policy to control access for IAM principals.
59
+ * See https://docs.amplify.aws/cli/react/tools/cli/migration/iam-auth-updates-for-cdk-construct for details.
48
60
  */
49
61
  readonly allowListedRoles?: (IRole | string)[];
62
+
63
+ /**
64
+ * Enables access for IAM principals. If enabled @auth directive rules are not applied.
65
+ * Instead, access should be defined by IAM Policy, see https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsappsync.html.
66
+ *
67
+ * Does not apply to authenticated and unauthenticated IAM Roles attached to Cognito Identity Pool.
68
+ * Use IdentityPoolAuthorizationConfig to configure their access.
69
+ */
70
+ readonly enableIamAuthorizationMode?: boolean;
71
+ }
72
+
73
+ /**
74
+ * Configuration for Cognito Identity Pool Authorization on the Graphql Api.
75
+ * @struct - required since this interface begins with an 'I'
76
+ */
77
+ export interface IdentityPoolAuthorizationConfig {
78
+ /**
79
+ * ID for the Cognito Identity Pool vending auth and unauth roles.
80
+ * Format: `<region>:<id string>`
81
+ */
82
+ readonly identityPoolId: string;
83
+
84
+ /**
85
+ * Authenticated user role, applies to { provider: iam, allow: private } access.
86
+ */
87
+ readonly authenticatedUserRole: IRole;
88
+
89
+ /**
90
+ * Unauthenticated user role, applies to { provider: iam, allow: public } access.
91
+ */
92
+ readonly unauthenticatedUserRole: IRole;
50
93
  }
51
94
 
52
95
  /**
@@ -134,11 +177,19 @@ export interface AuthorizationModes {
134
177
  readonly defaultAuthorizationMode?: 'AWS_IAM' | 'AMAZON_COGNITO_USER_POOLS' | 'OPENID_CONNECT' | 'API_KEY' | 'AWS_LAMBDA';
135
178
 
136
179
  /**
137
- * IAM Auth config, required if an 'iam' auth provider is specified in the Api.
138
- * Applies to 'public' and 'private' auth strategies.
180
+ * IAM Auth config, required to allow IAM-based access to this API.
181
+ * This applies to any IAM principal except Amazon Cognito identity pool's authenticated and unauthenticated roles.
182
+ * This behavior was has recently been improved.
183
+ * See https://docs.amplify.aws/cli/react/tools/cli/migration/iam-auth-updates-for-cdk-construct for details.
139
184
  */
140
185
  readonly iamConfig?: IAMAuthorizationConfig;
141
186
 
187
+ /**
188
+ * Cognito Identity Pool config, required if an 'identityPool' auth provider is specified in the Api.
189
+ * Applies to 'public' and 'private' auth strategies.
190
+ */
191
+ readonly identityPoolConfig?: IdentityPoolAuthorizationConfig;
192
+
142
193
  /**
143
194
  * Cognito UserPool config, required if a 'userPools' auth provider is specified in the Api.
144
195
  * Applies to 'owner', 'private', and 'group' auth strategies.
@@ -234,8 +285,14 @@ export type ConflictResolutionStrategy =
234
285
 
235
286
  /**
236
287
  * Project level configuration for conflict resolution.
288
+ * @deprecated use DataStoreConfiguration instead.
289
+ */
290
+ export interface ConflictResolution extends DataStoreConfiguration {}
291
+
292
+ /**
293
+ * Project level configuration for DataStore
237
294
  */
238
- export interface ConflictResolution {
295
+ export interface DataStoreConfiguration {
239
296
  /**
240
297
  * Project-wide config for conflict resolution. Applies to all non-overridden models.
241
298
  */
@@ -636,6 +693,7 @@ export interface AmplifyGraphqlApiProps {
636
693
  /**
637
694
  * Configure conflict resolution on the Api, which is required to enable DataStore Api functionality.
638
695
  * For more information, refer to https://docs.amplify.aws/lib/datastore/getting-started/q/platform/js/
696
+ * @deprecated use dataStoreConfiguration instead.
639
697
  */
640
698
  readonly conflictResolution?: ConflictResolution;
641
699
 
@@ -676,6 +734,12 @@ export interface AmplifyGraphqlApiProps {
676
734
  * Strategy to store construct outputs. If no outputStorageStrategey is provided a default strategy will be used.
677
735
  */
678
736
  readonly outputStorageStrategy?: IBackendOutputStorageStrategy;
737
+
738
+ /**
739
+ * Configure DataStore conflict resolution on the Api. Conflict resolution is required to enable DataStore Api functionality.
740
+ * For more information, refer to https://docs.amplify.aws/lib/datastore/getting-started/q/platform/js/
741
+ */
742
+ readonly dataStoreConfiguration?: DataStoreConfiguration;
679
743
  }
680
744
 
681
745
  /**
@@ -718,6 +782,11 @@ export interface AmplifyGraphqlApiCfnResources {
718
782
  */
719
783
  readonly cfnTables: Record<string, CfnTable>;
720
784
 
785
+ /**
786
+ * The Generated Amplify DynamoDb Table L1 resource wrapper, keyed by model type name.
787
+ */
788
+ readonly amplifyDynamoDbTables: Record<string, AmplifyDynamoDbTableWrapper>;
789
+
721
790
  /**
722
791
  * The Generated IAM Role L1 Resources, keyed by logicalId.
723
792
  */
@@ -749,11 +818,6 @@ export interface AmplifyGraphqlApiResources {
749
818
  */
750
819
  readonly tables: Record<string, ITable>;
751
820
 
752
- /**
753
- * The Generated Amplify DynamoDb Table wrapped if produced, keyed by name.
754
- */
755
- readonly amplifyDynamoDbTables: Record<string, AmplifyDynamoDbTableWrapper>;
756
-
757
821
  /**
758
822
  * The Generated IAM Role L2 Resources, keyed by logicalId.
759
823
  */