@aws-amplify/graphql-api-construct 1.6.0-secrets-manager.0 → 1.7.0-iam-auth.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (207) hide show
  1. package/.jsii +484 -421
  2. package/API.md +30 -21
  3. package/CHANGELOG.md +17 -2
  4. package/README.md +17 -75
  5. package/lib/amplify-dynamodb-table-wrapper.d.ts +6 -1
  6. package/lib/amplify-dynamodb-table-wrapper.js +9 -2
  7. package/lib/amplify-graphql-api.d.ts +2 -2
  8. package/lib/amplify-graphql-api.js +11 -7
  9. package/lib/amplify-graphql-definition.js +1 -1
  10. package/lib/index.d.ts +1 -1
  11. package/lib/index.js +1 -1
  12. package/lib/internal/authorization-modes.d.ts +2 -1
  13. package/lib/internal/authorization-modes.js +37 -7
  14. package/lib/internal/construct-exports.js +13 -3
  15. package/lib/internal/data-source-config.js +4 -37
  16. package/lib/model-datasource-strategy-types.d.ts +1 -25
  17. package/lib/model-datasource-strategy-types.js +1 -1
  18. package/lib/sql-model-datasource-strategy.d.ts +1 -13
  19. package/lib/sql-model-datasource-strategy.js +4 -26
  20. package/lib/types.d.ts +68 -10
  21. package/lib/types.js +1 -1
  22. package/node_modules/@aws-amplify/graphql-auth-transformer/API.md +2 -0
  23. package/node_modules/@aws-amplify/graphql-auth-transformer/CHANGELOG.md +17 -1
  24. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/graphql-auth-transformer.d.ts.map +1 -1
  25. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/graphql-auth-transformer.js +36 -3
  26. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/graphql-auth-transformer.js.map +1 -1
  27. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/utils/definitions.d.ts +1 -0
  28. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/utils/definitions.d.ts.map +1 -1
  29. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/utils/definitions.js.map +1 -1
  30. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/utils/index.d.ts.map +1 -1
  31. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/utils/index.js +2 -1
  32. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/utils/index.js.map +1 -1
  33. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/utils/validations.d.ts.map +1 -1
  34. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/utils/validations.js +0 -3
  35. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/utils/validations.js.map +1 -1
  36. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/ddb-vtl-generator.d.ts +1 -1
  37. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/ddb-vtl-generator.d.ts.map +1 -1
  38. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/ddb-vtl-generator.js +1 -1
  39. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/ddb-vtl-generator.js.map +1 -1
  40. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/field.d.ts +1 -1
  41. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/field.d.ts.map +1 -1
  42. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/field.js +14 -7
  43. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/field.js.map +1 -1
  44. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/helpers.d.ts +2 -1
  45. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/helpers.d.ts.map +1 -1
  46. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/helpers.js +14 -3
  47. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/helpers.js.map +1 -1
  48. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/mutation.create.d.ts.map +1 -1
  49. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/mutation.create.js +3 -3
  50. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/mutation.create.js.map +1 -1
  51. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/mutation.delete.d.ts.map +1 -1
  52. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/mutation.delete.js +3 -3
  53. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/mutation.delete.js.map +1 -1
  54. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/mutation.update.d.ts.map +1 -1
  55. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/mutation.update.js +3 -3
  56. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/mutation.update.js.map +1 -1
  57. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/query.d.ts.map +1 -1
  58. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/query.js +2 -2
  59. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/query.js.map +1 -1
  60. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/search.d.ts.map +1 -1
  61. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/search.js +3 -3
  62. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/search.js.map +1 -1
  63. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/subscriptions.d.ts.map +1 -1
  64. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/subscriptions.js +1 -1
  65. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/ddb/resolvers/subscriptions.js.map +1 -1
  66. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/rds-vtl-generator.d.ts +1 -1
  67. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/rds-vtl-generator.d.ts.map +1 -1
  68. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/rds-vtl-generator.js +2 -2
  69. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/rds-vtl-generator.js.map +1 -1
  70. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/resolvers/common.d.ts +3 -2
  71. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/resolvers/common.d.ts.map +1 -1
  72. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/resolvers/common.js +29 -9
  73. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/resolvers/common.js.map +1 -1
  74. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/resolvers/mutation.d.ts.map +1 -1
  75. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/resolvers/mutation.js +5 -5
  76. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/resolvers/mutation.js.map +1 -1
  77. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/resolvers/query.d.ts.map +1 -1
  78. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/resolvers/query.js +6 -5
  79. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/resolvers/query.js.map +1 -1
  80. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/resolvers/subscription.js +1 -1
  81. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/rds/resolvers/subscription.js.map +1 -1
  82. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/vtl-generator.d.ts +1 -1
  83. package/node_modules/@aws-amplify/graphql-auth-transformer/lib/vtl-generator/vtl-generator.d.ts.map +1 -1
  84. package/node_modules/@aws-amplify/graphql-auth-transformer/package.json +20 -14
  85. package/node_modules/@aws-amplify/graphql-default-value-transformer/CHANGELOG.md +15 -1
  86. package/node_modules/@aws-amplify/graphql-default-value-transformer/package.json +15 -9
  87. package/node_modules/@aws-amplify/graphql-function-transformer/CHANGELOG.md +9 -1
  88. package/node_modules/@aws-amplify/graphql-function-transformer/package.json +14 -8
  89. package/node_modules/@aws-amplify/graphql-http-transformer/CHANGELOG.md +9 -1
  90. package/node_modules/@aws-amplify/graphql-http-transformer/package.json +14 -8
  91. package/node_modules/@aws-amplify/graphql-index-transformer/CHANGELOG.md +13 -1
  92. package/node_modules/@aws-amplify/graphql-index-transformer/package.json +15 -9
  93. package/node_modules/@aws-amplify/graphql-maps-to-transformer/CHANGELOG.md +13 -1
  94. package/node_modules/@aws-amplify/graphql-maps-to-transformer/lib/assets/mapping-lambda.zip +0 -0
  95. package/node_modules/@aws-amplify/graphql-maps-to-transformer/package.json +16 -14
  96. package/node_modules/@aws-amplify/graphql-model-transformer/API.md +3 -3
  97. package/node_modules/@aws-amplify/graphql-model-transformer/CHANGELOG.md +16 -3
  98. package/node_modules/@aws-amplify/graphql-model-transformer/lib/definitions.d.ts +2 -0
  99. package/node_modules/@aws-amplify/graphql-model-transformer/lib/definitions.d.ts.map +1 -1
  100. package/node_modules/@aws-amplify/graphql-model-transformer/lib/definitions.js +9 -1
  101. package/node_modules/@aws-amplify/graphql-model-transformer/lib/definitions.js.map +1 -1
  102. package/node_modules/@aws-amplify/graphql-model-transformer/lib/graphql-model-transformer.d.ts.map +1 -1
  103. package/node_modules/@aws-amplify/graphql-model-transformer/lib/graphql-model-transformer.js +51 -25
  104. package/node_modules/@aws-amplify/graphql-model-transformer/lib/graphql-model-transformer.js.map +1 -1
  105. package/node_modules/@aws-amplify/graphql-model-transformer/lib/graphql-types/common.d.ts +1 -1
  106. package/node_modules/@aws-amplify/graphql-model-transformer/lib/graphql-types/common.d.ts.map +1 -1
  107. package/node_modules/@aws-amplify/graphql-model-transformer/lib/graphql-types/common.js +11 -7
  108. package/node_modules/@aws-amplify/graphql-model-transformer/lib/graphql-types/common.js.map +1 -1
  109. package/node_modules/@aws-amplify/graphql-model-transformer/lib/graphql-types/mutation.d.ts +1 -1
  110. package/node_modules/@aws-amplify/graphql-model-transformer/lib/graphql-types/mutation.d.ts.map +1 -1
  111. package/node_modules/@aws-amplify/graphql-model-transformer/lib/graphql-types/mutation.js +9 -1
  112. package/node_modules/@aws-amplify/graphql-model-transformer/lib/graphql-types/mutation.js.map +1 -1
  113. package/node_modules/@aws-amplify/graphql-model-transformer/lib/rds-lambda.zip +0 -0
  114. package/node_modules/@aws-amplify/graphql-model-transformer/lib/rds-notification-lambda.zip +0 -0
  115. package/node_modules/@aws-amplify/graphql-model-transformer/lib/rds-patching-lambda.zip +0 -0
  116. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resolvers/common.d.ts +1 -1
  117. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resolvers/common.d.ts.map +1 -1
  118. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resolvers/common.js +15 -7
  119. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resolvers/common.js.map +1 -1
  120. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resolvers/rds/resolver.d.ts +1 -5
  121. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resolvers/rds/resolver.d.ts.map +1 -1
  122. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resolvers/rds/resolver.js +26 -71
  123. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resolvers/rds/resolver.js.map +1 -1
  124. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resources/amplify-dynamodb-table/amplify-dynamo-model-resource-generator.d.ts.map +1 -1
  125. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resources/amplify-dynamodb-table/amplify-dynamo-model-resource-generator.js +1 -0
  126. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resources/amplify-dynamodb-table/amplify-dynamo-model-resource-generator.js.map +1 -1
  127. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resources/model-resource-generator.d.ts.map +1 -1
  128. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resources/model-resource-generator.js +3 -3
  129. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resources/model-resource-generator.js.map +1 -1
  130. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resources/rds-model-resource-generator.d.ts.map +1 -1
  131. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resources/rds-model-resource-generator.js +7 -21
  132. package/node_modules/@aws-amplify/graphql-model-transformer/lib/resources/rds-model-resource-generator.js.map +1 -1
  133. package/node_modules/@aws-amplify/graphql-model-transformer/package.json +17 -11
  134. package/node_modules/@aws-amplify/graphql-predictions-transformer/CHANGELOG.md +9 -1
  135. package/node_modules/@aws-amplify/graphql-predictions-transformer/lib/predictionsLambdaFunction.zip +0 -0
  136. package/node_modules/@aws-amplify/graphql-predictions-transformer/package.json +14 -8
  137. package/node_modules/@aws-amplify/graphql-relational-transformer/CHANGELOG.md +15 -1
  138. package/node_modules/@aws-amplify/graphql-relational-transformer/lib/schema.d.ts.map +1 -1
  139. package/node_modules/@aws-amplify/graphql-relational-transformer/lib/schema.js +13 -3
  140. package/node_modules/@aws-amplify/graphql-relational-transformer/lib/schema.js.map +1 -1
  141. package/node_modules/@aws-amplify/graphql-relational-transformer/package.json +17 -11
  142. package/node_modules/@aws-amplify/graphql-searchable-transformer/CHANGELOG.md +15 -1
  143. package/node_modules/@aws-amplify/graphql-searchable-transformer/lib/streaming-lambda.zip +0 -0
  144. package/node_modules/@aws-amplify/graphql-searchable-transformer/package.json +15 -9
  145. package/node_modules/@aws-amplify/graphql-sql-transformer/CHANGELOG.md +13 -1
  146. package/node_modules/@aws-amplify/graphql-sql-transformer/package.json +16 -10
  147. package/node_modules/@aws-amplify/graphql-transformer/CHANGELOG.md +13 -3
  148. package/node_modules/@aws-amplify/graphql-transformer/package.json +23 -17
  149. package/node_modules/@aws-amplify/graphql-transformer-core/API.md +12 -0
  150. package/node_modules/@aws-amplify/graphql-transformer-core/CHANGELOG.md +11 -1
  151. package/node_modules/@aws-amplify/graphql-transformer-core/lib/index.d.ts +1 -1
  152. package/node_modules/@aws-amplify/graphql-transformer-core/lib/index.d.ts.map +1 -1
  153. package/node_modules/@aws-amplify/graphql-transformer-core/lib/index.js +6 -2
  154. package/node_modules/@aws-amplify/graphql-transformer-core/lib/index.js.map +1 -1
  155. package/node_modules/@aws-amplify/graphql-transformer-core/lib/transformer-context/output.d.ts +2 -0
  156. package/node_modules/@aws-amplify/graphql-transformer-core/lib/transformer-context/output.d.ts.map +1 -1
  157. package/node_modules/@aws-amplify/graphql-transformer-core/lib/transformer-context/output.js +14 -0
  158. package/node_modules/@aws-amplify/graphql-transformer-core/lib/transformer-context/output.js.map +1 -1
  159. package/node_modules/@aws-amplify/graphql-transformer-core/lib/utils/index.d.ts +1 -1
  160. package/node_modules/@aws-amplify/graphql-transformer-core/lib/utils/index.d.ts.map +1 -1
  161. package/node_modules/@aws-amplify/graphql-transformer-core/lib/utils/index.js +5 -1
  162. package/node_modules/@aws-amplify/graphql-transformer-core/lib/utils/index.js.map +1 -1
  163. package/node_modules/@aws-amplify/graphql-transformer-core/lib/utils/model-util.d.ts +4 -0
  164. package/node_modules/@aws-amplify/graphql-transformer-core/lib/utils/model-util.d.ts.map +1 -1
  165. package/node_modules/@aws-amplify/graphql-transformer-core/lib/utils/model-util.js +18 -1
  166. package/node_modules/@aws-amplify/graphql-transformer-core/lib/utils/model-util.js.map +1 -1
  167. package/node_modules/@aws-amplify/graphql-transformer-core/package.json +14 -8
  168. package/node_modules/@aws-amplify/graphql-transformer-interfaces/API.md +6 -27
  169. package/node_modules/@aws-amplify/graphql-transformer-interfaces/CHANGELOG.md +6 -2
  170. package/node_modules/@aws-amplify/graphql-transformer-interfaces/lib/model-datasource/types.d.ts +1 -12
  171. package/node_modules/@aws-amplify/graphql-transformer-interfaces/lib/model-datasource/types.d.ts.map +1 -1
  172. package/node_modules/@aws-amplify/graphql-transformer-interfaces/lib/model-datasource/types.js +0 -22
  173. package/node_modules/@aws-amplify/graphql-transformer-interfaces/lib/model-datasource/types.js.map +1 -1
  174. package/node_modules/@aws-amplify/graphql-transformer-interfaces/lib/transformer-context/synth-parameters.d.ts +1 -0
  175. package/node_modules/@aws-amplify/graphql-transformer-interfaces/lib/transformer-context/synth-parameters.d.ts.map +1 -1
  176. package/node_modules/@aws-amplify/graphql-transformer-interfaces/lib/transformer-context/transformer-context-output-provider.d.ts +2 -0
  177. package/node_modules/@aws-amplify/graphql-transformer-interfaces/lib/transformer-context/transformer-context-output-provider.d.ts.map +1 -1
  178. package/node_modules/@aws-amplify/graphql-transformer-interfaces/package.json +8 -2
  179. package/node_modules/@aws-amplify/graphql-transformer-interfaces/src/model-datasource/types.ts +1 -76
  180. package/node_modules/@aws-amplify/graphql-transformer-interfaces/src/transformer-context/synth-parameters.ts +1 -0
  181. package/node_modules/@aws-amplify/graphql-transformer-interfaces/src/transformer-context/transformer-context-output-provider.ts +4 -0
  182. package/node_modules/@aws-amplify/graphql-transformer-interfaces/tsconfig.tsbuildinfo +1 -1
  183. package/node_modules/graphql-mapping-template/CHANGELOG.md +8 -0
  184. package/node_modules/graphql-mapping-template/LICENSE +201 -0
  185. package/node_modules/graphql-mapping-template/package.json +12 -5
  186. package/node_modules/graphql-transformer-common/API.md +14 -0
  187. package/node_modules/graphql-transformer-common/CHANGELOG.md +14 -0
  188. package/node_modules/graphql-transformer-common/LICENSE +201 -0
  189. package/node_modules/graphql-transformer-common/lib/TypescriptSchemaConstants.d.ts +13 -0
  190. package/node_modules/graphql-transformer-common/lib/TypescriptSchemaConstants.d.ts.map +1 -0
  191. package/node_modules/graphql-transformer-common/lib/TypescriptSchemaConstants.js +16 -0
  192. package/node_modules/graphql-transformer-common/lib/TypescriptSchemaConstants.js.map +1 -0
  193. package/node_modules/graphql-transformer-common/lib/index.d.ts +1 -0
  194. package/node_modules/graphql-transformer-common/lib/index.d.ts.map +1 -1
  195. package/node_modules/graphql-transformer-common/lib/index.js +1 -0
  196. package/node_modules/graphql-transformer-common/lib/index.js.map +1 -1
  197. package/node_modules/graphql-transformer-common/package.json +13 -6
  198. package/package.json +27 -21
  199. package/src/amplify-dynamodb-table-wrapper.ts +9 -1
  200. package/src/amplify-graphql-api.ts +17 -7
  201. package/src/index.ts +2 -0
  202. package/src/internal/authorization-modes.ts +47 -8
  203. package/src/internal/construct-exports.ts +14 -4
  204. package/src/internal/data-source-config.ts +9 -42
  205. package/src/model-datasource-strategy-types.ts +1 -33
  206. package/src/sql-model-datasource-strategy.ts +1 -32
  207. package/src/types.ts +75 -11
package/src/types.ts CHANGED
@@ -28,25 +28,68 @@ export interface IAMAuthorizationConfig {
28
28
  /**
29
29
  * ID for the Cognito Identity Pool vending auth and unauth roles.
30
30
  * Format: `<region>:<id string>`
31
+ *
32
+ * @deprecated Use 'IdentityPoolAuthorizationConfig.identityPoolId' instead.
33
+ * See https://docs.amplify.aws/cli/react/tools/cli/migration/iam-auth-updates-for-cdk-construct for details.
31
34
  */
32
- readonly identityPoolId: string;
35
+ readonly identityPoolId?: string;
33
36
 
34
37
  /**
35
38
  * Authenticated user role, applies to { provider: iam, allow: private } access.
39
+ *
40
+ * @deprecated Use 'IdentityPoolAuthorizationConfig.authenticatedUserRole' instead.
41
+ * See https://docs.amplify.aws/cli/react/tools/cli/migration/iam-auth-updates-for-cdk-construct for details.
36
42
  */
37
- readonly authenticatedUserRole: IRole;
43
+ readonly authenticatedUserRole?: IRole;
38
44
 
39
45
  /**
40
46
  * Unauthenticated user role, applies to { provider: iam, allow: public } access.
47
+ *
48
+ * @deprecated Use 'IdentityPoolAuthorizationConfig.unauthenticatedUserRole' instead.
49
+ * See https://docs.amplify.aws/cli/react/tools/cli/migration/iam-auth-updates-for-cdk-construct for details.
41
50
  */
42
- readonly unauthenticatedUserRole: IRole;
51
+ readonly unauthenticatedUserRole?: IRole;
43
52
 
44
53
  /**
45
54
  * A list of IAM roles which will be granted full read/write access to the generated model if IAM auth is enabled.
46
55
  * If an IRole is provided, the role `name` will be used for matching.
47
56
  * If a string is provided, the raw value will be used for matching.
57
+ *
58
+ * @deprecated Use 'enableIamAuthorizationMode' and IAM Policy to control access for IAM principals.
59
+ * See https://docs.amplify.aws/cli/react/tools/cli/migration/iam-auth-updates-for-cdk-construct for details.
48
60
  */
49
61
  readonly allowListedRoles?: (IRole | string)[];
62
+
63
+ /**
64
+ * Enables access for IAM principals. If enabled @auth directive rules are not applied.
65
+ * Instead, access should be defined by IAM Policy, see https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsappsync.html.
66
+ *
67
+ * Does not apply to authenticated and unauthenticated IAM Roles attached to Cognito Identity Pool.
68
+ * Use IdentityPoolAuthorizationConfig to configure their access.
69
+ */
70
+ readonly enableIamAuthorizationMode?: boolean;
71
+ }
72
+
73
+ /**
74
+ * Configuration for Cognito Identity Pool Authorization on the Graphql Api.
75
+ * @struct - required since this interface begins with an 'I'
76
+ */
77
+ export interface IdentityPoolAuthorizationConfig {
78
+ /**
79
+ * ID for the Cognito Identity Pool vending auth and unauth roles.
80
+ * Format: `<region>:<id string>`
81
+ */
82
+ readonly identityPoolId: string;
83
+
84
+ /**
85
+ * Authenticated user role, applies to { provider: iam, allow: private } access.
86
+ */
87
+ readonly authenticatedUserRole: IRole;
88
+
89
+ /**
90
+ * Unauthenticated user role, applies to { provider: iam, allow: public } access.
91
+ */
92
+ readonly unauthenticatedUserRole: IRole;
50
93
  }
51
94
 
52
95
  /**
@@ -134,11 +177,19 @@ export interface AuthorizationModes {
134
177
  readonly defaultAuthorizationMode?: 'AWS_IAM' | 'AMAZON_COGNITO_USER_POOLS' | 'OPENID_CONNECT' | 'API_KEY' | 'AWS_LAMBDA';
135
178
 
136
179
  /**
137
- * IAM Auth config, required if an 'iam' auth provider is specified in the Api.
138
- * Applies to 'public' and 'private' auth strategies.
180
+ * IAM Auth config, required to allow IAM-based access to this API.
181
+ * This applies to any IAM principal except Amazon Cognito identity pool's authenticated and unauthenticated roles.
182
+ * This behavior was has recently been improved.
183
+ * See https://docs.amplify.aws/cli/react/tools/cli/migration/iam-auth-updates-for-cdk-construct for details.
139
184
  */
140
185
  readonly iamConfig?: IAMAuthorizationConfig;
141
186
 
187
+ /**
188
+ * Cognito Identity Pool config, required if an 'identityPool' auth provider is specified in the Api.
189
+ * Applies to 'public' and 'private' auth strategies.
190
+ */
191
+ readonly identityPoolConfig?: IdentityPoolAuthorizationConfig;
192
+
142
193
  /**
143
194
  * Cognito UserPool config, required if a 'userPools' auth provider is specified in the Api.
144
195
  * Applies to 'owner', 'private', and 'group' auth strategies.
@@ -234,8 +285,14 @@ export type ConflictResolutionStrategy =
234
285
 
235
286
  /**
236
287
  * Project level configuration for conflict resolution.
288
+ * @deprecated use DataStoreConfiguration instead.
289
+ */
290
+ export interface ConflictResolution extends DataStoreConfiguration {}
291
+
292
+ /**
293
+ * Project level configuration for DataStore
237
294
  */
238
- export interface ConflictResolution {
295
+ export interface DataStoreConfiguration {
239
296
  /**
240
297
  * Project-wide config for conflict resolution. Applies to all non-overridden models.
241
298
  */
@@ -636,6 +693,7 @@ export interface AmplifyGraphqlApiProps {
636
693
  /**
637
694
  * Configure conflict resolution on the Api, which is required to enable DataStore Api functionality.
638
695
  * For more information, refer to https://docs.amplify.aws/lib/datastore/getting-started/q/platform/js/
696
+ * @deprecated use dataStoreConfiguration instead.
639
697
  */
640
698
  readonly conflictResolution?: ConflictResolution;
641
699
 
@@ -676,6 +734,12 @@ export interface AmplifyGraphqlApiProps {
676
734
  * Strategy to store construct outputs. If no outputStorageStrategey is provided a default strategy will be used.
677
735
  */
678
736
  readonly outputStorageStrategy?: IBackendOutputStorageStrategy;
737
+
738
+ /**
739
+ * Configure DataStore conflict resolution on the Api. Conflict resolution is required to enable DataStore Api functionality.
740
+ * For more information, refer to https://docs.amplify.aws/lib/datastore/getting-started/q/platform/js/
741
+ */
742
+ readonly dataStoreConfiguration?: DataStoreConfiguration;
679
743
  }
680
744
 
681
745
  /**
@@ -718,6 +782,11 @@ export interface AmplifyGraphqlApiCfnResources {
718
782
  */
719
783
  readonly cfnTables: Record<string, CfnTable>;
720
784
 
785
+ /**
786
+ * The Generated Amplify DynamoDb Table L1 resource wrapper, keyed by model type name.
787
+ */
788
+ readonly amplifyDynamoDbTables: Record<string, AmplifyDynamoDbTableWrapper>;
789
+
721
790
  /**
722
791
  * The Generated IAM Role L1 Resources, keyed by logicalId.
723
792
  */
@@ -749,11 +818,6 @@ export interface AmplifyGraphqlApiResources {
749
818
  */
750
819
  readonly tables: Record<string, ITable>;
751
820
 
752
- /**
753
- * The Generated Amplify DynamoDb Table wrapped if produced, keyed by name.
754
- */
755
- readonly amplifyDynamoDbTables: Record<string, AmplifyDynamoDbTableWrapper>;
756
-
757
821
  /**
758
822
  * The Generated IAM Role L2 Resources, keyed by logicalId.
759
823
  */