Interface IAuthorizationMode
Interface to specify default or additional authorization(s).
Namespace: Amazon.CDK.AWS.AppSync
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public interface IAuthorizationMode
Syntax (vb)
Public Interface IAuthorizationMode
Remarks
ExampleMetadata: infused
Examples
var api = new GraphqlApi(this, "Api", new GraphqlApiProps {
Name = "demo",
Definition = Definition.FromFile(Join(__dirname, "schema.graphql")),
AuthorizationConfig = new AuthorizationConfig {
DefaultAuthorization = new AuthorizationMode {
AuthorizationType = AuthorizationType.IAM
}
},
XrayEnabled = true
});
var demoTable = new Table(this, "DemoTable", new TableProps {
PartitionKey = new Attribute {
Name = "id",
Type = AttributeType.STRING
}
});
var demoDS = api.AddDynamoDbDataSource("demoDataSource", demoTable);
// Resolver for the Query "getDemos" that scans the DynamoDb table and returns the entire list.
// Resolver Mapping Template Reference:
// https://docs.aws.amazon.com/appsync/latest/devguide/resolver-mapping-template-reference-dynamodb.html
demoDS.CreateResolver("QueryGetDemosResolver", new BaseResolverProps {
TypeName = "Query",
FieldName = "getDemos",
RequestMappingTemplate = MappingTemplate.DynamoDbScanTable(),
ResponseMappingTemplate = MappingTemplate.DynamoDbResultList()
});
// Resolver for the Mutation "addDemo" that puts the item into the DynamoDb table.
demoDS.CreateResolver("MutationAddDemoResolver", new BaseResolverProps {
TypeName = "Mutation",
FieldName = "addDemo",
RequestMappingTemplate = MappingTemplate.DynamoDbPutItem(PrimaryKey.Partition("id").Auto(), Values.Projecting("input")),
ResponseMappingTemplate = MappingTemplate.DynamoDbResultItem()
});
//To enable DynamoDB read consistency with the `MappingTemplate`:
demoDS.CreateResolver("QueryGetDemosConsistentResolver", new BaseResolverProps {
TypeName = "Query",
FieldName = "getDemosConsistent",
RequestMappingTemplate = MappingTemplate.DynamoDbScanTable(true),
ResponseMappingTemplate = MappingTemplate.DynamoDbResultList()
});
Synopsis
Properties
ApiKeyConfig | If authorizationType is |
AuthorizationType | One of possible four values AppSync supports. |
LambdaAuthorizerConfig | If authorizationType is |
OpenIdConnectConfig | If authorizationType is |
UserPoolConfig | If authorizationType is |
Properties
ApiKeyConfig
If authorizationType is AuthorizationType.API_KEY
, this option can be configured.
virtual IApiKeyConfig ApiKeyConfig { get; }
Property Value
Remarks
Default: - name: 'DefaultAPIKey' | description: 'Default API Key created by CDK'
AuthorizationType
One of possible four values AppSync supports.
AuthorizationType AuthorizationType { get; }
Property Value
Remarks
Default: - AuthorizationType.API_KEY
See: https://docs.aws.amazon.com/appsync/latest/devguide/security.html
LambdaAuthorizerConfig
If authorizationType is AuthorizationType.LAMBDA
, this option is required.
virtual ILambdaAuthorizerConfig LambdaAuthorizerConfig { get; }
Property Value
Remarks
Default: - none
OpenIdConnectConfig
If authorizationType is AuthorizationType.OIDC
, this option is required.
virtual IOpenIdConnectConfig OpenIdConnectConfig { get; }
Property Value
Remarks
Default: - none
UserPoolConfig
If authorizationType is AuthorizationType.USER_POOL
, this option is required.
virtual IUserPoolConfig UserPoolConfig { get; }
Property Value
Remarks
Default: - none