AuthorizationMode

class aws_cdk.aws_appsync.AuthorizationMode(*, authorization_type, api_key_config=None, lambda_authorizer_config=None, open_id_connect_config=None, user_pool_config=None)

Bases: object

Interface to specify default or additional authorization(s).

Parameters:

  • authorization_type (AuthorizationType) – One of possible four values AppSync supports. Default: - AuthorizationType.API_KEY

  • api_key_config (Union[ApiKeyConfig, Dict[str, Any], None]) – If authorizationType is AuthorizationType.API_KEY, this option can be configured. Default: - name: ‘DefaultAPIKey’ | description: ‘Default API Key created by CDK’

  • lambda_authorizer_config (Union[LambdaAuthorizerConfig, Dict[str, Any], None]) – If authorizationType is AuthorizationType.LAMBDA, this option is required. Default: - none

  • open_id_connect_config (Union[OpenIdConnectConfig, Dict[str, Any], None]) – If authorizationType is AuthorizationType.OIDC, this option is required. Default: - none

  • user_pool_config (Union[UserPoolConfig, Dict[str, Any], None]) – If authorizationType is AuthorizationType.USER_POOL, this option is required. Default: - none

ExampleMetadata:

infused

Example:

import aws_cdk.aws_appsync as appsync


api = appsync.GraphqlApi(self, "api",
    name="api",
    definition=appsync.Definition.from_file("schema.graphql"),
    authorization_config=appsync.AuthorizationConfig(
        default_authorization=appsync.AuthorizationMode(authorization_type=appsync.AuthorizationType.IAM)
    )
)

rule = events.Rule(self, "Rule",
    schedule=events.Schedule.rate(cdk.Duration.hours(1))
)

rule.add_target(targets.AppSync(api,
    graph_qLOperation="mutation Publish($message: String!){ publish(message: $message) { message } }",
    variables=events.RuleTargetInput.from_object({
        "message": "hello world"
    })
))

Attributes

api_key_config

If authorizationType is AuthorizationType.API_KEY, this option can be configured.

Default:

  • name: ‘DefaultAPIKey’ | description: ‘Default API Key created by CDK’

authorization_type

One of possible four values AppSync supports.

Default:

  • AuthorizationType.API_KEY

See:

https://docs.aws.amazon.com/appsync/latest/devguide/security.html

lambda_authorizer_config

If authorizationType is AuthorizationType.LAMBDA, this option is required.

Default:

  • none

open_id_connect_config

If authorizationType is AuthorizationType.OIDC, this option is required.

Default:

  • none

user_pool_config

If authorizationType is AuthorizationType.USER_POOL, this option is required.

Default:

  • none