Table Of Contents


User Guide

First time using the AWS CLI? See the User Guide for help getting started.

[ aws . appsync ]



Creates a GraphqlApi object.

See also: AWS API Documentation

See 'aws help' for descriptions of global parameters.


--name <value>
[--log-config <value>]
--authentication-type <value>
[--user-pool-config <value>]
[--open-id-connect-config <value>]
[--cli-input-json <value>]
[--generate-cli-skeleton <value>]


--name (string)

A user-supplied name for the GraphqlApi .

--log-config (structure)

The Amazon CloudWatch logs configuration.

Shorthand Syntax:


JSON Syntax:

  "fieldLogLevel": "NONE"|"ERROR"|"ALL",
  "cloudWatchLogsRoleArn": "string"

--authentication-type (string)

The authentication type: API key, IAM, or Amazon Cognito User Pools.

Possible values:


--user-pool-config (structure)

The Amazon Cognito User Pool configuration.

Shorthand Syntax:


JSON Syntax:

  "userPoolId": "string",
  "awsRegion": "string",
  "defaultAction": "ALLOW"|"DENY",
  "appIdClientRegex": "string"

--open-id-connect-config (structure)

The Open Id Connect configuration configuration.

Shorthand Syntax:


JSON Syntax:

  "issuer": "string",
  "clientId": "string",
  "iatTTL": long,
  "authTTL": long

--cli-input-json (string) Performs service operation based on the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, the CLI values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

See 'aws help' for descriptions of global parameters.


graphqlApi -> (structure)

The GraphqlApi .

name -> (string)

The API name.

apiId -> (string)


authenticationType -> (string)

The authentication type.

logConfig -> (structure)

The Amazon CloudWatch Logs configuration.

fieldLogLevel -> (string)

The field logging level. Values can be NONE, ERROR, ALL.

  • NONE : No field-level logs are captured.
  • ERROR : Logs the following information only for the fields that are in error:
    • The error section in the server response.
    • Field-level errors.
    • The generated request/response functions that got resolved for error fields.
  • ALL : The following information is logged for all fields in the query:
    • Field-level tracing information.
    • The generated request/response functions that got resolved for each field.

cloudWatchLogsRoleArn -> (string)

The service role that AWS AppSync will assume to publish to Amazon CloudWatch logs in your account.

userPoolConfig -> (structure)

The Amazon Cognito User Pool configuration.

userPoolId -> (string)

The user pool ID.

awsRegion -> (string)

The AWS region in which the user pool was created.

defaultAction -> (string)

The action that you want your GraphQL API to take when a request that uses Amazon Cognito User Pool authentication doesn't match the Amazon Cognito User Pool configuration.

appIdClientRegex -> (string)

A regular expression for validating the incoming Amazon Cognito User Pool app client ID.

openIDConnectConfig -> (structure)

The Open Id Connect configuration.

issuer -> (string)

The issuer for the open id connect configuration. The issuer returned by discovery MUST exactly match the value of iss in the ID Token.

clientId -> (string)

The client identifier of the Relying party at the OpenID Provider. This identifier is typically obtained when the Relying party is registered with the OpenID Provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time

iatTTL -> (long)

The number of milliseconds a token is valid after being issued to a user.

authTTL -> (long)

The number of milliseconds a token is valid after being authenticated.

arn -> (string)

The ARN.

uris -> (map)

The URIs.

key -> (string)

value -> (string)