From 5feea8af9a82071062af27de530f238f41a36fa7 Mon Sep 17 00:00:00 2001 From: Ranjith Jagadeesh <86655894+ranjith-jagadeesh@users.noreply.github.com> Date: Thu, 22 Dec 2022 11:30:49 +0530 Subject: [PATCH 1/6] populate construct name dynamically for lambda authorizer permission --- packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts b/packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts index 0f7f16a37f0ab..00d4f2a0159df 100644 --- a/packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts +++ b/packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts @@ -534,7 +534,7 @@ export class GraphqlApi extends GraphqlApiBase { const config = modes.find((mode: AuthorizationMode) => { return mode.authorizationType === AuthorizationType.LAMBDA && mode.lambdaAuthorizerConfig; })?.lambdaAuthorizerConfig; - config?.handler.addPermission('appsync', { + config?.handler.addPermission(`${id}-appsync`, { principal: new ServicePrincipal('appsync.amazonaws.com'), action: 'lambda:InvokeFunction', }); From 56b1a021438705954d954415bcea60147439faed Mon Sep 17 00:00:00 2001 From: Ranjith Jagadeesh <86655894+ranjith-jagadeesh@users.noreply.github.com> Date: Thu, 22 Dec 2022 15:07:23 +0530 Subject: [PATCH 2/6] add testcase --- .../aws-appsync/test/appsync-auth.test.ts | 53 +++++++++++++++++++ 1 file changed, 53 insertions(+) diff --git a/packages/@aws-cdk/aws-appsync/test/appsync-auth.test.ts b/packages/@aws-cdk/aws-appsync/test/appsync-auth.test.ts index 7331fdfd907e7..e46494ce563fc 100644 --- a/packages/@aws-cdk/aws-appsync/test/appsync-auth.test.ts +++ b/packages/@aws-cdk/aws-appsync/test/appsync-auth.test.ts @@ -684,6 +684,59 @@ describe('AppSync Lambda Authorization', () => { }); + test('Attach Lambda Authorization to two or more graphql api', () => { + // WHEN + new appsync.GraphqlApi(stack, 'api1', { + name: 'api1', + schema: appsync.SchemaFile.fromAsset( + path.join(__dirname, 'appsync.test.graphql'), + ), + authorizationConfig: { + defaultAuthorization: { + authorizationType: appsync.AuthorizationType.LAMBDA, + lambdaAuthorizerConfig: { + handler: fn, + }, + }, + }, + }); + + new appsync.GraphqlApi(stack, 'api2', { + name: 'api2', + schema: appsync.SchemaFile.fromAsset( + path.join(__dirname, 'appsync.test.graphql'), + ), + authorizationConfig: { + defaultAuthorization: { + authorizationType: appsync.AuthorizationType.LAMBDA, + lambdaAuthorizerConfig: { + handler: fn, + }, + }, + }, + }); + + // THEN + Template.fromStack(stack).hasResourceProperties( + 'AWS::AppSync::GraphQLApi', + { + AuthenticationType: 'AWS_LAMBDA', + LambdaAuthorizerConfig: { + AuthorizerUri: { + 'Fn::GetAtt': ['authfunction96361832', 'Arn'], + }, + }, + }, + ); + + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Permission', { + Action: 'lambda:InvokeFunction', + FunctionName: { + 'Fn::GetAtt': ['authfunction96361832', 'Arn'], + }, + }); + }); + test('Lambda authorization configurable in default authorization', () => { // WHEN new appsync.GraphqlApi(stack, 'api', { From 9716ce6b71711308ae09b83520650aae36ed73e8 Mon Sep 17 00:00:00 2001 From: Ranjith Jagadeesh <86655894+ranjith-jagadeesh@users.noreply.github.com> Date: Fri, 23 Dec 2022 13:07:56 +0530 Subject: [PATCH 3/6] change construct name --- packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts b/packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts index 00d4f2a0159df..2375d2ae0953b 100644 --- a/packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts +++ b/packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts @@ -534,7 +534,7 @@ export class GraphqlApi extends GraphqlApiBase { const config = modes.find((mode: AuthorizationMode) => { return mode.authorizationType === AuthorizationType.LAMBDA && mode.lambdaAuthorizerConfig; })?.lambdaAuthorizerConfig; - config?.handler.addPermission(`${id}-appsync`, { + config?.handler.addPermission(`${config?.handler.node.id}-appsync`, { principal: new ServicePrincipal('appsync.amazonaws.com'), action: 'lambda:InvokeFunction', }); From 6ba4e7016e8f989deee32c849b7f5d126a35f85d Mon Sep 17 00:00:00 2001 From: Ranjith Jagadeesh <86655894+ranjith-jagadeesh@users.noreply.github.com> Date: Fri, 23 Dec 2022 13:17:18 +0530 Subject: [PATCH 4/6] change construct anme --- packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts b/packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts index 2375d2ae0953b..e9ee02629ba2e 100644 --- a/packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts +++ b/packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts @@ -534,7 +534,7 @@ export class GraphqlApi extends GraphqlApiBase { const config = modes.find((mode: AuthorizationMode) => { return mode.authorizationType === AuthorizationType.LAMBDA && mode.lambdaAuthorizerConfig; })?.lambdaAuthorizerConfig; - config?.handler.addPermission(`${config?.handler.node.id}-appsync`, { + config?.handler.addPermission(`${config?.handler.node.id}-${id}-appsync`, { principal: new ServicePrincipal('appsync.amazonaws.com'), action: 'lambda:InvokeFunction', }); From 1427c486e0231e9386463f12241915d3216ef5ff Mon Sep 17 00:00:00 2001 From: Ranjith Jagadeesh <86655894+ranjith-jagadeesh@users.noreply.github.com> Date: Sat, 21 Jan 2023 10:11:13 +0530 Subject: [PATCH 5/6] integration tests --- ...efaultTestDeployAssert3A9D82EA.assets.json | 19 + ...aultTestDeployAssert3A9D82EA.template.json | 36 ++ .../appsync-lambda-auth.assets.json | 32 ++ .../appsync-lambda-auth.template.json | 171 ++++++++ .../lambda-tutorial.js | 70 ++++ .../integ.lambda-auth.js.snapshot/cdk.out | 1 + .../integ.lambda-auth.js.snapshot/integ.json | 12 + .../manifest.json | 153 +++++++ .../integ.lambda-auth.js.snapshot/tree.json | 385 ++++++++++++++++++ .../aws-appsync/test/integ.lambda-auth.ts | 58 +++ 10 files changed, 937 insertions(+) create mode 100644 packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/GraphQlApiLambdaAuthDefaultTestDeployAssert3A9D82EA.assets.json create mode 100644 packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/GraphQlApiLambdaAuthDefaultTestDeployAssert3A9D82EA.template.json create mode 100644 packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/appsync-lambda-auth.assets.json create mode 100644 packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/appsync-lambda-auth.template.json create mode 100644 packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/asset.df9f207d681056c35badb6bc0d60a945b44c887b227b759715fd6a6443486443/lambda-tutorial.js create mode 100644 packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/integ.json create mode 100644 packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/tree.json create mode 100644 packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.ts diff --git a/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/GraphQlApiLambdaAuthDefaultTestDeployAssert3A9D82EA.assets.json b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/GraphQlApiLambdaAuthDefaultTestDeployAssert3A9D82EA.assets.json new file mode 100644 index 0000000000000..dfa7c128d3268 --- /dev/null +++ b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/GraphQlApiLambdaAuthDefaultTestDeployAssert3A9D82EA.assets.json @@ -0,0 +1,19 @@ +{ + "version": "29.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "GraphQlApiLambdaAuthDefaultTestDeployAssert3A9D82EA.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/GraphQlApiLambdaAuthDefaultTestDeployAssert3A9D82EA.template.json b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/GraphQlApiLambdaAuthDefaultTestDeployAssert3A9D82EA.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/GraphQlApiLambdaAuthDefaultTestDeployAssert3A9D82EA.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/appsync-lambda-auth.assets.json b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/appsync-lambda-auth.assets.json new file mode 100644 index 0000000000000..eb7c5a89cf3ab --- /dev/null +++ b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/appsync-lambda-auth.assets.json @@ -0,0 +1,32 @@ +{ + "version": "29.0.0", + "files": { + "df9f207d681056c35badb6bc0d60a945b44c887b227b759715fd6a6443486443": { + "source": { + "path": "asset.df9f207d681056c35badb6bc0d60a945b44c887b227b759715fd6a6443486443", + "packaging": "zip" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "df9f207d681056c35badb6bc0d60a945b44c887b227b759715fd6a6443486443.zip", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + }, + "3fdd85b84a7c6c55b0c8e21f5d862c21ff67aa326bb9b9dfb7429348ff9d034d": { + "source": { + "path": "appsync-lambda-auth.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "3fdd85b84a7c6c55b0c8e21f5d862c21ff67aa326bb9b9dfb7429348ff9d034d.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/appsync-lambda-auth.template.json b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/appsync-lambda-auth.template.json new file mode 100644 index 0000000000000..f43ea88c2bbb7 --- /dev/null +++ b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/appsync-lambda-auth.template.json @@ -0,0 +1,171 @@ +{ + "Resources": { + "funcServiceRoleA96CCB44": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "funcC3A0C2E2": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + }, + "S3Key": "df9f207d681056c35badb6bc0d60a945b44c887b227b759715fd6a6443486443.zip" + }, + "Role": { + "Fn::GetAtt": [ + "funcServiceRoleA96CCB44", + "Arn" + ] + }, + "Handler": "lambda-tutorial.handler", + "Runtime": "nodejs14.x" + }, + "DependsOn": [ + "funcServiceRoleA96CCB44" + ] + }, + "funcfuncapi1appsync58E50481": { + "Type": "AWS::Lambda::Permission", + "Properties": { + "Action": "lambda:InvokeFunction", + "FunctionName": { + "Fn::GetAtt": [ + "funcC3A0C2E2", + "Arn" + ] + }, + "Principal": "appsync.amazonaws.com" + } + }, + "funcfuncapi2appsync8B273744": { + "Type": "AWS::Lambda::Permission", + "Properties": { + "Action": "lambda:InvokeFunction", + "FunctionName": { + "Fn::GetAtt": [ + "funcC3A0C2E2", + "Arn" + ] + }, + "Principal": "appsync.amazonaws.com" + } + }, + "api1A91238E2": { + "Type": "AWS::AppSync::GraphQLApi", + "Properties": { + "AuthenticationType": "AWS_LAMBDA", + "Name": "api1", + "LambdaAuthorizerConfig": { + "AuthorizerUri": { + "Fn::GetAtt": [ + "funcC3A0C2E2", + "Arn" + ] + } + } + } + }, + "api1SchemaFFA53DB6": { + "Type": "AWS::AppSync::GraphQLSchema", + "Properties": { + "ApiId": { + "Fn::GetAtt": [ + "api1A91238E2", + "ApiId" + ] + }, + "Definition": "type test {\n version: String!\n}\ntype Query {\n getTests: [test]!\n}\ntype Mutation {\n addTest(version: String!): test\n}\n" + } + }, + "api2C4850CEA": { + "Type": "AWS::AppSync::GraphQLApi", + "Properties": { + "AuthenticationType": "AWS_LAMBDA", + "Name": "api2", + "LambdaAuthorizerConfig": { + "AuthorizerUri": { + "Fn::GetAtt": [ + "funcC3A0C2E2", + "Arn" + ] + } + } + } + }, + "api2SchemaD5C26031": { + "Type": "AWS::AppSync::GraphQLSchema", + "Properties": { + "ApiId": { + "Fn::GetAtt": [ + "api2C4850CEA", + "ApiId" + ] + }, + "Definition": "type test {\n version: String!\n}\ntype Query {\n getTests: [test]!\n}\ntype Mutation {\n addTest(version: String!): test\n}\n" + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/asset.df9f207d681056c35badb6bc0d60a945b44c887b227b759715fd6a6443486443/lambda-tutorial.js b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/asset.df9f207d681056c35badb6bc0d60a945b44c887b227b759715fd6a6443486443/lambda-tutorial.js new file mode 100644 index 0000000000000..5a08f83ef4f0a --- /dev/null +++ b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/asset.df9f207d681056c35badb6bc0d60a945b44c887b227b759715fd6a6443486443/lambda-tutorial.js @@ -0,0 +1,70 @@ +exports.handler = (event, context, callback) => { + console.log("Received event {}", JSON.stringify(event, 3)); + var posts = { + "1": {"id": "1", "title": "First book", "author": "Author1", "url": "https://amazon.com/", "content": "SAMPLE TEXT AUTHOR 1 SAMPLE TEXT AUTHOR 1 SAMPLE TEXT AUTHOR 1 SAMPLE TEXT AUTHOR 1 SAMPLE TEXT AUTHOR 1 SAMPLE TEXT AUTHOR 1", "ups": "100", "downs": "10"}, + "2": {"id": "2", "title": "Second book", "author": "Author2", "url": "https://amazon.com", "content": "SAMPLE TEXT AUTHOR 2 SAMPLE TEXT AUTHOR 2 SAMPLE TEXT", "ups": "100", "downs": "10"}, + "3": {"id": "3", "title": "Third book", "author": "Author3", "url": null, "content": null, "ups": null, "downs": null }, + "4": {"id": "4", "title": "Fourth book", "author": "Author4", "url": "https://www.amazon.com/", "content": "SAMPLE TEXT AUTHOR 4 SAMPLE TEXT AUTHOR 4 SAMPLE TEXT AUTHOR 4 SAMPLE TEXT AUTHOR 4 SAMPLE TEXT AUTHOR 4 SAMPLE TEXT AUTHOR 4 SAMPLE TEXT AUTHOR 4 SAMPLE TEXT AUTHOR 4", "ups": "1000", "downs": "0"}, + "5": {"id": "5", "title": "Fifth book", "author": "Author5", "url": "https://www.amazon.com/", "content": "SAMPLE TEXT AUTHOR 5 SAMPLE TEXT AUTHOR 5 SAMPLE TEXT AUTHOR 5 SAMPLE TEXT AUTHOR 5 SAMPLE TEXT", "ups": "50", "downs": "0"} }; + + var relatedPosts = { + "1": [posts['4']], + "2": [posts['3'], posts['5']], + "3": [posts['2'], posts['1']], + "4": [posts['2'], posts['1']], + "5": [] + }; + const isBatch = Array.isArray(event); + if (isBatch) { + console.log("Got an BatchInvoke Request. The payload has %d items to resolve.", event.length); + const field = event[0].field; + switch(field) { + case "relatedPostsMaxBatchSize": + case "relatedPosts": + var results = []; + // the response MUST contain the same number + // of entries as the payload array + for (var i=0; i< event.length; i++) { + console.log("post {}", JSON.stringify(event[i].source)); + results.push(relatedPosts[event[i].source.id]); + } + console.log("results {}", JSON.stringify(results)); + callback(null, results); + break; + default: + callback("Unknown field, unable to resolve" + field, null); + break; + } + } + else { + console.log("Got an Invoke Request."); + switch(event.field) { + case "getPost": + var id = event.arguments.id; + callback(null, posts[id]); + break; + case "allPosts": + var values = []; + for(var d in posts){ + values.push(posts[d]); + } + callback(null, values); + break; + case "addPost": + // return the arguments back + callback(null, event.arguments); + break; + case "addPostErrorWithData": + var id = event.arguments.id; + var result = posts[id]; + // attached additional error information to the post + result.errorMessage = 'Error with the mutation, data has changed'; + result.errorType = 'MUTATION_ERROR'; + callback(null, result); + break; + default: + callback("Unknown field, unable to resolve" + event.field, null); + break; + } + } +}; \ No newline at end of file diff --git a/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/cdk.out b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/cdk.out new file mode 100644 index 0000000000000..d8b441d447f8a --- /dev/null +++ b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"29.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/integ.json b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/integ.json new file mode 100644 index 0000000000000..103d6f2827f82 --- /dev/null +++ b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "29.0.0", + "testCases": { + "GraphQlApiLambdaAuth/DefaultTest": { + "stacks": [ + "appsync-lambda-auth" + ], + "assertionStack": "GraphQlApiLambdaAuth/DefaultTest/DeployAssert", + "assertionStackName": "GraphQlApiLambdaAuthDefaultTestDeployAssert3A9D82EA" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/manifest.json b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/manifest.json new file mode 100644 index 0000000000000..6d7dcdfd2ef74 --- /dev/null +++ b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/manifest.json @@ -0,0 +1,153 @@ +{ + "version": "29.0.0", + "artifacts": { + "appsync-lambda-auth.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "appsync-lambda-auth.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "appsync-lambda-auth": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "appsync-lambda-auth.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/3fdd85b84a7c6c55b0c8e21f5d862c21ff67aa326bb9b9dfb7429348ff9d034d.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "appsync-lambda-auth.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "appsync-lambda-auth.assets" + ], + "metadata": { + "/appsync-lambda-auth/func/ServiceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "funcServiceRoleA96CCB44" + } + ], + "/appsync-lambda-auth/func/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "funcC3A0C2E2" + } + ], + "/appsync-lambda-auth/func/func-api1-appsync": [ + { + "type": "aws:cdk:logicalId", + "data": "funcfuncapi1appsync58E50481" + } + ], + "/appsync-lambda-auth/func/func-api2-appsync": [ + { + "type": "aws:cdk:logicalId", + "data": "funcfuncapi2appsync8B273744" + } + ], + "/appsync-lambda-auth/api1/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "api1A91238E2" + } + ], + "/appsync-lambda-auth/api1/Schema": [ + { + "type": "aws:cdk:logicalId", + "data": "api1SchemaFFA53DB6" + } + ], + "/appsync-lambda-auth/api2/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "api2C4850CEA" + } + ], + "/appsync-lambda-auth/api2/Schema": [ + { + "type": "aws:cdk:logicalId", + "data": "api2SchemaD5C26031" + } + ], + "/appsync-lambda-auth/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/appsync-lambda-auth/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "appsync-lambda-auth" + }, + "GraphQlApiLambdaAuthDefaultTestDeployAssert3A9D82EA.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "GraphQlApiLambdaAuthDefaultTestDeployAssert3A9D82EA.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "GraphQlApiLambdaAuthDefaultTestDeployAssert3A9D82EA": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "GraphQlApiLambdaAuthDefaultTestDeployAssert3A9D82EA.template.json", + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "GraphQlApiLambdaAuthDefaultTestDeployAssert3A9D82EA.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "GraphQlApiLambdaAuthDefaultTestDeployAssert3A9D82EA.assets" + ], + "metadata": { + "/GraphQlApiLambdaAuth/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/GraphQlApiLambdaAuth/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "GraphQlApiLambdaAuth/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/tree.json b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/tree.json new file mode 100644 index 0000000000000..9202be72839d1 --- /dev/null +++ b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/tree.json @@ -0,0 +1,385 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "appsync-lambda-auth": { + "id": "appsync-lambda-auth", + "path": "appsync-lambda-auth", + "children": { + "func": { + "id": "func", + "path": "appsync-lambda-auth/func", + "children": { + "ServiceRole": { + "id": "ServiceRole", + "path": "appsync-lambda-auth/func/ServiceRole", + "children": { + "ImportServiceRole": { + "id": "ImportServiceRole", + "path": "appsync-lambda-auth/func/ServiceRole/ImportServiceRole", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "appsync-lambda-auth/func/ServiceRole/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::IAM::Role", + "aws:cdk:cloudformation:props": { + "assumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "managedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.CfnRole", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-iam.Role", + "version": "0.0.0" + } + }, + "Code": { + "id": "Code", + "path": "appsync-lambda-auth/func/Code", + "children": { + "Stage": { + "id": "Stage", + "path": "appsync-lambda-auth/func/Code/Stage", + "constructInfo": { + "fqn": "@aws-cdk/core.AssetStaging", + "version": "0.0.0" + } + }, + "AssetBucket": { + "id": "AssetBucket", + "path": "appsync-lambda-auth/func/Code/AssetBucket", + "constructInfo": { + "fqn": "@aws-cdk/aws-s3.BucketBase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-s3-assets.Asset", + "version": "0.0.0" + } + }, + "Resource": { + "id": "Resource", + "path": "appsync-lambda-auth/func/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Function", + "aws:cdk:cloudformation:props": { + "code": { + "s3Bucket": { + "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}" + }, + "s3Key": "df9f207d681056c35badb6bc0d60a945b44c887b227b759715fd6a6443486443.zip" + }, + "role": { + "Fn::GetAtt": [ + "funcServiceRoleA96CCB44", + "Arn" + ] + }, + "handler": "lambda-tutorial.handler", + "runtime": "nodejs14.x" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.CfnFunction", + "version": "0.0.0" + } + }, + "func-api1-appsync": { + "id": "func-api1-appsync", + "path": "appsync-lambda-auth/func/func-api1-appsync", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Permission", + "aws:cdk:cloudformation:props": { + "action": "lambda:InvokeFunction", + "functionName": { + "Fn::GetAtt": [ + "funcC3A0C2E2", + "Arn" + ] + }, + "principal": "appsync.amazonaws.com" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.CfnPermission", + "version": "0.0.0" + } + }, + "func-api2-appsync": { + "id": "func-api2-appsync", + "path": "appsync-lambda-auth/func/func-api2-appsync", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::Lambda::Permission", + "aws:cdk:cloudformation:props": { + "action": "lambda:InvokeFunction", + "functionName": { + "Fn::GetAtt": [ + "funcC3A0C2E2", + "Arn" + ] + }, + "principal": "appsync.amazonaws.com" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.CfnPermission", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-lambda.Function", + "version": "0.0.0" + } + }, + "api1": { + "id": "api1", + "path": "appsync-lambda-auth/api1", + "children": { + "Resource": { + "id": "Resource", + "path": "appsync-lambda-auth/api1/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AppSync::GraphQLApi", + "aws:cdk:cloudformation:props": { + "authenticationType": "AWS_LAMBDA", + "name": "api1", + "lambdaAuthorizerConfig": { + "authorizerUri": { + "Fn::GetAtt": [ + "funcC3A0C2E2", + "Arn" + ] + } + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-appsync.CfnGraphQLApi", + "version": "0.0.0" + } + }, + "Schema": { + "id": "Schema", + "path": "appsync-lambda-auth/api1/Schema", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AppSync::GraphQLSchema", + "aws:cdk:cloudformation:props": { + "apiId": { + "Fn::GetAtt": [ + "api1A91238E2", + "ApiId" + ] + }, + "definition": "type test {\n version: String!\n}\ntype Query {\n getTests: [test]!\n}\ntype Mutation {\n addTest(version: String!): test\n}\n" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-appsync.CfnGraphQLSchema", + "version": "0.0.0" + } + }, + "LogGroup": { + "id": "LogGroup", + "path": "appsync-lambda-auth/api1/LogGroup", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-appsync.GraphqlApi", + "version": "0.0.0" + } + }, + "api2": { + "id": "api2", + "path": "appsync-lambda-auth/api2", + "children": { + "Resource": { + "id": "Resource", + "path": "appsync-lambda-auth/api2/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AppSync::GraphQLApi", + "aws:cdk:cloudformation:props": { + "authenticationType": "AWS_LAMBDA", + "name": "api2", + "lambdaAuthorizerConfig": { + "authorizerUri": { + "Fn::GetAtt": [ + "funcC3A0C2E2", + "Arn" + ] + } + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-appsync.CfnGraphQLApi", + "version": "0.0.0" + } + }, + "Schema": { + "id": "Schema", + "path": "appsync-lambda-auth/api2/Schema", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AppSync::GraphQLSchema", + "aws:cdk:cloudformation:props": { + "apiId": { + "Fn::GetAtt": [ + "api2C4850CEA", + "ApiId" + ] + }, + "definition": "type test {\n version: String!\n}\ntype Query {\n getTests: [test]!\n}\ntype Mutation {\n addTest(version: String!): test\n}\n" + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-appsync.CfnGraphQLSchema", + "version": "0.0.0" + } + }, + "LogGroup": { + "id": "LogGroup", + "path": "appsync-lambda-auth/api2/LogGroup", + "constructInfo": { + "fqn": "@aws-cdk/core.Resource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/aws-appsync.GraphqlApi", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "appsync-lambda-auth/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "appsync-lambda-auth/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + }, + "GraphQlApiLambdaAuth": { + "id": "GraphQlApiLambdaAuth", + "path": "GraphQlApiLambdaAuth", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "GraphQlApiLambdaAuth/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "GraphQlApiLambdaAuth/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.216" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "GraphQlApiLambdaAuth/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "GraphQlApiLambdaAuth/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "GraphQlApiLambdaAuth/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "@aws-cdk/core.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.1.216" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/core.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.ts b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.ts new file mode 100644 index 0000000000000..3d23cfc405d2d --- /dev/null +++ b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.ts @@ -0,0 +1,58 @@ +import * as path from 'path'; +import * as lambda from '@aws-cdk/aws-lambda'; +import * as cdk from '@aws-cdk/core'; +import { IntegTest } from '@aws-cdk/integ-tests'; +import { Construct } from 'constructs'; +import * as appsync from '../lib'; + +class GraphQLApiLambdaAuthStack extends cdk.Stack { + constructor(scope: Construct) { + super(scope, 'appsync-lambda-auth'); + + const func = new lambda.Function(this, 'func', { + code: lambda.Code.fromAsset( + path.join(__dirname, 'verify/lambda-tutorial'), + ), + handler: 'lambda-tutorial.handler', + runtime: lambda.Runtime.NODEJS_14_X, + }); + + new appsync.GraphqlApi(this, 'api1', { + name: 'api1', + schema: appsync.SchemaFile.fromAsset( + path.join(__dirname, 'appsync.test.graphql'), + ), + authorizationConfig: { + defaultAuthorization: { + authorizationType: appsync.AuthorizationType.LAMBDA, + lambdaAuthorizerConfig: { + handler: func, + }, + }, + }, + }); + + new appsync.GraphqlApi(this, 'api2', { + name: 'api2', + schema: appsync.SchemaFile.fromAsset( + path.join(__dirname, 'appsync.test.graphql'), + ), + authorizationConfig: { + defaultAuthorization: { + authorizationType: appsync.AuthorizationType.LAMBDA, + lambdaAuthorizerConfig: { + handler: func, + }, + }, + }, + }); + } +} + +const app = new cdk.App(); +const testCase = new GraphQLApiLambdaAuthStack(app); +new IntegTest(app, 'GraphQlApiLambdaAuth', { + testCases: [testCase], +}); + +app.synth(); From 077703f8076453d2a8891759487235ac7edb4c21 Mon Sep 17 00:00:00 2001 From: Ranjith Jagadeesh <86655894+ranjith-jagadeesh@users.noreply.github.com> Date: Sat, 21 Jan 2023 10:30:02 +0530 Subject: [PATCH 6/6] change construct name --- .../@aws-cdk/aws-appsync/lib/graphqlapi.ts | 2 +- .../appsync-lambda-auth.assets.json | 4 +-- .../appsync-lambda-auth.template.json | 4 +-- .../manifest.json | 28 +++++++++++++++---- .../integ.lambda-auth.js.snapshot/tree.json | 12 ++++---- 5 files changed, 34 insertions(+), 16 deletions(-) diff --git a/packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts b/packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts index e9ee02629ba2e..00d4f2a0159df 100644 --- a/packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts +++ b/packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts @@ -534,7 +534,7 @@ export class GraphqlApi extends GraphqlApiBase { const config = modes.find((mode: AuthorizationMode) => { return mode.authorizationType === AuthorizationType.LAMBDA && mode.lambdaAuthorizerConfig; })?.lambdaAuthorizerConfig; - config?.handler.addPermission(`${config?.handler.node.id}-${id}-appsync`, { + config?.handler.addPermission(`${id}-appsync`, { principal: new ServicePrincipal('appsync.amazonaws.com'), action: 'lambda:InvokeFunction', }); diff --git a/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/appsync-lambda-auth.assets.json b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/appsync-lambda-auth.assets.json index eb7c5a89cf3ab..e127812abf26f 100644 --- a/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/appsync-lambda-auth.assets.json +++ b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/appsync-lambda-auth.assets.json @@ -14,7 +14,7 @@ } } }, - "3fdd85b84a7c6c55b0c8e21f5d862c21ff67aa326bb9b9dfb7429348ff9d034d": { + "6318a3460f2277a0215d1d3dec988f54f73d1ebd0221c7a7cc4d2bcb6324b50f": { "source": { "path": "appsync-lambda-auth.template.json", "packaging": "file" @@ -22,7 +22,7 @@ "destinations": { "current_account-current_region": { "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "3fdd85b84a7c6c55b0c8e21f5d862c21ff67aa326bb9b9dfb7429348ff9d034d.json", + "objectKey": "6318a3460f2277a0215d1d3dec988f54f73d1ebd0221c7a7cc4d2bcb6324b50f.json", "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" } } diff --git a/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/appsync-lambda-auth.template.json b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/appsync-lambda-auth.template.json index f43ea88c2bbb7..a9950dc91b248 100644 --- a/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/appsync-lambda-auth.template.json +++ b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/appsync-lambda-auth.template.json @@ -53,7 +53,7 @@ "funcServiceRoleA96CCB44" ] }, - "funcfuncapi1appsync58E50481": { + "funcapi1appsync5C5BBFA1": { "Type": "AWS::Lambda::Permission", "Properties": { "Action": "lambda:InvokeFunction", @@ -66,7 +66,7 @@ "Principal": "appsync.amazonaws.com" } }, - "funcfuncapi2appsync8B273744": { + "funcapi2appsync0EE83EF2": { "Type": "AWS::Lambda::Permission", "Properties": { "Action": "lambda:InvokeFunction", diff --git a/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/manifest.json b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/manifest.json index 6d7dcdfd2ef74..48c60d6f85566 100644 --- a/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/manifest.json +++ b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/manifest.json @@ -17,7 +17,7 @@ "validateOnSynth": false, "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/3fdd85b84a7c6c55b0c8e21f5d862c21ff67aa326bb9b9dfb7429348ff9d034d.json", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/6318a3460f2277a0215d1d3dec988f54f73d1ebd0221c7a7cc4d2bcb6324b50f.json", "requiresBootstrapStackVersion": 6, "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", "additionalDependencies": [ @@ -45,16 +45,16 @@ "data": "funcC3A0C2E2" } ], - "/appsync-lambda-auth/func/func-api1-appsync": [ + "/appsync-lambda-auth/func/api1-appsync": [ { "type": "aws:cdk:logicalId", - "data": "funcfuncapi1appsync58E50481" + "data": "funcapi1appsync5C5BBFA1" } ], - "/appsync-lambda-auth/func/func-api2-appsync": [ + "/appsync-lambda-auth/func/api2-appsync": [ { "type": "aws:cdk:logicalId", - "data": "funcfuncapi2appsync8B273744" + "data": "funcapi2appsync0EE83EF2" } ], "/appsync-lambda-auth/api1/Resource": [ @@ -92,6 +92,24 @@ "type": "aws:cdk:logicalId", "data": "CheckBootstrapVersion" } + ], + "funcfuncapi1appsync58E50481": [ + { + "type": "aws:cdk:logicalId", + "data": "funcfuncapi1appsync58E50481", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } + ], + "funcfuncapi2appsync8B273744": [ + { + "type": "aws:cdk:logicalId", + "data": "funcfuncapi2appsync8B273744", + "trace": [ + "!!DESTRUCTIVE_CHANGES: WILL_DESTROY" + ] + } ] }, "displayName": "appsync-lambda-auth" diff --git a/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/tree.json b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/tree.json index 9202be72839d1..4266a4d1a8c82 100644 --- a/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/tree.json +++ b/packages/@aws-cdk/aws-appsync/test/integ.lambda-auth.js.snapshot/tree.json @@ -122,9 +122,9 @@ "version": "0.0.0" } }, - "func-api1-appsync": { - "id": "func-api1-appsync", - "path": "appsync-lambda-auth/func/func-api1-appsync", + "api1-appsync": { + "id": "api1-appsync", + "path": "appsync-lambda-auth/func/api1-appsync", "attributes": { "aws:cdk:cloudformation:type": "AWS::Lambda::Permission", "aws:cdk:cloudformation:props": { @@ -143,9 +143,9 @@ "version": "0.0.0" } }, - "func-api2-appsync": { - "id": "func-api2-appsync", - "path": "appsync-lambda-auth/func/func-api2-appsync", + "api2-appsync": { + "id": "api2-appsync", + "path": "appsync-lambda-auth/func/api2-appsync", "attributes": { "aws:cdk:cloudformation:type": "AWS::Lambda::Permission", "aws:cdk:cloudformation:props": {