aws.appsync.GraphQLApi
Explore with Pulumi AI
Create GraphQLApi Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new GraphQLApi(name: string, args: GraphQLApiArgs, opts?: CustomResourceOptions);
@overload
def GraphQLApi(resource_name: str,
args: GraphQLApiArgs,
opts: Optional[ResourceOptions] = None)
@overload
def GraphQLApi(resource_name: str,
opts: Optional[ResourceOptions] = None,
authentication_type: Optional[str] = None,
name: Optional[str] = None,
merged_api_execution_role_arn: Optional[str] = None,
enhanced_metrics_config: Optional[GraphQLApiEnhancedMetricsConfigArgs] = None,
introspection_config: Optional[str] = None,
openid_connect_config: Optional[GraphQLApiOpenidConnectConfigArgs] = None,
log_config: Optional[GraphQLApiLogConfigArgs] = None,
api_type: Optional[str] = None,
additional_authentication_providers: Optional[Sequence[GraphQLApiAdditionalAuthenticationProviderArgs]] = None,
lambda_authorizer_config: Optional[GraphQLApiLambdaAuthorizerConfigArgs] = None,
query_depth_limit: Optional[int] = None,
resolver_count_limit: Optional[int] = None,
schema: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
user_pool_config: Optional[GraphQLApiUserPoolConfigArgs] = None,
visibility: Optional[str] = None,
xray_enabled: Optional[bool] = None)
func NewGraphQLApi(ctx *Context, name string, args GraphQLApiArgs, opts ...ResourceOption) (*GraphQLApi, error)
public GraphQLApi(string name, GraphQLApiArgs args, CustomResourceOptions? opts = null)
public GraphQLApi(String name, GraphQLApiArgs args)
public GraphQLApi(String name, GraphQLApiArgs args, CustomResourceOptions options)
type: aws:appsync:GraphQLApi
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args GraphQLApiArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args GraphQLApiArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args GraphQLApiArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args GraphQLApiArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args GraphQLApiArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var graphQLApiResource = new Aws.AppSync.GraphQLApi("graphQLApiResource", new()
{
AuthenticationType = "string",
Name = "string",
MergedApiExecutionRoleArn = "string",
EnhancedMetricsConfig = new Aws.AppSync.Inputs.GraphQLApiEnhancedMetricsConfigArgs
{
DataSourceLevelMetricsBehavior = "string",
OperationLevelMetricsConfig = "string",
ResolverLevelMetricsBehavior = "string",
},
IntrospectionConfig = "string",
OpenidConnectConfig = new Aws.AppSync.Inputs.GraphQLApiOpenidConnectConfigArgs
{
Issuer = "string",
AuthTtl = 0,
ClientId = "string",
IatTtl = 0,
},
LogConfig = new Aws.AppSync.Inputs.GraphQLApiLogConfigArgs
{
CloudwatchLogsRoleArn = "string",
FieldLogLevel = "string",
ExcludeVerboseContent = false,
},
ApiType = "string",
AdditionalAuthenticationProviders = new[]
{
new Aws.AppSync.Inputs.GraphQLApiAdditionalAuthenticationProviderArgs
{
AuthenticationType = "string",
LambdaAuthorizerConfig = new Aws.AppSync.Inputs.GraphQLApiAdditionalAuthenticationProviderLambdaAuthorizerConfigArgs
{
AuthorizerUri = "string",
AuthorizerResultTtlInSeconds = 0,
IdentityValidationExpression = "string",
},
OpenidConnectConfig = new Aws.AppSync.Inputs.GraphQLApiAdditionalAuthenticationProviderOpenidConnectConfigArgs
{
Issuer = "string",
AuthTtl = 0,
ClientId = "string",
IatTtl = 0,
},
UserPoolConfig = new Aws.AppSync.Inputs.GraphQLApiAdditionalAuthenticationProviderUserPoolConfigArgs
{
UserPoolId = "string",
AppIdClientRegex = "string",
AwsRegion = "string",
},
},
},
LambdaAuthorizerConfig = new Aws.AppSync.Inputs.GraphQLApiLambdaAuthorizerConfigArgs
{
AuthorizerUri = "string",
AuthorizerResultTtlInSeconds = 0,
IdentityValidationExpression = "string",
},
QueryDepthLimit = 0,
ResolverCountLimit = 0,
Schema = "string",
Tags =
{
{ "string", "string" },
},
UserPoolConfig = new Aws.AppSync.Inputs.GraphQLApiUserPoolConfigArgs
{
DefaultAction = "string",
UserPoolId = "string",
AppIdClientRegex = "string",
AwsRegion = "string",
},
Visibility = "string",
XrayEnabled = false,
});
example, err := appsync.NewGraphQLApi(ctx, "graphQLApiResource", &appsync.GraphQLApiArgs{
AuthenticationType: pulumi.String("string"),
Name: pulumi.String("string"),
MergedApiExecutionRoleArn: pulumi.String("string"),
EnhancedMetricsConfig: &appsync.GraphQLApiEnhancedMetricsConfigArgs{
DataSourceLevelMetricsBehavior: pulumi.String("string"),
OperationLevelMetricsConfig: pulumi.String("string"),
ResolverLevelMetricsBehavior: pulumi.String("string"),
},
IntrospectionConfig: pulumi.String("string"),
OpenidConnectConfig: &appsync.GraphQLApiOpenidConnectConfigArgs{
Issuer: pulumi.String("string"),
AuthTtl: pulumi.Int(0),
ClientId: pulumi.String("string"),
IatTtl: pulumi.Int(0),
},
LogConfig: &appsync.GraphQLApiLogConfigArgs{
CloudwatchLogsRoleArn: pulumi.String("string"),
FieldLogLevel: pulumi.String("string"),
ExcludeVerboseContent: pulumi.Bool(false),
},
ApiType: pulumi.String("string"),
AdditionalAuthenticationProviders: appsync.GraphQLApiAdditionalAuthenticationProviderArray{
&appsync.GraphQLApiAdditionalAuthenticationProviderArgs{
AuthenticationType: pulumi.String("string"),
LambdaAuthorizerConfig: &appsync.GraphQLApiAdditionalAuthenticationProviderLambdaAuthorizerConfigArgs{
AuthorizerUri: pulumi.String("string"),
AuthorizerResultTtlInSeconds: pulumi.Int(0),
IdentityValidationExpression: pulumi.String("string"),
},
OpenidConnectConfig: &appsync.GraphQLApiAdditionalAuthenticationProviderOpenidConnectConfigArgs{
Issuer: pulumi.String("string"),
AuthTtl: pulumi.Int(0),
ClientId: pulumi.String("string"),
IatTtl: pulumi.Int(0),
},
UserPoolConfig: &appsync.GraphQLApiAdditionalAuthenticationProviderUserPoolConfigArgs{
UserPoolId: pulumi.String("string"),
AppIdClientRegex: pulumi.String("string"),
AwsRegion: pulumi.String("string"),
},
},
},
LambdaAuthorizerConfig: &appsync.GraphQLApiLambdaAuthorizerConfigArgs{
AuthorizerUri: pulumi.String("string"),
AuthorizerResultTtlInSeconds: pulumi.Int(0),
IdentityValidationExpression: pulumi.String("string"),
},
QueryDepthLimit: pulumi.Int(0),
ResolverCountLimit: pulumi.Int(0),
Schema: pulumi.String("string"),
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
UserPoolConfig: &appsync.GraphQLApiUserPoolConfigArgs{
DefaultAction: pulumi.String("string"),
UserPoolId: pulumi.String("string"),
AppIdClientRegex: pulumi.String("string"),
AwsRegion: pulumi.String("string"),
},
Visibility: pulumi.String("string"),
XrayEnabled: pulumi.Bool(false),
})
var graphQLApiResource = new GraphQLApi("graphQLApiResource", GraphQLApiArgs.builder()
.authenticationType("string")
.name("string")
.mergedApiExecutionRoleArn("string")
.enhancedMetricsConfig(GraphQLApiEnhancedMetricsConfigArgs.builder()
.dataSourceLevelMetricsBehavior("string")
.operationLevelMetricsConfig("string")
.resolverLevelMetricsBehavior("string")
.build())
.introspectionConfig("string")
.openidConnectConfig(GraphQLApiOpenidConnectConfigArgs.builder()
.issuer("string")
.authTtl(0)
.clientId("string")
.iatTtl(0)
.build())
.logConfig(GraphQLApiLogConfigArgs.builder()
.cloudwatchLogsRoleArn("string")
.fieldLogLevel("string")
.excludeVerboseContent(false)
.build())
.apiType("string")
.additionalAuthenticationProviders(GraphQLApiAdditionalAuthenticationProviderArgs.builder()
.authenticationType("string")
.lambdaAuthorizerConfig(GraphQLApiAdditionalAuthenticationProviderLambdaAuthorizerConfigArgs.builder()
.authorizerUri("string")
.authorizerResultTtlInSeconds(0)
.identityValidationExpression("string")
.build())
.openidConnectConfig(GraphQLApiAdditionalAuthenticationProviderOpenidConnectConfigArgs.builder()
.issuer("string")
.authTtl(0)
.clientId("string")
.iatTtl(0)
.build())
.userPoolConfig(GraphQLApiAdditionalAuthenticationProviderUserPoolConfigArgs.builder()
.userPoolId("string")
.appIdClientRegex("string")
.awsRegion("string")
.build())
.build())
.lambdaAuthorizerConfig(GraphQLApiLambdaAuthorizerConfigArgs.builder()
.authorizerUri("string")
.authorizerResultTtlInSeconds(0)
.identityValidationExpression("string")
.build())
.queryDepthLimit(0)
.resolverCountLimit(0)
.schema("string")
.tags(Map.of("string", "string"))
.userPoolConfig(GraphQLApiUserPoolConfigArgs.builder()
.defaultAction("string")
.userPoolId("string")
.appIdClientRegex("string")
.awsRegion("string")
.build())
.visibility("string")
.xrayEnabled(false)
.build());
graph_ql_api_resource = aws.appsync.GraphQLApi("graphQLApiResource",
authentication_type="string",
name="string",
merged_api_execution_role_arn="string",
enhanced_metrics_config={
"data_source_level_metrics_behavior": "string",
"operation_level_metrics_config": "string",
"resolver_level_metrics_behavior": "string",
},
introspection_config="string",
openid_connect_config={
"issuer": "string",
"auth_ttl": 0,
"client_id": "string",
"iat_ttl": 0,
},
log_config={
"cloudwatch_logs_role_arn": "string",
"field_log_level": "string",
"exclude_verbose_content": False,
},
api_type="string",
additional_authentication_providers=[{
"authentication_type": "string",
"lambda_authorizer_config": {
"authorizer_uri": "string",
"authorizer_result_ttl_in_seconds": 0,
"identity_validation_expression": "string",
},
"openid_connect_config": {
"issuer": "string",
"auth_ttl": 0,
"client_id": "string",
"iat_ttl": 0,
},
"user_pool_config": {
"user_pool_id": "string",
"app_id_client_regex": "string",
"aws_region": "string",
},
}],
lambda_authorizer_config={
"authorizer_uri": "string",
"authorizer_result_ttl_in_seconds": 0,
"identity_validation_expression": "string",
},
query_depth_limit=0,
resolver_count_limit=0,
schema="string",
tags={
"string": "string",
},
user_pool_config={
"default_action": "string",
"user_pool_id": "string",
"app_id_client_regex": "string",
"aws_region": "string",
},
visibility="string",
xray_enabled=False)
const graphQLApiResource = new aws.appsync.GraphQLApi("graphQLApiResource", {
authenticationType: "string",
name: "string",
mergedApiExecutionRoleArn: "string",
enhancedMetricsConfig: {
dataSourceLevelMetricsBehavior: "string",
operationLevelMetricsConfig: "string",
resolverLevelMetricsBehavior: "string",
},
introspectionConfig: "string",
openidConnectConfig: {
issuer: "string",
authTtl: 0,
clientId: "string",
iatTtl: 0,
},
logConfig: {
cloudwatchLogsRoleArn: "string",
fieldLogLevel: "string",
excludeVerboseContent: false,
},
apiType: "string",
additionalAuthenticationProviders: [{
authenticationType: "string",
lambdaAuthorizerConfig: {
authorizerUri: "string",
authorizerResultTtlInSeconds: 0,
identityValidationExpression: "string",
},
openidConnectConfig: {
issuer: "string",
authTtl: 0,
clientId: "string",
iatTtl: 0,
},
userPoolConfig: {
userPoolId: "string",
appIdClientRegex: "string",
awsRegion: "string",
},
}],
lambdaAuthorizerConfig: {
authorizerUri: "string",
authorizerResultTtlInSeconds: 0,
identityValidationExpression: "string",
},
queryDepthLimit: 0,
resolverCountLimit: 0,
schema: "string",
tags: {
string: "string",
},
userPoolConfig: {
defaultAction: "string",
userPoolId: "string",
appIdClientRegex: "string",
awsRegion: "string",
},
visibility: "string",
xrayEnabled: false,
});
type: aws:appsync:GraphQLApi
properties:
additionalAuthenticationProviders:
- authenticationType: string
lambdaAuthorizerConfig:
authorizerResultTtlInSeconds: 0
authorizerUri: string
identityValidationExpression: string
openidConnectConfig:
authTtl: 0
clientId: string
iatTtl: 0
issuer: string
userPoolConfig:
appIdClientRegex: string
awsRegion: string
userPoolId: string
apiType: string
authenticationType: string
enhancedMetricsConfig:
dataSourceLevelMetricsBehavior: string
operationLevelMetricsConfig: string
resolverLevelMetricsBehavior: string
introspectionConfig: string
lambdaAuthorizerConfig:
authorizerResultTtlInSeconds: 0
authorizerUri: string
identityValidationExpression: string
logConfig:
cloudwatchLogsRoleArn: string
excludeVerboseContent: false
fieldLogLevel: string
mergedApiExecutionRoleArn: string
name: string
openidConnectConfig:
authTtl: 0
clientId: string
iatTtl: 0
issuer: string
queryDepthLimit: 0
resolverCountLimit: 0
schema: string
tags:
string: string
userPoolConfig:
appIdClientRegex: string
awsRegion: string
defaultAction: string
userPoolId: string
visibility: string
xrayEnabled: false
GraphQLApi Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The GraphQLApi resource accepts the following input properties:
- Authentication
Type string - Authentication type. Valid values:
API_KEY
,AWS_IAM
,AMAZON_COGNITO_USER_POOLS
,OPENID_CONNECT
,AWS_LAMBDA
- Additional
Authentication List<GraphProviders QLApi Additional Authentication Provider> - One or more additional authentication providers for the GraphQL API. See
additional_authentication_provider
Block for details. - Api
Type string - API type. Valid values are
GRAPHQL
orMERGED
. AMERGED
type requiresmerged_api_execution_role_arn
to be set. - Enhanced
Metrics GraphConfig QLApi Enhanced Metrics Config - Enables and controls the enhanced metrics feature. See
enhanced_metrics_config
Block for details. - Introspection
Config string - Sets the value of the GraphQL API to enable (
ENABLED
) or disable (DISABLED
) introspection. If no value is provided, the introspection configuration will be set to ENABLED by default. This field will produce an error if the operation attempts to use the introspection feature while this field is disabled. For more information about introspection, see GraphQL introspection. - Graph
QLApi Lambda Authorizer Config - Nested argument containing Lambda authorizer configuration. See
lambda_authorizer_config
Block for details. - Log
Config GraphQLApi Log Config - Nested argument containing logging configuration. See
log_config
Block for details. - Merged
Api stringExecution Role Arn - ARN of the execution role when
api_type
is set toMERGED
. - Name string
User-supplied name for the GraphQL API.
The following arguments are optional:
- Openid
Connect GraphConfig QLApi Openid Connect Config - Nested argument containing OpenID Connect configuration. See
openid_connect_config
Block for details. - Query
Depth intLimit The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in the body of query. The default value is
0
(or unspecified), which indicates there's no depth limit. If you set a limit, it can be between1
and75
nested levels. This field will produce a limit error if the operation falls out of bounds.Note that fields can still be set to nullable or non-nullable. If a non-nullable field produces an error, the error will be thrown upwards to the first nullable field available.
- Resolver
Count intLimit - The maximum number of resolvers that can be invoked in a single request. The default value is
0
(or unspecified), which will set the limit to10000
. When specified, the limit value can be between1
and10000
. This field will produce a limit error if the operation falls out of bounds. - Schema string
- Schema definition, in GraphQL schema language format. This provider cannot perform drift detection of this configuration.
- Dictionary<string, string>
- Map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - User
Pool GraphConfig QLApi User Pool Config - Amazon Cognito User Pool configuration. See
user_pool_config
Block for details. - Visibility string
- Sets the value of the GraphQL API to public (
GLOBAL
) or private (PRIVATE
). If no value is provided, the visibility will be set toGLOBAL
by default. This value cannot be changed once the API has been created. - Xray
Enabled bool - Whether tracing with X-ray is enabled. Defaults to false.
- Authentication
Type string - Authentication type. Valid values:
API_KEY
,AWS_IAM
,AMAZON_COGNITO_USER_POOLS
,OPENID_CONNECT
,AWS_LAMBDA
- Additional
Authentication []GraphProviders QLApi Additional Authentication Provider Args - One or more additional authentication providers for the GraphQL API. See
additional_authentication_provider
Block for details. - Api
Type string - API type. Valid values are
GRAPHQL
orMERGED
. AMERGED
type requiresmerged_api_execution_role_arn
to be set. - Enhanced
Metrics GraphConfig QLApi Enhanced Metrics Config Args - Enables and controls the enhanced metrics feature. See
enhanced_metrics_config
Block for details. - Introspection
Config string - Sets the value of the GraphQL API to enable (
ENABLED
) or disable (DISABLED
) introspection. If no value is provided, the introspection configuration will be set to ENABLED by default. This field will produce an error if the operation attempts to use the introspection feature while this field is disabled. For more information about introspection, see GraphQL introspection. - Graph
QLApi Lambda Authorizer Config Args - Nested argument containing Lambda authorizer configuration. See
lambda_authorizer_config
Block for details. - Log
Config GraphQLApi Log Config Args - Nested argument containing logging configuration. See
log_config
Block for details. - Merged
Api stringExecution Role Arn - ARN of the execution role when
api_type
is set toMERGED
. - Name string
User-supplied name for the GraphQL API.
The following arguments are optional:
- Openid
Connect GraphConfig QLApi Openid Connect Config Args - Nested argument containing OpenID Connect configuration. See
openid_connect_config
Block for details. - Query
Depth intLimit The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in the body of query. The default value is
0
(or unspecified), which indicates there's no depth limit. If you set a limit, it can be between1
and75
nested levels. This field will produce a limit error if the operation falls out of bounds.Note that fields can still be set to nullable or non-nullable. If a non-nullable field produces an error, the error will be thrown upwards to the first nullable field available.
- Resolver
Count intLimit - The maximum number of resolvers that can be invoked in a single request. The default value is
0
(or unspecified), which will set the limit to10000
. When specified, the limit value can be between1
and10000
. This field will produce a limit error if the operation falls out of bounds. - Schema string
- Schema definition, in GraphQL schema language format. This provider cannot perform drift detection of this configuration.
- map[string]string
- Map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - User
Pool GraphConfig QLApi User Pool Config Args - Amazon Cognito User Pool configuration. See
user_pool_config
Block for details. - Visibility string
- Sets the value of the GraphQL API to public (
GLOBAL
) or private (PRIVATE
). If no value is provided, the visibility will be set toGLOBAL
by default. This value cannot be changed once the API has been created. - Xray
Enabled bool - Whether tracing with X-ray is enabled. Defaults to false.
- authentication
Type String - Authentication type. Valid values:
API_KEY
,AWS_IAM
,AMAZON_COGNITO_USER_POOLS
,OPENID_CONNECT
,AWS_LAMBDA
- additional
Authentication List<GraphProviders QLApi Additional Authentication Provider> - One or more additional authentication providers for the GraphQL API. See
additional_authentication_provider
Block for details. - api
Type String - API type. Valid values are
GRAPHQL
orMERGED
. AMERGED
type requiresmerged_api_execution_role_arn
to be set. - enhanced
Metrics GraphConfig QLApi Enhanced Metrics Config - Enables and controls the enhanced metrics feature. See
enhanced_metrics_config
Block for details. - introspection
Config String - Sets the value of the GraphQL API to enable (
ENABLED
) or disable (DISABLED
) introspection. If no value is provided, the introspection configuration will be set to ENABLED by default. This field will produce an error if the operation attempts to use the introspection feature while this field is disabled. For more information about introspection, see GraphQL introspection. - Graph
QLApi Lambda Authorizer Config - Nested argument containing Lambda authorizer configuration. See
lambda_authorizer_config
Block for details. - log
Config GraphQLApi Log Config - Nested argument containing logging configuration. See
log_config
Block for details. - merged
Api StringExecution Role Arn - ARN of the execution role when
api_type
is set toMERGED
. - name String
User-supplied name for the GraphQL API.
The following arguments are optional:
- openid
Connect GraphConfig QLApi Openid Connect Config - Nested argument containing OpenID Connect configuration. See
openid_connect_config
Block for details. - query
Depth IntegerLimit The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in the body of query. The default value is
0
(or unspecified), which indicates there's no depth limit. If you set a limit, it can be between1
and75
nested levels. This field will produce a limit error if the operation falls out of bounds.Note that fields can still be set to nullable or non-nullable. If a non-nullable field produces an error, the error will be thrown upwards to the first nullable field available.
- resolver
Count IntegerLimit - The maximum number of resolvers that can be invoked in a single request. The default value is
0
(or unspecified), which will set the limit to10000
. When specified, the limit value can be between1
and10000
. This field will produce a limit error if the operation falls out of bounds. - schema String
- Schema definition, in GraphQL schema language format. This provider cannot perform drift detection of this configuration.
- Map<String,String>
- Map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - user
Pool GraphConfig QLApi User Pool Config - Amazon Cognito User Pool configuration. See
user_pool_config
Block for details. - visibility String
- Sets the value of the GraphQL API to public (
GLOBAL
) or private (PRIVATE
). If no value is provided, the visibility will be set toGLOBAL
by default. This value cannot be changed once the API has been created. - xray
Enabled Boolean - Whether tracing with X-ray is enabled. Defaults to false.
- authentication
Type string - Authentication type. Valid values:
API_KEY
,AWS_IAM
,AMAZON_COGNITO_USER_POOLS
,OPENID_CONNECT
,AWS_LAMBDA
- additional
Authentication GraphProviders QLApi Additional Authentication Provider[] - One or more additional authentication providers for the GraphQL API. See
additional_authentication_provider
Block for details. - api
Type string - API type. Valid values are
GRAPHQL
orMERGED
. AMERGED
type requiresmerged_api_execution_role_arn
to be set. - enhanced
Metrics GraphConfig QLApi Enhanced Metrics Config - Enables and controls the enhanced metrics feature. See
enhanced_metrics_config
Block for details. - introspection
Config string - Sets the value of the GraphQL API to enable (
ENABLED
) or disable (DISABLED
) introspection. If no value is provided, the introspection configuration will be set to ENABLED by default. This field will produce an error if the operation attempts to use the introspection feature while this field is disabled. For more information about introspection, see GraphQL introspection. - Graph
QLApi Lambda Authorizer Config - Nested argument containing Lambda authorizer configuration. See
lambda_authorizer_config
Block for details. - log
Config GraphQLApi Log Config - Nested argument containing logging configuration. See
log_config
Block for details. - merged
Api stringExecution Role Arn - ARN of the execution role when
api_type
is set toMERGED
. - name string
User-supplied name for the GraphQL API.
The following arguments are optional:
- openid
Connect GraphConfig QLApi Openid Connect Config - Nested argument containing OpenID Connect configuration. See
openid_connect_config
Block for details. - query
Depth numberLimit The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in the body of query. The default value is
0
(or unspecified), which indicates there's no depth limit. If you set a limit, it can be between1
and75
nested levels. This field will produce a limit error if the operation falls out of bounds.Note that fields can still be set to nullable or non-nullable. If a non-nullable field produces an error, the error will be thrown upwards to the first nullable field available.
- resolver
Count numberLimit - The maximum number of resolvers that can be invoked in a single request. The default value is
0
(or unspecified), which will set the limit to10000
. When specified, the limit value can be between1
and10000
. This field will produce a limit error if the operation falls out of bounds. - schema string
- Schema definition, in GraphQL schema language format. This provider cannot perform drift detection of this configuration.
- {[key: string]: string}
- Map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - user
Pool GraphConfig QLApi User Pool Config - Amazon Cognito User Pool configuration. See
user_pool_config
Block for details. - visibility string
- Sets the value of the GraphQL API to public (
GLOBAL
) or private (PRIVATE
). If no value is provided, the visibility will be set toGLOBAL
by default. This value cannot be changed once the API has been created. - xray
Enabled boolean - Whether tracing with X-ray is enabled. Defaults to false.
- authentication_
type str - Authentication type. Valid values:
API_KEY
,AWS_IAM
,AMAZON_COGNITO_USER_POOLS
,OPENID_CONNECT
,AWS_LAMBDA
- additional_
authentication_ Sequence[Graphproviders QLApi Additional Authentication Provider Args] - One or more additional authentication providers for the GraphQL API. See
additional_authentication_provider
Block for details. - api_
type str - API type. Valid values are
GRAPHQL
orMERGED
. AMERGED
type requiresmerged_api_execution_role_arn
to be set. - enhanced_
metrics_ Graphconfig QLApi Enhanced Metrics Config Args - Enables and controls the enhanced metrics feature. See
enhanced_metrics_config
Block for details. - introspection_
config str - Sets the value of the GraphQL API to enable (
ENABLED
) or disable (DISABLED
) introspection. If no value is provided, the introspection configuration will be set to ENABLED by default. This field will produce an error if the operation attempts to use the introspection feature while this field is disabled. For more information about introspection, see GraphQL introspection. - Graph
QLApi Lambda Authorizer Config Args - Nested argument containing Lambda authorizer configuration. See
lambda_authorizer_config
Block for details. - log_
config GraphQLApi Log Config Args - Nested argument containing logging configuration. See
log_config
Block for details. - merged_
api_ strexecution_ role_ arn - ARN of the execution role when
api_type
is set toMERGED
. - name str
User-supplied name for the GraphQL API.
The following arguments are optional:
- openid_
connect_ Graphconfig QLApi Openid Connect Config Args - Nested argument containing OpenID Connect configuration. See
openid_connect_config
Block for details. - query_
depth_ intlimit The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in the body of query. The default value is
0
(or unspecified), which indicates there's no depth limit. If you set a limit, it can be between1
and75
nested levels. This field will produce a limit error if the operation falls out of bounds.Note that fields can still be set to nullable or non-nullable. If a non-nullable field produces an error, the error will be thrown upwards to the first nullable field available.
- resolver_
count_ intlimit - The maximum number of resolvers that can be invoked in a single request. The default value is
0
(or unspecified), which will set the limit to10000
. When specified, the limit value can be between1
and10000
. This field will produce a limit error if the operation falls out of bounds. - schema str
- Schema definition, in GraphQL schema language format. This provider cannot perform drift detection of this configuration.
- Mapping[str, str]
- Map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - user_
pool_ Graphconfig QLApi User Pool Config Args - Amazon Cognito User Pool configuration. See
user_pool_config
Block for details. - visibility str
- Sets the value of the GraphQL API to public (
GLOBAL
) or private (PRIVATE
). If no value is provided, the visibility will be set toGLOBAL
by default. This value cannot be changed once the API has been created. - xray_
enabled bool - Whether tracing with X-ray is enabled. Defaults to false.
- authentication
Type String - Authentication type. Valid values:
API_KEY
,AWS_IAM
,AMAZON_COGNITO_USER_POOLS
,OPENID_CONNECT
,AWS_LAMBDA
- additional
Authentication List<Property Map>Providers - One or more additional authentication providers for the GraphQL API. See
additional_authentication_provider
Block for details. - api
Type String - API type. Valid values are
GRAPHQL
orMERGED
. AMERGED
type requiresmerged_api_execution_role_arn
to be set. - enhanced
Metrics Property MapConfig - Enables and controls the enhanced metrics feature. See
enhanced_metrics_config
Block for details. - introspection
Config String - Sets the value of the GraphQL API to enable (
ENABLED
) or disable (DISABLED
) introspection. If no value is provided, the introspection configuration will be set to ENABLED by default. This field will produce an error if the operation attempts to use the introspection feature while this field is disabled. For more information about introspection, see GraphQL introspection. - Property Map
- Nested argument containing Lambda authorizer configuration. See
lambda_authorizer_config
Block for details. - log
Config Property Map - Nested argument containing logging configuration. See
log_config
Block for details. - merged
Api StringExecution Role Arn - ARN of the execution role when
api_type
is set toMERGED
. - name String
User-supplied name for the GraphQL API.
The following arguments are optional:
- openid
Connect Property MapConfig - Nested argument containing OpenID Connect configuration. See
openid_connect_config
Block for details. - query
Depth NumberLimit The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in the body of query. The default value is
0
(or unspecified), which indicates there's no depth limit. If you set a limit, it can be between1
and75
nested levels. This field will produce a limit error if the operation falls out of bounds.Note that fields can still be set to nullable or non-nullable. If a non-nullable field produces an error, the error will be thrown upwards to the first nullable field available.
- resolver
Count NumberLimit - The maximum number of resolvers that can be invoked in a single request. The default value is
0
(or unspecified), which will set the limit to10000
. When specified, the limit value can be between1
and10000
. This field will produce a limit error if the operation falls out of bounds. - schema String
- Schema definition, in GraphQL schema language format. This provider cannot perform drift detection of this configuration.
- Map<String>
- Map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - user
Pool Property MapConfig - Amazon Cognito User Pool configuration. See
user_pool_config
Block for details. - visibility String
- Sets the value of the GraphQL API to public (
GLOBAL
) or private (PRIVATE
). If no value is provided, the visibility will be set toGLOBAL
by default. This value cannot be changed once the API has been created. - xray
Enabled Boolean - Whether tracing with X-ray is enabled. Defaults to false.
Outputs
All input properties are implicitly available as output properties. Additionally, the GraphQLApi resource produces the following output properties:
- Arn string
- ARN
- Id string
- The provider-assigned unique ID for this managed resource.
- Dictionary<string, string>
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - Uris Dictionary<string, string>
- Map of URIs associated with the API E.g.,
uris["GRAPHQL"] = https://ID.appsync-api.REGION.amazonaws.com/graphql
- Arn string
- ARN
- Id string
- The provider-assigned unique ID for this managed resource.
- map[string]string
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - Uris map[string]string
- Map of URIs associated with the API E.g.,
uris["GRAPHQL"] = https://ID.appsync-api.REGION.amazonaws.com/graphql
- arn String
- ARN
- id String
- The provider-assigned unique ID for this managed resource.
- Map<String,String>
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - uris Map<String,String>
- Map of URIs associated with the API E.g.,
uris["GRAPHQL"] = https://ID.appsync-api.REGION.amazonaws.com/graphql
- arn string
- ARN
- id string
- The provider-assigned unique ID for this managed resource.
- {[key: string]: string}
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - uris {[key: string]: string}
- Map of URIs associated with the API E.g.,
uris["GRAPHQL"] = https://ID.appsync-api.REGION.amazonaws.com/graphql
- arn str
- ARN
- id str
- The provider-assigned unique ID for this managed resource.
- Mapping[str, str]
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - uris Mapping[str, str]
- Map of URIs associated with the API E.g.,
uris["GRAPHQL"] = https://ID.appsync-api.REGION.amazonaws.com/graphql
- arn String
- ARN
- id String
- The provider-assigned unique ID for this managed resource.
- Map<String>
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - uris Map<String>
- Map of URIs associated with the API E.g.,
uris["GRAPHQL"] = https://ID.appsync-api.REGION.amazonaws.com/graphql
Look up Existing GraphQLApi Resource
Get an existing GraphQLApi resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: GraphQLApiState, opts?: CustomResourceOptions): GraphQLApi
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
additional_authentication_providers: Optional[Sequence[GraphQLApiAdditionalAuthenticationProviderArgs]] = None,
api_type: Optional[str] = None,
arn: Optional[str] = None,
authentication_type: Optional[str] = None,
enhanced_metrics_config: Optional[GraphQLApiEnhancedMetricsConfigArgs] = None,
introspection_config: Optional[str] = None,
lambda_authorizer_config: Optional[GraphQLApiLambdaAuthorizerConfigArgs] = None,
log_config: Optional[GraphQLApiLogConfigArgs] = None,
merged_api_execution_role_arn: Optional[str] = None,
name: Optional[str] = None,
openid_connect_config: Optional[GraphQLApiOpenidConnectConfigArgs] = None,
query_depth_limit: Optional[int] = None,
resolver_count_limit: Optional[int] = None,
schema: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
tags_all: Optional[Mapping[str, str]] = None,
uris: Optional[Mapping[str, str]] = None,
user_pool_config: Optional[GraphQLApiUserPoolConfigArgs] = None,
visibility: Optional[str] = None,
xray_enabled: Optional[bool] = None) -> GraphQLApi
func GetGraphQLApi(ctx *Context, name string, id IDInput, state *GraphQLApiState, opts ...ResourceOption) (*GraphQLApi, error)
public static GraphQLApi Get(string name, Input<string> id, GraphQLApiState? state, CustomResourceOptions? opts = null)
public static GraphQLApi get(String name, Output<String> id, GraphQLApiState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Additional
Authentication List<GraphProviders QLApi Additional Authentication Provider> - One or more additional authentication providers for the GraphQL API. See
additional_authentication_provider
Block for details. - Api
Type string - API type. Valid values are
GRAPHQL
orMERGED
. AMERGED
type requiresmerged_api_execution_role_arn
to be set. - Arn string
- ARN
- Authentication
Type string - Authentication type. Valid values:
API_KEY
,AWS_IAM
,AMAZON_COGNITO_USER_POOLS
,OPENID_CONNECT
,AWS_LAMBDA
- Enhanced
Metrics GraphConfig QLApi Enhanced Metrics Config - Enables and controls the enhanced metrics feature. See
enhanced_metrics_config
Block for details. - Introspection
Config string - Sets the value of the GraphQL API to enable (
ENABLED
) or disable (DISABLED
) introspection. If no value is provided, the introspection configuration will be set to ENABLED by default. This field will produce an error if the operation attempts to use the introspection feature while this field is disabled. For more information about introspection, see GraphQL introspection. - Graph
QLApi Lambda Authorizer Config - Nested argument containing Lambda authorizer configuration. See
lambda_authorizer_config
Block for details. - Log
Config GraphQLApi Log Config - Nested argument containing logging configuration. See
log_config
Block for details. - Merged
Api stringExecution Role Arn - ARN of the execution role when
api_type
is set toMERGED
. - Name string
User-supplied name for the GraphQL API.
The following arguments are optional:
- Openid
Connect GraphConfig QLApi Openid Connect Config - Nested argument containing OpenID Connect configuration. See
openid_connect_config
Block for details. - Query
Depth intLimit The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in the body of query. The default value is
0
(or unspecified), which indicates there's no depth limit. If you set a limit, it can be between1
and75
nested levels. This field will produce a limit error if the operation falls out of bounds.Note that fields can still be set to nullable or non-nullable. If a non-nullable field produces an error, the error will be thrown upwards to the first nullable field available.
- Resolver
Count intLimit - The maximum number of resolvers that can be invoked in a single request. The default value is
0
(or unspecified), which will set the limit to10000
. When specified, the limit value can be between1
and10000
. This field will produce a limit error if the operation falls out of bounds. - Schema string
- Schema definition, in GraphQL schema language format. This provider cannot perform drift detection of this configuration.
- Dictionary<string, string>
- Map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - Dictionary<string, string>
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - Uris Dictionary<string, string>
- Map of URIs associated with the API E.g.,
uris["GRAPHQL"] = https://ID.appsync-api.REGION.amazonaws.com/graphql
- User
Pool GraphConfig QLApi User Pool Config - Amazon Cognito User Pool configuration. See
user_pool_config
Block for details. - Visibility string
- Sets the value of the GraphQL API to public (
GLOBAL
) or private (PRIVATE
). If no value is provided, the visibility will be set toGLOBAL
by default. This value cannot be changed once the API has been created. - Xray
Enabled bool - Whether tracing with X-ray is enabled. Defaults to false.
- Additional
Authentication []GraphProviders QLApi Additional Authentication Provider Args - One or more additional authentication providers for the GraphQL API. See
additional_authentication_provider
Block for details. - Api
Type string - API type. Valid values are
GRAPHQL
orMERGED
. AMERGED
type requiresmerged_api_execution_role_arn
to be set. - Arn string
- ARN
- Authentication
Type string - Authentication type. Valid values:
API_KEY
,AWS_IAM
,AMAZON_COGNITO_USER_POOLS
,OPENID_CONNECT
,AWS_LAMBDA
- Enhanced
Metrics GraphConfig QLApi Enhanced Metrics Config Args - Enables and controls the enhanced metrics feature. See
enhanced_metrics_config
Block for details. - Introspection
Config string - Sets the value of the GraphQL API to enable (
ENABLED
) or disable (DISABLED
) introspection. If no value is provided, the introspection configuration will be set to ENABLED by default. This field will produce an error if the operation attempts to use the introspection feature while this field is disabled. For more information about introspection, see GraphQL introspection. - Graph
QLApi Lambda Authorizer Config Args - Nested argument containing Lambda authorizer configuration. See
lambda_authorizer_config
Block for details. - Log
Config GraphQLApi Log Config Args - Nested argument containing logging configuration. See
log_config
Block for details. - Merged
Api stringExecution Role Arn - ARN of the execution role when
api_type
is set toMERGED
. - Name string
User-supplied name for the GraphQL API.
The following arguments are optional:
- Openid
Connect GraphConfig QLApi Openid Connect Config Args - Nested argument containing OpenID Connect configuration. See
openid_connect_config
Block for details. - Query
Depth intLimit The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in the body of query. The default value is
0
(or unspecified), which indicates there's no depth limit. If you set a limit, it can be between1
and75
nested levels. This field will produce a limit error if the operation falls out of bounds.Note that fields can still be set to nullable or non-nullable. If a non-nullable field produces an error, the error will be thrown upwards to the first nullable field available.
- Resolver
Count intLimit - The maximum number of resolvers that can be invoked in a single request. The default value is
0
(or unspecified), which will set the limit to10000
. When specified, the limit value can be between1
and10000
. This field will produce a limit error if the operation falls out of bounds. - Schema string
- Schema definition, in GraphQL schema language format. This provider cannot perform drift detection of this configuration.
- map[string]string
- Map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - map[string]string
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - Uris map[string]string
- Map of URIs associated with the API E.g.,
uris["GRAPHQL"] = https://ID.appsync-api.REGION.amazonaws.com/graphql
- User
Pool GraphConfig QLApi User Pool Config Args - Amazon Cognito User Pool configuration. See
user_pool_config
Block for details. - Visibility string
- Sets the value of the GraphQL API to public (
GLOBAL
) or private (PRIVATE
). If no value is provided, the visibility will be set toGLOBAL
by default. This value cannot be changed once the API has been created. - Xray
Enabled bool - Whether tracing with X-ray is enabled. Defaults to false.
- additional
Authentication List<GraphProviders QLApi Additional Authentication Provider> - One or more additional authentication providers for the GraphQL API. See
additional_authentication_provider
Block for details. - api
Type String - API type. Valid values are
GRAPHQL
orMERGED
. AMERGED
type requiresmerged_api_execution_role_arn
to be set. - arn String
- ARN
- authentication
Type String - Authentication type. Valid values:
API_KEY
,AWS_IAM
,AMAZON_COGNITO_USER_POOLS
,OPENID_CONNECT
,AWS_LAMBDA
- enhanced
Metrics GraphConfig QLApi Enhanced Metrics Config - Enables and controls the enhanced metrics feature. See
enhanced_metrics_config
Block for details. - introspection
Config String - Sets the value of the GraphQL API to enable (
ENABLED
) or disable (DISABLED
) introspection. If no value is provided, the introspection configuration will be set to ENABLED by default. This field will produce an error if the operation attempts to use the introspection feature while this field is disabled. For more information about introspection, see GraphQL introspection. - Graph
QLApi Lambda Authorizer Config - Nested argument containing Lambda authorizer configuration. See
lambda_authorizer_config
Block for details. - log
Config GraphQLApi Log Config - Nested argument containing logging configuration. See
log_config
Block for details. - merged
Api StringExecution Role Arn - ARN of the execution role when
api_type
is set toMERGED
. - name String
User-supplied name for the GraphQL API.
The following arguments are optional:
- openid
Connect GraphConfig QLApi Openid Connect Config - Nested argument containing OpenID Connect configuration. See
openid_connect_config
Block for details. - query
Depth IntegerLimit The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in the body of query. The default value is
0
(or unspecified), which indicates there's no depth limit. If you set a limit, it can be between1
and75
nested levels. This field will produce a limit error if the operation falls out of bounds.Note that fields can still be set to nullable or non-nullable. If a non-nullable field produces an error, the error will be thrown upwards to the first nullable field available.
- resolver
Count IntegerLimit - The maximum number of resolvers that can be invoked in a single request. The default value is
0
(or unspecified), which will set the limit to10000
. When specified, the limit value can be between1
and10000
. This field will produce a limit error if the operation falls out of bounds. - schema String
- Schema definition, in GraphQL schema language format. This provider cannot perform drift detection of this configuration.
- Map<String,String>
- Map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - Map<String,String>
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - uris Map<String,String>
- Map of URIs associated with the API E.g.,
uris["GRAPHQL"] = https://ID.appsync-api.REGION.amazonaws.com/graphql
- user
Pool GraphConfig QLApi User Pool Config - Amazon Cognito User Pool configuration. See
user_pool_config
Block for details. - visibility String
- Sets the value of the GraphQL API to public (
GLOBAL
) or private (PRIVATE
). If no value is provided, the visibility will be set toGLOBAL
by default. This value cannot be changed once the API has been created. - xray
Enabled Boolean - Whether tracing with X-ray is enabled. Defaults to false.
- additional
Authentication GraphProviders QLApi Additional Authentication Provider[] - One or more additional authentication providers for the GraphQL API. See
additional_authentication_provider
Block for details. - api
Type string - API type. Valid values are
GRAPHQL
orMERGED
. AMERGED
type requiresmerged_api_execution_role_arn
to be set. - arn string
- ARN
- authentication
Type string - Authentication type. Valid values:
API_KEY
,AWS_IAM
,AMAZON_COGNITO_USER_POOLS
,OPENID_CONNECT
,AWS_LAMBDA
- enhanced
Metrics GraphConfig QLApi Enhanced Metrics Config - Enables and controls the enhanced metrics feature. See
enhanced_metrics_config
Block for details. - introspection
Config string - Sets the value of the GraphQL API to enable (
ENABLED
) or disable (DISABLED
) introspection. If no value is provided, the introspection configuration will be set to ENABLED by default. This field will produce an error if the operation attempts to use the introspection feature while this field is disabled. For more information about introspection, see GraphQL introspection. - Graph
QLApi Lambda Authorizer Config - Nested argument containing Lambda authorizer configuration. See
lambda_authorizer_config
Block for details. - log
Config GraphQLApi Log Config - Nested argument containing logging configuration. See
log_config
Block for details. - merged
Api stringExecution Role Arn - ARN of the execution role when
api_type
is set toMERGED
. - name string
User-supplied name for the GraphQL API.
The following arguments are optional:
- openid
Connect GraphConfig QLApi Openid Connect Config - Nested argument containing OpenID Connect configuration. See
openid_connect_config
Block for details. - query
Depth numberLimit The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in the body of query. The default value is
0
(or unspecified), which indicates there's no depth limit. If you set a limit, it can be between1
and75
nested levels. This field will produce a limit error if the operation falls out of bounds.Note that fields can still be set to nullable or non-nullable. If a non-nullable field produces an error, the error will be thrown upwards to the first nullable field available.
- resolver
Count numberLimit - The maximum number of resolvers that can be invoked in a single request. The default value is
0
(or unspecified), which will set the limit to10000
. When specified, the limit value can be between1
and10000
. This field will produce a limit error if the operation falls out of bounds. - schema string
- Schema definition, in GraphQL schema language format. This provider cannot perform drift detection of this configuration.
- {[key: string]: string}
- Map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - {[key: string]: string}
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - uris {[key: string]: string}
- Map of URIs associated with the API E.g.,
uris["GRAPHQL"] = https://ID.appsync-api.REGION.amazonaws.com/graphql
- user
Pool GraphConfig QLApi User Pool Config - Amazon Cognito User Pool configuration. See
user_pool_config
Block for details. - visibility string
- Sets the value of the GraphQL API to public (
GLOBAL
) or private (PRIVATE
). If no value is provided, the visibility will be set toGLOBAL
by default. This value cannot be changed once the API has been created. - xray
Enabled boolean - Whether tracing with X-ray is enabled. Defaults to false.
- additional_
authentication_ Sequence[Graphproviders QLApi Additional Authentication Provider Args] - One or more additional authentication providers for the GraphQL API. See
additional_authentication_provider
Block for details. - api_
type str - API type. Valid values are
GRAPHQL
orMERGED
. AMERGED
type requiresmerged_api_execution_role_arn
to be set. - arn str
- ARN
- authentication_
type str - Authentication type. Valid values:
API_KEY
,AWS_IAM
,AMAZON_COGNITO_USER_POOLS
,OPENID_CONNECT
,AWS_LAMBDA
- enhanced_
metrics_ Graphconfig QLApi Enhanced Metrics Config Args - Enables and controls the enhanced metrics feature. See
enhanced_metrics_config
Block for details. - introspection_
config str - Sets the value of the GraphQL API to enable (
ENABLED
) or disable (DISABLED
) introspection. If no value is provided, the introspection configuration will be set to ENABLED by default. This field will produce an error if the operation attempts to use the introspection feature while this field is disabled. For more information about introspection, see GraphQL introspection. - Graph
QLApi Lambda Authorizer Config Args - Nested argument containing Lambda authorizer configuration. See
lambda_authorizer_config
Block for details. - log_
config GraphQLApi Log Config Args - Nested argument containing logging configuration. See
log_config
Block for details. - merged_
api_ strexecution_ role_ arn - ARN of the execution role when
api_type
is set toMERGED
. - name str
User-supplied name for the GraphQL API.
The following arguments are optional:
- openid_
connect_ Graphconfig QLApi Openid Connect Config Args - Nested argument containing OpenID Connect configuration. See
openid_connect_config
Block for details. - query_
depth_ intlimit The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in the body of query. The default value is
0
(or unspecified), which indicates there's no depth limit. If you set a limit, it can be between1
and75
nested levels. This field will produce a limit error if the operation falls out of bounds.Note that fields can still be set to nullable or non-nullable. If a non-nullable field produces an error, the error will be thrown upwards to the first nullable field available.
- resolver_
count_ intlimit - The maximum number of resolvers that can be invoked in a single request. The default value is
0
(or unspecified), which will set the limit to10000
. When specified, the limit value can be between1
and10000
. This field will produce a limit error if the operation falls out of bounds. - schema str
- Schema definition, in GraphQL schema language format. This provider cannot perform drift detection of this configuration.
- Mapping[str, str]
- Map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - Mapping[str, str]
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - uris Mapping[str, str]
- Map of URIs associated with the API E.g.,
uris["GRAPHQL"] = https://ID.appsync-api.REGION.amazonaws.com/graphql
- user_
pool_ Graphconfig QLApi User Pool Config Args - Amazon Cognito User Pool configuration. See
user_pool_config
Block for details. - visibility str
- Sets the value of the GraphQL API to public (
GLOBAL
) or private (PRIVATE
). If no value is provided, the visibility will be set toGLOBAL
by default. This value cannot be changed once the API has been created. - xray_
enabled bool - Whether tracing with X-ray is enabled. Defaults to false.
- additional
Authentication List<Property Map>Providers - One or more additional authentication providers for the GraphQL API. See
additional_authentication_provider
Block for details. - api
Type String - API type. Valid values are
GRAPHQL
orMERGED
. AMERGED
type requiresmerged_api_execution_role_arn
to be set. - arn String
- ARN
- authentication
Type String - Authentication type. Valid values:
API_KEY
,AWS_IAM
,AMAZON_COGNITO_USER_POOLS
,OPENID_CONNECT
,AWS_LAMBDA
- enhanced
Metrics Property MapConfig - Enables and controls the enhanced metrics feature. See
enhanced_metrics_config
Block for details. - introspection
Config String - Sets the value of the GraphQL API to enable (
ENABLED
) or disable (DISABLED
) introspection. If no value is provided, the introspection configuration will be set to ENABLED by default. This field will produce an error if the operation attempts to use the introspection feature while this field is disabled. For more information about introspection, see GraphQL introspection. - Property Map
- Nested argument containing Lambda authorizer configuration. See
lambda_authorizer_config
Block for details. - log
Config Property Map - Nested argument containing logging configuration. See
log_config
Block for details. - merged
Api StringExecution Role Arn - ARN of the execution role when
api_type
is set toMERGED
. - name String
User-supplied name for the GraphQL API.
The following arguments are optional:
- openid
Connect Property MapConfig - Nested argument containing OpenID Connect configuration. See
openid_connect_config
Block for details. - query
Depth NumberLimit The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in the body of query. The default value is
0
(or unspecified), which indicates there's no depth limit. If you set a limit, it can be between1
and75
nested levels. This field will produce a limit error if the operation falls out of bounds.Note that fields can still be set to nullable or non-nullable. If a non-nullable field produces an error, the error will be thrown upwards to the first nullable field available.
- resolver
Count NumberLimit - The maximum number of resolvers that can be invoked in a single request. The default value is
0
(or unspecified), which will set the limit to10000
. When specified, the limit value can be between1
and10000
. This field will produce a limit error if the operation falls out of bounds. - schema String
- Schema definition, in GraphQL schema language format. This provider cannot perform drift detection of this configuration.
- Map<String>
- Map of tags to assign to the resource. If configured with a provider
default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level. - Map<String>
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - uris Map<String>
- Map of URIs associated with the API E.g.,
uris["GRAPHQL"] = https://ID.appsync-api.REGION.amazonaws.com/graphql
- user
Pool Property MapConfig - Amazon Cognito User Pool configuration. See
user_pool_config
Block for details. - visibility String
- Sets the value of the GraphQL API to public (
GLOBAL
) or private (PRIVATE
). If no value is provided, the visibility will be set toGLOBAL
by default. This value cannot be changed once the API has been created. - xray
Enabled Boolean - Whether tracing with X-ray is enabled. Defaults to false.
Supporting Types
GraphQLApiAdditionalAuthenticationProvider, GraphQLApiAdditionalAuthenticationProviderArgs
- Authentication
Type string - Authentication type. Valid values:
API_KEY
,AWS_IAM
,AMAZON_COGNITO_USER_POOLS
,OPENID_CONNECT
,AWS_LAMBDA
- Graph
QLApi Additional Authentication Provider Lambda Authorizer Config - Nested argument containing Lambda authorizer configuration. See
lambda_authorizer_config
Block for details. - Openid
Connect GraphConfig QLApi Additional Authentication Provider Openid Connect Config - Nested argument containing OpenID Connect configuration. See
openid_connect_config
Block for details. - User
Pool GraphConfig QLApi Additional Authentication Provider User Pool Config - Amazon Cognito User Pool configuration. See
user_pool_config
Block for details.
- Authentication
Type string - Authentication type. Valid values:
API_KEY
,AWS_IAM
,AMAZON_COGNITO_USER_POOLS
,OPENID_CONNECT
,AWS_LAMBDA
- Graph
QLApi Additional Authentication Provider Lambda Authorizer Config - Nested argument containing Lambda authorizer configuration. See
lambda_authorizer_config
Block for details. - Openid
Connect GraphConfig QLApi Additional Authentication Provider Openid Connect Config - Nested argument containing OpenID Connect configuration. See
openid_connect_config
Block for details. - User
Pool GraphConfig QLApi Additional Authentication Provider User Pool Config - Amazon Cognito User Pool configuration. See
user_pool_config
Block for details.
- authentication
Type String - Authentication type. Valid values:
API_KEY
,AWS_IAM
,AMAZON_COGNITO_USER_POOLS
,OPENID_CONNECT
,AWS_LAMBDA
- Graph
QLApi Additional Authentication Provider Lambda Authorizer Config - Nested argument containing Lambda authorizer configuration. See
lambda_authorizer_config
Block for details. - openid
Connect GraphConfig QLApi Additional Authentication Provider Openid Connect Config - Nested argument containing OpenID Connect configuration. See
openid_connect_config
Block for details. - user
Pool GraphConfig QLApi Additional Authentication Provider User Pool Config - Amazon Cognito User Pool configuration. See
user_pool_config
Block for details.
- authentication
Type string - Authentication type. Valid values:
API_KEY
,AWS_IAM
,AMAZON_COGNITO_USER_POOLS
,OPENID_CONNECT
,AWS_LAMBDA
- Graph
QLApi Additional Authentication Provider Lambda Authorizer Config - Nested argument containing Lambda authorizer configuration. See
lambda_authorizer_config
Block for details. - openid
Connect GraphConfig QLApi Additional Authentication Provider Openid Connect Config - Nested argument containing OpenID Connect configuration. See
openid_connect_config
Block for details. - user
Pool GraphConfig QLApi Additional Authentication Provider User Pool Config - Amazon Cognito User Pool configuration. See
user_pool_config
Block for details.
- authentication_
type str - Authentication type. Valid values:
API_KEY
,AWS_IAM
,AMAZON_COGNITO_USER_POOLS
,OPENID_CONNECT
,AWS_LAMBDA
- Graph
QLApi Additional Authentication Provider Lambda Authorizer Config - Nested argument containing Lambda authorizer configuration. See
lambda_authorizer_config
Block for details. - openid_
connect_ Graphconfig QLApi Additional Authentication Provider Openid Connect Config - Nested argument containing OpenID Connect configuration. See
openid_connect_config
Block for details. - user_
pool_ Graphconfig QLApi Additional Authentication Provider User Pool Config - Amazon Cognito User Pool configuration. See
user_pool_config
Block for details.
- authentication
Type String - Authentication type. Valid values:
API_KEY
,AWS_IAM
,AMAZON_COGNITO_USER_POOLS
,OPENID_CONNECT
,AWS_LAMBDA
- Property Map
- Nested argument containing Lambda authorizer configuration. See
lambda_authorizer_config
Block for details. - openid
Connect Property MapConfig - Nested argument containing OpenID Connect configuration. See
openid_connect_config
Block for details. - user
Pool Property MapConfig - Amazon Cognito User Pool configuration. See
user_pool_config
Block for details.
GraphQLApiAdditionalAuthenticationProviderLambdaAuthorizerConfig, GraphQLApiAdditionalAuthenticationProviderLambdaAuthorizerConfigArgs
- string
- ARN of the Lambda function to be called for authorization. Note: This Lambda function must have a resource-based policy assigned to it, to allow
lambda:InvokeFunction
from service principalappsync.amazonaws.com
. - int
- Number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a
ttlOverride
key in its response. A value of 0 disables caching of responses. Minimum value of 0. Maximum value of 3600. - Identity
Validation stringExpression - Regular expression for validation of tokens before the Lambda function is called.
- string
- ARN of the Lambda function to be called for authorization. Note: This Lambda function must have a resource-based policy assigned to it, to allow
lambda:InvokeFunction
from service principalappsync.amazonaws.com
. - int
- Number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a
ttlOverride
key in its response. A value of 0 disables caching of responses. Minimum value of 0. Maximum value of 3600. - Identity
Validation stringExpression - Regular expression for validation of tokens before the Lambda function is called.
- String
- ARN of the Lambda function to be called for authorization. Note: This Lambda function must have a resource-based policy assigned to it, to allow
lambda:InvokeFunction
from service principalappsync.amazonaws.com
. - Integer
- Number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a
ttlOverride
key in its response. A value of 0 disables caching of responses. Minimum value of 0. Maximum value of 3600. - identity
Validation StringExpression - Regular expression for validation of tokens before the Lambda function is called.
- string
- ARN of the Lambda function to be called for authorization. Note: This Lambda function must have a resource-based policy assigned to it, to allow
lambda:InvokeFunction
from service principalappsync.amazonaws.com
. - number
- Number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a
ttlOverride
key in its response. A value of 0 disables caching of responses. Minimum value of 0. Maximum value of 3600. - identity
Validation stringExpression - Regular expression for validation of tokens before the Lambda function is called.
- str
- ARN of the Lambda function to be called for authorization. Note: This Lambda function must have a resource-based policy assigned to it, to allow
lambda:InvokeFunction
from service principalappsync.amazonaws.com
. - int
- Number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a
ttlOverride
key in its response. A value of 0 disables caching of responses. Minimum value of 0. Maximum value of 3600. - identity_
validation_ strexpression - Regular expression for validation of tokens before the Lambda function is called.
- String
- ARN of the Lambda function to be called for authorization. Note: This Lambda function must have a resource-based policy assigned to it, to allow
lambda:InvokeFunction
from service principalappsync.amazonaws.com
. - Number
- Number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a
ttlOverride
key in its response. A value of 0 disables caching of responses. Minimum value of 0. Maximum value of 3600. - identity
Validation StringExpression - Regular expression for validation of tokens before the Lambda function is called.
GraphQLApiAdditionalAuthenticationProviderOpenidConnectConfig, GraphQLApiAdditionalAuthenticationProviderOpenidConnectConfigArgs
- Issuer string
- Issuer for the OpenID Connect configuration. The issuer returned by discovery MUST exactly match the value of iss in the ID Token.
- Auth
Ttl int - Number of milliseconds a token is valid after being authenticated.
- Client
Id string - Client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.
- Iat
Ttl int - Number of milliseconds a token is valid after being issued to a user.
- Issuer string
- Issuer for the OpenID Connect configuration. The issuer returned by discovery MUST exactly match the value of iss in the ID Token.
- Auth
Ttl int - Number of milliseconds a token is valid after being authenticated.
- Client
Id string - Client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.
- Iat
Ttl int - Number of milliseconds a token is valid after being issued to a user.
- issuer String
- Issuer for the OpenID Connect configuration. The issuer returned by discovery MUST exactly match the value of iss in the ID Token.
- auth
Ttl Integer - Number of milliseconds a token is valid after being authenticated.
- client
Id String - Client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.
- iat
Ttl Integer - Number of milliseconds a token is valid after being issued to a user.
- issuer string
- Issuer for the OpenID Connect configuration. The issuer returned by discovery MUST exactly match the value of iss in the ID Token.
- auth
Ttl number - Number of milliseconds a token is valid after being authenticated.
- client
Id string - Client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.
- iat
Ttl number - Number of milliseconds a token is valid after being issued to a user.
- issuer str
- Issuer for the OpenID Connect configuration. The issuer returned by discovery MUST exactly match the value of iss in the ID Token.
- auth_
ttl int - Number of milliseconds a token is valid after being authenticated.
- client_
id str - Client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.
- iat_
ttl int - Number of milliseconds a token is valid after being issued to a user.
- issuer String
- Issuer for the OpenID Connect configuration. The issuer returned by discovery MUST exactly match the value of iss in the ID Token.
- auth
Ttl Number - Number of milliseconds a token is valid after being authenticated.
- client
Id String - Client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.
- iat
Ttl Number - Number of milliseconds a token is valid after being issued to a user.
GraphQLApiAdditionalAuthenticationProviderUserPoolConfig, GraphQLApiAdditionalAuthenticationProviderUserPoolConfigArgs
- User
Pool stringId - User pool ID.
- App
Id stringClient Regex - Regular expression for validating the incoming Amazon Cognito User Pool app client ID.
- Aws
Region string - AWS region in which the user pool was created.
- User
Pool stringId - User pool ID.
- App
Id stringClient Regex - Regular expression for validating the incoming Amazon Cognito User Pool app client ID.
- Aws
Region string - AWS region in which the user pool was created.
- user
Pool StringId - User pool ID.
- app
Id StringClient Regex - Regular expression for validating the incoming Amazon Cognito User Pool app client ID.
- aws
Region String - AWS region in which the user pool was created.
- user
Pool stringId - User pool ID.
- app
Id stringClient Regex - Regular expression for validating the incoming Amazon Cognito User Pool app client ID.
- aws
Region string - AWS region in which the user pool was created.
- user_
pool_ strid - User pool ID.
- app_
id_ strclient_ regex - Regular expression for validating the incoming Amazon Cognito User Pool app client ID.
- aws_
region str - AWS region in which the user pool was created.
- user
Pool StringId - User pool ID.
- app
Id StringClient Regex - Regular expression for validating the incoming Amazon Cognito User Pool app client ID.
- aws
Region String - AWS region in which the user pool was created.
GraphQLApiEnhancedMetricsConfig, GraphQLApiEnhancedMetricsConfigArgs
- Data
Source stringLevel Metrics Behavior - How data source metrics will be emitted to CloudWatch. Valid values:
FULL_REQUEST_DATA_SOURCE_METRICS
,PER_DATA_SOURCE_METRICS
- Operation
Level stringMetrics Config - How operation metrics will be emitted to CloudWatch. Valid values:
ENABLED
,DISABLED
- Resolver
Level stringMetrics Behavior - How resolver metrics will be emitted to CloudWatch. Valid values:
FULL_REQUEST_RESOLVER_METRICS
,PER_RESOLVER_METRICS
- Data
Source stringLevel Metrics Behavior - How data source metrics will be emitted to CloudWatch. Valid values:
FULL_REQUEST_DATA_SOURCE_METRICS
,PER_DATA_SOURCE_METRICS
- Operation
Level stringMetrics Config - How operation metrics will be emitted to CloudWatch. Valid values:
ENABLED
,DISABLED
- Resolver
Level stringMetrics Behavior - How resolver metrics will be emitted to CloudWatch. Valid values:
FULL_REQUEST_RESOLVER_METRICS
,PER_RESOLVER_METRICS
- data
Source StringLevel Metrics Behavior - How data source metrics will be emitted to CloudWatch. Valid values:
FULL_REQUEST_DATA_SOURCE_METRICS
,PER_DATA_SOURCE_METRICS
- operation
Level StringMetrics Config - How operation metrics will be emitted to CloudWatch. Valid values:
ENABLED
,DISABLED
- resolver
Level StringMetrics Behavior - How resolver metrics will be emitted to CloudWatch. Valid values:
FULL_REQUEST_RESOLVER_METRICS
,PER_RESOLVER_METRICS
- data
Source stringLevel Metrics Behavior - How data source metrics will be emitted to CloudWatch. Valid values:
FULL_REQUEST_DATA_SOURCE_METRICS
,PER_DATA_SOURCE_METRICS
- operation
Level stringMetrics Config - How operation metrics will be emitted to CloudWatch. Valid values:
ENABLED
,DISABLED
- resolver
Level stringMetrics Behavior - How resolver metrics will be emitted to CloudWatch. Valid values:
FULL_REQUEST_RESOLVER_METRICS
,PER_RESOLVER_METRICS
- data_
source_ strlevel_ metrics_ behavior - How data source metrics will be emitted to CloudWatch. Valid values:
FULL_REQUEST_DATA_SOURCE_METRICS
,PER_DATA_SOURCE_METRICS
- operation_
level_ strmetrics_ config - How operation metrics will be emitted to CloudWatch. Valid values:
ENABLED
,DISABLED
- resolver_
level_ strmetrics_ behavior - How resolver metrics will be emitted to CloudWatch. Valid values:
FULL_REQUEST_RESOLVER_METRICS
,PER_RESOLVER_METRICS
- data
Source StringLevel Metrics Behavior - How data source metrics will be emitted to CloudWatch. Valid values:
FULL_REQUEST_DATA_SOURCE_METRICS
,PER_DATA_SOURCE_METRICS
- operation
Level StringMetrics Config - How operation metrics will be emitted to CloudWatch. Valid values:
ENABLED
,DISABLED
- resolver
Level StringMetrics Behavior - How resolver metrics will be emitted to CloudWatch. Valid values:
FULL_REQUEST_RESOLVER_METRICS
,PER_RESOLVER_METRICS
GraphQLApiLambdaAuthorizerConfig, GraphQLApiLambdaAuthorizerConfigArgs
- string
- ARN of the Lambda function to be called for authorization. Note: This Lambda function must have a resource-based policy assigned to it, to allow
lambda:InvokeFunction
from service principalappsync.amazonaws.com
. - int
- Number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a
ttlOverride
key in its response. A value of 0 disables caching of responses. Minimum value of 0. Maximum value of 3600. - Identity
Validation stringExpression - Regular expression for validation of tokens before the Lambda function is called.
- string
- ARN of the Lambda function to be called for authorization. Note: This Lambda function must have a resource-based policy assigned to it, to allow
lambda:InvokeFunction
from service principalappsync.amazonaws.com
. - int
- Number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a
ttlOverride
key in its response. A value of 0 disables caching of responses. Minimum value of 0. Maximum value of 3600. - Identity
Validation stringExpression - Regular expression for validation of tokens before the Lambda function is called.
- String
- ARN of the Lambda function to be called for authorization. Note: This Lambda function must have a resource-based policy assigned to it, to allow
lambda:InvokeFunction
from service principalappsync.amazonaws.com
. - Integer
- Number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a
ttlOverride
key in its response. A value of 0 disables caching of responses. Minimum value of 0. Maximum value of 3600. - identity
Validation StringExpression - Regular expression for validation of tokens before the Lambda function is called.
- string
- ARN of the Lambda function to be called for authorization. Note: This Lambda function must have a resource-based policy assigned to it, to allow
lambda:InvokeFunction
from service principalappsync.amazonaws.com
. - number
- Number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a
ttlOverride
key in its response. A value of 0 disables caching of responses. Minimum value of 0. Maximum value of 3600. - identity
Validation stringExpression - Regular expression for validation of tokens before the Lambda function is called.
- str
- ARN of the Lambda function to be called for authorization. Note: This Lambda function must have a resource-based policy assigned to it, to allow
lambda:InvokeFunction
from service principalappsync.amazonaws.com
. - int
- Number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a
ttlOverride
key in its response. A value of 0 disables caching of responses. Minimum value of 0. Maximum value of 3600. - identity_
validation_ strexpression - Regular expression for validation of tokens before the Lambda function is called.
- String
- ARN of the Lambda function to be called for authorization. Note: This Lambda function must have a resource-based policy assigned to it, to allow
lambda:InvokeFunction
from service principalappsync.amazonaws.com
. - Number
- Number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a
ttlOverride
key in its response. A value of 0 disables caching of responses. Minimum value of 0. Maximum value of 3600. - identity
Validation StringExpression - Regular expression for validation of tokens before the Lambda function is called.
GraphQLApiLogConfig, GraphQLApiLogConfigArgs
- Cloudwatch
Logs stringRole Arn - Amazon Resource Name of the service role that AWS AppSync will assume to publish to Amazon CloudWatch logs in your account.
- Field
Log stringLevel - Field logging level. Valid values:
ALL
,ERROR
,NONE
. - Exclude
Verbose boolContent - Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level. Valid values:
true
,false
. Default value:false
- Cloudwatch
Logs stringRole Arn - Amazon Resource Name of the service role that AWS AppSync will assume to publish to Amazon CloudWatch logs in your account.
- Field
Log stringLevel - Field logging level. Valid values:
ALL
,ERROR
,NONE
. - Exclude
Verbose boolContent - Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level. Valid values:
true
,false
. Default value:false
- cloudwatch
Logs StringRole Arn - Amazon Resource Name of the service role that AWS AppSync will assume to publish to Amazon CloudWatch logs in your account.
- field
Log StringLevel - Field logging level. Valid values:
ALL
,ERROR
,NONE
. - exclude
Verbose BooleanContent - Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level. Valid values:
true
,false
. Default value:false
- cloudwatch
Logs stringRole Arn - Amazon Resource Name of the service role that AWS AppSync will assume to publish to Amazon CloudWatch logs in your account.
- field
Log stringLevel - Field logging level. Valid values:
ALL
,ERROR
,NONE
. - exclude
Verbose booleanContent - Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level. Valid values:
true
,false
. Default value:false
- cloudwatch_
logs_ strrole_ arn - Amazon Resource Name of the service role that AWS AppSync will assume to publish to Amazon CloudWatch logs in your account.
- field_
log_ strlevel - Field logging level. Valid values:
ALL
,ERROR
,NONE
. - exclude_
verbose_ boolcontent - Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level. Valid values:
true
,false
. Default value:false
- cloudwatch
Logs StringRole Arn - Amazon Resource Name of the service role that AWS AppSync will assume to publish to Amazon CloudWatch logs in your account.
- field
Log StringLevel - Field logging level. Valid values:
ALL
,ERROR
,NONE
. - exclude
Verbose BooleanContent - Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level. Valid values:
true
,false
. Default value:false
GraphQLApiOpenidConnectConfig, GraphQLApiOpenidConnectConfigArgs
- Issuer string
- Issuer for the OpenID Connect configuration. The issuer returned by discovery MUST exactly match the value of iss in the ID Token.
- Auth
Ttl int - Number of milliseconds a token is valid after being authenticated.
- Client
Id string - Client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.
- Iat
Ttl int - Number of milliseconds a token is valid after being issued to a user.
- Issuer string
- Issuer for the OpenID Connect configuration. The issuer returned by discovery MUST exactly match the value of iss in the ID Token.
- Auth
Ttl int - Number of milliseconds a token is valid after being authenticated.
- Client
Id string - Client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.
- Iat
Ttl int - Number of milliseconds a token is valid after being issued to a user.
- issuer String
- Issuer for the OpenID Connect configuration. The issuer returned by discovery MUST exactly match the value of iss in the ID Token.
- auth
Ttl Integer - Number of milliseconds a token is valid after being authenticated.
- client
Id String - Client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.
- iat
Ttl Integer - Number of milliseconds a token is valid after being issued to a user.
- issuer string
- Issuer for the OpenID Connect configuration. The issuer returned by discovery MUST exactly match the value of iss in the ID Token.
- auth
Ttl number - Number of milliseconds a token is valid after being authenticated.
- client
Id string - Client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.
- iat
Ttl number - Number of milliseconds a token is valid after being issued to a user.
- issuer str
- Issuer for the OpenID Connect configuration. The issuer returned by discovery MUST exactly match the value of iss in the ID Token.
- auth_
ttl int - Number of milliseconds a token is valid after being authenticated.
- client_
id str - Client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.
- iat_
ttl int - Number of milliseconds a token is valid after being issued to a user.
- issuer String
- Issuer for the OpenID Connect configuration. The issuer returned by discovery MUST exactly match the value of iss in the ID Token.
- auth
Ttl Number - Number of milliseconds a token is valid after being authenticated.
- client
Id String - Client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.
- iat
Ttl Number - Number of milliseconds a token is valid after being issued to a user.
GraphQLApiUserPoolConfig, GraphQLApiUserPoolConfigArgs
- Default
Action string - Action that you want your GraphQL API to take when a request that uses Amazon Cognito User Pool authentication doesn't match the Amazon Cognito User Pool configuration. Valid:
ALLOW
andDENY
- User
Pool stringId - User pool ID.
- App
Id stringClient Regex - Regular expression for validating the incoming Amazon Cognito User Pool app client ID.
- Aws
Region string - AWS region in which the user pool was created.
- Default
Action string - Action that you want your GraphQL API to take when a request that uses Amazon Cognito User Pool authentication doesn't match the Amazon Cognito User Pool configuration. Valid:
ALLOW
andDENY
- User
Pool stringId - User pool ID.
- App
Id stringClient Regex - Regular expression for validating the incoming Amazon Cognito User Pool app client ID.
- Aws
Region string - AWS region in which the user pool was created.
- default
Action String - Action that you want your GraphQL API to take when a request that uses Amazon Cognito User Pool authentication doesn't match the Amazon Cognito User Pool configuration. Valid:
ALLOW
andDENY
- user
Pool StringId - User pool ID.
- app
Id StringClient Regex - Regular expression for validating the incoming Amazon Cognito User Pool app client ID.
- aws
Region String - AWS region in which the user pool was created.
- default
Action string - Action that you want your GraphQL API to take when a request that uses Amazon Cognito User Pool authentication doesn't match the Amazon Cognito User Pool configuration. Valid:
ALLOW
andDENY
- user
Pool stringId - User pool ID.
- app
Id stringClient Regex - Regular expression for validating the incoming Amazon Cognito User Pool app client ID.
- aws
Region string - AWS region in which the user pool was created.
- default_
action str - Action that you want your GraphQL API to take when a request that uses Amazon Cognito User Pool authentication doesn't match the Amazon Cognito User Pool configuration. Valid:
ALLOW
andDENY
- user_
pool_ strid - User pool ID.
- app_
id_ strclient_ regex - Regular expression for validating the incoming Amazon Cognito User Pool app client ID.
- aws_
region str - AWS region in which the user pool was created.
- default
Action String - Action that you want your GraphQL API to take when a request that uses Amazon Cognito User Pool authentication doesn't match the Amazon Cognito User Pool configuration. Valid:
ALLOW
andDENY
- user
Pool StringId - User pool ID.
- app
Id StringClient Regex - Regular expression for validating the incoming Amazon Cognito User Pool app client ID.
- aws
Region String - AWS region in which the user pool was created.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
aws
Terraform Provider.