@aws-amplify/graphql-api-construct
Version:
AppSync GraphQL Api Construct using Amplify GraphQL Transformer.
37 lines (36 loc) • 1.96 kB
TypeScript
import { AppSyncAuthConfiguration, SynthParameters } from '@aws-amplify/graphql-transformer-interfaces';
import { CfnGraphQLApi } from 'aws-cdk-lib/aws-appsync';
import { AuthorizationModes } from '../types';
/**
* Validates authorization modes.
*
* Rules:
* 1. Validates that deprecated settings ('iamConfig.authenticatedUserRole', 'iamConfig.unauthenticatedUserRole',
* 'iamConfig.identityPoolId', 'iamConfig.allowListedRoles' and 'adminRoles') are mutually exclusive with new settings that
* replaced them ('iamConfig.enableIamAuthorizationMode' and any of 'authorizationModes.identityPoolConfig')
* 2. If deprecated identity pool settings are used ('iamConfig.authenticatedUserRole', 'iamConfig.unauthenticatedUserRole',
* and 'iamConfig.identityPoolId') validate that all are provided.
*/
export declare const validateAuthorizationModes: (authorizationModes: AuthorizationModes) => void;
type AuthSynthParameters = Pick<SynthParameters, 'userPoolId' | 'authenticatedUserRoleName' | 'unauthenticatedUserRoleName' | 'identityPoolId' | 'adminRoles' | 'enableIamAccess'>;
interface AuthConfig {
/**
* used mainly in the before step to pass the authConfig from the transformer core down to the directive
*/
authConfig?: AppSyncAuthConfiguration;
/**
* Params to include the transformer.
*/
authSynthParameters: AuthSynthParameters;
}
/**
* Transforms additionalAuthenticationTypes for storage in CFN output
*/
export declare const getAdditionalAuthenticationTypes: (cfnGraphqlApi: CfnGraphQLApi) => string | undefined;
/**
* Convert the list of auth modes into the necessary flags and params (effectively a reducer on the rule list)
* @param authModes the list of auth modes configured on the API.
* @returns the AuthConfig which the AuthTransformer needs as input.
*/
export declare const convertAuthorizationModesToTransformerAuthConfig: (authModes: AuthorizationModes) => AuthConfig;
export {};