CfnApiPropsMixin

class aws_cdk.mixins_preview.aws_appsync.mixins.CfnApiPropsMixin(props, *, strategy=None)

Bases: Mixin

The AWS::AppSync::Api resource creates an AWS AppSync API that you can use for an AWS AppSync API with your preferred configuration, such as an Event API that provides real-time message publishing and message subscriptions over WebSockets.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-appsync-api.html
CloudformationResource:: AWS::AppSync::Api
Mixin:: true
ExampleMetadata:: fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview import mixins
from aws_cdk.mixins_preview.aws_appsync import mixins as appsync_mixins

cfn_api_props_mixin = appsync_mixins.CfnApiPropsMixin(appsync_mixins.CfnApiMixinProps(
    event_config=appsync_mixins.CfnApiPropsMixin.EventConfigProperty(
        auth_providers=[appsync_mixins.CfnApiPropsMixin.AuthProviderProperty(
            auth_type="authType",
            cognito_config=appsync_mixins.CfnApiPropsMixin.CognitoConfigProperty(
                app_id_client_regex="appIdClientRegex",
                aws_region="awsRegion",
                user_pool_id="userPoolId"
            ),
            lambda_authorizer_config=appsync_mixins.CfnApiPropsMixin.LambdaAuthorizerConfigProperty(
                authorizer_result_ttl_in_seconds=123,
                authorizer_uri="authorizerUri",
                identity_validation_expression="identityValidationExpression"
            ),
            open_id_connect_config=appsync_mixins.CfnApiPropsMixin.OpenIDConnectConfigProperty(
                auth_ttl=123,
                client_id="clientId",
                iat_ttl=123,
                issuer="issuer"
            )
        )],
        connection_auth_modes=[appsync_mixins.CfnApiPropsMixin.AuthModeProperty(
            auth_type="authType"
        )],
        default_publish_auth_modes=[appsync_mixins.CfnApiPropsMixin.AuthModeProperty(
            auth_type="authType"
        )],
        default_subscribe_auth_modes=[appsync_mixins.CfnApiPropsMixin.AuthModeProperty(
            auth_type="authType"
        )],
        log_config=appsync_mixins.CfnApiPropsMixin.EventLogConfigProperty(
            cloud_watch_logs_role_arn="cloudWatchLogsRoleArn",
            log_level="logLevel"
        )
    ),
    name="name",
    owner_contact="ownerContact",
    tags=[CfnTag(
        key="key",
        value="value"
    )]
),
    strategy=mixins.PropertyMergeStrategy.OVERRIDE
)

Create a mixin to apply properties to AWS::AppSync::Api.

Parameters:

props (Union[CfnApiMixinProps, Dict[str, Any]]) – L1 properties to apply.
strategy (Optional[PropertyMergeStrategy]) – (experimental) Strategy for merging nested properties. Default: - PropertyMergeStrategy.MERGE

Methods

apply_to(construct)

Apply the mixin properties to the construct.

Parameters:: construct (IConstruct)
Return type:: IConstruct

supports(construct)

Check if this mixin supports the given construct.

Parameters:: construct (IConstruct)
Return type:: bool

Attributes

CFN_PROPERTY_KEYS = ['eventConfig', 'name', 'ownerContact', 'tags']

Static Methods

classmethod is_mixin(x)

(experimental) Checks if x is a Mixin.

Parameters:: x (Any) – Any object.
Return type:: bool
Returns:: true if x is an object created from a class which extends Mixin.
Stability:: experimental

AuthModeProperty

class CfnApiPropsMixin.AuthModeProperty(*, auth_type=None)

Bases: object

Describes an authorization configuration.

Use AuthMode to specify the publishing and subscription authorization configuration for an Event API.

Parameters:: auth_type (Optional[str]) – The authorization type.
See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-authmode.html
ExampleMetadata:: fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_appsync import mixins as appsync_mixins

auth_mode_property = appsync_mixins.CfnApiPropsMixin.AuthModeProperty(
    auth_type="authType"
)

Attributes

auth_type

The authorization type.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-authmode.html#cfn-appsync-api-authmode-authtype

AuthProviderProperty

class CfnApiPropsMixin.AuthProviderProperty(*, auth_type=None, cognito_config=None, lambda_authorizer_config=None, open_id_connect_config=None)

Bases: object

Describes an authorization provider.

Parameters:

auth_type (Optional[str]) – The authorization type.
cognito_config (Union[IResolvable, CognitoConfigProperty, Dict[str, Any], None]) – Describes an Amazon Cognito user pool configuration.
lambda_authorizer_config (Union[IResolvable, LambdaAuthorizerConfigProperty, Dict[str, Any], None]) – A LambdaAuthorizerConfig specifies how to authorize AWS AppSync API access when using the AWS_LAMBDA authorizer mode. Be aware that an AWS AppSync API can have only one AWS Lambda authorizer configured at a time.
open_id_connect_config (Union[IResolvable, OpenIDConnectConfigProperty, Dict[str, Any], None]) – Describes an OpenID Connect (OIDC) configuration.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-authprovider.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_appsync import mixins as appsync_mixins

auth_provider_property = appsync_mixins.CfnApiPropsMixin.AuthProviderProperty(
    auth_type="authType",
    cognito_config=appsync_mixins.CfnApiPropsMixin.CognitoConfigProperty(
        app_id_client_regex="appIdClientRegex",
        aws_region="awsRegion",
        user_pool_id="userPoolId"
    ),
    lambda_authorizer_config=appsync_mixins.CfnApiPropsMixin.LambdaAuthorizerConfigProperty(
        authorizer_result_ttl_in_seconds=123,
        authorizer_uri="authorizerUri",
        identity_validation_expression="identityValidationExpression"
    ),
    open_id_connect_config=appsync_mixins.CfnApiPropsMixin.OpenIDConnectConfigProperty(
        auth_ttl=123,
        client_id="clientId",
        iat_ttl=123,
        issuer="issuer"
    )
)

Attributes

auth_type

The authorization type.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-authprovider.html#cfn-appsync-api-authprovider-authtype

cognito_config

Describes an Amazon Cognito user pool configuration.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-authprovider.html#cfn-appsync-api-authprovider-cognitoconfig

lambda_authorizer_config

A LambdaAuthorizerConfig specifies how to authorize AWS AppSync API access when using the AWS_LAMBDA authorizer mode.

Be aware that an AWS AppSync API can have only one AWS Lambda authorizer configured at a time.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-authprovider.html#cfn-appsync-api-authprovider-lambdaauthorizerconfig

open_id_connect_config

Describes an OpenID Connect (OIDC) configuration.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-authprovider.html#cfn-appsync-api-authprovider-openidconnectconfig

CognitoConfigProperty

class CfnApiPropsMixin.CognitoConfigProperty(*, app_id_client_regex=None, aws_region=None, user_pool_id=None)

Bases: object

Describes an Amazon Cognito configuration.

Parameters:

app_id_client_regex (Optional[str]) – A regular expression for validating the incoming Amazon Cognito user pool app client ID. If this value isn’t set, no filtering is applied.
aws_region (Optional[str]) – The AWS Region in which the user pool was created.
user_pool_id (Optional[str]) – The user pool ID.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-cognitoconfig.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_appsync import mixins as appsync_mixins

cognito_config_property = appsync_mixins.CfnApiPropsMixin.CognitoConfigProperty(
    app_id_client_regex="appIdClientRegex",
    aws_region="awsRegion",
    user_pool_id="userPoolId"
)

Attributes

app_id_client_regex

A regular expression for validating the incoming Amazon Cognito user pool app client ID.

If this value isn’t set, no filtering is applied.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-cognitoconfig.html#cfn-appsync-api-cognitoconfig-appidclientregex

aws_region

The AWS Region in which the user pool was created.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-cognitoconfig.html#cfn-appsync-api-cognitoconfig-awsregion

user_pool_id

The user pool ID.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-cognitoconfig.html#cfn-appsync-api-cognitoconfig-userpoolid

DnsMapProperty

class CfnApiPropsMixin.DnsMapProperty(*, http=None, realtime=None)

Bases: object

A map of DNS names for the Api.

Parameters:

http (Optional[str]) – The domain name of the Api’s HTTP endpoint.
realtime (Optional[str]) – The domain name of the Api’s real-time endpoint.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-dnsmap.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_appsync import mixins as appsync_mixins

dns_map_property = appsync_mixins.CfnApiPropsMixin.DnsMapProperty(
    http="http",
    realtime="realtime"
)

Attributes

http

The domain name of the Api’s HTTP endpoint.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-dnsmap.html#cfn-appsync-api-dnsmap-http

realtime

The domain name of the Api’s real-time endpoint.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-dnsmap.html#cfn-appsync-api-dnsmap-realtime

EventConfigProperty

class CfnApiPropsMixin.EventConfigProperty(*, auth_providers=None, connection_auth_modes=None, default_publish_auth_modes=None, default_subscribe_auth_modes=None, log_config=None)

Bases: object

Describes the authorization configuration for connections, message publishing, message subscriptions, and logging for an Event API.

Parameters:

auth_providers (Union[IResolvable, Sequence[Union[IResolvable, AuthProviderProperty, Dict[str, Any]]], None]) – A list of authorization providers.
connection_auth_modes (Union[IResolvable, Sequence[Union[IResolvable, AuthModeProperty, Dict[str, Any]]], None]) – A list of valid authorization modes for the Event API connections.
default_publish_auth_modes (Union[IResolvable, Sequence[Union[IResolvable, AuthModeProperty, Dict[str, Any]]], None]) – A list of valid authorization modes for the Event API publishing.
default_subscribe_auth_modes (Union[IResolvable, Sequence[Union[IResolvable, AuthModeProperty, Dict[str, Any]]], None]) – A list of valid authorization modes for the Event API subscriptions.
log_config (Union[IResolvable, EventLogConfigProperty, Dict[str, Any], None]) – The CloudWatch Logs configuration for the Event API.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-eventconfig.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_appsync import mixins as appsync_mixins

event_config_property = appsync_mixins.CfnApiPropsMixin.EventConfigProperty(
    auth_providers=[appsync_mixins.CfnApiPropsMixin.AuthProviderProperty(
        auth_type="authType",
        cognito_config=appsync_mixins.CfnApiPropsMixin.CognitoConfigProperty(
            app_id_client_regex="appIdClientRegex",
            aws_region="awsRegion",
            user_pool_id="userPoolId"
        ),
        lambda_authorizer_config=appsync_mixins.CfnApiPropsMixin.LambdaAuthorizerConfigProperty(
            authorizer_result_ttl_in_seconds=123,
            authorizer_uri="authorizerUri",
            identity_validation_expression="identityValidationExpression"
        ),
        open_id_connect_config=appsync_mixins.CfnApiPropsMixin.OpenIDConnectConfigProperty(
            auth_ttl=123,
            client_id="clientId",
            iat_ttl=123,
            issuer="issuer"
        )
    )],
    connection_auth_modes=[appsync_mixins.CfnApiPropsMixin.AuthModeProperty(
        auth_type="authType"
    )],
    default_publish_auth_modes=[appsync_mixins.CfnApiPropsMixin.AuthModeProperty(
        auth_type="authType"
    )],
    default_subscribe_auth_modes=[appsync_mixins.CfnApiPropsMixin.AuthModeProperty(
        auth_type="authType"
    )],
    log_config=appsync_mixins.CfnApiPropsMixin.EventLogConfigProperty(
        cloud_watch_logs_role_arn="cloudWatchLogsRoleArn",
        log_level="logLevel"
    )
)

Attributes

auth_providers

A list of authorization providers.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-eventconfig.html#cfn-appsync-api-eventconfig-authproviders

connection_auth_modes

A list of valid authorization modes for the Event API connections.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-eventconfig.html#cfn-appsync-api-eventconfig-connectionauthmodes

default_publish_auth_modes

A list of valid authorization modes for the Event API publishing.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-eventconfig.html#cfn-appsync-api-eventconfig-defaultpublishauthmodes

default_subscribe_auth_modes

A list of valid authorization modes for the Event API subscriptions.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-eventconfig.html#cfn-appsync-api-eventconfig-defaultsubscribeauthmodes

log_config

The CloudWatch Logs configuration for the Event API.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-eventconfig.html#cfn-appsync-api-eventconfig-logconfig

EventLogConfigProperty

class CfnApiPropsMixin.EventLogConfigProperty(*, cloud_watch_logs_role_arn=None, log_level=None)

Bases: object

Describes the CloudWatch Logs configuration for the Event API.

Parameters:

cloud_watch_logs_role_arn (Optional[str]) – The IAM service role that AWS AppSync assumes to publish CloudWatch Logs in your account.
log_level (Optional[str]) – The type of information to log for the Event API.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-eventlogconfig.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_appsync import mixins as appsync_mixins

event_log_config_property = appsync_mixins.CfnApiPropsMixin.EventLogConfigProperty(
    cloud_watch_logs_role_arn="cloudWatchLogsRoleArn",
    log_level="logLevel"
)

Attributes

cloud_watch_logs_role_arn

The IAM service role that AWS AppSync assumes to publish CloudWatch Logs in your account.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-eventlogconfig.html#cfn-appsync-api-eventlogconfig-cloudwatchlogsrolearn

log_level

The type of information to log for the Event API.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-eventlogconfig.html#cfn-appsync-api-eventlogconfig-loglevel

LambdaAuthorizerConfigProperty

class CfnApiPropsMixin.LambdaAuthorizerConfigProperty(*, authorizer_result_ttl_in_seconds=None, authorizer_uri=None, identity_validation_expression=None)

Bases: object

A LambdaAuthorizerConfig specifies how to authorize AWS AppSync API access when using the AWS_LAMBDA authorizer mode.

Be aware that an AWS AppSync API can have only one AWS Lambda authorizer configured at a time.

Parameters:

authorizer_result_ttl_in_seconds (Union[int, float, None]) – The number of seconds a response should be cached for. The default is 0 seconds, which disables caching. If you don’t specify a value for authorizerResultTtlInSeconds , the default value is used. The maximum value is one hour (3600 seconds). The Lambda function can override this by returning a ttlOverride key in its response.
authorizer_uri (Optional[str]) – The Amazon Resource Name (ARN) of the Lambda function to be called for authorization. This can be a standard Lambda ARN, a version ARN ( .../v3 ), or an alias ARN. Note : This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To use the AWS Command Line Interface ( AWS CLI ), run the following: aws lambda add-permission --function-name "arn:aws:lambda:us-east-2:111122223333:function:my-function" --statement-id "appsync" --principal appsync.amazonaws.com --action lambda:InvokeFunction
identity_validation_expression (Optional[str]) – A regular expression for validation of tokens before the Lambda function is called.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-lambdaauthorizerconfig.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_appsync import mixins as appsync_mixins

lambda_authorizer_config_property = appsync_mixins.CfnApiPropsMixin.LambdaAuthorizerConfigProperty(
    authorizer_result_ttl_in_seconds=123,
    authorizer_uri="authorizerUri",
    identity_validation_expression="identityValidationExpression"
)

Attributes

authorizer_result_ttl_in_seconds

The number of seconds a response should be cached for.

The default is 0 seconds, which disables caching. If you don’t specify a value for authorizerResultTtlInSeconds , the default value is used. The maximum value is one hour (3600 seconds). The Lambda function can override this by returning a ttlOverride key in its response.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-lambdaauthorizerconfig.html#cfn-appsync-api-lambdaauthorizerconfig-authorizerresultttlinseconds

authorizer_uri

The Amazon Resource Name (ARN) of the Lambda function to be called for authorization.

This can be a standard Lambda ARN, a version ARN ( .../v3 ), or an alias ARN.

Note : This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To use the AWS Command Line Interface ( AWS CLI ), run the following:

aws lambda add-permission --function-name "arn:aws:lambda:us-east-2:111122223333:function:my-function" --statement-id "appsync" --principal appsync.amazonaws.com --action lambda:InvokeFunction

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-lambdaauthorizerconfig.html#cfn-appsync-api-lambdaauthorizerconfig-authorizeruri

identity_validation_expression

A regular expression for validation of tokens before the Lambda function is called.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-lambdaauthorizerconfig.html#cfn-appsync-api-lambdaauthorizerconfig-identityvalidationexpression

OpenIDConnectConfigProperty

class CfnApiPropsMixin.OpenIDConnectConfigProperty(*, auth_ttl=None, client_id=None, iat_ttl=None, issuer=None)

Bases: object

Describes an OpenID Connect (OIDC) configuration.

Parameters:

auth_ttl (Union[int, float, None]) – The number of milliseconds that a token is valid after being authenticated.
client_id (Optional[str]) – The client identifier of the relying party at the OpenID identity provider. This identifier is typically obtained when the relying party is registered with the OpenID identity provider. You can specify a regular expression so that AWS AppSync can validate against multiple client identifiers at a time.
iat_ttl (Union[int, float, None]) – The number of milliseconds that a token is valid after it’s issued to a user.
issuer (Optional[str]) – The issuer for the OIDC configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-openidconnectconfig.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_appsync import mixins as appsync_mixins

open_iDConnect_config_property = appsync_mixins.CfnApiPropsMixin.OpenIDConnectConfigProperty(
    auth_ttl=123,
    client_id="clientId",
    iat_ttl=123,
    issuer="issuer"
)

Attributes

auth_ttl

The number of milliseconds that a token is valid after being authenticated.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-openidconnectconfig.html#cfn-appsync-api-openidconnectconfig-authttl

client_id

The client identifier of the relying party at the OpenID identity provider.

This identifier is typically obtained when the relying party is registered with the OpenID identity provider. You can specify a regular expression so that AWS AppSync can validate against multiple client identifiers at a time.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-openidconnectconfig.html#cfn-appsync-api-openidconnectconfig-clientid

iat_ttl

The number of milliseconds that a token is valid after it’s issued to a user.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-openidconnectconfig.html#cfn-appsync-api-openidconnectconfig-iatttl

issuer

The issuer for the OIDC configuration.

The issuer returned by discovery must exactly match the value of iss in the ID token.

See:: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-api-openidconnectconfig.html#cfn-appsync-api-openidconnectconfig-issuer