diff --git a/packages/@aws-cdk/aws-appsync/test/integ.graphql.expected.json b/packages/@aws-cdk/aws-appsync/test/integ.graphql.expected.json index 1fad1ba0f55a6..2face78179375 100644 --- a/packages/@aws-cdk/aws-appsync/test/integ.graphql.expected.json +++ b/packages/@aws-cdk/aws-appsync/test/integ.graphql.expected.json @@ -1,10 +1,101 @@ { "Resources": { + "PoolsmsRoleC3352CE6": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Condition": { + "StringEquals": { + "sts:ExternalId": "awsappsyncintegPool5D14B05B" + } + }, + "Effect": "Allow", + "Principal": { + "Service": "cognito-idp.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "Policies": [ + { + "PolicyDocument": { + "Statement": [ + { + "Action": "sns:Publish", + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "sns-publish" + } + ] + } + }, + "PoolD3F588B8": { + "Type": "AWS::Cognito::UserPool", + "Properties": { + "AdminCreateUserConfig": { + "AllowAdminCreateUserOnly": true + }, + "EmailVerificationMessage": "Hello {username}, Your verification code is {####}", + "EmailVerificationSubject": "Verify your new account", + "LambdaConfig": {}, + "SmsConfiguration": { + "ExternalId": "awsappsyncintegPool5D14B05B", + "SnsCallerArn": { + "Fn::GetAtt": [ + "PoolsmsRoleC3352CE6", + "Arn" + ] + } + }, + "SmsVerificationMessage": "The verification code to your new account is {####}", + "UserPoolName": "myPool", + "VerificationMessageTemplate": { + "DefaultEmailOption": "CONFIRM_WITH_CODE", + "EmailMessage": "Hello {username}, Your verification code is {####}", + "EmailSubject": "Verify your new account", + "SmsMessage": "The verification code to your new account is {####}" + } + } + }, "ApiF70053CD": { "Type": "AWS::AppSync::GraphQLApi", "Properties": { - "AuthenticationType": "API_KEY", - "Name": "demoapi" + "AuthenticationType": "AMAZON_COGNITO_USER_POOLS", + "Name": "demoapi", + "AdditionalAuthenticationProviders": [ + { + "AuthenticationType": "API_KEY" + } + ], + "UserPoolConfig": { + "AwsRegion": { + "Ref": "AWS::Region" + }, + "DefaultAction": "ALLOW", + "UserPoolId": { + "Ref": "PoolD3F588B8" + } + } + } + }, + "ApiMyAPIKeyApiKeyACDEE2CC": { + "Type": "AWS::AppSync::ApiKey", + "Properties": { + "ApiId": { + "Fn::GetAtt": [ + "ApiF70053CD", + "ApiId" + ] + }, + "Description": "My API Key" } }, "ApiSchema510EECD7": { diff --git a/packages/@aws-cdk/aws-appsync/test/integ.graphql.ts b/packages/@aws-cdk/aws-appsync/test/integ.graphql.ts index a3d1cee096029..a2efb337e3a28 100644 --- a/packages/@aws-cdk/aws-appsync/test/integ.graphql.ts +++ b/packages/@aws-cdk/aws-appsync/test/integ.graphql.ts @@ -1,14 +1,32 @@ +import { UserPool } from '@aws-cdk/aws-cognito'; import { AttributeType, BillingMode, Table } from '@aws-cdk/aws-dynamodb'; import { App, Stack } from '@aws-cdk/core'; import { join } from 'path'; -import { GraphQLApi, KeyCondition, MappingTemplate, PrimaryKey, Values } from '../lib'; +import { GraphQLApi, KeyCondition, MappingTemplate, PrimaryKey, UserPoolDefaultAction, Values } from '../lib'; const app = new App(); const stack = new Stack(app, 'aws-appsync-integ'); +const userPool = new UserPool(stack, 'Pool', { + userPoolName: 'myPool', +}); + const api = new GraphQLApi(stack, 'Api', { name: `demoapi`, schemaDefinitionFile: join(__dirname, 'schema.graphql'), + authorizationConfig: { + defaultAuthorization: { + userPool, + defaultAction: UserPoolDefaultAction.ALLOW, + }, + additionalAuthorizationModes: [ + { + apiKeyDesc: 'My API Key', + // Can't specify a date because it will inevitably be in the past. + // expires: '2019-02-05T12:00:00Z', + }, + ], + }, }); const customerTable = new Table(stack, 'CustomerTable', {