Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(appsync): Lambda Authorizer for AppSync GraphqlApi #16743

Merged
merged 10 commits into from
Oct 6, 2021
Merged

feat(appsync): Lambda Authorizer for AppSync GraphqlApi #16743

merged 10 commits into from
Oct 6, 2021

Conversation

kaizencc
Copy link
Contributor

@kaizencc kaizencc commented Sep 30, 2021
edited
Loading

Adds the relatively new Lambda Authorizer for GraphqlApi.

Closes: #16380.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@gitpod-io
Copy link

gitpod-io bot commented Sep 30, 2021

@kaizencc kaizencc marked this pull request as draft September 30, 2021 21:24
@mergify mergify bot added the contribution/core This is a PR that came from AWS. label Sep 30, 2021
kaizencc
kaizencc commented Oct 1, 2021
View reviewed changes
packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts Outdated
*
* @see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-appsync-graphqlapi-lambdaauthorizerconfig.html
*/
readonly functionArn: string;
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is most similar to what CFN wants, which is an authorizerUri. However, I feel like it is a CDK pattern to ask for readonly handler: lambda.IFunction instead and then generate the ARN under the hood. Wanted to bring it up to make sure a second pair of eyes looks at this decision.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, it's even in the design guidelines:

Use strong types (and specifically, construct interfaces) instead of physical attributes when referencing other resources. For example, instead of keyArn, use kms.IKey [awslint:props-no-arn-refs].

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah I see. I'll reread the design guidelines and change this up to be IFunction.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@otaviomacedo, I made the change, so this should be ready for primetime whenever you have a chance.

@kaizencc kaizencc marked this pull request as ready for review October 1, 2021 15:37
@kaizencc
Copy link
Contributor Author

kaizencc commented Oct 1, 2021

I have successfully tested the code via symlink and confirmed that it works using this example. I can modify that code into an integration test if anyone thinks it is necessary.

tinovyatkin
tinovyatkin reviewed Oct 3, 2021
View reviewed changes
packages/@aws-cdk/aws-appsync/lib/graphqlapi.ts
*
* @default - no regex filter will be applied.
*/
readonly validationRegex?: string;
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can we also accept RegEx here? (and convert to .source underneath, checking what to do with flags)

@mergify
Copy link
Contributor

mergify bot commented Oct 6, 2021

Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@mergify mergify bot merged commit bdbe8b6 into aws:master Oct 6, 2021
@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildProject89A8053A-LhjRyN9kxr8o
  • Commit ID: 4247123
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@mergify
Copy link
Contributor

mergify bot commented Oct 6, 2021

Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@kaizencc kaizencc mentioned this pull request Oct 7, 2021
Closed
2 tasks
njlynch pushed a commit that referenced this pull request Oct 11, 2021
@kaizencc @njlynch
feat(appsync): Lambda Authorizer for AppSync GraphqlApi (#16743)
dcad780 
Adds the relatively new [Lambda Authorizer for GraphqlApi](https://aws.amazon.com/blogs/mobile/appsync-lambda-auth/).

Closes: #16380. 

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
@kaizencc kaizencc deleted the appsync-lambda-auth branch October 13, 2021 16:39
TikiTDO pushed a commit to TikiTDO/aws-cdk that referenced this pull request Feb 21, 2022
@kaizencc @TikiTDO
feat(appsync): Lambda Authorizer for AppSync GraphqlApi (aws#16743)
274365e 
Adds the relatively new [Lambda Authorizer for GraphqlApi](https://aws.amazon.com/blogs/mobile/appsync-lambda-auth/).

Closes: aws#16380. 

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tinovyatkin tinovyatkin tinovyatkin left review comments

@ericmatchi ericmatchi ericmatchi approved these changes

@otaviomacedo otaviomacedo otaviomacedo approved these changes

Assignees
No one assigned
Labels
contribution/core This is a PR that came from AWS.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

(aws-appsync): Lambda Authorizer for AppSync GraphqlApi
5 participants
@kaizencc @aws-cdk-automation @otaviomacedo @tinovyatkin @ericmatchi