AWS AppSync

2019/05/07 - AWS AppSync - 3 new 7 updated api methods

Changes  AWS AppSync now supports the ability to add additional authentication providers to your AWS AppSync GraphQL API as well as the ability to retrieve directives configured against fields or object type definitions during schema introspection.

UntagResource (new) Link ¶

Untags a resource.

See also: AWS API Documentation

Request Syntax

client.untag_resource(
    resourceArn='string',
    tagKeys=[
        'string',
    ]
)
type resourceArn

string

param resourceArn

[REQUIRED]

The GraphqlApi ARN.

type tagKeys

list

param tagKeys

[REQUIRED]

A list of TagKey objects.

  • (string) --

    The key for the tag.

rtype

dict

returns

Response Syntax

{}

Response Structure

  • (dict) --

ListTagsForResource (new) Link ¶

Lists the tags for a resource.

See also: AWS API Documentation

Request Syntax

client.list_tags_for_resource(
    resourceArn='string'
)
type resourceArn

string

param resourceArn

[REQUIRED]

The GraphqlApi ARN.

rtype

dict

returns

Response Syntax

{
    'tags': {
        'string': 'string'
    }
}

Response Structure

  • (dict) --

    • tags (dict) --

      A TagMap object.

      • (string) --

        The key for the tag.

        • (string) --

          The value for the tag.

TagResource (new) Link ¶

Tags a resource with user-supplied tags.

See also: AWS API Documentation

Request Syntax

client.tag_resource(
    resourceArn='string',
    tags={
        'string': 'string'
    }
)
type resourceArn

string

param resourceArn

[REQUIRED]

The GraphqlApi ARN.

type tags

dict

param tags

[REQUIRED]

A TagMap object.

  • (string) --

    The key for the tag.

    • (string) --

      The value for the tag.

rtype

dict

returns

Response Syntax

{}

Response Structure

  • (dict) --

CreateGraphqlApi (updated) Link ¶
Changes (request, response)
Request
{'additionalAuthenticationProviders': [{'authenticationType': 'API_KEY | '
                                                              'AWS_IAM | '
                                                              'AMAZON_COGNITO_USER_POOLS '
                                                              '| '
                                                              'OPENID_CONNECT',
                                        'openIDConnectConfig': {'authTTL': 'long',
                                                                'clientId': 'string',
                                                                'iatTTL': 'long',
                                                                'issuer': 'string'},
                                        'userPoolConfig': {'appIdClientRegex': 'string',
                                                           'awsRegion': 'string',
                                                           'userPoolId': 'string'}}],
 'tags': {'string': 'string'}}
Response
{'graphqlApi': {'additionalAuthenticationProviders': [{'authenticationType': 'API_KEY '
                                                                             '| '
                                                                             'AWS_IAM '
                                                                             '| '
                                                                             'AMAZON_COGNITO_USER_POOLS '
                                                                             '| '
                                                                             'OPENID_CONNECT',
                                                       'openIDConnectConfig': {'authTTL': 'long',
                                                                               'clientId': 'string',
                                                                               'iatTTL': 'long',
                                                                               'issuer': 'string'},
                                                       'userPoolConfig': {'appIdClientRegex': 'string',
                                                                          'awsRegion': 'string',
                                                                          'userPoolId': 'string'}}],
                'tags': {'string': 'string'}}}

Creates a GraphqlApi object.

See also: AWS API Documentation

Request Syntax

client.create_graphql_api(
    name='string',
    logConfig={
        'fieldLogLevel': 'NONE'|'ERROR'|'ALL',
        'cloudWatchLogsRoleArn': 'string'
    },
    authenticationType='API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT',
    userPoolConfig={
        'userPoolId': 'string',
        'awsRegion': 'string',
        'defaultAction': 'ALLOW'|'DENY',
        'appIdClientRegex': 'string'
    },
    openIDConnectConfig={
        'issuer': 'string',
        'clientId': 'string',
        'iatTTL': 123,
        'authTTL': 123
    },
    tags={
        'string': 'string'
    },
    additionalAuthenticationProviders=[
        {
            'authenticationType': 'API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT',
            'openIDConnectConfig': {
                'issuer': 'string',
                'clientId': 'string',
                'iatTTL': 123,
                'authTTL': 123
            },
            'userPoolConfig': {
                'userPoolId': 'string',
                'awsRegion': 'string',
                'appIdClientRegex': 'string'
            }
        },
    ]
)
type name

string

param name

[REQUIRED]

A user-supplied name for the GraphqlApi .

type logConfig

dict

param logConfig

The Amazon CloudWatch Logs configuration.

  • fieldLogLevel (string) -- [REQUIRED]

    The field logging level. Values can be NONE, ERROR, or ALL.

    • NONE : No field-level logs are captured.

    • ERROR : Logs the following information only for the fields that are in error:

      • The error section in the server response.

      • Field-level errors.

      • The generated request/response functions that got resolved for error fields.

    • ALL : The following information is logged for all fields in the query:

      • Field-level tracing information.

      • The generated request/response functions that got resolved for each field.

  • cloudWatchLogsRoleArn (string) -- [REQUIRED]

    The service role that AWS AppSync will assume to publish to Amazon CloudWatch logs in your account.

type authenticationType

string

param authenticationType

[REQUIRED]

The authentication type: API key, AWS IAM, OIDC, or Amazon Cognito user pools.

type userPoolConfig

dict

param userPoolConfig

The Amazon Cognito user pool configuration.

  • userPoolId (string) -- [REQUIRED]

    The user pool ID.

  • awsRegion (string) -- [REQUIRED]

    The AWS Region in which the user pool was created.

  • defaultAction (string) -- [REQUIRED]

    The action that you want your GraphQL API to take when a request that uses Amazon Cognito user pool authentication doesn't match the Amazon Cognito user pool configuration.

  • appIdClientRegex (string) --

    A regular expression for validating the incoming Amazon Cognito user pool app client ID.

type openIDConnectConfig

dict

param openIDConnectConfig

The OpenID Connect configuration.

  • issuer (string) -- [REQUIRED]

    The issuer for the OpenID Connect configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.

  • clientId (string) --

    The client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.

  • iatTTL (integer) --

    The number of milliseconds a token is valid after being issued to a user.

  • authTTL (integer) --

    The number of milliseconds a token is valid after being authenticated.

type tags

dict

param tags

A TagMap object.

  • (string) --

    The key for the tag.

    • (string) --

      The value for the tag.

type additionalAuthenticationProviders

list

param additionalAuthenticationProviders

A list of additional authentication providers for the GraphqlApi API.

  • (dict) --

    Describes an additional authentication provider.

    • authenticationType (string) --

      The authentication type: API key, AWS IAM, OIDC, or Amazon Cognito user pools.

    • openIDConnectConfig (dict) --

      The OpenID Connect configuration.

      • issuer (string) -- [REQUIRED]

        The issuer for the OpenID Connect configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.

      • clientId (string) --

        The client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.

      • iatTTL (integer) --

        The number of milliseconds a token is valid after being issued to a user.

      • authTTL (integer) --

        The number of milliseconds a token is valid after being authenticated.

    • userPoolConfig (dict) --

      The Amazon Cognito user pool configuration.

      • userPoolId (string) -- [REQUIRED]

        The user pool ID.

      • awsRegion (string) -- [REQUIRED]

        The AWS Region in which the user pool was created.

      • appIdClientRegex (string) --

        A regular expression for validating the incoming Amazon Cognito user pool app client ID.

rtype

dict

returns

Response Syntax

{
    'graphqlApi': {
        'name': 'string',
        'apiId': 'string',
        'authenticationType': 'API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT',
        'logConfig': {
            'fieldLogLevel': 'NONE'|'ERROR'|'ALL',
            'cloudWatchLogsRoleArn': 'string'
        },
        'userPoolConfig': {
            'userPoolId': 'string',
            'awsRegion': 'string',
            'defaultAction': 'ALLOW'|'DENY',
            'appIdClientRegex': 'string'
        },
        'openIDConnectConfig': {
            'issuer': 'string',
            'clientId': 'string',
            'iatTTL': 123,
            'authTTL': 123
        },
        'arn': 'string',
        'uris': {
            'string': 'string'
        },
        'tags': {
            'string': 'string'
        },
        'additionalAuthenticationProviders': [
            {
                'authenticationType': 'API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT',
                'openIDConnectConfig': {
                    'issuer': 'string',
                    'clientId': 'string',
                    'iatTTL': 123,
                    'authTTL': 123
                },
                'userPoolConfig': {
                    'userPoolId': 'string',
                    'awsRegion': 'string',
                    'appIdClientRegex': 'string'
                }
            },
        ]
    }
}

Response Structure

  • (dict) --

    • graphqlApi (dict) --

      The GraphqlApi .

      • name (string) --

        The API name.

      • apiId (string) --

        The API ID.

      • authenticationType (string) --

        The authentication type.

      • logConfig (dict) --

        The Amazon CloudWatch Logs configuration.

        • fieldLogLevel (string) --

          The field logging level. Values can be NONE, ERROR, or ALL.

          • NONE : No field-level logs are captured.

          • ERROR : Logs the following information only for the fields that are in error:

            • The error section in the server response.

            • Field-level errors.

            • The generated request/response functions that got resolved for error fields.

          • ALL : The following information is logged for all fields in the query:

            • Field-level tracing information.

            • The generated request/response functions that got resolved for each field.

        • cloudWatchLogsRoleArn (string) --

          The service role that AWS AppSync will assume to publish to Amazon CloudWatch logs in your account.

      • userPoolConfig (dict) --

        The Amazon Cognito user pool configuration.

        • userPoolId (string) --

          The user pool ID.

        • awsRegion (string) --

          The AWS Region in which the user pool was created.

        • defaultAction (string) --

          The action that you want your GraphQL API to take when a request that uses Amazon Cognito user pool authentication doesn't match the Amazon Cognito user pool configuration.

        • appIdClientRegex (string) --

          A regular expression for validating the incoming Amazon Cognito user pool app client ID.

      • openIDConnectConfig (dict) --

        The OpenID Connect configuration.

        • issuer (string) --

          The issuer for the OpenID Connect configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.

        • clientId (string) --

          The client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.

        • iatTTL (integer) --

          The number of milliseconds a token is valid after being issued to a user.

        • authTTL (integer) --

          The number of milliseconds a token is valid after being authenticated.

      • arn (string) --

        The ARN.

      • uris (dict) --

        The URIs.

        • (string) --

          • (string) --

      • tags (dict) --

        The tags.

        • (string) --

          The key for the tag.

          • (string) --

            The value for the tag.

      • additionalAuthenticationProviders (list) --

        A list of additional authentication providers for the GraphqlApi API.

        • (dict) --

          Describes an additional authentication provider.

          • authenticationType (string) --

            The authentication type: API key, AWS IAM, OIDC, or Amazon Cognito user pools.

          • openIDConnectConfig (dict) --

            The OpenID Connect configuration.

            • issuer (string) --

              The issuer for the OpenID Connect configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.

            • clientId (string) --

              The client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.

            • iatTTL (integer) --

              The number of milliseconds a token is valid after being issued to a user.

            • authTTL (integer) --

              The number of milliseconds a token is valid after being authenticated.

          • userPoolConfig (dict) --

            The Amazon Cognito user pool configuration.

            • userPoolId (string) --

              The user pool ID.

            • awsRegion (string) --

              The AWS Region in which the user pool was created.

            • appIdClientRegex (string) --

              A regular expression for validating the incoming Amazon Cognito user pool app client ID.

GetGraphqlApi (updated) Link ¶
Changes (response)
{'graphqlApi': {'additionalAuthenticationProviders': [{'authenticationType': 'API_KEY '
                                                                             '| '
                                                                             'AWS_IAM '
                                                                             '| '
                                                                             'AMAZON_COGNITO_USER_POOLS '
                                                                             '| '
                                                                             'OPENID_CONNECT',
                                                       'openIDConnectConfig': {'authTTL': 'long',
                                                                               'clientId': 'string',
                                                                               'iatTTL': 'long',
                                                                               'issuer': 'string'},
                                                       'userPoolConfig': {'appIdClientRegex': 'string',
                                                                          'awsRegion': 'string',
                                                                          'userPoolId': 'string'}}],
                'tags': {'string': 'string'}}}

Retrieves a GraphqlApi object.

See also: AWS API Documentation

Request Syntax

client.get_graphql_api(
    apiId='string'
)
type apiId

string

param apiId

[REQUIRED]

The API ID for the GraphQL API.

rtype

dict

returns

Response Syntax

{
    'graphqlApi': {
        'name': 'string',
        'apiId': 'string',
        'authenticationType': 'API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT',
        'logConfig': {
            'fieldLogLevel': 'NONE'|'ERROR'|'ALL',
            'cloudWatchLogsRoleArn': 'string'
        },
        'userPoolConfig': {
            'userPoolId': 'string',
            'awsRegion': 'string',
            'defaultAction': 'ALLOW'|'DENY',
            'appIdClientRegex': 'string'
        },
        'openIDConnectConfig': {
            'issuer': 'string',
            'clientId': 'string',
            'iatTTL': 123,
            'authTTL': 123
        },
        'arn': 'string',
        'uris': {
            'string': 'string'
        },
        'tags': {
            'string': 'string'
        },
        'additionalAuthenticationProviders': [
            {
                'authenticationType': 'API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT',
                'openIDConnectConfig': {
                    'issuer': 'string',
                    'clientId': 'string',
                    'iatTTL': 123,
                    'authTTL': 123
                },
                'userPoolConfig': {
                    'userPoolId': 'string',
                    'awsRegion': 'string',
                    'appIdClientRegex': 'string'
                }
            },
        ]
    }
}

Response Structure

  • (dict) --

    • graphqlApi (dict) --

      The GraphqlApi object.

      • name (string) --

        The API name.

      • apiId (string) --

        The API ID.

      • authenticationType (string) --

        The authentication type.

      • logConfig (dict) --

        The Amazon CloudWatch Logs configuration.

        • fieldLogLevel (string) --

          The field logging level. Values can be NONE, ERROR, or ALL.

          • NONE : No field-level logs are captured.

          • ERROR : Logs the following information only for the fields that are in error:

            • The error section in the server response.

            • Field-level errors.

            • The generated request/response functions that got resolved for error fields.

          • ALL : The following information is logged for all fields in the query:

            • Field-level tracing information.

            • The generated request/response functions that got resolved for each field.

        • cloudWatchLogsRoleArn (string) --

          The service role that AWS AppSync will assume to publish to Amazon CloudWatch logs in your account.

      • userPoolConfig (dict) --

        The Amazon Cognito user pool configuration.

        • userPoolId (string) --

          The user pool ID.

        • awsRegion (string) --

          The AWS Region in which the user pool was created.

        • defaultAction (string) --

          The action that you want your GraphQL API to take when a request that uses Amazon Cognito user pool authentication doesn't match the Amazon Cognito user pool configuration.

        • appIdClientRegex (string) --

          A regular expression for validating the incoming Amazon Cognito user pool app client ID.

      • openIDConnectConfig (dict) --

        The OpenID Connect configuration.

        • issuer (string) --

          The issuer for the OpenID Connect configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.

        • clientId (string) --

          The client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.

        • iatTTL (integer) --

          The number of milliseconds a token is valid after being issued to a user.

        • authTTL (integer) --

          The number of milliseconds a token is valid after being authenticated.

      • arn (string) --

        The ARN.

      • uris (dict) --

        The URIs.

        • (string) --

          • (string) --

      • tags (dict) --

        The tags.

        • (string) --

          The key for the tag.

          • (string) --

            The value for the tag.

      • additionalAuthenticationProviders (list) --

        A list of additional authentication providers for the GraphqlApi API.

        • (dict) --

          Describes an additional authentication provider.

          • authenticationType (string) --

            The authentication type: API key, AWS IAM, OIDC, or Amazon Cognito user pools.

          • openIDConnectConfig (dict) --

            The OpenID Connect configuration.

            • issuer (string) --

              The issuer for the OpenID Connect configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.

            • clientId (string) --

              The client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.

            • iatTTL (integer) --

              The number of milliseconds a token is valid after being issued to a user.

            • authTTL (integer) --

              The number of milliseconds a token is valid after being authenticated.

          • userPoolConfig (dict) --

            The Amazon Cognito user pool configuration.

            • userPoolId (string) --

              The user pool ID.

            • awsRegion (string) --

              The AWS Region in which the user pool was created.

            • appIdClientRegex (string) --

              A regular expression for validating the incoming Amazon Cognito user pool app client ID.

GetIntrospectionSchema (updated) Link ¶
Changes (request)
{'includeDirectives': 'boolean'}

Retrieves the introspection schema for a GraphQL API.

See also: AWS API Documentation

Request Syntax

client.get_introspection_schema(
    apiId='string',
    format='SDL'|'JSON',
    includeDirectives=True|False
)
type apiId

string

param apiId

[REQUIRED]

The API ID.

type format

string

param format

[REQUIRED]

The schema format: SDL or JSON.

type includeDirectives

boolean

param includeDirectives

A flag that specifies whether the schema introspection should contain directives.

rtype

dict

returns

Response Syntax

{
    'schema': StreamingBody()
}

Response Structure

GetSchemaCreationStatus (updated) Link ¶
Changes (response)
{'status': ['NOT_APPLICABLE', 'FAILED', 'SUCCESS']}

Retrieves the current status of a schema creation operation.

See also: AWS API Documentation

Request Syntax

client.get_schema_creation_status(
    apiId='string'
)
type apiId

string

param apiId

[REQUIRED]

The API ID.

rtype

dict

returns

Response Syntax

{
    'status': 'PROCESSING'|'ACTIVE'|'DELETING'|'FAILED'|'SUCCESS'|'NOT_APPLICABLE',
    'details': 'string'
}

Response Structure

  • (dict) --

    • status (string) --

      The current state of the schema (PROCESSING, FAILED, SUCCESS, or NOT_APPLICABLE). When the schema is in the ACTIVE state, you can add data.

    • details (string) --

      Detailed information about the status of the schema creation operation.

ListGraphqlApis (updated) Link ¶
Changes (response)
{'graphqlApis': {'additionalAuthenticationProviders': [{'authenticationType': 'API_KEY '
                                                                              '| '
                                                                              'AWS_IAM '
                                                                              '| '
                                                                              'AMAZON_COGNITO_USER_POOLS '
                                                                              '| '
                                                                              'OPENID_CONNECT',
                                                        'openIDConnectConfig': {'authTTL': 'long',
                                                                                'clientId': 'string',
                                                                                'iatTTL': 'long',
                                                                                'issuer': 'string'},
                                                        'userPoolConfig': {'appIdClientRegex': 'string',
                                                                           'awsRegion': 'string',
                                                                           'userPoolId': 'string'}}],
                 'tags': {'string': 'string'}}}

Lists your GraphQL APIs.

See also: AWS API Documentation

Request Syntax

client.list_graphql_apis(
    nextToken='string',
    maxResults=123
)
type nextToken

string

param nextToken

An identifier that was returned from the previous call to this operation, which can be used to return the next set of items in the list.

type maxResults

integer

param maxResults

The maximum number of results you want the request to return.

rtype

dict

returns

Response Syntax

{
    'graphqlApis': [
        {
            'name': 'string',
            'apiId': 'string',
            'authenticationType': 'API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT',
            'logConfig': {
                'fieldLogLevel': 'NONE'|'ERROR'|'ALL',
                'cloudWatchLogsRoleArn': 'string'
            },
            'userPoolConfig': {
                'userPoolId': 'string',
                'awsRegion': 'string',
                'defaultAction': 'ALLOW'|'DENY',
                'appIdClientRegex': 'string'
            },
            'openIDConnectConfig': {
                'issuer': 'string',
                'clientId': 'string',
                'iatTTL': 123,
                'authTTL': 123
            },
            'arn': 'string',
            'uris': {
                'string': 'string'
            },
            'tags': {
                'string': 'string'
            },
            'additionalAuthenticationProviders': [
                {
                    'authenticationType': 'API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT',
                    'openIDConnectConfig': {
                        'issuer': 'string',
                        'clientId': 'string',
                        'iatTTL': 123,
                        'authTTL': 123
                    },
                    'userPoolConfig': {
                        'userPoolId': 'string',
                        'awsRegion': 'string',
                        'appIdClientRegex': 'string'
                    }
                },
            ]
        },
    ],
    'nextToken': 'string'
}

Response Structure

  • (dict) --

    • graphqlApis (list) --

      The GraphqlApi objects.

      • (dict) --

        Describes a GraphQL API.

        • name (string) --

          The API name.

        • apiId (string) --

          The API ID.

        • authenticationType (string) --

          The authentication type.

        • logConfig (dict) --

          The Amazon CloudWatch Logs configuration.

          • fieldLogLevel (string) --

            The field logging level. Values can be NONE, ERROR, or ALL.

            • NONE : No field-level logs are captured.

            • ERROR : Logs the following information only for the fields that are in error:

              • The error section in the server response.

              • Field-level errors.

              • The generated request/response functions that got resolved for error fields.

            • ALL : The following information is logged for all fields in the query:

              • Field-level tracing information.

              • The generated request/response functions that got resolved for each field.

          • cloudWatchLogsRoleArn (string) --

            The service role that AWS AppSync will assume to publish to Amazon CloudWatch logs in your account.

        • userPoolConfig (dict) --

          The Amazon Cognito user pool configuration.

          • userPoolId (string) --

            The user pool ID.

          • awsRegion (string) --

            The AWS Region in which the user pool was created.

          • defaultAction (string) --

            The action that you want your GraphQL API to take when a request that uses Amazon Cognito user pool authentication doesn't match the Amazon Cognito user pool configuration.

          • appIdClientRegex (string) --

            A regular expression for validating the incoming Amazon Cognito user pool app client ID.

        • openIDConnectConfig (dict) --

          The OpenID Connect configuration.

          • issuer (string) --

            The issuer for the OpenID Connect configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.

          • clientId (string) --

            The client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.

          • iatTTL (integer) --

            The number of milliseconds a token is valid after being issued to a user.

          • authTTL (integer) --

            The number of milliseconds a token is valid after being authenticated.

        • arn (string) --

          The ARN.

        • uris (dict) --

          The URIs.

          • (string) --

            • (string) --

        • tags (dict) --

          The tags.

          • (string) --

            The key for the tag.

            • (string) --

              The value for the tag.

        • additionalAuthenticationProviders (list) --

          A list of additional authentication providers for the GraphqlApi API.

          • (dict) --

            Describes an additional authentication provider.

            • authenticationType (string) --

              The authentication type: API key, AWS IAM, OIDC, or Amazon Cognito user pools.

            • openIDConnectConfig (dict) --

              The OpenID Connect configuration.

              • issuer (string) --

                The issuer for the OpenID Connect configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.

              • clientId (string) --

                The client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.

              • iatTTL (integer) --

                The number of milliseconds a token is valid after being issued to a user.

              • authTTL (integer) --

                The number of milliseconds a token is valid after being authenticated.

            • userPoolConfig (dict) --

              The Amazon Cognito user pool configuration.

              • userPoolId (string) --

                The user pool ID.

              • awsRegion (string) --

                The AWS Region in which the user pool was created.

              • appIdClientRegex (string) --

                A regular expression for validating the incoming Amazon Cognito user pool app client ID.

    • nextToken (string) --

      An identifier to be passed in the next request to this operation to return the next set of items in the list.

StartSchemaCreation (updated) Link ¶
Changes (response)
{'status': ['NOT_APPLICABLE', 'FAILED', 'SUCCESS']}

Adds a new schema to your GraphQL API.

This operation is asynchronous. Use to determine when it has completed.

See also: AWS API Documentation

Request Syntax

client.start_schema_creation(
    apiId='string',
    definition=b'bytes'
)
type apiId

string

param apiId

[REQUIRED]

The API ID.

type definition

bytes

param definition

[REQUIRED]

The schema definition, in GraphQL schema language format.

rtype

dict

returns

Response Syntax

{
    'status': 'PROCESSING'|'ACTIVE'|'DELETING'|'FAILED'|'SUCCESS'|'NOT_APPLICABLE'
}

Response Structure

  • (dict) --

    • status (string) --

      The current state of the schema (PROCESSING, FAILED, SUCCESS, or NOT_APPLICABLE). When the schema is in the ACTIVE state, you can add data.

UpdateGraphqlApi (updated) Link ¶
Changes (request, response)
Request
{'additionalAuthenticationProviders': [{'authenticationType': 'API_KEY | '
                                                              'AWS_IAM | '
                                                              'AMAZON_COGNITO_USER_POOLS '
                                                              '| '
                                                              'OPENID_CONNECT',
                                        'openIDConnectConfig': {'authTTL': 'long',
                                                                'clientId': 'string',
                                                                'iatTTL': 'long',
                                                                'issuer': 'string'},
                                        'userPoolConfig': {'appIdClientRegex': 'string',
                                                           'awsRegion': 'string',
                                                           'userPoolId': 'string'}}]}
Response
{'graphqlApi': {'additionalAuthenticationProviders': [{'authenticationType': 'API_KEY '
                                                                             '| '
                                                                             'AWS_IAM '
                                                                             '| '
                                                                             'AMAZON_COGNITO_USER_POOLS '
                                                                             '| '
                                                                             'OPENID_CONNECT',
                                                       'openIDConnectConfig': {'authTTL': 'long',
                                                                               'clientId': 'string',
                                                                               'iatTTL': 'long',
                                                                               'issuer': 'string'},
                                                       'userPoolConfig': {'appIdClientRegex': 'string',
                                                                          'awsRegion': 'string',
                                                                          'userPoolId': 'string'}}],
                'tags': {'string': 'string'}}}

Updates a GraphqlApi object.

See also: AWS API Documentation

Request Syntax

client.update_graphql_api(
    apiId='string',
    name='string',
    logConfig={
        'fieldLogLevel': 'NONE'|'ERROR'|'ALL',
        'cloudWatchLogsRoleArn': 'string'
    },
    authenticationType='API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT',
    userPoolConfig={
        'userPoolId': 'string',
        'awsRegion': 'string',
        'defaultAction': 'ALLOW'|'DENY',
        'appIdClientRegex': 'string'
    },
    openIDConnectConfig={
        'issuer': 'string',
        'clientId': 'string',
        'iatTTL': 123,
        'authTTL': 123
    },
    additionalAuthenticationProviders=[
        {
            'authenticationType': 'API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT',
            'openIDConnectConfig': {
                'issuer': 'string',
                'clientId': 'string',
                'iatTTL': 123,
                'authTTL': 123
            },
            'userPoolConfig': {
                'userPoolId': 'string',
                'awsRegion': 'string',
                'appIdClientRegex': 'string'
            }
        },
    ]
)
type apiId

string

param apiId

[REQUIRED]

The API ID.

type name

string

param name

[REQUIRED]

The new name for the GraphqlApi object.

type logConfig

dict

param logConfig

The Amazon CloudWatch Logs configuration for the GraphqlApi object.

  • fieldLogLevel (string) -- [REQUIRED]

    The field logging level. Values can be NONE, ERROR, or ALL.

    • NONE : No field-level logs are captured.

    • ERROR : Logs the following information only for the fields that are in error:

      • The error section in the server response.

      • Field-level errors.

      • The generated request/response functions that got resolved for error fields.

    • ALL : The following information is logged for all fields in the query:

      • Field-level tracing information.

      • The generated request/response functions that got resolved for each field.

  • cloudWatchLogsRoleArn (string) -- [REQUIRED]

    The service role that AWS AppSync will assume to publish to Amazon CloudWatch logs in your account.

type authenticationType

string

param authenticationType

The new authentication type for the GraphqlApi object.

type userPoolConfig

dict

param userPoolConfig

The new Amazon Cognito user pool configuration for the GraphqlApi object.

  • userPoolId (string) -- [REQUIRED]

    The user pool ID.

  • awsRegion (string) -- [REQUIRED]

    The AWS Region in which the user pool was created.

  • defaultAction (string) -- [REQUIRED]

    The action that you want your GraphQL API to take when a request that uses Amazon Cognito user pool authentication doesn't match the Amazon Cognito user pool configuration.

  • appIdClientRegex (string) --

    A regular expression for validating the incoming Amazon Cognito user pool app client ID.

type openIDConnectConfig

dict

param openIDConnectConfig

The OpenID Connect configuration for the GraphqlApi object.

  • issuer (string) -- [REQUIRED]

    The issuer for the OpenID Connect configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.

  • clientId (string) --

    The client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.

  • iatTTL (integer) --

    The number of milliseconds a token is valid after being issued to a user.

  • authTTL (integer) --

    The number of milliseconds a token is valid after being authenticated.

type additionalAuthenticationProviders

list

param additionalAuthenticationProviders

A list of additional authentication providers for the GraphqlApi API.

  • (dict) --

    Describes an additional authentication provider.

    • authenticationType (string) --

      The authentication type: API key, AWS IAM, OIDC, or Amazon Cognito user pools.

    • openIDConnectConfig (dict) --

      The OpenID Connect configuration.

      • issuer (string) -- [REQUIRED]

        The issuer for the OpenID Connect configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.

      • clientId (string) --

        The client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.

      • iatTTL (integer) --

        The number of milliseconds a token is valid after being issued to a user.

      • authTTL (integer) --

        The number of milliseconds a token is valid after being authenticated.

    • userPoolConfig (dict) --

      The Amazon Cognito user pool configuration.

      • userPoolId (string) -- [REQUIRED]

        The user pool ID.

      • awsRegion (string) -- [REQUIRED]

        The AWS Region in which the user pool was created.

      • appIdClientRegex (string) --

        A regular expression for validating the incoming Amazon Cognito user pool app client ID.

rtype

dict

returns

Response Syntax

{
    'graphqlApi': {
        'name': 'string',
        'apiId': 'string',
        'authenticationType': 'API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT',
        'logConfig': {
            'fieldLogLevel': 'NONE'|'ERROR'|'ALL',
            'cloudWatchLogsRoleArn': 'string'
        },
        'userPoolConfig': {
            'userPoolId': 'string',
            'awsRegion': 'string',
            'defaultAction': 'ALLOW'|'DENY',
            'appIdClientRegex': 'string'
        },
        'openIDConnectConfig': {
            'issuer': 'string',
            'clientId': 'string',
            'iatTTL': 123,
            'authTTL': 123
        },
        'arn': 'string',
        'uris': {
            'string': 'string'
        },
        'tags': {
            'string': 'string'
        },
        'additionalAuthenticationProviders': [
            {
                'authenticationType': 'API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT',
                'openIDConnectConfig': {
                    'issuer': 'string',
                    'clientId': 'string',
                    'iatTTL': 123,
                    'authTTL': 123
                },
                'userPoolConfig': {
                    'userPoolId': 'string',
                    'awsRegion': 'string',
                    'appIdClientRegex': 'string'
                }
            },
        ]
    }
}

Response Structure

  • (dict) --

    • graphqlApi (dict) --

      The updated GraphqlApi object.

      • name (string) --

        The API name.

      • apiId (string) --

        The API ID.

      • authenticationType (string) --

        The authentication type.

      • logConfig (dict) --

        The Amazon CloudWatch Logs configuration.

        • fieldLogLevel (string) --

          The field logging level. Values can be NONE, ERROR, or ALL.

          • NONE : No field-level logs are captured.

          • ERROR : Logs the following information only for the fields that are in error:

            • The error section in the server response.

            • Field-level errors.

            • The generated request/response functions that got resolved for error fields.

          • ALL : The following information is logged for all fields in the query:

            • Field-level tracing information.

            • The generated request/response functions that got resolved for each field.

        • cloudWatchLogsRoleArn (string) --

          The service role that AWS AppSync will assume to publish to Amazon CloudWatch logs in your account.

      • userPoolConfig (dict) --

        The Amazon Cognito user pool configuration.

        • userPoolId (string) --

          The user pool ID.

        • awsRegion (string) --

          The AWS Region in which the user pool was created.

        • defaultAction (string) --

          The action that you want your GraphQL API to take when a request that uses Amazon Cognito user pool authentication doesn't match the Amazon Cognito user pool configuration.

        • appIdClientRegex (string) --

          A regular expression for validating the incoming Amazon Cognito user pool app client ID.

      • openIDConnectConfig (dict) --

        The OpenID Connect configuration.

        • issuer (string) --

          The issuer for the OpenID Connect configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.

        • clientId (string) --

          The client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.

        • iatTTL (integer) --

          The number of milliseconds a token is valid after being issued to a user.

        • authTTL (integer) --

          The number of milliseconds a token is valid after being authenticated.

      • arn (string) --

        The ARN.

      • uris (dict) --

        The URIs.

        • (string) --

          • (string) --

      • tags (dict) --

        The tags.

        • (string) --

          The key for the tag.

          • (string) --

            The value for the tag.

      • additionalAuthenticationProviders (list) --

        A list of additional authentication providers for the GraphqlApi API.

        • (dict) --

          Describes an additional authentication provider.

          • authenticationType (string) --

            The authentication type: API key, AWS IAM, OIDC, or Amazon Cognito user pools.

          • openIDConnectConfig (dict) --

            The OpenID Connect configuration.

            • issuer (string) --

              The issuer for the OpenID Connect configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.

            • clientId (string) --

              The client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so the AWS AppSync can validate against multiple client identifiers at a time.

            • iatTTL (integer) --

              The number of milliseconds a token is valid after being issued to a user.

            • authTTL (integer) --

              The number of milliseconds a token is valid after being authenticated.

          • userPoolConfig (dict) --

            The Amazon Cognito user pool configuration.

            • userPoolId (string) --

              The user pool ID.

            • awsRegion (string) --

              The AWS Region in which the user pool was created.

            • appIdClientRegex (string) --

              A regular expression for validating the incoming Amazon Cognito user pool app client ID.