Table of Contents
A low-level client representing AWS AppSync
AppSync provides API actions for creating and interacting with data sources using GraphQL from your application.
import boto3
client = boto3.client('appsync')
These are the available methods:
Maps an endpoint to your custom domain.
See also: AWS API Documentation
Request Syntax
response = client.associate_api(
domainName='string',
apiId='string'
)
[REQUIRED]
The domain name.
[REQUIRED]
The API ID.
dict
Response Syntax
{
'apiAssociation': {
'domainName': 'string',
'apiId': 'string',
'associationStatus': 'PROCESSING'|'FAILED'|'SUCCESS',
'deploymentDetail': 'string'
}
}
Response Structure
(dict) --
apiAssociation (dict) --
The ApiAssociation object.
domainName (string) --
The domain name.
apiId (string) --
The API ID.
associationStatus (string) --
Identifies the status of an association.
deploymentDetail (string) --
Details about the last deployment status.
Exceptions
Check if an operation can be paginated.
Creates a cache for the GraphQL API.
See also: AWS API Documentation
Request Syntax
response = client.create_api_cache(
apiId='string',
ttl=123,
transitEncryptionEnabled=True|False,
atRestEncryptionEnabled=True|False,
apiCachingBehavior='FULL_REQUEST_CACHING'|'PER_RESOLVER_CACHING',
type='T2_SMALL'|'T2_MEDIUM'|'R4_LARGE'|'R4_XLARGE'|'R4_2XLARGE'|'R4_4XLARGE'|'R4_8XLARGE'|'SMALL'|'MEDIUM'|'LARGE'|'XLARGE'|'LARGE_2X'|'LARGE_4X'|'LARGE_8X'|'LARGE_12X'
)
[REQUIRED]
The GraphQL API ID.
[REQUIRED]
TTL in seconds for cache entries.
Valid values are 1–3,600 seconds.
[REQUIRED]
Caching behavior.
[REQUIRED]
The cache instance type. Valid values are
Historically, instance types were identified by an EC2-style value. As of July 2020, this is deprecated, and the generic identifiers above should be used.
The following legacy instance types are available, but their use is discouraged:
dict
Response Syntax
{
'apiCache': {
'ttl': 123,
'apiCachingBehavior': 'FULL_REQUEST_CACHING'|'PER_RESOLVER_CACHING',
'transitEncryptionEnabled': True|False,
'atRestEncryptionEnabled': True|False,
'type': 'T2_SMALL'|'T2_MEDIUM'|'R4_LARGE'|'R4_XLARGE'|'R4_2XLARGE'|'R4_4XLARGE'|'R4_8XLARGE'|'SMALL'|'MEDIUM'|'LARGE'|'XLARGE'|'LARGE_2X'|'LARGE_4X'|'LARGE_8X'|'LARGE_12X',
'status': 'AVAILABLE'|'CREATING'|'DELETING'|'MODIFYING'|'FAILED'
}
}
Response Structure
(dict) --
Represents the output of a CreateApiCache operation.
apiCache (dict) --
The ApiCache object.
ttl (integer) --
TTL in seconds for cache entries.
Valid values are 1–3,600 seconds.
apiCachingBehavior (string) --
Caching behavior.
transitEncryptionEnabled (boolean) --
Transit encryption flag when connecting to cache. You cannot update this setting after creation.
atRestEncryptionEnabled (boolean) --
At-rest encryption flag for cache. You cannot update this setting after creation.
type (string) --
The cache instance type. Valid values are
Historically, instance types were identified by an EC2-style value. As of July 2020, this is deprecated, and the generic identifiers above should be used.
The following legacy instance types are available, but their use is discouraged:
status (string) --
The cache instance status.
Exceptions
Creates a unique key that you can distribute to clients who invoke your API.
See also: AWS API Documentation
Request Syntax
response = client.create_api_key(
apiId='string',
description='string',
expires=123
)
[REQUIRED]
The ID for your GraphQL API.
dict
Response Syntax
{
'apiKey': {
'id': 'string',
'description': 'string',
'expires': 123,
'deletes': 123
}
}
Response Structure
(dict) --
apiKey (dict) --
The API key.
id (string) --
The API key ID.
description (string) --
A description of the purpose of the API key.
expires (integer) --
The time after which the API key expires. The date is represented as seconds since the epoch, rounded down to the nearest hour.
deletes (integer) --
The time after which the API key is deleted. The date is represented as seconds since the epoch, rounded down to the nearest hour.
Exceptions
Creates a DataSource object.
See also: AWS API Documentation
Request Syntax
response = client.create_data_source(
apiId='string',
name='string',
description='string',
type='AWS_LAMBDA'|'AMAZON_DYNAMODB'|'AMAZON_ELASTICSEARCH'|'NONE'|'HTTP'|'RELATIONAL_DATABASE'|'AMAZON_OPENSEARCH_SERVICE',
serviceRoleArn='string',
dynamodbConfig={
'tableName': 'string',
'awsRegion': 'string',
'useCallerCredentials': True|False,
'deltaSyncConfig': {
'baseTableTTL': 123,
'deltaSyncTableName': 'string',
'deltaSyncTableTTL': 123
},
'versioned': True|False
},
lambdaConfig={
'lambdaFunctionArn': 'string'
},
elasticsearchConfig={
'endpoint': 'string',
'awsRegion': 'string'
},
openSearchServiceConfig={
'endpoint': 'string',
'awsRegion': 'string'
},
httpConfig={
'endpoint': 'string',
'authorizationConfig': {
'authorizationType': 'AWS_IAM',
'awsIamConfig': {
'signingRegion': 'string',
'signingServiceName': 'string'
}
}
},
relationalDatabaseConfig={
'relationalDatabaseSourceType': 'RDS_HTTP_ENDPOINT',
'rdsHttpEndpointConfig': {
'awsRegion': 'string',
'dbClusterIdentifier': 'string',
'databaseName': 'string',
'schema': 'string',
'awsSecretStoreArn': 'string'
}
}
)
[REQUIRED]
The API ID for the GraphQL API for the DataSource .
[REQUIRED]
A user-supplied name for the DataSource .
[REQUIRED]
The type of the DataSource .
Amazon DynamoDB settings.
The table name.
The Amazon Web Services Region.
Set to TRUE to use Amazon Cognito credentials with this data source.
The DeltaSyncConfig for a versioned data source.
The number of minutes that an Item is stored in the data source.
The Delta Sync table name.
The number of minutes that a Delta Sync log entry is stored in the Delta Sync table.
Set to TRUE to use Conflict Detection and Resolution with this data source.
Lambda settings.
The Amazon Resource Name (ARN) for the Lambda function.
Amazon OpenSearch Service settings.
As of September 2021, Amazon Elasticsearch service is Amazon OpenSearch Service. This configuration is deprecated. For new data sources, use CreateDataSourceRequest$openSearchServiceConfig to create an OpenSearch data source.
The endpoint.
The Amazon Web Services Region.
Amazon OpenSearch Service settings.
The endpoint.
The Amazon Web Services Region.
HTTP endpoint settings.
The HTTP URL endpoint. You can specify either the domain name or IP, and port combination, and the URL scheme must be HTTP or HTTPS. If you don't specify the port, AppSync uses the default port 80 for the HTTP endpoint and port 443 for HTTPS endpoints.
The authorization configuration in case the HTTP endpoint requires authorization.
The authorization type that the HTTP endpoint requires.
The Identity and Access Management (IAM) settings.
The signing Amazon Web Services Region for IAM authorization.
The signing service name for IAM authorization.
Relational database settings.
Source type for the relational database.
Amazon RDS HTTP endpoint settings.
Amazon Web Services Region for Amazon RDS HTTP endpoint.
Amazon RDS cluster Amazon Resource Name (ARN).
Logical database name.
Logical schema name.
Amazon Web Services secret store Amazon Resource Name (ARN) for database credentials.
dict
Response Syntax
{
'dataSource': {
'dataSourceArn': 'string',
'name': 'string',
'description': 'string',
'type': 'AWS_LAMBDA'|'AMAZON_DYNAMODB'|'AMAZON_ELASTICSEARCH'|'NONE'|'HTTP'|'RELATIONAL_DATABASE'|'AMAZON_OPENSEARCH_SERVICE',
'serviceRoleArn': 'string',
'dynamodbConfig': {
'tableName': 'string',
'awsRegion': 'string',
'useCallerCredentials': True|False,
'deltaSyncConfig': {
'baseTableTTL': 123,
'deltaSyncTableName': 'string',
'deltaSyncTableTTL': 123
},
'versioned': True|False
},
'lambdaConfig': {
'lambdaFunctionArn': 'string'
},
'elasticsearchConfig': {
'endpoint': 'string',
'awsRegion': 'string'
},
'openSearchServiceConfig': {
'endpoint': 'string',
'awsRegion': 'string'
},
'httpConfig': {
'endpoint': 'string',
'authorizationConfig': {
'authorizationType': 'AWS_IAM',
'awsIamConfig': {
'signingRegion': 'string',
'signingServiceName': 'string'
}
}
},
'relationalDatabaseConfig': {
'relationalDatabaseSourceType': 'RDS_HTTP_ENDPOINT',
'rdsHttpEndpointConfig': {
'awsRegion': 'string',
'dbClusterIdentifier': 'string',
'databaseName': 'string',
'schema': 'string',
'awsSecretStoreArn': 'string'
}
}
}
}
Response Structure
(dict) --
dataSource (dict) --
The DataSource object.
dataSourceArn (string) --
The data source Amazon Resource Name (ARN).
name (string) --
The name of the data source.
description (string) --
The description of the data source.
type (string) --
The type of the data source.
serviceRoleArn (string) --
The Identity and Access Management (IAM) service role Amazon Resource Name (ARN) for the data source. The system assumes this role when accessing the data source.
dynamodbConfig (dict) --
DynamoDB settings.
tableName (string) --
The table name.
awsRegion (string) --
The Amazon Web Services Region.
useCallerCredentials (boolean) --
Set to TRUE to use Amazon Cognito credentials with this data source.
deltaSyncConfig (dict) --
The DeltaSyncConfig for a versioned data source.
baseTableTTL (integer) --
The number of minutes that an Item is stored in the data source.
deltaSyncTableName (string) --
The Delta Sync table name.
deltaSyncTableTTL (integer) --
The number of minutes that a Delta Sync log entry is stored in the Delta Sync table.
versioned (boolean) --
Set to TRUE to use Conflict Detection and Resolution with this data source.
lambdaConfig (dict) --
Lambda settings.
lambdaFunctionArn (string) --
The Amazon Resource Name (ARN) for the Lambda function.
elasticsearchConfig (dict) --
Amazon OpenSearch Service settings.
endpoint (string) --
The endpoint.
awsRegion (string) --
The Amazon Web Services Region.
openSearchServiceConfig (dict) --
Amazon OpenSearch Service settings.
endpoint (string) --
The endpoint.
awsRegion (string) --
The Amazon Web Services Region.
httpConfig (dict) --
HTTP endpoint settings.
endpoint (string) --
The HTTP URL endpoint. You can specify either the domain name or IP, and port combination, and the URL scheme must be HTTP or HTTPS. If you don't specify the port, AppSync uses the default port 80 for the HTTP endpoint and port 443 for HTTPS endpoints.
authorizationConfig (dict) --
The authorization configuration in case the HTTP endpoint requires authorization.
authorizationType (string) --
The authorization type that the HTTP endpoint requires.
awsIamConfig (dict) --
The Identity and Access Management (IAM) settings.
signingRegion (string) --
The signing Amazon Web Services Region for IAM authorization.
signingServiceName (string) --
The signing service name for IAM authorization.
relationalDatabaseConfig (dict) --
Relational database settings.
relationalDatabaseSourceType (string) --
Source type for the relational database.
rdsHttpEndpointConfig (dict) --
Amazon RDS HTTP endpoint settings.
awsRegion (string) --
Amazon Web Services Region for Amazon RDS HTTP endpoint.
dbClusterIdentifier (string) --
Amazon RDS cluster Amazon Resource Name (ARN).
databaseName (string) --
Logical database name.
schema (string) --
Logical schema name.
awsSecretStoreArn (string) --
Amazon Web Services secret store Amazon Resource Name (ARN) for database credentials.
Exceptions
Creates a custom DomainName object.
See also: AWS API Documentation
Request Syntax
response = client.create_domain_name(
domainName='string',
certificateArn='string',
description='string'
)
[REQUIRED]
The domain name.
[REQUIRED]
The Amazon Resource Name (ARN) of the certificate. This can be an Certificate Manager (ACM) certificate or an Identity and Access Management (IAM) server certificate.
dict
Response Syntax
{
'domainNameConfig': {
'domainName': 'string',
'description': 'string',
'certificateArn': 'string',
'appsyncDomainName': 'string',
'hostedZoneId': 'string'
}
}
Response Structure
(dict) --
domainNameConfig (dict) --
The configuration for the DomainName .
domainName (string) --
The domain name.
description (string) --
A description of the DomainName configuration.
certificateArn (string) --
The Amazon Resource Name (ARN) of the certificate. This can be an Certificate Manager (ACM) certificate or an Identity and Access Management (IAM) server certificate.
appsyncDomainName (string) --
The domain name that AppSync provides.
hostedZoneId (string) --
The ID of your Amazon Route 53 hosted zone.
Exceptions
Creates a Function object.
A function is a reusable entity. You can use multiple functions to compose the resolver logic.
See also: AWS API Documentation
Request Syntax
response = client.create_function(
apiId='string',
name='string',
description='string',
dataSourceName='string',
requestMappingTemplate='string',
responseMappingTemplate='string',
functionVersion='string',
syncConfig={
'conflictHandler': 'OPTIMISTIC_CONCURRENCY'|'LAMBDA'|'AUTOMERGE'|'NONE',
'conflictDetection': 'VERSION'|'NONE',
'lambdaConflictHandlerConfig': {
'lambdaConflictHandlerArn': 'string'
}
}
)
[REQUIRED]
The GraphQL API ID.
[REQUIRED]
The Function name. The function name does not have to be unique.
[REQUIRED]
The Function DataSource name.
[REQUIRED]
The version of the request mapping template. Currently, the supported value is 2018-05-29.
Describes a Sync configuration for a resolver.
Specifies which Conflict Detection strategy and Resolution strategy to use when the resolver is invoked.
The Conflict Resolution strategy to perform in the event of a conflict.
The Conflict Detection strategy to use.
The LambdaConflictHandlerConfig when configuring LAMBDA as the Conflict Handler.
The Amazon Resource Name (ARN) for the Lambda function to use as the Conflict Handler.
dict
Response Syntax
{
'functionConfiguration': {
'functionId': 'string',
'functionArn': 'string',
'name': 'string',
'description': 'string',
'dataSourceName': 'string',
'requestMappingTemplate': 'string',
'responseMappingTemplate': 'string',
'functionVersion': 'string',
'syncConfig': {
'conflictHandler': 'OPTIMISTIC_CONCURRENCY'|'LAMBDA'|'AUTOMERGE'|'NONE',
'conflictDetection': 'VERSION'|'NONE',
'lambdaConflictHandlerConfig': {
'lambdaConflictHandlerArn': 'string'
}
}
}
}
Response Structure
(dict) --
functionConfiguration (dict) --
The Function object.
functionId (string) --
A unique ID representing the Function object.
functionArn (string) --
The Amazon Resource Name (ARN) of the Function object.
name (string) --
The name of the Function object.
description (string) --
The Function description.
dataSourceName (string) --
The name of the DataSource .
requestMappingTemplate (string) --
The Function request mapping template. Functions support only the 2018-05-29 version of the request mapping template.
responseMappingTemplate (string) --
The Function response mapping template.
functionVersion (string) --
The version of the request mapping template. Currently, only the 2018-05-29 version of the template is supported.
syncConfig (dict) --
Describes a Sync configuration for a resolver.
Specifies which Conflict Detection strategy and Resolution strategy to use when the resolver is invoked.
conflictHandler (string) --
The Conflict Resolution strategy to perform in the event of a conflict.
conflictDetection (string) --
The Conflict Detection strategy to use.
lambdaConflictHandlerConfig (dict) --
The LambdaConflictHandlerConfig when configuring LAMBDA as the Conflict Handler.
lambdaConflictHandlerArn (string) --
The Amazon Resource Name (ARN) for the Lambda function to use as the Conflict Handler.
Exceptions
Creates a GraphqlApi object.
See also: AWS API Documentation
Request Syntax
response = client.create_graphql_api(
name='string',
logConfig={
'fieldLogLevel': 'NONE'|'ERROR'|'ALL',
'cloudWatchLogsRoleArn': 'string',
'excludeVerboseContent': True|False
},
authenticationType='API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT'|'AWS_LAMBDA',
userPoolConfig={
'userPoolId': 'string',
'awsRegion': 'string',
'defaultAction': 'ALLOW'|'DENY',
'appIdClientRegex': 'string'
},
openIDConnectConfig={
'issuer': 'string',
'clientId': 'string',
'iatTTL': 123,
'authTTL': 123
},
tags={
'string': 'string'
},
additionalAuthenticationProviders=[
{
'authenticationType': 'API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT'|'AWS_LAMBDA',
'openIDConnectConfig': {
'issuer': 'string',
'clientId': 'string',
'iatTTL': 123,
'authTTL': 123
},
'userPoolConfig': {
'userPoolId': 'string',
'awsRegion': 'string',
'appIdClientRegex': 'string'
},
'lambdaAuthorizerConfig': {
'authorizerResultTtlInSeconds': 123,
'authorizerUri': 'string',
'identityValidationExpression': 'string'
}
},
],
xrayEnabled=True|False,
lambdaAuthorizerConfig={
'authorizerResultTtlInSeconds': 123,
'authorizerUri': 'string',
'identityValidationExpression': 'string'
}
)
[REQUIRED]
A user-supplied name for the GraphqlApi .
The Amazon CloudWatch Logs configuration.
The field logging level. Values can be NONE, ERROR, or ALL.
The service role that AppSync assumes to publish to CloudWatch logs in your account.
Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level.
[REQUIRED]
The authentication type: API key, Identity and Access Management (IAM), OpenID Connect (OIDC), Amazon Cognito user pools, or Lambda.
The Amazon Cognito user pool configuration.
The user pool ID.
The Amazon Web Services Region in which the user pool was created.
The action that you want your GraphQL API to take when a request that uses Amazon Cognito user pool authentication doesn't match the Amazon Cognito user pool configuration.
A regular expression for validating the incoming Amazon Cognito user pool app client ID.
The OIDC configuration.
The issuer for the OIDC configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.
The client identifier of the relying party at the OpenID identity provider. This identifier is typically obtained when the relying party is registered with the OpenID identity provider. You can specify a regular expression so that AppSync can validate against multiple client identifiers at a time.
The number of milliseconds that a token is valid after it's issued to a user.
The number of milliseconds that a token is valid after being authenticated.
A TagMap object.
The key for the tag.
The value for the tag.
A list of additional authentication providers for the GraphqlApi API.
Describes an additional authentication provider.
The authentication type: API key, Identity and Access Management (IAM), OpenID Connect (OIDC), Amazon Cognito user pools, or Lambda.
The OIDC configuration.
The issuer for the OIDC configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.
The client identifier of the relying party at the OpenID identity provider. This identifier is typically obtained when the relying party is registered with the OpenID identity provider. You can specify a regular expression so that AppSync can validate against multiple client identifiers at a time.
The number of milliseconds that a token is valid after it's issued to a user.
The number of milliseconds that a token is valid after being authenticated.
The Amazon Cognito user pool configuration.
The user pool ID.
The Amazon Web Services Region in which the user pool was created.
A regular expression for validating the incoming Amazon Cognito user pool app client ID.
Configuration for Lambda function authorization.
The number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a ttlOverride key in its response. A value of 0 disables caching of responses.
The Amazon Resource Name (ARN) of the Lambda function to be called for authorization. This can be a standard Lambda ARN, a version ARN (.../v3 ), or an alias ARN.
Note : This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To use the Command Line Interface (CLI), run the following:aws lambda add-permission --function-name "arn:aws:lambda:us-east-2:111122223333:function:my-function" --statement-id "appsync" --principal appsync.amazonaws.com --action lambda:InvokeFunction
A regular expression for validation of tokens before the Lambda function is called.
Configuration for Lambda function authorization.
The number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a ttlOverride key in its response. A value of 0 disables caching of responses.
The Amazon Resource Name (ARN) of the Lambda function to be called for authorization. This can be a standard Lambda ARN, a version ARN (.../v3 ), or an alias ARN.
Note : This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To use the Command Line Interface (CLI), run the following:aws lambda add-permission --function-name "arn:aws:lambda:us-east-2:111122223333:function:my-function" --statement-id "appsync" --principal appsync.amazonaws.com --action lambda:InvokeFunction
A regular expression for validation of tokens before the Lambda function is called.
dict
Response Syntax
{
'graphqlApi': {
'name': 'string',
'apiId': 'string',
'authenticationType': 'API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT'|'AWS_LAMBDA',
'logConfig': {
'fieldLogLevel': 'NONE'|'ERROR'|'ALL',
'cloudWatchLogsRoleArn': 'string',
'excludeVerboseContent': True|False
},
'userPoolConfig': {
'userPoolId': 'string',
'awsRegion': 'string',
'defaultAction': 'ALLOW'|'DENY',
'appIdClientRegex': 'string'
},
'openIDConnectConfig': {
'issuer': 'string',
'clientId': 'string',
'iatTTL': 123,
'authTTL': 123
},
'arn': 'string',
'uris': {
'string': 'string'
},
'tags': {
'string': 'string'
},
'additionalAuthenticationProviders': [
{
'authenticationType': 'API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT'|'AWS_LAMBDA',
'openIDConnectConfig': {
'issuer': 'string',
'clientId': 'string',
'iatTTL': 123,
'authTTL': 123
},
'userPoolConfig': {
'userPoolId': 'string',
'awsRegion': 'string',
'appIdClientRegex': 'string'
},
'lambdaAuthorizerConfig': {
'authorizerResultTtlInSeconds': 123,
'authorizerUri': 'string',
'identityValidationExpression': 'string'
}
},
],
'xrayEnabled': True|False,
'wafWebAclArn': 'string',
'lambdaAuthorizerConfig': {
'authorizerResultTtlInSeconds': 123,
'authorizerUri': 'string',
'identityValidationExpression': 'string'
}
}
}
Response Structure
(dict) --
graphqlApi (dict) --
The GraphqlApi .
name (string) --
The API name.
apiId (string) --
The API ID.
authenticationType (string) --
The authentication type.
logConfig (dict) --
The Amazon CloudWatch Logs configuration.
fieldLogLevel (string) --
The field logging level. Values can be NONE, ERROR, or ALL.
cloudWatchLogsRoleArn (string) --
The service role that AppSync assumes to publish to CloudWatch logs in your account.
excludeVerboseContent (boolean) --
Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level.
userPoolConfig (dict) --
The Amazon Cognito user pool configuration.
userPoolId (string) --
The user pool ID.
awsRegion (string) --
The Amazon Web Services Region in which the user pool was created.
defaultAction (string) --
The action that you want your GraphQL API to take when a request that uses Amazon Cognito user pool authentication doesn't match the Amazon Cognito user pool configuration.
appIdClientRegex (string) --
A regular expression for validating the incoming Amazon Cognito user pool app client ID.
openIDConnectConfig (dict) --
The OpenID Connect configuration.
issuer (string) --
The issuer for the OIDC configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.
clientId (string) --
The client identifier of the relying party at the OpenID identity provider. This identifier is typically obtained when the relying party is registered with the OpenID identity provider. You can specify a regular expression so that AppSync can validate against multiple client identifiers at a time.
iatTTL (integer) --
The number of milliseconds that a token is valid after it's issued to a user.
authTTL (integer) --
The number of milliseconds that a token is valid after being authenticated.
arn (string) --
The Amazon Resource Name (ARN).
uris (dict) --
The URIs.
tags (dict) --
The tags.
(string) --
The key for the tag.
(string) --
The value for the tag.
additionalAuthenticationProviders (list) --
A list of additional authentication providers for the GraphqlApi API.
(dict) --
Describes an additional authentication provider.
authenticationType (string) --
The authentication type: API key, Identity and Access Management (IAM), OpenID Connect (OIDC), Amazon Cognito user pools, or Lambda.
openIDConnectConfig (dict) --
The OIDC configuration.
issuer (string) --
The issuer for the OIDC configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.
clientId (string) --
The client identifier of the relying party at the OpenID identity provider. This identifier is typically obtained when the relying party is registered with the OpenID identity provider. You can specify a regular expression so that AppSync can validate against multiple client identifiers at a time.
iatTTL (integer) --
The number of milliseconds that a token is valid after it's issued to a user.
authTTL (integer) --
The number of milliseconds that a token is valid after being authenticated.
userPoolConfig (dict) --
The Amazon Cognito user pool configuration.
userPoolId (string) --
The user pool ID.
awsRegion (string) --
The Amazon Web Services Region in which the user pool was created.
appIdClientRegex (string) --
A regular expression for validating the incoming Amazon Cognito user pool app client ID.
lambdaAuthorizerConfig (dict) --
Configuration for Lambda function authorization.
authorizerResultTtlInSeconds (integer) --
The number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a ttlOverride key in its response. A value of 0 disables caching of responses.
authorizerUri (string) --
The Amazon Resource Name (ARN) of the Lambda function to be called for authorization. This can be a standard Lambda ARN, a version ARN (.../v3 ), or an alias ARN.
Note : This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To use the Command Line Interface (CLI), run the following:
aws lambda add-permission --function-name "arn:aws:lambda:us-east-2:111122223333:function:my-function" --statement-id "appsync" --principal appsync.amazonaws.com --action lambda:InvokeFunction
identityValidationExpression (string) --
A regular expression for validation of tokens before the Lambda function is called.
xrayEnabled (boolean) --
A flag indicating whether to use X-Ray tracing for this GraphqlApi .
wafWebAclArn (string) --
The ARN of the WAF access control list (ACL) associated with this GraphqlApi , if one exists.
lambdaAuthorizerConfig (dict) --
Configuration for Lambda function authorization.
authorizerResultTtlInSeconds (integer) --
The number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a ttlOverride key in its response. A value of 0 disables caching of responses.
authorizerUri (string) --
The Amazon Resource Name (ARN) of the Lambda function to be called for authorization. This can be a standard Lambda ARN, a version ARN (.../v3 ), or an alias ARN.
Note : This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To use the Command Line Interface (CLI), run the following:
aws lambda add-permission --function-name "arn:aws:lambda:us-east-2:111122223333:function:my-function" --statement-id "appsync" --principal appsync.amazonaws.com --action lambda:InvokeFunction
identityValidationExpression (string) --
A regular expression for validation of tokens before the Lambda function is called.
Exceptions
Creates a Resolver object.
A resolver converts incoming requests into a format that a data source can understand, and converts the data source's responses into GraphQL.
See also: AWS API Documentation
Request Syntax
response = client.create_resolver(
apiId='string',
typeName='string',
fieldName='string',
dataSourceName='string',
requestMappingTemplate='string',
responseMappingTemplate='string',
kind='UNIT'|'PIPELINE',
pipelineConfig={
'functions': [
'string',
]
},
syncConfig={
'conflictHandler': 'OPTIMISTIC_CONCURRENCY'|'LAMBDA'|'AUTOMERGE'|'NONE',
'conflictDetection': 'VERSION'|'NONE',
'lambdaConflictHandlerConfig': {
'lambdaConflictHandlerArn': 'string'
}
},
cachingConfig={
'ttl': 123,
'cachingKeys': [
'string',
]
}
)
[REQUIRED]
The ID for the GraphQL API for which the resolver is being created.
[REQUIRED]
The name of the Type .
[REQUIRED]
The name of the field to attach the resolver to.
The mapping template to use for requests.
A resolver uses a request mapping template to convert a GraphQL expression into a format that a data source can understand. Mapping templates are written in Apache Velocity Template Language (VTL).
VTL request mapping templates are optional when using an Lambda data source. For all other data sources, VTL request and response mapping templates are required.
The resolver type.
The PipelineConfig .
A list of Function objects.
The SyncConfig for a resolver attached to a versioned data source.
The Conflict Resolution strategy to perform in the event of a conflict.
The Conflict Detection strategy to use.
The LambdaConflictHandlerConfig when configuring LAMBDA as the Conflict Handler.
The Amazon Resource Name (ARN) for the Lambda function to use as the Conflict Handler.
The caching configuration for the resolver.
The TTL in seconds for a resolver that has caching activated.
Valid values are 1–3,600 seconds.
The caching keys for a resolver that has caching activated.
Valid values are entries from the $context.arguments , $context.source , and $context.identity maps.
dict
Response Syntax
{
'resolver': {
'typeName': 'string',
'fieldName': 'string',
'dataSourceName': 'string',
'resolverArn': 'string',
'requestMappingTemplate': 'string',
'responseMappingTemplate': 'string',
'kind': 'UNIT'|'PIPELINE',
'pipelineConfig': {
'functions': [
'string',
]
},
'syncConfig': {
'conflictHandler': 'OPTIMISTIC_CONCURRENCY'|'LAMBDA'|'AUTOMERGE'|'NONE',
'conflictDetection': 'VERSION'|'NONE',
'lambdaConflictHandlerConfig': {
'lambdaConflictHandlerArn': 'string'
}
},
'cachingConfig': {
'ttl': 123,
'cachingKeys': [
'string',
]
}
}
}
Response Structure
(dict) --
resolver (dict) --
The Resolver object.
typeName (string) --
The resolver type name.
fieldName (string) --
The resolver field name.
dataSourceName (string) --
The resolver data source name.
resolverArn (string) --
The resolver Amazon Resource Name (ARN).
requestMappingTemplate (string) --
The request mapping template.
responseMappingTemplate (string) --
The response mapping template.
kind (string) --
The resolver type.
pipelineConfig (dict) --
The PipelineConfig .
functions (list) --
A list of Function objects.
syncConfig (dict) --
The SyncConfig for a resolver attached to a versioned data source.
conflictHandler (string) --
The Conflict Resolution strategy to perform in the event of a conflict.
conflictDetection (string) --
The Conflict Detection strategy to use.
lambdaConflictHandlerConfig (dict) --
The LambdaConflictHandlerConfig when configuring LAMBDA as the Conflict Handler.
lambdaConflictHandlerArn (string) --
The Amazon Resource Name (ARN) for the Lambda function to use as the Conflict Handler.
cachingConfig (dict) --
The caching configuration for the resolver.
ttl (integer) --
The TTL in seconds for a resolver that has caching activated.
Valid values are 1–3,600 seconds.
cachingKeys (list) --
The caching keys for a resolver that has caching activated.
Valid values are entries from the $context.arguments , $context.source , and $context.identity maps.
Exceptions
Creates a Type object.
See also: AWS API Documentation
Request Syntax
response = client.create_type(
apiId='string',
definition='string',
format='SDL'|'JSON'
)
[REQUIRED]
The API ID.
[REQUIRED]
The type definition, in GraphQL Schema Definition Language (SDL) format.
For more information, see the GraphQL SDL documentation .
[REQUIRED]
The type format: SDL or JSON.
dict
Response Syntax
{
'type': {
'name': 'string',
'description': 'string',
'arn': 'string',
'definition': 'string',
'format': 'SDL'|'JSON'
}
}
Response Structure
(dict) --
type (dict) --
The Type object.
name (string) --
The type name.
description (string) --
The type description.
arn (string) --
The type Amazon Resource Name (ARN).
definition (string) --
The type definition.
format (string) --
The type format: SDL or JSON.
Exceptions
Deletes an ApiCache object.
See also: AWS API Documentation
Request Syntax
response = client.delete_api_cache(
apiId='string'
)
[REQUIRED]
The API ID.
{}
Response Structure
Represents the output of a DeleteApiCache operation.
Exceptions
Deletes an API key.
See also: AWS API Documentation
Request Syntax
response = client.delete_api_key(
apiId='string',
id='string'
)
[REQUIRED]
The API ID.
[REQUIRED]
The ID for the API key.
dict
Response Syntax
{}
Response Structure
Exceptions
Deletes a DataSource object.
See also: AWS API Documentation
Request Syntax
response = client.delete_data_source(
apiId='string',
name='string'
)
[REQUIRED]
The API ID.
[REQUIRED]
The name of the data source.
dict
Response Syntax
{}
Response Structure
Exceptions
Deletes a custom DomainName object.
See also: AWS API Documentation
Request Syntax
response = client.delete_domain_name(
domainName='string'
)
[REQUIRED]
The domain name.
{}
Response Structure
Exceptions
Deletes a Function .
See also: AWS API Documentation
Request Syntax
response = client.delete_function(
apiId='string',
functionId='string'
)
[REQUIRED]
The GraphQL API ID.
[REQUIRED]
The Function ID.
dict
Response Syntax
{}
Response Structure
Exceptions
Deletes a GraphqlApi object.
See also: AWS API Documentation
Request Syntax
response = client.delete_graphql_api(
apiId='string'
)
[REQUIRED]
The API ID.
{}
Response Structure
Exceptions
Deletes a Resolver object.
See also: AWS API Documentation
Request Syntax
response = client.delete_resolver(
apiId='string',
typeName='string',
fieldName='string'
)
[REQUIRED]
The API ID.
[REQUIRED]
The name of the resolver type.
[REQUIRED]
The resolver field name.
dict
Response Syntax
{}
Response Structure
Exceptions
Deletes a Type object.
See also: AWS API Documentation
Request Syntax
response = client.delete_type(
apiId='string',
typeName='string'
)
[REQUIRED]
The API ID.
[REQUIRED]
The type name.
dict
Response Syntax
{}
Response Structure
Exceptions
Removes an ApiAssociation object from a custom domain.
See also: AWS API Documentation
Request Syntax
response = client.disassociate_api(
domainName='string'
)
[REQUIRED]
The domain name.
{}
Response Structure
Exceptions
Flushes an ApiCache object.
See also: AWS API Documentation
Request Syntax
response = client.flush_api_cache(
apiId='string'
)
[REQUIRED]
The API ID.
{}
Response Structure
Represents the output of a FlushApiCache operation.
Exceptions
Retrieves an ApiAssociation object.
See also: AWS API Documentation
Request Syntax
response = client.get_api_association(
domainName='string'
)
[REQUIRED]
The domain name.
{
'apiAssociation': {
'domainName': 'string',
'apiId': 'string',
'associationStatus': 'PROCESSING'|'FAILED'|'SUCCESS',
'deploymentDetail': 'string'
}
}
Response Structure
The ApiAssociation object.
The domain name.
The API ID.
Identifies the status of an association.
Details about the last deployment status.
Exceptions
Retrieves an ApiCache object.
See also: AWS API Documentation
Request Syntax
response = client.get_api_cache(
apiId='string'
)
[REQUIRED]
The API ID.
{
'apiCache': {
'ttl': 123,
'apiCachingBehavior': 'FULL_REQUEST_CACHING'|'PER_RESOLVER_CACHING',
'transitEncryptionEnabled': True|False,
'atRestEncryptionEnabled': True|False,
'type': 'T2_SMALL'|'T2_MEDIUM'|'R4_LARGE'|'R4_XLARGE'|'R4_2XLARGE'|'R4_4XLARGE'|'R4_8XLARGE'|'SMALL'|'MEDIUM'|'LARGE'|'XLARGE'|'LARGE_2X'|'LARGE_4X'|'LARGE_8X'|'LARGE_12X',
'status': 'AVAILABLE'|'CREATING'|'DELETING'|'MODIFYING'|'FAILED'
}
}
Response Structure
Represents the output of a GetApiCache operation.
The ApiCache object.
TTL in seconds for cache entries.
Valid values are 1–3,600 seconds.
Caching behavior.
Transit encryption flag when connecting to cache. You cannot update this setting after creation.
At-rest encryption flag for cache. You cannot update this setting after creation.
The cache instance type. Valid values are
Historically, instance types were identified by an EC2-style value. As of July 2020, this is deprecated, and the generic identifiers above should be used.
The following legacy instance types are available, but their use is discouraged:
The cache instance status.
Exceptions
Retrieves a DataSource object.
See also: AWS API Documentation
Request Syntax
response = client.get_data_source(
apiId='string',
name='string'
)
[REQUIRED]
The API ID.
[REQUIRED]
The name of the data source.
dict
Response Syntax
{
'dataSource': {
'dataSourceArn': 'string',
'name': 'string',
'description': 'string',
'type': 'AWS_LAMBDA'|'AMAZON_DYNAMODB'|'AMAZON_ELASTICSEARCH'|'NONE'|'HTTP'|'RELATIONAL_DATABASE'|'AMAZON_OPENSEARCH_SERVICE',
'serviceRoleArn': 'string',
'dynamodbConfig': {
'tableName': 'string',
'awsRegion': 'string',
'useCallerCredentials': True|False,
'deltaSyncConfig': {
'baseTableTTL': 123,
'deltaSyncTableName': 'string',
'deltaSyncTableTTL': 123
},
'versioned': True|False
},
'lambdaConfig': {
'lambdaFunctionArn': 'string'
},
'elasticsearchConfig': {
'endpoint': 'string',
'awsRegion': 'string'
},
'openSearchServiceConfig': {
'endpoint': 'string',
'awsRegion': 'string'
},
'httpConfig': {
'endpoint': 'string',
'authorizationConfig': {
'authorizationType': 'AWS_IAM',
'awsIamConfig': {
'signingRegion': 'string',
'signingServiceName': 'string'
}
}
},
'relationalDatabaseConfig': {
'relationalDatabaseSourceType': 'RDS_HTTP_ENDPOINT',
'rdsHttpEndpointConfig': {
'awsRegion': 'string',
'dbClusterIdentifier': 'string',
'databaseName': 'string',
'schema': 'string',
'awsSecretStoreArn': 'string'
}
}
}
}
Response Structure
(dict) --
dataSource (dict) --
The DataSource object.
dataSourceArn (string) --
The data source Amazon Resource Name (ARN).
name (string) --
The name of the data source.
description (string) --
The description of the data source.
type (string) --
The type of the data source.
serviceRoleArn (string) --
The Identity and Access Management (IAM) service role Amazon Resource Name (ARN) for the data source. The system assumes this role when accessing the data source.
dynamodbConfig (dict) --
DynamoDB settings.
tableName (string) --
The table name.
awsRegion (string) --
The Amazon Web Services Region.
useCallerCredentials (boolean) --
Set to TRUE to use Amazon Cognito credentials with this data source.
deltaSyncConfig (dict) --
The DeltaSyncConfig for a versioned data source.
baseTableTTL (integer) --
The number of minutes that an Item is stored in the data source.
deltaSyncTableName (string) --
The Delta Sync table name.
deltaSyncTableTTL (integer) --
The number of minutes that a Delta Sync log entry is stored in the Delta Sync table.
versioned (boolean) --
Set to TRUE to use Conflict Detection and Resolution with this data source.
lambdaConfig (dict) --
Lambda settings.
lambdaFunctionArn (string) --
The Amazon Resource Name (ARN) for the Lambda function.
elasticsearchConfig (dict) --
Amazon OpenSearch Service settings.
endpoint (string) --
The endpoint.
awsRegion (string) --
The Amazon Web Services Region.
openSearchServiceConfig (dict) --
Amazon OpenSearch Service settings.
endpoint (string) --
The endpoint.
awsRegion (string) --
The Amazon Web Services Region.
httpConfig (dict) --
HTTP endpoint settings.
endpoint (string) --
The HTTP URL endpoint. You can specify either the domain name or IP, and port combination, and the URL scheme must be HTTP or HTTPS. If you don't specify the port, AppSync uses the default port 80 for the HTTP endpoint and port 443 for HTTPS endpoints.
authorizationConfig (dict) --
The authorization configuration in case the HTTP endpoint requires authorization.
authorizationType (string) --
The authorization type that the HTTP endpoint requires.
awsIamConfig (dict) --
The Identity and Access Management (IAM) settings.
signingRegion (string) --
The signing Amazon Web Services Region for IAM authorization.
signingServiceName (string) --
The signing service name for IAM authorization.
relationalDatabaseConfig (dict) --
Relational database settings.
relationalDatabaseSourceType (string) --
Source type for the relational database.
rdsHttpEndpointConfig (dict) --
Amazon RDS HTTP endpoint settings.
awsRegion (string) --
Amazon Web Services Region for Amazon RDS HTTP endpoint.
dbClusterIdentifier (string) --
Amazon RDS cluster Amazon Resource Name (ARN).
databaseName (string) --
Logical database name.
schema (string) --
Logical schema name.
awsSecretStoreArn (string) --
Amazon Web Services secret store Amazon Resource Name (ARN) for database credentials.
Exceptions
Retrieves a custom DomainName object.
See also: AWS API Documentation
Request Syntax
response = client.get_domain_name(
domainName='string'
)
[REQUIRED]
The domain name.
{
'domainNameConfig': {
'domainName': 'string',
'description': 'string',
'certificateArn': 'string',
'appsyncDomainName': 'string',
'hostedZoneId': 'string'
}
}
Response Structure
The configuration for the DomainName .
The domain name.
A description of the DomainName configuration.
The Amazon Resource Name (ARN) of the certificate. This can be an Certificate Manager (ACM) certificate or an Identity and Access Management (IAM) server certificate.
The domain name that AppSync provides.
The ID of your Amazon Route 53 hosted zone.
Exceptions
Get a Function .
See also: AWS API Documentation
Request Syntax
response = client.get_function(
apiId='string',
functionId='string'
)
[REQUIRED]
The GraphQL API ID.
[REQUIRED]
The Function ID.
dict
Response Syntax
{
'functionConfiguration': {
'functionId': 'string',
'functionArn': 'string',
'name': 'string',
'description': 'string',
'dataSourceName': 'string',
'requestMappingTemplate': 'string',
'responseMappingTemplate': 'string',
'functionVersion': 'string',
'syncConfig': {
'conflictHandler': 'OPTIMISTIC_CONCURRENCY'|'LAMBDA'|'AUTOMERGE'|'NONE',
'conflictDetection': 'VERSION'|'NONE',
'lambdaConflictHandlerConfig': {
'lambdaConflictHandlerArn': 'string'
}
}
}
}
Response Structure
(dict) --
functionConfiguration (dict) --
The Function object.
functionId (string) --
A unique ID representing the Function object.
functionArn (string) --
The Amazon Resource Name (ARN) of the Function object.
name (string) --
The name of the Function object.
description (string) --
The Function description.
dataSourceName (string) --
The name of the DataSource .
requestMappingTemplate (string) --
The Function request mapping template. Functions support only the 2018-05-29 version of the request mapping template.
responseMappingTemplate (string) --
The Function response mapping template.
functionVersion (string) --
The version of the request mapping template. Currently, only the 2018-05-29 version of the template is supported.
syncConfig (dict) --
Describes a Sync configuration for a resolver.
Specifies which Conflict Detection strategy and Resolution strategy to use when the resolver is invoked.
conflictHandler (string) --
The Conflict Resolution strategy to perform in the event of a conflict.
conflictDetection (string) --
The Conflict Detection strategy to use.
lambdaConflictHandlerConfig (dict) --
The LambdaConflictHandlerConfig when configuring LAMBDA as the Conflict Handler.
lambdaConflictHandlerArn (string) --
The Amazon Resource Name (ARN) for the Lambda function to use as the Conflict Handler.
Exceptions
Retrieves a GraphqlApi object.
See also: AWS API Documentation
Request Syntax
response = client.get_graphql_api(
apiId='string'
)
[REQUIRED]
The API ID for the GraphQL API.
{
'graphqlApi': {
'name': 'string',
'apiId': 'string',
'authenticationType': 'API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT'|'AWS_LAMBDA',
'logConfig': {
'fieldLogLevel': 'NONE'|'ERROR'|'ALL',
'cloudWatchLogsRoleArn': 'string',
'excludeVerboseContent': True|False
},
'userPoolConfig': {
'userPoolId': 'string',
'awsRegion': 'string',
'defaultAction': 'ALLOW'|'DENY',
'appIdClientRegex': 'string'
},
'openIDConnectConfig': {
'issuer': 'string',
'clientId': 'string',
'iatTTL': 123,
'authTTL': 123
},
'arn': 'string',
'uris': {
'string': 'string'
},
'tags': {
'string': 'string'
},
'additionalAuthenticationProviders': [
{
'authenticationType': 'API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT'|'AWS_LAMBDA',
'openIDConnectConfig': {
'issuer': 'string',
'clientId': 'string',
'iatTTL': 123,
'authTTL': 123
},
'userPoolConfig': {
'userPoolId': 'string',
'awsRegion': 'string',
'appIdClientRegex': 'string'
},
'lambdaAuthorizerConfig': {
'authorizerResultTtlInSeconds': 123,
'authorizerUri': 'string',
'identityValidationExpression': 'string'
}
},
],
'xrayEnabled': True|False,
'wafWebAclArn': 'string',
'lambdaAuthorizerConfig': {
'authorizerResultTtlInSeconds': 123,
'authorizerUri': 'string',
'identityValidationExpression': 'string'
}
}
}
Response Structure
The GraphqlApi object.
The API name.
The API ID.
The authentication type.
The Amazon CloudWatch Logs configuration.
The field logging level. Values can be NONE, ERROR, or ALL.
The service role that AppSync assumes to publish to CloudWatch logs in your account.
Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level.
The Amazon Cognito user pool configuration.
The user pool ID.
The Amazon Web Services Region in which the user pool was created.
The action that you want your GraphQL API to take when a request that uses Amazon Cognito user pool authentication doesn't match the Amazon Cognito user pool configuration.
A regular expression for validating the incoming Amazon Cognito user pool app client ID.
The OpenID Connect configuration.
The issuer for the OIDC configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.
The client identifier of the relying party at the OpenID identity provider. This identifier is typically obtained when the relying party is registered with the OpenID identity provider. You can specify a regular expression so that AppSync can validate against multiple client identifiers at a time.
The number of milliseconds that a token is valid after it's issued to a user.
The number of milliseconds that a token is valid after being authenticated.
The Amazon Resource Name (ARN).
The URIs.
The tags.
The key for the tag.
The value for the tag.
A list of additional authentication providers for the GraphqlApi API.
Describes an additional authentication provider.
The authentication type: API key, Identity and Access Management (IAM), OpenID Connect (OIDC), Amazon Cognito user pools, or Lambda.
The OIDC configuration.
The issuer for the OIDC configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.
The client identifier of the relying party at the OpenID identity provider. This identifier is typically obtained when the relying party is registered with the OpenID identity provider. You can specify a regular expression so that AppSync can validate against multiple client identifiers at a time.
The number of milliseconds that a token is valid after it's issued to a user.
The number of milliseconds that a token is valid after being authenticated.
The Amazon Cognito user pool configuration.
The user pool ID.
The Amazon Web Services Region in which the user pool was created.
A regular expression for validating the incoming Amazon Cognito user pool app client ID.
Configuration for Lambda function authorization.
The number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a ttlOverride key in its response. A value of 0 disables caching of responses.
The Amazon Resource Name (ARN) of the Lambda function to be called for authorization. This can be a standard Lambda ARN, a version ARN (.../v3 ), or an alias ARN.
Note : This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To use the Command Line Interface (CLI), run the following:aws lambda add-permission --function-name "arn:aws:lambda:us-east-2:111122223333:function:my-function" --statement-id "appsync" --principal appsync.amazonaws.com --action lambda:InvokeFunction
A regular expression for validation of tokens before the Lambda function is called.
A flag indicating whether to use X-Ray tracing for this GraphqlApi .
The ARN of the WAF access control list (ACL) associated with this GraphqlApi , if one exists.
Configuration for Lambda function authorization.
The number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a ttlOverride key in its response. A value of 0 disables caching of responses.
The Amazon Resource Name (ARN) of the Lambda function to be called for authorization. This can be a standard Lambda ARN, a version ARN (.../v3 ), or an alias ARN.
Note : This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To use the Command Line Interface (CLI), run the following:aws lambda add-permission --function-name "arn:aws:lambda:us-east-2:111122223333:function:my-function" --statement-id "appsync" --principal appsync.amazonaws.com --action lambda:InvokeFunction
A regular expression for validation of tokens before the Lambda function is called.
Exceptions
Retrieves the introspection schema for a GraphQL API.
See also: AWS API Documentation
Request Syntax
response = client.get_introspection_schema(
apiId='string',
format='SDL'|'JSON',
includeDirectives=True|False
)
[REQUIRED]
The API ID.
[REQUIRED]
The schema format: SDL or JSON.
dict
Response Syntax
{
'schema': StreamingBody()
}
Response Structure
(dict) --
schema (StreamingBody) --
The schema, in GraphQL Schema Definition Language (SDL) format.
For more information, see the GraphQL SDL documentation .
Exceptions
Create a paginator for an operation.
Retrieves a Resolver object.
See also: AWS API Documentation
Request Syntax
response = client.get_resolver(
apiId='string',
typeName='string',
fieldName='string'
)
[REQUIRED]
The API ID.
[REQUIRED]
The resolver type name.
[REQUIRED]
The resolver field name.
dict
Response Syntax
{
'resolver': {
'typeName': 'string',
'fieldName': 'string',
'dataSourceName': 'string',
'resolverArn': 'string',
'requestMappingTemplate': 'string',
'responseMappingTemplate': 'string',
'kind': 'UNIT'|'PIPELINE',
'pipelineConfig': {
'functions': [
'string',
]
},
'syncConfig': {
'conflictHandler': 'OPTIMISTIC_CONCURRENCY'|'LAMBDA'|'AUTOMERGE'|'NONE',
'conflictDetection': 'VERSION'|'NONE',
'lambdaConflictHandlerConfig': {
'lambdaConflictHandlerArn': 'string'
}
},
'cachingConfig': {
'ttl': 123,
'cachingKeys': [
'string',
]
}
}
}
Response Structure
(dict) --
resolver (dict) --
The Resolver object.
typeName (string) --
The resolver type name.
fieldName (string) --
The resolver field name.
dataSourceName (string) --
The resolver data source name.
resolverArn (string) --
The resolver Amazon Resource Name (ARN).
requestMappingTemplate (string) --
The request mapping template.
responseMappingTemplate (string) --
The response mapping template.
kind (string) --
The resolver type.
pipelineConfig (dict) --
The PipelineConfig .
functions (list) --
A list of Function objects.
syncConfig (dict) --
The SyncConfig for a resolver attached to a versioned data source.
conflictHandler (string) --
The Conflict Resolution strategy to perform in the event of a conflict.
conflictDetection (string) --
The Conflict Detection strategy to use.
lambdaConflictHandlerConfig (dict) --
The LambdaConflictHandlerConfig when configuring LAMBDA as the Conflict Handler.
lambdaConflictHandlerArn (string) --
The Amazon Resource Name (ARN) for the Lambda function to use as the Conflict Handler.
cachingConfig (dict) --
The caching configuration for the resolver.
ttl (integer) --
The TTL in seconds for a resolver that has caching activated.
Valid values are 1–3,600 seconds.
cachingKeys (list) --
The caching keys for a resolver that has caching activated.
Valid values are entries from the $context.arguments , $context.source , and $context.identity maps.
Exceptions
Retrieves the current status of a schema creation operation.
See also: AWS API Documentation
Request Syntax
response = client.get_schema_creation_status(
apiId='string'
)
[REQUIRED]
The API ID.
{
'status': 'PROCESSING'|'ACTIVE'|'DELETING'|'FAILED'|'SUCCESS'|'NOT_APPLICABLE',
'details': 'string'
}
Response Structure
The current state of the schema (PROCESSING, FAILED, SUCCESS, or NOT_APPLICABLE). When the schema is in the ACTIVE state, you can add data.
Detailed information about the status of the schema creation operation.
Exceptions
Retrieves a Type object.
See also: AWS API Documentation
Request Syntax
response = client.get_type(
apiId='string',
typeName='string',
format='SDL'|'JSON'
)
[REQUIRED]
The API ID.
[REQUIRED]
The type name.
[REQUIRED]
The type format: SDL or JSON.
dict
Response Syntax
{
'type': {
'name': 'string',
'description': 'string',
'arn': 'string',
'definition': 'string',
'format': 'SDL'|'JSON'
}
}
Response Structure
(dict) --
type (dict) --
The Type object.
name (string) --
The type name.
description (string) --
The type description.
arn (string) --
The type Amazon Resource Name (ARN).
definition (string) --
The type definition.
format (string) --
The type format: SDL or JSON.
Exceptions
Returns an object that can wait for some condition.
Lists the API keys for a given API.
Note
API keys are deleted automatically 60 days after they expire. However, they may still be included in the response until they have actually been deleted. You can safely call DeleteApiKey to manually delete a key before it's automatically deleted.
See also: AWS API Documentation
Request Syntax
response = client.list_api_keys(
apiId='string',
nextToken='string',
maxResults=123
)
[REQUIRED]
The API ID.
dict
Response Syntax
{
'apiKeys': [
{
'id': 'string',
'description': 'string',
'expires': 123,
'deletes': 123
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
apiKeys (list) --
The ApiKey objects.
(dict) --
Describes an API key.
Customers invoke AppSync GraphQL API operations with API keys as an identity mechanism. There are two key versions:
da1 : We introduced this version at launch in November 2017. These keys always expire after 7 days. Amazon DynamoDB TTL manages key expiration. These keys ceased to be valid after February 21, 2018, and they should no longer be used.
da2 : We introduced this version in February 2018 when AppSync added support to extend key expiration.
id (string) --
The API key ID.
description (string) --
A description of the purpose of the API key.
expires (integer) --
The time after which the API key expires. The date is represented as seconds since the epoch, rounded down to the nearest hour.
deletes (integer) --
The time after which the API key is deleted. The date is represented as seconds since the epoch, rounded down to the nearest hour.
nextToken (string) --
An identifier to pass in the next request to this operation to return the next set of items in the list.
Exceptions
Lists the data sources for a given API.
See also: AWS API Documentation
Request Syntax
response = client.list_data_sources(
apiId='string',
nextToken='string',
maxResults=123
)
[REQUIRED]
The API ID.
dict
Response Syntax
{
'dataSources': [
{
'dataSourceArn': 'string',
'name': 'string',
'description': 'string',
'type': 'AWS_LAMBDA'|'AMAZON_DYNAMODB'|'AMAZON_ELASTICSEARCH'|'NONE'|'HTTP'|'RELATIONAL_DATABASE'|'AMAZON_OPENSEARCH_SERVICE',
'serviceRoleArn': 'string',
'dynamodbConfig': {
'tableName': 'string',
'awsRegion': 'string',
'useCallerCredentials': True|False,
'deltaSyncConfig': {
'baseTableTTL': 123,
'deltaSyncTableName': 'string',
'deltaSyncTableTTL': 123
},
'versioned': True|False
},
'lambdaConfig': {
'lambdaFunctionArn': 'string'
},
'elasticsearchConfig': {
'endpoint': 'string',
'awsRegion': 'string'
},
'openSearchServiceConfig': {
'endpoint': 'string',
'awsRegion': 'string'
},
'httpConfig': {
'endpoint': 'string',
'authorizationConfig': {
'authorizationType': 'AWS_IAM',
'awsIamConfig': {
'signingRegion': 'string',
'signingServiceName': 'string'
}
}
},
'relationalDatabaseConfig': {
'relationalDatabaseSourceType': 'RDS_HTTP_ENDPOINT',
'rdsHttpEndpointConfig': {
'awsRegion': 'string',
'dbClusterIdentifier': 'string',
'databaseName': 'string',
'schema': 'string',
'awsSecretStoreArn': 'string'
}
}
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
dataSources (list) --
The DataSource objects.
(dict) --
Describes a data source.
dataSourceArn (string) --
The data source Amazon Resource Name (ARN).
name (string) --
The name of the data source.
description (string) --
The description of the data source.
type (string) --
The type of the data source.
serviceRoleArn (string) --
The Identity and Access Management (IAM) service role Amazon Resource Name (ARN) for the data source. The system assumes this role when accessing the data source.
dynamodbConfig (dict) --
DynamoDB settings.
tableName (string) --
The table name.
awsRegion (string) --
The Amazon Web Services Region.
useCallerCredentials (boolean) --
Set to TRUE to use Amazon Cognito credentials with this data source.
deltaSyncConfig (dict) --
The DeltaSyncConfig for a versioned data source.
baseTableTTL (integer) --
The number of minutes that an Item is stored in the data source.
deltaSyncTableName (string) --
The Delta Sync table name.
deltaSyncTableTTL (integer) --
The number of minutes that a Delta Sync log entry is stored in the Delta Sync table.
versioned (boolean) --
Set to TRUE to use Conflict Detection and Resolution with this data source.
lambdaConfig (dict) --
Lambda settings.
lambdaFunctionArn (string) --
The Amazon Resource Name (ARN) for the Lambda function.
elasticsearchConfig (dict) --
Amazon OpenSearch Service settings.
endpoint (string) --
The endpoint.
awsRegion (string) --
The Amazon Web Services Region.
openSearchServiceConfig (dict) --
Amazon OpenSearch Service settings.
endpoint (string) --
The endpoint.
awsRegion (string) --
The Amazon Web Services Region.
httpConfig (dict) --
HTTP endpoint settings.
endpoint (string) --
The HTTP URL endpoint. You can specify either the domain name or IP, and port combination, and the URL scheme must be HTTP or HTTPS. If you don't specify the port, AppSync uses the default port 80 for the HTTP endpoint and port 443 for HTTPS endpoints.
authorizationConfig (dict) --
The authorization configuration in case the HTTP endpoint requires authorization.
authorizationType (string) --
The authorization type that the HTTP endpoint requires.
awsIamConfig (dict) --
The Identity and Access Management (IAM) settings.
signingRegion (string) --
The signing Amazon Web Services Region for IAM authorization.
signingServiceName (string) --
The signing service name for IAM authorization.
relationalDatabaseConfig (dict) --
Relational database settings.
relationalDatabaseSourceType (string) --
Source type for the relational database.
rdsHttpEndpointConfig (dict) --
Amazon RDS HTTP endpoint settings.
awsRegion (string) --
Amazon Web Services Region for Amazon RDS HTTP endpoint.
dbClusterIdentifier (string) --
Amazon RDS cluster Amazon Resource Name (ARN).
databaseName (string) --
Logical database name.
schema (string) --
Logical schema name.
awsSecretStoreArn (string) --
Amazon Web Services secret store Amazon Resource Name (ARN) for database credentials.
nextToken (string) --
An identifier to pass in the next request to this operation to return the next set of items in the list.
Exceptions
Lists multiple custom domain names.
See also: AWS API Documentation
Request Syntax
response = client.list_domain_names(
nextToken='string',
maxResults=123
)
dict
Response Syntax
{
'domainNameConfigs': [
{
'domainName': 'string',
'description': 'string',
'certificateArn': 'string',
'appsyncDomainName': 'string',
'hostedZoneId': 'string'
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
domainNameConfigs (list) --
Lists configurations for multiple domain names.
(dict) --
Describes a configuration for a custom domain.
domainName (string) --
The domain name.
description (string) --
A description of the DomainName configuration.
certificateArn (string) --
The Amazon Resource Name (ARN) of the certificate. This can be an Certificate Manager (ACM) certificate or an Identity and Access Management (IAM) server certificate.
appsyncDomainName (string) --
The domain name that AppSync provides.
hostedZoneId (string) --
The ID of your Amazon Route 53 hosted zone.
nextToken (string) --
The API token.
Exceptions
List multiple functions.
See also: AWS API Documentation
Request Syntax
response = client.list_functions(
apiId='string',
nextToken='string',
maxResults=123
)
[REQUIRED]
The GraphQL API ID.
dict
Response Syntax
{
'functions': [
{
'functionId': 'string',
'functionArn': 'string',
'name': 'string',
'description': 'string',
'dataSourceName': 'string',
'requestMappingTemplate': 'string',
'responseMappingTemplate': 'string',
'functionVersion': 'string',
'syncConfig': {
'conflictHandler': 'OPTIMISTIC_CONCURRENCY'|'LAMBDA'|'AUTOMERGE'|'NONE',
'conflictDetection': 'VERSION'|'NONE',
'lambdaConflictHandlerConfig': {
'lambdaConflictHandlerArn': 'string'
}
}
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
functions (list) --
A list of Function objects.
(dict) --
A function is a reusable entity. You can use multiple functions to compose the resolver logic.
functionId (string) --
A unique ID representing the Function object.
functionArn (string) --
The Amazon Resource Name (ARN) of the Function object.
name (string) --
The name of the Function object.
description (string) --
The Function description.
dataSourceName (string) --
The name of the DataSource .
requestMappingTemplate (string) --
The Function request mapping template. Functions support only the 2018-05-29 version of the request mapping template.
responseMappingTemplate (string) --
The Function response mapping template.
functionVersion (string) --
The version of the request mapping template. Currently, only the 2018-05-29 version of the template is supported.
syncConfig (dict) --
Describes a Sync configuration for a resolver.
Specifies which Conflict Detection strategy and Resolution strategy to use when the resolver is invoked.
conflictHandler (string) --
The Conflict Resolution strategy to perform in the event of a conflict.
conflictDetection (string) --
The Conflict Detection strategy to use.
lambdaConflictHandlerConfig (dict) --
The LambdaConflictHandlerConfig when configuring LAMBDA as the Conflict Handler.
lambdaConflictHandlerArn (string) --
The Amazon Resource Name (ARN) for the Lambda function to use as the Conflict Handler.
nextToken (string) --
An identifier that was returned from the previous call to this operation, which you can use to return the next set of items in the list.
Exceptions
Lists your GraphQL APIs.
See also: AWS API Documentation
Request Syntax
response = client.list_graphql_apis(
nextToken='string',
maxResults=123
)
dict
Response Syntax
{
'graphqlApis': [
{
'name': 'string',
'apiId': 'string',
'authenticationType': 'API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT'|'AWS_LAMBDA',
'logConfig': {
'fieldLogLevel': 'NONE'|'ERROR'|'ALL',
'cloudWatchLogsRoleArn': 'string',
'excludeVerboseContent': True|False
},
'userPoolConfig': {
'userPoolId': 'string',
'awsRegion': 'string',
'defaultAction': 'ALLOW'|'DENY',
'appIdClientRegex': 'string'
},
'openIDConnectConfig': {
'issuer': 'string',
'clientId': 'string',
'iatTTL': 123,
'authTTL': 123
},
'arn': 'string',
'uris': {
'string': 'string'
},
'tags': {
'string': 'string'
},
'additionalAuthenticationProviders': [
{
'authenticationType': 'API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT'|'AWS_LAMBDA',
'openIDConnectConfig': {
'issuer': 'string',
'clientId': 'string',
'iatTTL': 123,
'authTTL': 123
},
'userPoolConfig': {
'userPoolId': 'string',
'awsRegion': 'string',
'appIdClientRegex': 'string'
},
'lambdaAuthorizerConfig': {
'authorizerResultTtlInSeconds': 123,
'authorizerUri': 'string',
'identityValidationExpression': 'string'
}
},
],
'xrayEnabled': True|False,
'wafWebAclArn': 'string',
'lambdaAuthorizerConfig': {
'authorizerResultTtlInSeconds': 123,
'authorizerUri': 'string',
'identityValidationExpression': 'string'
}
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
graphqlApis (list) --
The GraphqlApi objects.
(dict) --
Describes a GraphQL API.
name (string) --
The API name.
apiId (string) --
The API ID.
authenticationType (string) --
The authentication type.
logConfig (dict) --
The Amazon CloudWatch Logs configuration.
fieldLogLevel (string) --
The field logging level. Values can be NONE, ERROR, or ALL.
cloudWatchLogsRoleArn (string) --
The service role that AppSync assumes to publish to CloudWatch logs in your account.
excludeVerboseContent (boolean) --
Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level.
userPoolConfig (dict) --
The Amazon Cognito user pool configuration.
userPoolId (string) --
The user pool ID.
awsRegion (string) --
The Amazon Web Services Region in which the user pool was created.
defaultAction (string) --
The action that you want your GraphQL API to take when a request that uses Amazon Cognito user pool authentication doesn't match the Amazon Cognito user pool configuration.
appIdClientRegex (string) --
A regular expression for validating the incoming Amazon Cognito user pool app client ID.
openIDConnectConfig (dict) --
The OpenID Connect configuration.
issuer (string) --
The issuer for the OIDC configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.
clientId (string) --
The client identifier of the relying party at the OpenID identity provider. This identifier is typically obtained when the relying party is registered with the OpenID identity provider. You can specify a regular expression so that AppSync can validate against multiple client identifiers at a time.
iatTTL (integer) --
The number of milliseconds that a token is valid after it's issued to a user.
authTTL (integer) --
The number of milliseconds that a token is valid after being authenticated.
arn (string) --
The Amazon Resource Name (ARN).
uris (dict) --
The URIs.
tags (dict) --
The tags.
(string) --
The key for the tag.
(string) --
The value for the tag.
additionalAuthenticationProviders (list) --
A list of additional authentication providers for the GraphqlApi API.
(dict) --
Describes an additional authentication provider.
authenticationType (string) --
The authentication type: API key, Identity and Access Management (IAM), OpenID Connect (OIDC), Amazon Cognito user pools, or Lambda.
openIDConnectConfig (dict) --
The OIDC configuration.
issuer (string) --
The issuer for the OIDC configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.
clientId (string) --
The client identifier of the relying party at the OpenID identity provider. This identifier is typically obtained when the relying party is registered with the OpenID identity provider. You can specify a regular expression so that AppSync can validate against multiple client identifiers at a time.
iatTTL (integer) --
The number of milliseconds that a token is valid after it's issued to a user.
authTTL (integer) --
The number of milliseconds that a token is valid after being authenticated.
userPoolConfig (dict) --
The Amazon Cognito user pool configuration.
userPoolId (string) --
The user pool ID.
awsRegion (string) --
The Amazon Web Services Region in which the user pool was created.
appIdClientRegex (string) --
A regular expression for validating the incoming Amazon Cognito user pool app client ID.
lambdaAuthorizerConfig (dict) --
Configuration for Lambda function authorization.
authorizerResultTtlInSeconds (integer) --
The number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a ttlOverride key in its response. A value of 0 disables caching of responses.
authorizerUri (string) --
The Amazon Resource Name (ARN) of the Lambda function to be called for authorization. This can be a standard Lambda ARN, a version ARN (.../v3 ), or an alias ARN.
Note : This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To use the Command Line Interface (CLI), run the following:
aws lambda add-permission --function-name "arn:aws:lambda:us-east-2:111122223333:function:my-function" --statement-id "appsync" --principal appsync.amazonaws.com --action lambda:InvokeFunction
identityValidationExpression (string) --
A regular expression for validation of tokens before the Lambda function is called.
xrayEnabled (boolean) --
A flag indicating whether to use X-Ray tracing for this GraphqlApi .
wafWebAclArn (string) --
The ARN of the WAF access control list (ACL) associated with this GraphqlApi , if one exists.
lambdaAuthorizerConfig (dict) --
Configuration for Lambda function authorization.
authorizerResultTtlInSeconds (integer) --
The number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a ttlOverride key in its response. A value of 0 disables caching of responses.
authorizerUri (string) --
The Amazon Resource Name (ARN) of the Lambda function to be called for authorization. This can be a standard Lambda ARN, a version ARN (.../v3 ), or an alias ARN.
Note : This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To use the Command Line Interface (CLI), run the following:
aws lambda add-permission --function-name "arn:aws:lambda:us-east-2:111122223333:function:my-function" --statement-id "appsync" --principal appsync.amazonaws.com --action lambda:InvokeFunction
identityValidationExpression (string) --
A regular expression for validation of tokens before the Lambda function is called.
nextToken (string) --
An identifier to pass in the next request to this operation to return the next set of items in the list.
Exceptions
Lists the resolvers for a given API and type.
See also: AWS API Documentation
Request Syntax
response = client.list_resolvers(
apiId='string',
typeName='string',
nextToken='string',
maxResults=123
)
[REQUIRED]
The API ID.
[REQUIRED]
The type name.
dict
Response Syntax
{
'resolvers': [
{
'typeName': 'string',
'fieldName': 'string',
'dataSourceName': 'string',
'resolverArn': 'string',
'requestMappingTemplate': 'string',
'responseMappingTemplate': 'string',
'kind': 'UNIT'|'PIPELINE',
'pipelineConfig': {
'functions': [
'string',
]
},
'syncConfig': {
'conflictHandler': 'OPTIMISTIC_CONCURRENCY'|'LAMBDA'|'AUTOMERGE'|'NONE',
'conflictDetection': 'VERSION'|'NONE',
'lambdaConflictHandlerConfig': {
'lambdaConflictHandlerArn': 'string'
}
},
'cachingConfig': {
'ttl': 123,
'cachingKeys': [
'string',
]
}
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
resolvers (list) --
The Resolver objects.
(dict) --
Describes a resolver.
typeName (string) --
The resolver type name.
fieldName (string) --
The resolver field name.
dataSourceName (string) --
The resolver data source name.
resolverArn (string) --
The resolver Amazon Resource Name (ARN).
requestMappingTemplate (string) --
The request mapping template.
responseMappingTemplate (string) --
The response mapping template.
kind (string) --
The resolver type.
pipelineConfig (dict) --
The PipelineConfig .
functions (list) --
A list of Function objects.
syncConfig (dict) --
The SyncConfig for a resolver attached to a versioned data source.
conflictHandler (string) --
The Conflict Resolution strategy to perform in the event of a conflict.
conflictDetection (string) --
The Conflict Detection strategy to use.
lambdaConflictHandlerConfig (dict) --
The LambdaConflictHandlerConfig when configuring LAMBDA as the Conflict Handler.
lambdaConflictHandlerArn (string) --
The Amazon Resource Name (ARN) for the Lambda function to use as the Conflict Handler.
cachingConfig (dict) --
The caching configuration for the resolver.
ttl (integer) --
The TTL in seconds for a resolver that has caching activated.
Valid values are 1–3,600 seconds.
cachingKeys (list) --
The caching keys for a resolver that has caching activated.
Valid values are entries from the $context.arguments , $context.source , and $context.identity maps.
nextToken (string) --
An identifier to pass in the next request to this operation to return the next set of items in the list.
Exceptions
List the resolvers that are associated with a specific function.
See also: AWS API Documentation
Request Syntax
response = client.list_resolvers_by_function(
apiId='string',
functionId='string',
nextToken='string',
maxResults=123
)
[REQUIRED]
The API ID.
[REQUIRED]
The function ID.
dict
Response Syntax
{
'resolvers': [
{
'typeName': 'string',
'fieldName': 'string',
'dataSourceName': 'string',
'resolverArn': 'string',
'requestMappingTemplate': 'string',
'responseMappingTemplate': 'string',
'kind': 'UNIT'|'PIPELINE',
'pipelineConfig': {
'functions': [
'string',
]
},
'syncConfig': {
'conflictHandler': 'OPTIMISTIC_CONCURRENCY'|'LAMBDA'|'AUTOMERGE'|'NONE',
'conflictDetection': 'VERSION'|'NONE',
'lambdaConflictHandlerConfig': {
'lambdaConflictHandlerArn': 'string'
}
},
'cachingConfig': {
'ttl': 123,
'cachingKeys': [
'string',
]
}
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
resolvers (list) --
The list of resolvers.
(dict) --
Describes a resolver.
typeName (string) --
The resolver type name.
fieldName (string) --
The resolver field name.
dataSourceName (string) --
The resolver data source name.
resolverArn (string) --
The resolver Amazon Resource Name (ARN).
requestMappingTemplate (string) --
The request mapping template.
responseMappingTemplate (string) --
The response mapping template.
kind (string) --
The resolver type.
pipelineConfig (dict) --
The PipelineConfig .
functions (list) --
A list of Function objects.
syncConfig (dict) --
The SyncConfig for a resolver attached to a versioned data source.
conflictHandler (string) --
The Conflict Resolution strategy to perform in the event of a conflict.
conflictDetection (string) --
The Conflict Detection strategy to use.
lambdaConflictHandlerConfig (dict) --
The LambdaConflictHandlerConfig when configuring LAMBDA as the Conflict Handler.
lambdaConflictHandlerArn (string) --
The Amazon Resource Name (ARN) for the Lambda function to use as the Conflict Handler.
cachingConfig (dict) --
The caching configuration for the resolver.
ttl (integer) --
The TTL in seconds for a resolver that has caching activated.
Valid values are 1–3,600 seconds.
cachingKeys (list) --
The caching keys for a resolver that has caching activated.
Valid values are entries from the $context.arguments , $context.source , and $context.identity maps.
nextToken (string) --
An identifier that you can use to return the next set of items in the list.
Exceptions
Lists the tags for a resource.
See also: AWS API Documentation
Request Syntax
response = client.list_tags_for_resource(
resourceArn='string'
)
[REQUIRED]
The GraphqlApi Amazon Resource Name (ARN).
{
'tags': {
'string': 'string'
}
}
Response Structure
A TagMap object.
The key for the tag.
The value for the tag.
Exceptions
Lists the types for a given API.
See also: AWS API Documentation
Request Syntax
response = client.list_types(
apiId='string',
format='SDL'|'JSON',
nextToken='string',
maxResults=123
)
[REQUIRED]
The API ID.
[REQUIRED]
The type format: SDL or JSON.
dict
Response Syntax
{
'types': [
{
'name': 'string',
'description': 'string',
'arn': 'string',
'definition': 'string',
'format': 'SDL'|'JSON'
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
types (list) --
The Type objects.
(dict) --
Describes a type.
name (string) --
The type name.
description (string) --
The type description.
arn (string) --
The type Amazon Resource Name (ARN).
definition (string) --
The type definition.
format (string) --
The type format: SDL or JSON.
nextToken (string) --
An identifier to pass in the next request to this operation to return the next set of items in the list.
Exceptions
Adds a new schema to your GraphQL API.
This operation is asynchronous. Use to determine when it has completed.
See also: AWS API Documentation
Request Syntax
response = client.start_schema_creation(
apiId='string',
definition=b'bytes'
)
[REQUIRED]
The API ID.
[REQUIRED]
The schema definition, in GraphQL schema language format.
dict
Response Syntax
{
'status': 'PROCESSING'|'ACTIVE'|'DELETING'|'FAILED'|'SUCCESS'|'NOT_APPLICABLE'
}
Response Structure
(dict) --
status (string) --
The current state of the schema (PROCESSING, FAILED, SUCCESS, or NOT_APPLICABLE). When the schema is in the ACTIVE state, you can add data.
Exceptions
Tags a resource with user-supplied tags.
See also: AWS API Documentation
Request Syntax
response = client.tag_resource(
resourceArn='string',
tags={
'string': 'string'
}
)
[REQUIRED]
The GraphqlApi Amazon Resource Name (ARN).
[REQUIRED]
A TagMap object.
The key for the tag.
The value for the tag.
dict
Response Syntax
{}
Response Structure
Exceptions
Untags a resource.
See also: AWS API Documentation
Request Syntax
response = client.untag_resource(
resourceArn='string',
tagKeys=[
'string',
]
)
[REQUIRED]
The GraphqlApi Amazon Resource Name (ARN).
[REQUIRED]
A list of TagKey objects.
The key for the tag.
dict
Response Syntax
{}
Response Structure
Exceptions
Updates the cache for the GraphQL API.
See also: AWS API Documentation
Request Syntax
response = client.update_api_cache(
apiId='string',
ttl=123,
apiCachingBehavior='FULL_REQUEST_CACHING'|'PER_RESOLVER_CACHING',
type='T2_SMALL'|'T2_MEDIUM'|'R4_LARGE'|'R4_XLARGE'|'R4_2XLARGE'|'R4_4XLARGE'|'R4_8XLARGE'|'SMALL'|'MEDIUM'|'LARGE'|'XLARGE'|'LARGE_2X'|'LARGE_4X'|'LARGE_8X'|'LARGE_12X'
)
[REQUIRED]
The GraphQL API ID.
[REQUIRED]
TTL in seconds for cache entries.
Valid values are 1–3,600 seconds.
[REQUIRED]
Caching behavior.
[REQUIRED]
The cache instance type. Valid values are
Historically, instance types were identified by an EC2-style value. As of July 2020, this is deprecated, and the generic identifiers above should be used.
The following legacy instance types are available, but their use is discouraged:
dict
Response Syntax
{
'apiCache': {
'ttl': 123,
'apiCachingBehavior': 'FULL_REQUEST_CACHING'|'PER_RESOLVER_CACHING',
'transitEncryptionEnabled': True|False,
'atRestEncryptionEnabled': True|False,
'type': 'T2_SMALL'|'T2_MEDIUM'|'R4_LARGE'|'R4_XLARGE'|'R4_2XLARGE'|'R4_4XLARGE'|'R4_8XLARGE'|'SMALL'|'MEDIUM'|'LARGE'|'XLARGE'|'LARGE_2X'|'LARGE_4X'|'LARGE_8X'|'LARGE_12X',
'status': 'AVAILABLE'|'CREATING'|'DELETING'|'MODIFYING'|'FAILED'
}
}
Response Structure
(dict) --
Represents the output of a UpdateApiCache operation.
apiCache (dict) --
The ApiCache object.
ttl (integer) --
TTL in seconds for cache entries.
Valid values are 1–3,600 seconds.
apiCachingBehavior (string) --
Caching behavior.
transitEncryptionEnabled (boolean) --
Transit encryption flag when connecting to cache. You cannot update this setting after creation.
atRestEncryptionEnabled (boolean) --
At-rest encryption flag for cache. You cannot update this setting after creation.
type (string) --
The cache instance type. Valid values are
Historically, instance types were identified by an EC2-style value. As of July 2020, this is deprecated, and the generic identifiers above should be used.
The following legacy instance types are available, but their use is discouraged:
status (string) --
The cache instance status.
Exceptions
Updates an API key. You can update the key as long as it's not deleted.
See also: AWS API Documentation
Request Syntax
response = client.update_api_key(
apiId='string',
id='string',
description='string',
expires=123
)
[REQUIRED]
The ID for the GraphQL API.
[REQUIRED]
The API key ID.
dict
Response Syntax
{
'apiKey': {
'id': 'string',
'description': 'string',
'expires': 123,
'deletes': 123
}
}
Response Structure
(dict) --
apiKey (dict) --
The API key.
id (string) --
The API key ID.
description (string) --
A description of the purpose of the API key.
expires (integer) --
The time after which the API key expires. The date is represented as seconds since the epoch, rounded down to the nearest hour.
deletes (integer) --
The time after which the API key is deleted. The date is represented as seconds since the epoch, rounded down to the nearest hour.
Exceptions
Updates a DataSource object.
See also: AWS API Documentation
Request Syntax
response = client.update_data_source(
apiId='string',
name='string',
description='string',
type='AWS_LAMBDA'|'AMAZON_DYNAMODB'|'AMAZON_ELASTICSEARCH'|'NONE'|'HTTP'|'RELATIONAL_DATABASE'|'AMAZON_OPENSEARCH_SERVICE',
serviceRoleArn='string',
dynamodbConfig={
'tableName': 'string',
'awsRegion': 'string',
'useCallerCredentials': True|False,
'deltaSyncConfig': {
'baseTableTTL': 123,
'deltaSyncTableName': 'string',
'deltaSyncTableTTL': 123
},
'versioned': True|False
},
lambdaConfig={
'lambdaFunctionArn': 'string'
},
elasticsearchConfig={
'endpoint': 'string',
'awsRegion': 'string'
},
openSearchServiceConfig={
'endpoint': 'string',
'awsRegion': 'string'
},
httpConfig={
'endpoint': 'string',
'authorizationConfig': {
'authorizationType': 'AWS_IAM',
'awsIamConfig': {
'signingRegion': 'string',
'signingServiceName': 'string'
}
}
},
relationalDatabaseConfig={
'relationalDatabaseSourceType': 'RDS_HTTP_ENDPOINT',
'rdsHttpEndpointConfig': {
'awsRegion': 'string',
'dbClusterIdentifier': 'string',
'databaseName': 'string',
'schema': 'string',
'awsSecretStoreArn': 'string'
}
}
)
[REQUIRED]
The API ID.
[REQUIRED]
The new name for the data source.
[REQUIRED]
The new data source type.
The new Amazon DynamoDB configuration.
The table name.
The Amazon Web Services Region.
Set to TRUE to use Amazon Cognito credentials with this data source.
The DeltaSyncConfig for a versioned data source.
The number of minutes that an Item is stored in the data source.
The Delta Sync table name.
The number of minutes that a Delta Sync log entry is stored in the Delta Sync table.
Set to TRUE to use Conflict Detection and Resolution with this data source.
The new Lambda configuration.
The Amazon Resource Name (ARN) for the Lambda function.
The new OpenSearch configuration.
As of September 2021, Amazon Elasticsearch service is Amazon OpenSearch Service. This configuration is deprecated. Instead, use UpdateDataSourceRequest$openSearchServiceConfig to update an OpenSearch data source.
The endpoint.
The Amazon Web Services Region.
The new OpenSearch configuration.
The endpoint.
The Amazon Web Services Region.
The new HTTP endpoint configuration.
The HTTP URL endpoint. You can specify either the domain name or IP, and port combination, and the URL scheme must be HTTP or HTTPS. If you don't specify the port, AppSync uses the default port 80 for the HTTP endpoint and port 443 for HTTPS endpoints.
The authorization configuration in case the HTTP endpoint requires authorization.
The authorization type that the HTTP endpoint requires.
The Identity and Access Management (IAM) settings.
The signing Amazon Web Services Region for IAM authorization.
The signing service name for IAM authorization.
The new relational database configuration.
Source type for the relational database.
Amazon RDS HTTP endpoint settings.
Amazon Web Services Region for Amazon RDS HTTP endpoint.
Amazon RDS cluster Amazon Resource Name (ARN).
Logical database name.
Logical schema name.
Amazon Web Services secret store Amazon Resource Name (ARN) for database credentials.
dict
Response Syntax
{
'dataSource': {
'dataSourceArn': 'string',
'name': 'string',
'description': 'string',
'type': 'AWS_LAMBDA'|'AMAZON_DYNAMODB'|'AMAZON_ELASTICSEARCH'|'NONE'|'HTTP'|'RELATIONAL_DATABASE'|'AMAZON_OPENSEARCH_SERVICE',
'serviceRoleArn': 'string',
'dynamodbConfig': {
'tableName': 'string',
'awsRegion': 'string',
'useCallerCredentials': True|False,
'deltaSyncConfig': {
'baseTableTTL': 123,
'deltaSyncTableName': 'string',
'deltaSyncTableTTL': 123
},
'versioned': True|False
},
'lambdaConfig': {
'lambdaFunctionArn': 'string'
},
'elasticsearchConfig': {
'endpoint': 'string',
'awsRegion': 'string'
},
'openSearchServiceConfig': {
'endpoint': 'string',
'awsRegion': 'string'
},
'httpConfig': {
'endpoint': 'string',
'authorizationConfig': {
'authorizationType': 'AWS_IAM',
'awsIamConfig': {
'signingRegion': 'string',
'signingServiceName': 'string'
}
}
},
'relationalDatabaseConfig': {
'relationalDatabaseSourceType': 'RDS_HTTP_ENDPOINT',
'rdsHttpEndpointConfig': {
'awsRegion': 'string',
'dbClusterIdentifier': 'string',
'databaseName': 'string',
'schema': 'string',
'awsSecretStoreArn': 'string'
}
}
}
}
Response Structure
(dict) --
dataSource (dict) --
The updated DataSource object.
dataSourceArn (string) --
The data source Amazon Resource Name (ARN).
name (string) --
The name of the data source.
description (string) --
The description of the data source.
type (string) --
The type of the data source.
serviceRoleArn (string) --
The Identity and Access Management (IAM) service role Amazon Resource Name (ARN) for the data source. The system assumes this role when accessing the data source.
dynamodbConfig (dict) --
DynamoDB settings.
tableName (string) --
The table name.
awsRegion (string) --
The Amazon Web Services Region.
useCallerCredentials (boolean) --
Set to TRUE to use Amazon Cognito credentials with this data source.
deltaSyncConfig (dict) --
The DeltaSyncConfig for a versioned data source.
baseTableTTL (integer) --
The number of minutes that an Item is stored in the data source.
deltaSyncTableName (string) --
The Delta Sync table name.
deltaSyncTableTTL (integer) --
The number of minutes that a Delta Sync log entry is stored in the Delta Sync table.
versioned (boolean) --
Set to TRUE to use Conflict Detection and Resolution with this data source.
lambdaConfig (dict) --
Lambda settings.
lambdaFunctionArn (string) --
The Amazon Resource Name (ARN) for the Lambda function.
elasticsearchConfig (dict) --
Amazon OpenSearch Service settings.
endpoint (string) --
The endpoint.
awsRegion (string) --
The Amazon Web Services Region.
openSearchServiceConfig (dict) --
Amazon OpenSearch Service settings.
endpoint (string) --
The endpoint.
awsRegion (string) --
The Amazon Web Services Region.
httpConfig (dict) --
HTTP endpoint settings.
endpoint (string) --
The HTTP URL endpoint. You can specify either the domain name or IP, and port combination, and the URL scheme must be HTTP or HTTPS. If you don't specify the port, AppSync uses the default port 80 for the HTTP endpoint and port 443 for HTTPS endpoints.
authorizationConfig (dict) --
The authorization configuration in case the HTTP endpoint requires authorization.
authorizationType (string) --
The authorization type that the HTTP endpoint requires.
awsIamConfig (dict) --
The Identity and Access Management (IAM) settings.
signingRegion (string) --
The signing Amazon Web Services Region for IAM authorization.
signingServiceName (string) --
The signing service name for IAM authorization.
relationalDatabaseConfig (dict) --
Relational database settings.
relationalDatabaseSourceType (string) --
Source type for the relational database.
rdsHttpEndpointConfig (dict) --
Amazon RDS HTTP endpoint settings.
awsRegion (string) --
Amazon Web Services Region for Amazon RDS HTTP endpoint.
dbClusterIdentifier (string) --
Amazon RDS cluster Amazon Resource Name (ARN).
databaseName (string) --
Logical database name.
schema (string) --
Logical schema name.
awsSecretStoreArn (string) --
Amazon Web Services secret store Amazon Resource Name (ARN) for database credentials.
Exceptions
Updates a custom DomainName object.
See also: AWS API Documentation
Request Syntax
response = client.update_domain_name(
domainName='string',
description='string'
)
[REQUIRED]
The domain name.
dict
Response Syntax
{
'domainNameConfig': {
'domainName': 'string',
'description': 'string',
'certificateArn': 'string',
'appsyncDomainName': 'string',
'hostedZoneId': 'string'
}
}
Response Structure
(dict) --
domainNameConfig (dict) --
The configuration for the DomainName .
domainName (string) --
The domain name.
description (string) --
A description of the DomainName configuration.
certificateArn (string) --
The Amazon Resource Name (ARN) of the certificate. This can be an Certificate Manager (ACM) certificate or an Identity and Access Management (IAM) server certificate.
appsyncDomainName (string) --
The domain name that AppSync provides.
hostedZoneId (string) --
The ID of your Amazon Route 53 hosted zone.
Exceptions
Updates a Function object.
See also: AWS API Documentation
Request Syntax
response = client.update_function(
apiId='string',
name='string',
description='string',
functionId='string',
dataSourceName='string',
requestMappingTemplate='string',
responseMappingTemplate='string',
functionVersion='string',
syncConfig={
'conflictHandler': 'OPTIMISTIC_CONCURRENCY'|'LAMBDA'|'AUTOMERGE'|'NONE',
'conflictDetection': 'VERSION'|'NONE',
'lambdaConflictHandlerConfig': {
'lambdaConflictHandlerArn': 'string'
}
}
)
[REQUIRED]
The GraphQL API ID.
[REQUIRED]
The Function name.
[REQUIRED]
The function ID.
[REQUIRED]
The Function DataSource name.
[REQUIRED]
The version of the request mapping template. Currently, the supported value is 2018-05-29.
Describes a Sync configuration for a resolver.
Specifies which Conflict Detection strategy and Resolution strategy to use when the resolver is invoked.
The Conflict Resolution strategy to perform in the event of a conflict.
The Conflict Detection strategy to use.
The LambdaConflictHandlerConfig when configuring LAMBDA as the Conflict Handler.
The Amazon Resource Name (ARN) for the Lambda function to use as the Conflict Handler.
dict
Response Syntax
{
'functionConfiguration': {
'functionId': 'string',
'functionArn': 'string',
'name': 'string',
'description': 'string',
'dataSourceName': 'string',
'requestMappingTemplate': 'string',
'responseMappingTemplate': 'string',
'functionVersion': 'string',
'syncConfig': {
'conflictHandler': 'OPTIMISTIC_CONCURRENCY'|'LAMBDA'|'AUTOMERGE'|'NONE',
'conflictDetection': 'VERSION'|'NONE',
'lambdaConflictHandlerConfig': {
'lambdaConflictHandlerArn': 'string'
}
}
}
}
Response Structure
(dict) --
functionConfiguration (dict) --
The Function object.
functionId (string) --
A unique ID representing the Function object.
functionArn (string) --
The Amazon Resource Name (ARN) of the Function object.
name (string) --
The name of the Function object.
description (string) --
The Function description.
dataSourceName (string) --
The name of the DataSource .
requestMappingTemplate (string) --
The Function request mapping template. Functions support only the 2018-05-29 version of the request mapping template.
responseMappingTemplate (string) --
The Function response mapping template.
functionVersion (string) --
The version of the request mapping template. Currently, only the 2018-05-29 version of the template is supported.
syncConfig (dict) --
Describes a Sync configuration for a resolver.
Specifies which Conflict Detection strategy and Resolution strategy to use when the resolver is invoked.
conflictHandler (string) --
The Conflict Resolution strategy to perform in the event of a conflict.
conflictDetection (string) --
The Conflict Detection strategy to use.
lambdaConflictHandlerConfig (dict) --
The LambdaConflictHandlerConfig when configuring LAMBDA as the Conflict Handler.
lambdaConflictHandlerArn (string) --
The Amazon Resource Name (ARN) for the Lambda function to use as the Conflict Handler.
Exceptions
Updates a GraphqlApi object.
See also: AWS API Documentation
Request Syntax
response = client.update_graphql_api(
apiId='string',
name='string',
logConfig={
'fieldLogLevel': 'NONE'|'ERROR'|'ALL',
'cloudWatchLogsRoleArn': 'string',
'excludeVerboseContent': True|False
},
authenticationType='API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT'|'AWS_LAMBDA',
userPoolConfig={
'userPoolId': 'string',
'awsRegion': 'string',
'defaultAction': 'ALLOW'|'DENY',
'appIdClientRegex': 'string'
},
openIDConnectConfig={
'issuer': 'string',
'clientId': 'string',
'iatTTL': 123,
'authTTL': 123
},
additionalAuthenticationProviders=[
{
'authenticationType': 'API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT'|'AWS_LAMBDA',
'openIDConnectConfig': {
'issuer': 'string',
'clientId': 'string',
'iatTTL': 123,
'authTTL': 123
},
'userPoolConfig': {
'userPoolId': 'string',
'awsRegion': 'string',
'appIdClientRegex': 'string'
},
'lambdaAuthorizerConfig': {
'authorizerResultTtlInSeconds': 123,
'authorizerUri': 'string',
'identityValidationExpression': 'string'
}
},
],
xrayEnabled=True|False,
lambdaAuthorizerConfig={
'authorizerResultTtlInSeconds': 123,
'authorizerUri': 'string',
'identityValidationExpression': 'string'
}
)
[REQUIRED]
The API ID.
[REQUIRED]
The new name for the GraphqlApi object.
The Amazon CloudWatch Logs configuration for the GraphqlApi object.
The field logging level. Values can be NONE, ERROR, or ALL.
The service role that AppSync assumes to publish to CloudWatch logs in your account.
Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level.
The new Amazon Cognito user pool configuration for the ~GraphqlApi object.
The user pool ID.
The Amazon Web Services Region in which the user pool was created.
The action that you want your GraphQL API to take when a request that uses Amazon Cognito user pool authentication doesn't match the Amazon Cognito user pool configuration.
A regular expression for validating the incoming Amazon Cognito user pool app client ID.
The OpenID Connect configuration for the GraphqlApi object.
The issuer for the OIDC configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.
The client identifier of the relying party at the OpenID identity provider. This identifier is typically obtained when the relying party is registered with the OpenID identity provider. You can specify a regular expression so that AppSync can validate against multiple client identifiers at a time.
The number of milliseconds that a token is valid after it's issued to a user.
The number of milliseconds that a token is valid after being authenticated.
A list of additional authentication providers for the GraphqlApi API.
Describes an additional authentication provider.
The authentication type: API key, Identity and Access Management (IAM), OpenID Connect (OIDC), Amazon Cognito user pools, or Lambda.
The OIDC configuration.
The issuer for the OIDC configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.
The client identifier of the relying party at the OpenID identity provider. This identifier is typically obtained when the relying party is registered with the OpenID identity provider. You can specify a regular expression so that AppSync can validate against multiple client identifiers at a time.
The number of milliseconds that a token is valid after it's issued to a user.
The number of milliseconds that a token is valid after being authenticated.
The Amazon Cognito user pool configuration.
The user pool ID.
The Amazon Web Services Region in which the user pool was created.
A regular expression for validating the incoming Amazon Cognito user pool app client ID.
Configuration for Lambda function authorization.
The number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a ttlOverride key in its response. A value of 0 disables caching of responses.
The Amazon Resource Name (ARN) of the Lambda function to be called for authorization. This can be a standard Lambda ARN, a version ARN (.../v3 ), or an alias ARN.
Note : This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To use the Command Line Interface (CLI), run the following:aws lambda add-permission --function-name "arn:aws:lambda:us-east-2:111122223333:function:my-function" --statement-id "appsync" --principal appsync.amazonaws.com --action lambda:InvokeFunction
A regular expression for validation of tokens before the Lambda function is called.
Configuration for Lambda function authorization.
The number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a ttlOverride key in its response. A value of 0 disables caching of responses.
The Amazon Resource Name (ARN) of the Lambda function to be called for authorization. This can be a standard Lambda ARN, a version ARN (.../v3 ), or an alias ARN.
Note : This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To use the Command Line Interface (CLI), run the following:aws lambda add-permission --function-name "arn:aws:lambda:us-east-2:111122223333:function:my-function" --statement-id "appsync" --principal appsync.amazonaws.com --action lambda:InvokeFunction
A regular expression for validation of tokens before the Lambda function is called.
dict
Response Syntax
{
'graphqlApi': {
'name': 'string',
'apiId': 'string',
'authenticationType': 'API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT'|'AWS_LAMBDA',
'logConfig': {
'fieldLogLevel': 'NONE'|'ERROR'|'ALL',
'cloudWatchLogsRoleArn': 'string',
'excludeVerboseContent': True|False
},
'userPoolConfig': {
'userPoolId': 'string',
'awsRegion': 'string',
'defaultAction': 'ALLOW'|'DENY',
'appIdClientRegex': 'string'
},
'openIDConnectConfig': {
'issuer': 'string',
'clientId': 'string',
'iatTTL': 123,
'authTTL': 123
},
'arn': 'string',
'uris': {
'string': 'string'
},
'tags': {
'string': 'string'
},
'additionalAuthenticationProviders': [
{
'authenticationType': 'API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT'|'AWS_LAMBDA',
'openIDConnectConfig': {
'issuer': 'string',
'clientId': 'string',
'iatTTL': 123,
'authTTL': 123
},
'userPoolConfig': {
'userPoolId': 'string',
'awsRegion': 'string',
'appIdClientRegex': 'string'
},
'lambdaAuthorizerConfig': {
'authorizerResultTtlInSeconds': 123,
'authorizerUri': 'string',
'identityValidationExpression': 'string'
}
},
],
'xrayEnabled': True|False,
'wafWebAclArn': 'string',
'lambdaAuthorizerConfig': {
'authorizerResultTtlInSeconds': 123,
'authorizerUri': 'string',
'identityValidationExpression': 'string'
}
}
}
Response Structure
(dict) --
graphqlApi (dict) --
The updated GraphqlApi object.
name (string) --
The API name.
apiId (string) --
The API ID.
authenticationType (string) --
The authentication type.
logConfig (dict) --
The Amazon CloudWatch Logs configuration.
fieldLogLevel (string) --
The field logging level. Values can be NONE, ERROR, or ALL.
cloudWatchLogsRoleArn (string) --
The service role that AppSync assumes to publish to CloudWatch logs in your account.
excludeVerboseContent (boolean) --
Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level.
userPoolConfig (dict) --
The Amazon Cognito user pool configuration.
userPoolId (string) --
The user pool ID.
awsRegion (string) --
The Amazon Web Services Region in which the user pool was created.
defaultAction (string) --
The action that you want your GraphQL API to take when a request that uses Amazon Cognito user pool authentication doesn't match the Amazon Cognito user pool configuration.
appIdClientRegex (string) --
A regular expression for validating the incoming Amazon Cognito user pool app client ID.
openIDConnectConfig (dict) --
The OpenID Connect configuration.
issuer (string) --
The issuer for the OIDC configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.
clientId (string) --
The client identifier of the relying party at the OpenID identity provider. This identifier is typically obtained when the relying party is registered with the OpenID identity provider. You can specify a regular expression so that AppSync can validate against multiple client identifiers at a time.
iatTTL (integer) --
The number of milliseconds that a token is valid after it's issued to a user.
authTTL (integer) --
The number of milliseconds that a token is valid after being authenticated.
arn (string) --
The Amazon Resource Name (ARN).
uris (dict) --
The URIs.
tags (dict) --
The tags.
(string) --
The key for the tag.
(string) --
The value for the tag.
additionalAuthenticationProviders (list) --
A list of additional authentication providers for the GraphqlApi API.
(dict) --
Describes an additional authentication provider.
authenticationType (string) --
The authentication type: API key, Identity and Access Management (IAM), OpenID Connect (OIDC), Amazon Cognito user pools, or Lambda.
openIDConnectConfig (dict) --
The OIDC configuration.
issuer (string) --
The issuer for the OIDC configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.
clientId (string) --
The client identifier of the relying party at the OpenID identity provider. This identifier is typically obtained when the relying party is registered with the OpenID identity provider. You can specify a regular expression so that AppSync can validate against multiple client identifiers at a time.
iatTTL (integer) --
The number of milliseconds that a token is valid after it's issued to a user.
authTTL (integer) --
The number of milliseconds that a token is valid after being authenticated.
userPoolConfig (dict) --
The Amazon Cognito user pool configuration.
userPoolId (string) --
The user pool ID.
awsRegion (string) --
The Amazon Web Services Region in which the user pool was created.
appIdClientRegex (string) --
A regular expression for validating the incoming Amazon Cognito user pool app client ID.
lambdaAuthorizerConfig (dict) --
Configuration for Lambda function authorization.
authorizerResultTtlInSeconds (integer) --
The number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a ttlOverride key in its response. A value of 0 disables caching of responses.
authorizerUri (string) --
The Amazon Resource Name (ARN) of the Lambda function to be called for authorization. This can be a standard Lambda ARN, a version ARN (.../v3 ), or an alias ARN.
Note : This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To use the Command Line Interface (CLI), run the following:
aws lambda add-permission --function-name "arn:aws:lambda:us-east-2:111122223333:function:my-function" --statement-id "appsync" --principal appsync.amazonaws.com --action lambda:InvokeFunction
identityValidationExpression (string) --
A regular expression for validation of tokens before the Lambda function is called.
xrayEnabled (boolean) --
A flag indicating whether to use X-Ray tracing for this GraphqlApi .
wafWebAclArn (string) --
The ARN of the WAF access control list (ACL) associated with this GraphqlApi , if one exists.
lambdaAuthorizerConfig (dict) --
Configuration for Lambda function authorization.
authorizerResultTtlInSeconds (integer) --
The number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a ttlOverride key in its response. A value of 0 disables caching of responses.
authorizerUri (string) --
The Amazon Resource Name (ARN) of the Lambda function to be called for authorization. This can be a standard Lambda ARN, a version ARN (.../v3 ), or an alias ARN.
Note : This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To use the Command Line Interface (CLI), run the following:
aws lambda add-permission --function-name "arn:aws:lambda:us-east-2:111122223333:function:my-function" --statement-id "appsync" --principal appsync.amazonaws.com --action lambda:InvokeFunction
identityValidationExpression (string) --
A regular expression for validation of tokens before the Lambda function is called.
Exceptions
Updates a Resolver object.
See also: AWS API Documentation
Request Syntax
response = client.update_resolver(
apiId='string',
typeName='string',
fieldName='string',
dataSourceName='string',
requestMappingTemplate='string',
responseMappingTemplate='string',
kind='UNIT'|'PIPELINE',
pipelineConfig={
'functions': [
'string',
]
},
syncConfig={
'conflictHandler': 'OPTIMISTIC_CONCURRENCY'|'LAMBDA'|'AUTOMERGE'|'NONE',
'conflictDetection': 'VERSION'|'NONE',
'lambdaConflictHandlerConfig': {
'lambdaConflictHandlerArn': 'string'
}
},
cachingConfig={
'ttl': 123,
'cachingKeys': [
'string',
]
}
)
[REQUIRED]
The API ID.
[REQUIRED]
The new type name.
[REQUIRED]
The new field name.
The new request mapping template.
A resolver uses a request mapping template to convert a GraphQL expression into a format that a data source can understand. Mapping templates are written in Apache Velocity Template Language (VTL).
VTL request mapping templates are optional when using an Lambda data source. For all other data sources, VTL request and response mapping templates are required.
The resolver type.
The PipelineConfig .
A list of Function objects.
The SyncConfig for a resolver attached to a versioned data source.
The Conflict Resolution strategy to perform in the event of a conflict.
The Conflict Detection strategy to use.
The LambdaConflictHandlerConfig when configuring LAMBDA as the Conflict Handler.
The Amazon Resource Name (ARN) for the Lambda function to use as the Conflict Handler.
The caching configuration for the resolver.
The TTL in seconds for a resolver that has caching activated.
Valid values are 1–3,600 seconds.
The caching keys for a resolver that has caching activated.
Valid values are entries from the $context.arguments , $context.source , and $context.identity maps.
dict
Response Syntax
{
'resolver': {
'typeName': 'string',
'fieldName': 'string',
'dataSourceName': 'string',
'resolverArn': 'string',
'requestMappingTemplate': 'string',
'responseMappingTemplate': 'string',
'kind': 'UNIT'|'PIPELINE',
'pipelineConfig': {
'functions': [
'string',
]
},
'syncConfig': {
'conflictHandler': 'OPTIMISTIC_CONCURRENCY'|'LAMBDA'|'AUTOMERGE'|'NONE',
'conflictDetection': 'VERSION'|'NONE',
'lambdaConflictHandlerConfig': {
'lambdaConflictHandlerArn': 'string'
}
},
'cachingConfig': {
'ttl': 123,
'cachingKeys': [
'string',
]
}
}
}
Response Structure
(dict) --
resolver (dict) --
The updated Resolver object.
typeName (string) --
The resolver type name.
fieldName (string) --
The resolver field name.
dataSourceName (string) --
The resolver data source name.
resolverArn (string) --
The resolver Amazon Resource Name (ARN).
requestMappingTemplate (string) --
The request mapping template.
responseMappingTemplate (string) --
The response mapping template.
kind (string) --
The resolver type.
pipelineConfig (dict) --
The PipelineConfig .
functions (list) --
A list of Function objects.
syncConfig (dict) --
The SyncConfig for a resolver attached to a versioned data source.
conflictHandler (string) --
The Conflict Resolution strategy to perform in the event of a conflict.
conflictDetection (string) --
The Conflict Detection strategy to use.
lambdaConflictHandlerConfig (dict) --
The LambdaConflictHandlerConfig when configuring LAMBDA as the Conflict Handler.
lambdaConflictHandlerArn (string) --
The Amazon Resource Name (ARN) for the Lambda function to use as the Conflict Handler.
cachingConfig (dict) --
The caching configuration for the resolver.
ttl (integer) --
The TTL in seconds for a resolver that has caching activated.
Valid values are 1–3,600 seconds.
cachingKeys (list) --
The caching keys for a resolver that has caching activated.
Valid values are entries from the $context.arguments , $context.source , and $context.identity maps.
Exceptions
Updates a Type object.
See also: AWS API Documentation
Request Syntax
response = client.update_type(
apiId='string',
typeName='string',
definition='string',
format='SDL'|'JSON'
)
[REQUIRED]
The API ID.
[REQUIRED]
The new type name.
[REQUIRED]
The new type format: SDL or JSON.
dict
Response Syntax
{
'type': {
'name': 'string',
'description': 'string',
'arn': 'string',
'definition': 'string',
'format': 'SDL'|'JSON'
}
}
Response Structure
(dict) --
type (dict) --
The updated Type object.
name (string) --
The type name.
description (string) --
The type description.
arn (string) --
The type Amazon Resource Name (ARN).
definition (string) --
The type definition.
format (string) --
The type format: SDL or JSON.
Exceptions
The available paginators are:
paginator = client.get_paginator('list_api_keys')
Creates an iterator that will paginate through responses from AppSync.Client.list_api_keys().
See also: AWS API Documentation
Request Syntax
response_iterator = paginator.paginate(
apiId='string',
PaginationConfig={
'MaxItems': 123,
'PageSize': 123,
'StartingToken': 'string'
}
)
[REQUIRED]
The API ID.
A dictionary that provides parameters to control pagination.
The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.
The size of each page.
A token to specify where to start paginating. This is the NextToken from a previous response.
dict
Response Syntax
{
'apiKeys': [
{
'id': 'string',
'description': 'string',
'expires': 123,
'deletes': 123
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
apiKeys (list) --
The ApiKey objects.
(dict) --
Describes an API key.
Customers invoke AppSync GraphQL API operations with API keys as an identity mechanism. There are two key versions:
da1 : We introduced this version at launch in November 2017. These keys always expire after 7 days. Amazon DynamoDB TTL manages key expiration. These keys ceased to be valid after February 21, 2018, and they should no longer be used.
da2 : We introduced this version in February 2018 when AppSync added support to extend key expiration.
id (string) --
The API key ID.
description (string) --
A description of the purpose of the API key.
expires (integer) --
The time after which the API key expires. The date is represented as seconds since the epoch, rounded down to the nearest hour.
deletes (integer) --
The time after which the API key is deleted. The date is represented as seconds since the epoch, rounded down to the nearest hour.
NextToken (string) --
A token to resume pagination.
paginator = client.get_paginator('list_data_sources')
Creates an iterator that will paginate through responses from AppSync.Client.list_data_sources().
See also: AWS API Documentation
Request Syntax
response_iterator = paginator.paginate(
apiId='string',
PaginationConfig={
'MaxItems': 123,
'PageSize': 123,
'StartingToken': 'string'
}
)
[REQUIRED]
The API ID.
A dictionary that provides parameters to control pagination.
The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.
The size of each page.
A token to specify where to start paginating. This is the NextToken from a previous response.
dict
Response Syntax
{
'dataSources': [
{
'dataSourceArn': 'string',
'name': 'string',
'description': 'string',
'type': 'AWS_LAMBDA'|'AMAZON_DYNAMODB'|'AMAZON_ELASTICSEARCH'|'NONE'|'HTTP'|'RELATIONAL_DATABASE'|'AMAZON_OPENSEARCH_SERVICE',
'serviceRoleArn': 'string',
'dynamodbConfig': {
'tableName': 'string',
'awsRegion': 'string',
'useCallerCredentials': True|False,
'deltaSyncConfig': {
'baseTableTTL': 123,
'deltaSyncTableName': 'string',
'deltaSyncTableTTL': 123
},
'versioned': True|False
},
'lambdaConfig': {
'lambdaFunctionArn': 'string'
},
'elasticsearchConfig': {
'endpoint': 'string',
'awsRegion': 'string'
},
'openSearchServiceConfig': {
'endpoint': 'string',
'awsRegion': 'string'
},
'httpConfig': {
'endpoint': 'string',
'authorizationConfig': {
'authorizationType': 'AWS_IAM',
'awsIamConfig': {
'signingRegion': 'string',
'signingServiceName': 'string'
}
}
},
'relationalDatabaseConfig': {
'relationalDatabaseSourceType': 'RDS_HTTP_ENDPOINT',
'rdsHttpEndpointConfig': {
'awsRegion': 'string',
'dbClusterIdentifier': 'string',
'databaseName': 'string',
'schema': 'string',
'awsSecretStoreArn': 'string'
}
}
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
dataSources (list) --
The DataSource objects.
(dict) --
Describes a data source.
dataSourceArn (string) --
The data source Amazon Resource Name (ARN).
name (string) --
The name of the data source.
description (string) --
The description of the data source.
type (string) --
The type of the data source.
serviceRoleArn (string) --
The Identity and Access Management (IAM) service role Amazon Resource Name (ARN) for the data source. The system assumes this role when accessing the data source.
dynamodbConfig (dict) --
DynamoDB settings.
tableName (string) --
The table name.
awsRegion (string) --
The Amazon Web Services Region.
useCallerCredentials (boolean) --
Set to TRUE to use Amazon Cognito credentials with this data source.
deltaSyncConfig (dict) --
The DeltaSyncConfig for a versioned data source.
baseTableTTL (integer) --
The number of minutes that an Item is stored in the data source.
deltaSyncTableName (string) --
The Delta Sync table name.
deltaSyncTableTTL (integer) --
The number of minutes that a Delta Sync log entry is stored in the Delta Sync table.
versioned (boolean) --
Set to TRUE to use Conflict Detection and Resolution with this data source.
lambdaConfig (dict) --
Lambda settings.
lambdaFunctionArn (string) --
The Amazon Resource Name (ARN) for the Lambda function.
elasticsearchConfig (dict) --
Amazon OpenSearch Service settings.
endpoint (string) --
The endpoint.
awsRegion (string) --
The Amazon Web Services Region.
openSearchServiceConfig (dict) --
Amazon OpenSearch Service settings.
endpoint (string) --
The endpoint.
awsRegion (string) --
The Amazon Web Services Region.
httpConfig (dict) --
HTTP endpoint settings.
endpoint (string) --
The HTTP URL endpoint. You can specify either the domain name or IP, and port combination, and the URL scheme must be HTTP or HTTPS. If you don't specify the port, AppSync uses the default port 80 for the HTTP endpoint and port 443 for HTTPS endpoints.
authorizationConfig (dict) --
The authorization configuration in case the HTTP endpoint requires authorization.
authorizationType (string) --
The authorization type that the HTTP endpoint requires.
awsIamConfig (dict) --
The Identity and Access Management (IAM) settings.
signingRegion (string) --
The signing Amazon Web Services Region for IAM authorization.
signingServiceName (string) --
The signing service name for IAM authorization.
relationalDatabaseConfig (dict) --
Relational database settings.
relationalDatabaseSourceType (string) --
Source type for the relational database.
rdsHttpEndpointConfig (dict) --
Amazon RDS HTTP endpoint settings.
awsRegion (string) --
Amazon Web Services Region for Amazon RDS HTTP endpoint.
dbClusterIdentifier (string) --
Amazon RDS cluster Amazon Resource Name (ARN).
databaseName (string) --
Logical database name.
schema (string) --
Logical schema name.
awsSecretStoreArn (string) --
Amazon Web Services secret store Amazon Resource Name (ARN) for database credentials.
NextToken (string) --
A token to resume pagination.
paginator = client.get_paginator('list_functions')
Creates an iterator that will paginate through responses from AppSync.Client.list_functions().
See also: AWS API Documentation
Request Syntax
response_iterator = paginator.paginate(
apiId='string',
PaginationConfig={
'MaxItems': 123,
'PageSize': 123,
'StartingToken': 'string'
}
)
[REQUIRED]
The GraphQL API ID.
A dictionary that provides parameters to control pagination.
The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.
The size of each page.
A token to specify where to start paginating. This is the NextToken from a previous response.
dict
Response Syntax
{
'functions': [
{
'functionId': 'string',
'functionArn': 'string',
'name': 'string',
'description': 'string',
'dataSourceName': 'string',
'requestMappingTemplate': 'string',
'responseMappingTemplate': 'string',
'functionVersion': 'string',
'syncConfig': {
'conflictHandler': 'OPTIMISTIC_CONCURRENCY'|'LAMBDA'|'AUTOMERGE'|'NONE',
'conflictDetection': 'VERSION'|'NONE',
'lambdaConflictHandlerConfig': {
'lambdaConflictHandlerArn': 'string'
}
}
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
functions (list) --
A list of Function objects.
(dict) --
A function is a reusable entity. You can use multiple functions to compose the resolver logic.
functionId (string) --
A unique ID representing the Function object.
functionArn (string) --
The Amazon Resource Name (ARN) of the Function object.
name (string) --
The name of the Function object.
description (string) --
The Function description.
dataSourceName (string) --
The name of the DataSource .
requestMappingTemplate (string) --
The Function request mapping template. Functions support only the 2018-05-29 version of the request mapping template.
responseMappingTemplate (string) --
The Function response mapping template.
functionVersion (string) --
The version of the request mapping template. Currently, only the 2018-05-29 version of the template is supported.
syncConfig (dict) --
Describes a Sync configuration for a resolver.
Specifies which Conflict Detection strategy and Resolution strategy to use when the resolver is invoked.
conflictHandler (string) --
The Conflict Resolution strategy to perform in the event of a conflict.
conflictDetection (string) --
The Conflict Detection strategy to use.
lambdaConflictHandlerConfig (dict) --
The LambdaConflictHandlerConfig when configuring LAMBDA as the Conflict Handler.
lambdaConflictHandlerArn (string) --
The Amazon Resource Name (ARN) for the Lambda function to use as the Conflict Handler.
NextToken (string) --
A token to resume pagination.
paginator = client.get_paginator('list_graphql_apis')
Creates an iterator that will paginate through responses from AppSync.Client.list_graphql_apis().
See also: AWS API Documentation
Request Syntax
response_iterator = paginator.paginate(
PaginationConfig={
'MaxItems': 123,
'PageSize': 123,
'StartingToken': 'string'
}
)
A dictionary that provides parameters to control pagination.
The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.
The size of each page.
A token to specify where to start paginating. This is the NextToken from a previous response.
{
'graphqlApis': [
{
'name': 'string',
'apiId': 'string',
'authenticationType': 'API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT'|'AWS_LAMBDA',
'logConfig': {
'fieldLogLevel': 'NONE'|'ERROR'|'ALL',
'cloudWatchLogsRoleArn': 'string',
'excludeVerboseContent': True|False
},
'userPoolConfig': {
'userPoolId': 'string',
'awsRegion': 'string',
'defaultAction': 'ALLOW'|'DENY',
'appIdClientRegex': 'string'
},
'openIDConnectConfig': {
'issuer': 'string',
'clientId': 'string',
'iatTTL': 123,
'authTTL': 123
},
'arn': 'string',
'uris': {
'string': 'string'
},
'tags': {
'string': 'string'
},
'additionalAuthenticationProviders': [
{
'authenticationType': 'API_KEY'|'AWS_IAM'|'AMAZON_COGNITO_USER_POOLS'|'OPENID_CONNECT'|'AWS_LAMBDA',
'openIDConnectConfig': {
'issuer': 'string',
'clientId': 'string',
'iatTTL': 123,
'authTTL': 123
},
'userPoolConfig': {
'userPoolId': 'string',
'awsRegion': 'string',
'appIdClientRegex': 'string'
},
'lambdaAuthorizerConfig': {
'authorizerResultTtlInSeconds': 123,
'authorizerUri': 'string',
'identityValidationExpression': 'string'
}
},
],
'xrayEnabled': True|False,
'wafWebAclArn': 'string',
'lambdaAuthorizerConfig': {
'authorizerResultTtlInSeconds': 123,
'authorizerUri': 'string',
'identityValidationExpression': 'string'
}
},
],
'NextToken': 'string'
}
Response Structure
The GraphqlApi objects.
Describes a GraphQL API.
The API name.
The API ID.
The authentication type.
The Amazon CloudWatch Logs configuration.
The field logging level. Values can be NONE, ERROR, or ALL.
The service role that AppSync assumes to publish to CloudWatch logs in your account.
Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level.
The Amazon Cognito user pool configuration.
The user pool ID.
The Amazon Web Services Region in which the user pool was created.
The action that you want your GraphQL API to take when a request that uses Amazon Cognito user pool authentication doesn't match the Amazon Cognito user pool configuration.
A regular expression for validating the incoming Amazon Cognito user pool app client ID.
The OpenID Connect configuration.
The issuer for the OIDC configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.
The client identifier of the relying party at the OpenID identity provider. This identifier is typically obtained when the relying party is registered with the OpenID identity provider. You can specify a regular expression so that AppSync can validate against multiple client identifiers at a time.
The number of milliseconds that a token is valid after it's issued to a user.
The number of milliseconds that a token is valid after being authenticated.
The Amazon Resource Name (ARN).
The URIs.
The tags.
The key for the tag.
The value for the tag.
A list of additional authentication providers for the GraphqlApi API.
Describes an additional authentication provider.
The authentication type: API key, Identity and Access Management (IAM), OpenID Connect (OIDC), Amazon Cognito user pools, or Lambda.
The OIDC configuration.
The issuer for the OIDC configuration. The issuer returned by discovery must exactly match the value of iss in the ID token.
The client identifier of the relying party at the OpenID identity provider. This identifier is typically obtained when the relying party is registered with the OpenID identity provider. You can specify a regular expression so that AppSync can validate against multiple client identifiers at a time.
The number of milliseconds that a token is valid after it's issued to a user.
The number of milliseconds that a token is valid after being authenticated.
The Amazon Cognito user pool configuration.
The user pool ID.
The Amazon Web Services Region in which the user pool was created.
A regular expression for validating the incoming Amazon Cognito user pool app client ID.
Configuration for Lambda function authorization.
The number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a ttlOverride key in its response. A value of 0 disables caching of responses.
The Amazon Resource Name (ARN) of the Lambda function to be called for authorization. This can be a standard Lambda ARN, a version ARN (.../v3 ), or an alias ARN.
Note : This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To use the Command Line Interface (CLI), run the following:aws lambda add-permission --function-name "arn:aws:lambda:us-east-2:111122223333:function:my-function" --statement-id "appsync" --principal appsync.amazonaws.com --action lambda:InvokeFunction
A regular expression for validation of tokens before the Lambda function is called.
A flag indicating whether to use X-Ray tracing for this GraphqlApi .
The ARN of the WAF access control list (ACL) associated with this GraphqlApi , if one exists.
Configuration for Lambda function authorization.
The number of seconds a response should be cached for. The default is 5 minutes (300 seconds). The Lambda function can override this by returning a ttlOverride key in its response. A value of 0 disables caching of responses.
The Amazon Resource Name (ARN) of the Lambda function to be called for authorization. This can be a standard Lambda ARN, a version ARN (.../v3 ), or an alias ARN.
Note : This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To use the Command Line Interface (CLI), run the following:aws lambda add-permission --function-name "arn:aws:lambda:us-east-2:111122223333:function:my-function" --statement-id "appsync" --principal appsync.amazonaws.com --action lambda:InvokeFunction
A regular expression for validation of tokens before the Lambda function is called.
A token to resume pagination.
paginator = client.get_paginator('list_resolvers')
Creates an iterator that will paginate through responses from AppSync.Client.list_resolvers().
See also: AWS API Documentation
Request Syntax
response_iterator = paginator.paginate(
apiId='string',
typeName='string',
PaginationConfig={
'MaxItems': 123,
'PageSize': 123,
'StartingToken': 'string'
}
)
[REQUIRED]
The API ID.
[REQUIRED]
The type name.
A dictionary that provides parameters to control pagination.
The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.
The size of each page.
A token to specify where to start paginating. This is the NextToken from a previous response.
dict
Response Syntax
{
'resolvers': [
{
'typeName': 'string',
'fieldName': 'string',
'dataSourceName': 'string',
'resolverArn': 'string',
'requestMappingTemplate': 'string',
'responseMappingTemplate': 'string',
'kind': 'UNIT'|'PIPELINE',
'pipelineConfig': {
'functions': [
'string',
]
},
'syncConfig': {
'conflictHandler': 'OPTIMISTIC_CONCURRENCY'|'LAMBDA'|'AUTOMERGE'|'NONE',
'conflictDetection': 'VERSION'|'NONE',
'lambdaConflictHandlerConfig': {
'lambdaConflictHandlerArn': 'string'
}
},
'cachingConfig': {
'ttl': 123,
'cachingKeys': [
'string',
]
}
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
resolvers (list) --
The Resolver objects.
(dict) --
Describes a resolver.
typeName (string) --
The resolver type name.
fieldName (string) --
The resolver field name.
dataSourceName (string) --
The resolver data source name.
resolverArn (string) --
The resolver Amazon Resource Name (ARN).
requestMappingTemplate (string) --
The request mapping template.
responseMappingTemplate (string) --
The response mapping template.
kind (string) --
The resolver type.
pipelineConfig (dict) --
The PipelineConfig .
functions (list) --
A list of Function objects.
syncConfig (dict) --
The SyncConfig for a resolver attached to a versioned data source.
conflictHandler (string) --
The Conflict Resolution strategy to perform in the event of a conflict.
conflictDetection (string) --
The Conflict Detection strategy to use.
lambdaConflictHandlerConfig (dict) --
The LambdaConflictHandlerConfig when configuring LAMBDA as the Conflict Handler.
lambdaConflictHandlerArn (string) --
The Amazon Resource Name (ARN) for the Lambda function to use as the Conflict Handler.
cachingConfig (dict) --
The caching configuration for the resolver.
ttl (integer) --
The TTL in seconds for a resolver that has caching activated.
Valid values are 1–3,600 seconds.
cachingKeys (list) --
The caching keys for a resolver that has caching activated.
Valid values are entries from the $context.arguments , $context.source , and $context.identity maps.
NextToken (string) --
A token to resume pagination.
paginator = client.get_paginator('list_resolvers_by_function')
Creates an iterator that will paginate through responses from AppSync.Client.list_resolvers_by_function().
See also: AWS API Documentation
Request Syntax
response_iterator = paginator.paginate(
apiId='string',
functionId='string',
PaginationConfig={
'MaxItems': 123,
'PageSize': 123,
'StartingToken': 'string'
}
)
[REQUIRED]
The API ID.
[REQUIRED]
The function ID.
A dictionary that provides parameters to control pagination.
The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.
The size of each page.
A token to specify where to start paginating. This is the NextToken from a previous response.
dict
Response Syntax
{
'resolvers': [
{
'typeName': 'string',
'fieldName': 'string',
'dataSourceName': 'string',
'resolverArn': 'string',
'requestMappingTemplate': 'string',
'responseMappingTemplate': 'string',
'kind': 'UNIT'|'PIPELINE',
'pipelineConfig': {
'functions': [
'string',
]
},
'syncConfig': {
'conflictHandler': 'OPTIMISTIC_CONCURRENCY'|'LAMBDA'|'AUTOMERGE'|'NONE',
'conflictDetection': 'VERSION'|'NONE',
'lambdaConflictHandlerConfig': {
'lambdaConflictHandlerArn': 'string'
}
},
'cachingConfig': {
'ttl': 123,
'cachingKeys': [
'string',
]
}
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
resolvers (list) --
The list of resolvers.
(dict) --
Describes a resolver.
typeName (string) --
The resolver type name.
fieldName (string) --
The resolver field name.
dataSourceName (string) --
The resolver data source name.
resolverArn (string) --
The resolver Amazon Resource Name (ARN).
requestMappingTemplate (string) --
The request mapping template.
responseMappingTemplate (string) --
The response mapping template.
kind (string) --
The resolver type.
pipelineConfig (dict) --
The PipelineConfig .
functions (list) --
A list of Function objects.
syncConfig (dict) --
The SyncConfig for a resolver attached to a versioned data source.
conflictHandler (string) --
The Conflict Resolution strategy to perform in the event of a conflict.
conflictDetection (string) --
The Conflict Detection strategy to use.
lambdaConflictHandlerConfig (dict) --
The LambdaConflictHandlerConfig when configuring LAMBDA as the Conflict Handler.
lambdaConflictHandlerArn (string) --
The Amazon Resource Name (ARN) for the Lambda function to use as the Conflict Handler.
cachingConfig (dict) --
The caching configuration for the resolver.
ttl (integer) --
The TTL in seconds for a resolver that has caching activated.
Valid values are 1–3,600 seconds.
cachingKeys (list) --
The caching keys for a resolver that has caching activated.
Valid values are entries from the $context.arguments , $context.source , and $context.identity maps.
NextToken (string) --
A token to resume pagination.
paginator = client.get_paginator('list_types')
Creates an iterator that will paginate through responses from AppSync.Client.list_types().
See also: AWS API Documentation
Request Syntax
response_iterator = paginator.paginate(
apiId='string',
format='SDL'|'JSON',
PaginationConfig={
'MaxItems': 123,
'PageSize': 123,
'StartingToken': 'string'
}
)
[REQUIRED]
The API ID.
[REQUIRED]
The type format: SDL or JSON.
A dictionary that provides parameters to control pagination.
The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.
The size of each page.
A token to specify where to start paginating. This is the NextToken from a previous response.
dict
Response Syntax
{
'types': [
{
'name': 'string',
'description': 'string',
'arn': 'string',
'definition': 'string',
'format': 'SDL'|'JSON'
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
types (list) --
The Type objects.
(dict) --
Describes a type.
name (string) --
The type name.
description (string) --
The type description.
arn (string) --
The type Amazon Resource Name (ARN).
definition (string) --
The type definition.
format (string) --
The type format: SDL or JSON.
NextToken (string) --
A token to resume pagination.