Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[@aws-cdk/aws-appsync] creating a new GraphqlApi and connect Cognito with userPoolConfig

See original GitHub issue

So I am trying to provision a GraphqlApi connecting to an existing CognitoPool that is provisioned in a separate stack. I am trying to use the CDK class GraphqlApi instead of the low level construct CfnGraphQLApi.

However, I fail to see how I can define my defaultAuthorization with an existing UserPool.

My code so far:

const api = new GraphqlApi(this, 'ClientApi', {
      name: this.props.applicationName,
      schema: Schema.fromAsset(join(`${__dirname}/../src/config`, 'schema.graphql')),
      authorizationConfig: {
        defaultAuthorization: {
          authorizationType: AuthorizationType.USER_POOL,
          userPoolConfig: {
            defaultAction: UserPoolDefaultAction.ALLOW,
            userPool: {
              userPoolId: config.userPoolId,
              userPoolArn: this.getUserPoolArn(config.userPoolId),
             // .... it get's impossible here, it requires a IUserPool object
            }
          }
        }
      }

I have the userPoolId from a config file and I can construct the ARN.

So the problem is that the typing for userPoolConfig is not made for an existing pool. If you use the Lowlevel construct, you can just pass an object in the shape of CfnGraphQLApi.UserPoolConfigProperty and it is all fine but I wanted to get my api to be written in the higher level CDK and not the lower level constructs.

So how should I go ahead with this??

Environment

CDK CLI Version: 1.62
Module Version: 1.62
Node.js Version: V12.16.1
OS: OSX Mojave
**Language Typescript 3.8.3

Issue Analytics

State:
Created 3 years ago
Comments:8 (4 by maintainers)

Top GitHub Comments

4reactions

mattiLeBlanccommented, Sep 9, 2020

@BryanPan342 You are a hero. Yes this works:

const api = new GraphqlApi(this, 'ClientApi', {
      name: this.props.applicationName,
      schema: this.props.schema,
      authorizationConfig: {
        defaultAuthorization: {
          authorizationType: AuthorizationType.USER_POOL,
          userPoolConfig: {
            userPool: UserPool.fromUserPoolId(this, 'userpool', config.userPoolId)
          }
        }
      },
      logConfig: {
        fieldLogLevel: FieldLogLevel.ERROR,
      }
    });

So elegant! Thanks

2reactions

mattiLeBlanccommented, Sep 10, 2020

@BryanPan342 true. The only thing I can say from experience, that with the vast amount of services and docs that AWS provides, if you develop for let’s say Appsync, you often end up on doc pages like https://docs.aws.amazon.com/cdk/api/latest/docs/aws-appsync-readme.html which give a good example but don’t include the finer details of edge cases. And then the search starts in Google and the technical docs.

I guess the more I learn about AWS ecosystem, the more I understand where to search but for people that are still at the beginning it is a dense forest of knowledge.

Anyway, thanks for the great help!

Top Results From Across the Web

AppSync::GraphQLApi UserPoolConfig - AWS CloudFormation

The UserPoolConfig property type specifies the optional authorization configuration for using Amazon Cognito user pools with your GraphQL endpoint for an ...

AWS::AppSync::GraphQLApi UserPoolConfig - 亚马逊云科技

AWS::AppSync::GraphQLApi UserPoolConfig. The UserPoolConfig property type specifies the optional authorization configuration for using Amazon Cognito user ...

Authenticate AppSync queries console with Cognito User Pools

I am trying to authenticate Queries playground in AWS AppSync console. I have created User Pool and linked it to the ...

update-graphql-api — AWS CLI 2.9.4 Command Reference

--user-pool-config (structure). The new Amazon Cognito user pool configuration for the ~GraphqlApi object. userPoolId -> (string). The user pool ID.

aws.appsync.GraphQLApi - Pulumi

Nested argument containing OpenID Connect configuration. Defined below. userPoolConfig GraphQLApiAdditionalAuthenticationProviderUserPoolConfig. Amazon Cognito ...