Closed phanviet closed 5 years ago
@phanviet The Amplify CLI currently only supports API Key and Cognito security types. But we have in our roadmap to support IAM as well.
@kaustavghosh06 Thanks for inform.
Hi Has this changed with the recent api custom stacks/resolvers update ? or is it still under development ? Regards
@jpbourgeon We have put out an RFC and it still is not implemented
@phanviet I find a turn around to enable AWS_IAM
for AppSync, that works for me now. You can add these two cloudformation stacks to your API stack:
https://gist.github.com/eelzinaty/f2e6eaf3f8282f3d66db1a0732e5c6dd
https://gist.github.com/eelzinaty/8d013575a02245aafacaf926226a870d
Then make sure that your API parameters.json
has this:
.....
.....
.....
"authRoleName": "Name of your Amplify Auth Role"
Then, you run amplify push api
.
Finally, you change your appsync security in aws_export.json
to AWS_IAM
.
....
....
....
"aws_appsync_authenticationType": "AWS_IAM"
};
We launched multi-auth support for AppSync API (which included public APIs - with API Keys + IAM) as a part of our CLI version 3.8+. Please take a look at our documentation around it out here for more info - https://aws-amplify.github.io/docs/cli-toolchain/graphql#public-authorization
This issue has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs.
Looking for a help forum? We recommend joining the Amplify Community Discord server *-help
channels for those types of questions.
Which Category is your question related to? api
What AWS Services are you utilizing? AWS AppSync
Provide additional details e.g. code snippets I try to edit the cloudformation-template.json as below:
And run
amplify push
. But thegql-compile
transform always generate a new cloudformation template with API_KEY (or AMAZON_COGNITOR_USER_POOLS) as previous CLI configuration. So how to update AWS::AppSync::GraphQLApi authorization type to AWS_IAM?