search

aws / aws-appsync-community

The AWS AppSync community
https://aws.amazon.com/appsync
Apache License 2.0
506 stars 32 forks source link

aws cdk 2.0 appsync : created datasource does not have all attributes #268

Closed ravishbhupesh closed 9 months ago

ravishbhupesh commented 1 year ago

I am working on an app where I am using AWS CDK v 2.59.0 for Java(Oracle JDK 11.0.16.1).

The below code is for creating a datasource. `private CfnDataSource createHttpDSForGraphQLApi(String prefix, CfnGraphQLApi api, IRole graphQLRole, ApiGatewayResource httpApi) {

    return CfnDataSource.Builder.create(this, prefix.concat("gql-ds-http-id"))
             .apiId(api.getAttrApiId())
             .name("gql_ds_http_nm")
             .type("HTTP")
             // the properties below are optional
             .description("GraphQL HTTP Datasource for API Gateway")
             .httpConfig(HttpConfigProperty.builder()
                    .endpoint(httpApi.getApi().getUrl())
                    // the properties below are optional
                    .authorizationConfig(AuthorizationConfigProperty.builder()
                            .authorizationType("AWS_IAM")
                            .awsIamConfig(AwsIamConfigProperty.builder()
                                    .signingRegion((String)this.getNode().tryGetContext("aws-region"))
                                    .signingServiceName("execute-api")
                                    .build())
                            .build())

                    .build())
             .serviceRoleArn(graphQLRole.getRoleArn())
             .build();
}`

When I compile my project and run cdk synth, it generates correct cloudformation template. See below

"appsyncsamplesdevappsyncidappsyncsamplesdevgqldshttpid58415511": { "Type": "AWS::AppSync::DataSource", "Properties": { "ApiId": { "Fn::GetAtt": [ "appsyncsamplesdevid", "ApiId" ] }, "Name": "gql_ds_http_nm", "Type": "HTTP", "Description": "GraphQL HTTP Datasource for API Gateway", "HttpConfig": { "AuthorizationConfig": { "AuthorizationType": "AWS_IAM", "AwsIamConfig": { "SigningRegion": "eu-west-1", "SigningServiceName": "execute-api" } }, "Endpoint": { "Fn::Join": [ "", [ "https://", { "Ref": "appsyncsamplesdevapiid5A321024" }, ".execute-api.eu-west-1.", { "Ref": "AWS::URLSuffix" }, "/", { "Ref": "appsyncsamplesdevstage253577FE" }, "/" ] ] } }, "ServiceRoleArn": { "Fn::GetAtt": [ "appsyncsamplesdevappsyncidappsyncsamplesdevroleidE836AAD4", "Arn" ] } }, "Metadata": { "aws:cdk:path": "appsync-samples/appsync-samples-dev-app-sync-id/appsync-samples-dev-gql-ds-http-id" } }

However when I see the datasource configuratoin through command line I see the below configuration where authorization config is missing.

D:\notWork\aws\aws-samples\appsync-samples\appsync-samples-cdk>aws appsync list-data-sources --api-id onq5dhgcfbbuhcjnawxu5ftwp4 --profile bhupesh { "dataSources": [ { "dataSourceArn": "arn:aws:appsync:eu-west-1:****:apis/onq5dhgcfbbuhcjnawxu5ftwp4/datasources/gql_ds_http_nm", "name": "gql_ds_http_nm", "description": "First data source created with the console.", "type": "HTTP", "httpConfig": { "endpoint": "https://2jq2b5c71i.execute-api.eu-west-1.amazonaws.com/" } } ] }

on the other hand when I create the same datasource using command line I get all the configured attributes. See Below.

D:\notWork\aws\aws-samples\appsync-samples\appsync-samples-cdk>aws appsync create-data-source --api-id "onq5dhgcfbbuhcjnawxu5ftwp4" --name "br_ds" --type "HTTP" --service-role-arn "arn:aws:iam::****:role/appsync-samples-dev-app-sync-role-nm" --http-config "endpoint=\"https://2jq2b5c71i.execute-api.eu-west-1.amazonaws.com/\",authorizationConfig={authorizationType=\"AWS_IAM\",awsIamConfig={signingRegion=\"eu-west-1\",signingServiceName=\"execute-api\"}}" --profile *** { "dataSource": { "dataSourceArn": "arn:aws:appsync:eu-west-1:****:apis/onq5dhgcfbbuhcjnawxu5ftwp4/datasources/br_ds", "name": "br_ds", "type": "HTTP", "serviceRoleArn": "arn:aws:iam::****:role/appsync-samples-dev-app-sync-role-nm", "httpConfig": { "endpoint": "https://2jq2b5c71i.execute-api.eu-west-1.amazonaws.com/", "authorizationConfig": { "authorizationType": "AWS_IAM", "awsIamConfig": { "signingRegion": "eu-west-1", "signingServiceName": "execute-api" } } } } }

D:\notWork\aws\aws-samples\appsync-samples\appsync-samples-cdk>aws appsync list-data-sources --api-id onq5dhgcfbbuhcjnawxu5ftwp4 --profile ***

{ "dataSources": [ { "dataSourceArn": "arn:aws:appsync:eu-west-1:****:apis/onq5dhgcfbbuhcjnawxu5ftwp4/datasources/br_ds", "name": "br_ds", "type": "HTTP", "serviceRoleArn": "arn:aws:iam::****:role/appsync-samples-dev-app-sync-role-nm", "httpConfig": { "endpoint": "https://2jq2b5c71i.execute-api.eu-west-1.amazonaws.com/", "authorizationConfig": { "authorizationType": "AWS_IAM", "awsIamConfig": { "signingRegion": "eu-west-1", "signingServiceName": "execute-api" } } } }, { "dataSourceArn": "arn:aws:appsync:eu-west-1:****:apis/onq5dhgcfbbuhcjnawxu5ftwp4/datasources/gql_ds_http_nm", "name": "gql_ds_http_nm", "description": "First data source created with the console.", "type": "HTTP", "httpConfig": { "endpoint": "https://2jq2b5c71i.execute-api.eu-west-1.amazonaws.com/" } } ] }

onlybakam commented 9 months ago

Hello, could you try this with the latest version of the CDK and let us know if you are still having issues? If issues persist, please open a new ticket here: https://github.com/aws/aws-cdk.