Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AppSync: support for OPENID_CONNECT authorization type #7975

Closed
2 tasks
alextriaca opened this issue May 14, 2020 · 5 comments
Closed
2 tasks

AppSync: support for OPENID_CONNECT authorization type #7975

alextriaca opened this issue May 14, 2020 · 5 comments
Assignees
@MrArnoldPalmer
Labels
@aws-cdk/aws-appsync Related to AWS AppSync feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged.

Comments

@alextriaca
Copy link

Currently it is not possible to configure the OPENID_CONNECT authentication method with the GraphQLApi object.

Proposed Solution

Currently this is only possible with the primitive Cfn objects. This means that it makes configuring subsequent schemas, datasources and resolvers more complex as they too need to use the primitive Cfn objects. Below is an example of achieving this using the primitive Cfn objects. I believe the addition needs to be made in a similar way to this https://github.com/aws/aws-cdk/blob/master/packages/%40aws-cdk/aws-appsync/lib/graphqlapi.ts#L31.

Cfn implementation

auth_config = aws_appsync.CfnGraphQLApi.OpenIDConnectConfigProperty(
    issuer="https://openid_privider.company.com/"
)

api = aws_appsync.CfnGraphQLApi(
    self,
    id="api",
    name="api",
    log_config=aws_appsync.CfnGraphQLApi.LogConfigProperty(
        exclude_verbose_content=False,
        cloud_watch_logs_role_arn=log_role.role_arn,
        field_log_level="ALL",
    ),
    open_id_connect_config=auth_config,
    authentication_type="OPENID_CONNECT",
)
  • 👋 I may be able to implement this feature request
  • ⚠️ This feature might incur a breaking change

This is a 🚀 Feature Request
@alextriaca alextriaca added feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged. labels May 14, 2020
@SachinShekhar
Copy link
Contributor

I've already implemented it. Have a look at the pull request: #7878

@alextriaca
Copy link
Author

Amazing! Thank you @SachinShekhar. Will close this in favour of your PR.

@3oris
Copy link

3oris commented Jun 1, 2020

@alextriaca - I don't think @SachinShekhar 's PR #7878 will be promoted anywhere unless a feature request issue exists. so please re-open.

@poppein
Copy link

poppein commented Jun 1, 2020

also needed here ! Thanks for the PR

@alextriaca
Copy link
Author

Good shout @3oris. Will leave this open until #7878 is merged.

@alextriaca alextriaca reopened this Jun 1, 2020
@SomayaB SomayaB added the @aws-cdk/aws-appsync Related to AWS AppSync label Jun 2, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@MrArnoldPalmer MrArnoldPalmer

Labels
@aws-cdk/aws-appsync Related to AWS AppSync feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@3oris @poppein @SachinShekhar @MrArnoldPalmer @SomayaB @alextriaca