Skip to main content

graphql_apis

Creates, updates, deletes or gets a graphql_api resource or lists graphql_apis in a region

Overview

Namegraphql_apis
TypeResource
DescriptionResource Type definition for AWS::AppSync::GraphQLApi
Idaws.appsync.graphql_apis

Fields

NameDatatypeDescription
additional_authentication_providersarrayA list of additional authentication providers for the GraphqlApi API.
api_idstringUnique AWS AppSync GraphQL API identifier.
api_typestringThe value that indicates whether the GraphQL API is a standard API (GRAPHQL) or merged API (MERGED).
arnstringThe Amazon Resource Name (ARN) of the API key
authentication_typestringSecurity configuration for your GraphQL API
enhanced_metrics_configobjectEnables and controls the enhanced metrics feature. Enhanced metrics emit granular data on API usage and performance such as AppSync request and error counts, latency, and cache hits/misses. All enhanced metric data is sent to your CloudWatch account, and you can configure the types of data that will be sent.
environment_variablesobjectA map containing the list of resources with their properties and environment variables.
graph_ql_dnsstringThe fully qualified domain name (FQDN) of the endpoint URL of your GraphQL API.
graph_ql_endpoint_arnstringThe GraphQL endpoint ARN.
graph_ql_urlstringThe Endpoint URL of your GraphQL API.
introspection_configstringSets the value of the GraphQL API to enable (ENABLED) or disable (DISABLED) introspection. If no value is provided, the introspection configuration will be set to ENABLED by default. This field will produce an error if the operation attempts to use the introspection feature while this field is disabled.
lambda_authorizer_configobjectA LambdaAuthorizerConfig holds configuration on how to authorize AWS AppSync API access when using the AWS_LAMBDA authorizer mode. Be aware that an AWS AppSync API may have only one Lambda authorizer configured at a time.
log_configobjectThe Amazon CloudWatch Logs configuration.
merged_api_execution_role_arnstringThe AWS Identity and Access Management service role ARN for a merged API.
namestringThe API name
open_id_connect_configobjectThe OpenID Connect configuration.
owner_contactstringThe owner contact information for an API resource.
query_depth_limitintegerThe maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in the body of query.
realtime_dnsstringThe fully qualified domain name (FQDN) of the real-time endpoint URL of your GraphQL API.
realtime_urlstringThe GraphQL API real-time endpoint URL.
resolver_count_limitintegerThe maximum number of resolvers that can be invoked in a single request.
tagsarrayAn arbitrary set of tags (key-value pairs) for this GraphQL API.
user_pool_configobjectOptional authorization configuration for using Amazon Cognito user pools with your GraphQL endpoint.
visibilitystringSets the scope of the GraphQL API to public (GLOBAL) or private (PRIVATE). By default, the scope is set to Global if no value is provided.
xray_enabledbooleanA flag indicating whether to use AWS X-Ray tracing for this GraphqlApi.
regionstringAWS region.

For more information, see AWS::AppSync::GraphQLApi.

Methods

NameAccessible byRequired Params
create_resourceINSERTName, AuthenticationType, region
delete_resourceDELETEdata__Identifier, region
update_resourceUPDATEdata__Identifier, data__PatchDocument, region
list_resourcesSELECTregion
get_resourceSELECTdata__Identifier, region

SELECT examples

Gets all graphql_apis in a region.

SELECT
region,
additional_authentication_providers,
api_id,
api_type,
arn,
authentication_type,
enhanced_metrics_config,
environment_variables,
graph_ql_dns,
graph_ql_endpoint_arn,
graph_ql_url,
introspection_config,
lambda_authorizer_config,
log_config,
merged_api_execution_role_arn,
name,
open_id_connect_config,
owner_contact,
query_depth_limit,
realtime_dns,
realtime_url,
resolver_count_limit,
tags,
user_pool_config,
visibility,
xray_enabled
FROM aws.appsync.graphql_apis
WHERE region = 'us-east-1';

Gets all properties from an individual graphql_api.

SELECT
region,
additional_authentication_providers,
api_id,
api_type,
arn,
authentication_type,
enhanced_metrics_config,
environment_variables,
graph_ql_dns,
graph_ql_endpoint_arn,
graph_ql_url,
introspection_config,
lambda_authorizer_config,
log_config,
merged_api_execution_role_arn,
name,
open_id_connect_config,
owner_contact,
query_depth_limit,
realtime_dns,
realtime_url,
resolver_count_limit,
tags,
user_pool_config,
visibility,
xray_enabled
FROM aws.appsync.graphql_apis
WHERE region = 'us-east-1' AND data__Identifier = '<ApiId>';

INSERT example

Use the following StackQL query and manifest file to create a new graphql_api resource, using stack-deploy.

/*+ create */
INSERT INTO aws.appsync.graphql_apis (
 AuthenticationType,
 Name,
 region
)
SELECT 
'{{ AuthenticationType }}',
 '{{ Name }}',
'{{ region }}';

DELETE example

/*+ delete */
DELETE FROM aws.appsync.graphql_apis
WHERE data__Identifier = '<ApiId>'
AND region = 'us-east-1';

Permissions

To operate on the graphql_apis resource, the following permissions are required:

Create

appsync:CreateGraphqlApi,
appsync:TagResource

Read

appsync:GetGraphqlApi,
appsync:GetGraphqlApiEnvironmentVariables,
appsync:ListTagsForResource

Update

appsync:GetGraphqlApi,
appsync:UpdateGraphqlApi,
appsync:TagResource,
appsync:UntagResource

Delete

appsync:DeleteGraphqlApi

List

appsync:ListGraphqlApis