def generate_dynamo_data_source(self, graphql_api, type_name):
"""
Generates a DynamoDB data source for the given GraphQL type. This includes the
Dynamo table, the AppSync data source, a data source role, and the resolvers.
NOTE: This function generates Dynamo tables with a hash key called `id`, but no
other keys.
:param type_name The name of the GraphQL type. This is the identifier which
appears after the `type` keyword in the schema.
"""
table = dynamodb.Table(
f"{self.stack_name}_{type_name}_table",
name=f"{self.stack_name}_{self.random_chars}.{type_name}",
hash_key="id",
attributes=[{"name": "id", "type": "S"}],
# stream_view_type="NEW_AND_OLD_IMAGES",
billing_mode="PAY_PER_REQUEST",
)
data_source_iam_role = iam.Role(
f"{self.stack_name}_{type_name}_role",
assume_role_policy="""{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "appsync.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}""",
)
aws_region = config.region
account_id = get_caller_identity().account_id
data_source_iam_role_policy = iam.RolePolicy(
f"{self.stack_name}_{type_name}_role_policy",
role=data_source_iam_role.name,
name="MyDynamoDBAccess",
policy=table.name.apply(
lambda table_name: f"""{{
"Version": "2012-10-17",
"Statement": [
{{
"Effect": "Allow",
"Action": [
"dynamodb:BatchGetItem",
"dynamodb:BatchWriteItem",
"dynamodb:PutItem",
"dynamodb:DeleteItem",
"dynamodb:GetItem",
"dynamodb:Scan",
"dynamodb:Query",
"dynamodb:UpdateItem"
],
"Resource": [
"arn:aws:dynamodb:{aws_region}:{account_id}:table/{table_name}",
"arn:aws:dynamodb:{aws_region}:{account_id}:table/{table_name}/*"
]
}}
]
}}"""
),
)
data_source = appsync.DataSource(
f"{self.stack_name}_{type_name}_data_source",
api_id=graphql_api.id,
name=f"{type_name}TableDataSource_{self.random_chars}",
type="AMAZON_DYNAMODB",
service_role_arn=data_source_iam_role.arn,
dynamodb_config={"table_name": table.name},
opts=ResourceOptions(depends_on=[data_source_iam_role]),
)
resolvers = self.generate_resolvers(graphql_api, type_name, data_source)
return {
"table": table,
"data_source_iam_role": data_source_iam_role,
"data_source_iam_role_policy": data_source_iam_role_policy,
"data_source": data_source,
"resolvers": resolvers,
}
schema {
query: Query
mutation: Mutation
}
"""
## Create API accessible with a key
api = appsync.GraphQLApi("key", authentication_type="API_KEY", schema=schema)
api_key = appsync.ApiKey("key", api_id=api.id)
## Link a data source to the Dynamo DB Table
data_source = appsync.DataSource("tenants-ds",
name="TenantsDataSource",
api_id=api.id,
type="AMAZON_DYNAMODB",
dynamodb_config={"table_name": table.name},
service_role_arn=role.arn)
## A resolver for the [getTenantById] query
get_resolver = appsync.Resolver("get-resolver",
api_id=api.id,
data_source=data_source.name,
type="Query",
field="getTenantById",
request_template="""{
"version": "2017-02-28",
"operation": "GetItem",
"key": {
"id": $util.dynamodb.toDynamoDBJson($ctx.args.id),
}
api = appsync.GraphQLApi("key", authentication_type="API_KEY", schema=schema)
api_key = appsync.ApiKey("key", api_id=api.id)
random_string = random.RandomString(
"random-datasource-name",
length=15,
special=False,
number=False,
)
## Link a data source to the Dynamo DB Table
data_source = appsync.DataSource(
"tenants-ds",
name=random_string.result,
api_id=api.id,
type="AMAZON_DYNAMODB",
dynamodb_config=appsync.DataSourceDynamodbConfigArgs(
table_name=table.name, ),
service_role_arn=role.arn)
## A resolver for the [getTenantById] query
get_resolver = appsync.Resolver("get-resolver",
api_id=api.id,
data_source=data_source.name,
type="Query",
field="getTenantById",
request_template="""{
"version": "2017-02-28",
"operation": "GetItem",
"key": {
"id": $util.dynamodb.toDynamoDBJson($ctx.args.id),