AWS Cloud Control v1.27.0, Apr 14 25

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi

aws-native.appsync.GraphQlApi

Explore with Pulumi AI

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi

Create GraphQlApi Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

new GraphQlApi(name: string, args: GraphQlApiArgs, opts?: CustomResourceOptions);

@overload
def GraphQlApi(resource_name: str,
               args: GraphQlApiArgs,
               opts: Optional[ResourceOptions] = None)

@overload
def GraphQlApi(resource_name: str,
               opts: Optional[ResourceOptions] = None,
               authentication_type: Optional[str] = None,
               merged_api_execution_role_arn: Optional[str] = None,
               open_id_connect_config: Optional[GraphQlApiOpenIdConnectConfigArgs] = None,
               enhanced_metrics_config: Optional[GraphQlApiEnhancedMetricsConfigArgs] = None,
               environment_variables: Optional[Mapping[str, str]] = None,
               introspection_config: Optional[str] = None,
               lambda_authorizer_config: Optional[GraphQlApiLambdaAuthorizerConfigArgs] = None,
               log_config: Optional[GraphQlApiLogConfigArgs] = None,
               additional_authentication_providers: Optional[Sequence[GraphQlApiAdditionalAuthenticationProviderArgs]] = None,
               api_type: Optional[str] = None,
               owner_contact: Optional[str] = None,
               name: Optional[str] = None,
               query_depth_limit: Optional[int] = None,
               resolver_count_limit: Optional[int] = None,
               tags: Optional[Sequence[_root_inputs.TagArgs]] = None,
               user_pool_config: Optional[GraphQlApiUserPoolConfigArgs] = None,
               visibility: Optional[str] = None,
               xray_enabled: Optional[bool] = None)

func NewGraphQlApi(ctx *Context, name string, args GraphQlApiArgs, opts ...ResourceOption) (*GraphQlApi, error)

public GraphQlApi(string name, GraphQlApiArgs args, CustomResourceOptions? opts = null)

public GraphQlApi(String name, GraphQlApiArgs args)
public GraphQlApi(String name, GraphQlApiArgs args, CustomResourceOptions options)

type: aws-native:appsync:GraphQlApi
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args GraphQlApiArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args GraphQlApiArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args GraphQlApiArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args GraphQlApiArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args GraphQlApiArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

GraphQlApi Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The GraphQlApi resource accepts the following input properties:

AuthenticationType string: Security configuration for your GraphQL API
AdditionalAuthenticationProviders List<Pulumi.AwsNative.AppSync.Inputs.GraphQlApiAdditionalAuthenticationProvider>: A list of additional authentication providers for the GraphqlApi API.
ApiType string: The value that indicates whether the GraphQL API is a standard API (GRAPHQL) or merged API (MERGED).
EnhancedMetricsConfig Pulumi.AwsNative.AppSync.Inputs.GraphQlApiEnhancedMetricsConfig: Enables and controls the enhanced metrics feature. Enhanced metrics emit granular data on API usage and performance such as AppSync request and error counts, latency, and cache hits/misses. All enhanced metric data is sent to your CloudWatch account, and you can configure the types of data that will be sent.
EnvironmentVariables Dictionary<string, string>: A map containing the list of resources with their properties and environment variables.
IntrospectionConfig string: Sets the value of the GraphQL API to enable (ENABLED) or disable (DISABLED) introspection. If no value is provided, the introspection configuration will be set to ENABLED by default. This field will produce an error if the operation attempts to use the introspection feature while this field is disabled.
LambdaAuthorizerConfig Pulumi.AwsNative.AppSync.Inputs.GraphQlApiLambdaAuthorizerConfig: A LambdaAuthorizerConfig holds configuration on how to authorize AWS AppSync API access when using the AWS_LAMBDA authorizer mode. Be aware that an AWS AppSync API may have only one Lambda authorizer configured at a time.
LogConfig Pulumi.AwsNative.AppSync.Inputs.GraphQlApiLogConfig: The Amazon CloudWatch Logs configuration.
MergedApiExecutionRoleArn string: The AWS Identity and Access Management service role ARN for a merged API.
Name string: The API name
OpenIdConnectConfig Pulumi.AwsNative.AppSync.Inputs.GraphQlApiOpenIdConnectConfig: The OpenID Connect configuration.
OwnerContact string: The owner contact information for an API resource.
QueryDepthLimit int: The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in the body of query.
ResolverCountLimit int: The maximum number of resolvers that can be invoked in a single request.
Tags List<Pulumi.AwsNative.Inputs.Tag>: An arbitrary set of tags (key-value pairs) for this GraphQL API.
UserPoolConfig Pulumi.AwsNative.AppSync.Inputs.GraphQlApiUserPoolConfig: Optional authorization configuration for using Amazon Cognito user pools with your GraphQL endpoint.
Visibility string: Sets the scope of the GraphQL API to public (GLOBAL) or private (PRIVATE). By default, the scope is set to Global if no value is provided.
XrayEnabled bool: A flag indicating whether to use AWS X-Ray tracing for this GraphqlApi.

AuthenticationType string: Security configuration for your GraphQL API
AdditionalAuthenticationProviders []GraphQlApiAdditionalAuthenticationProviderArgs: A list of additional authentication providers for the GraphqlApi API.
ApiType string: The value that indicates whether the GraphQL API is a standard API (GRAPHQL) or merged API (MERGED).
EnhancedMetricsConfig GraphQlApiEnhancedMetricsConfigArgs: Enables and controls the enhanced metrics feature. Enhanced metrics emit granular data on API usage and performance such as AppSync request and error counts, latency, and cache hits/misses. All enhanced metric data is sent to your CloudWatch account, and you can configure the types of data that will be sent.
EnvironmentVariables map[string]string: A map containing the list of resources with their properties and environment variables.
IntrospectionConfig string: Sets the value of the GraphQL API to enable (ENABLED) or disable (DISABLED) introspection. If no value is provided, the introspection configuration will be set to ENABLED by default. This field will produce an error if the operation attempts to use the introspection feature while this field is disabled.
LambdaAuthorizerConfig GraphQlApiLambdaAuthorizerConfigArgs: A LambdaAuthorizerConfig holds configuration on how to authorize AWS AppSync API access when using the AWS_LAMBDA authorizer mode. Be aware that an AWS AppSync API may have only one Lambda authorizer configured at a time.
LogConfig GraphQlApiLogConfigArgs: The Amazon CloudWatch Logs configuration.
MergedApiExecutionRoleArn string: The AWS Identity and Access Management service role ARN for a merged API.
Name string: The API name
OpenIdConnectConfig GraphQlApiOpenIdConnectConfigArgs: The OpenID Connect configuration.
OwnerContact string: The owner contact information for an API resource.
QueryDepthLimit int: The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in the body of query.
ResolverCountLimit int: The maximum number of resolvers that can be invoked in a single request.
Tags TagArgs: An arbitrary set of tags (key-value pairs) for this GraphQL API.
UserPoolConfig GraphQlApiUserPoolConfigArgs: Optional authorization configuration for using Amazon Cognito user pools with your GraphQL endpoint.
Visibility string: Sets the scope of the GraphQL API to public (GLOBAL) or private (PRIVATE). By default, the scope is set to Global if no value is provided.
XrayEnabled bool: A flag indicating whether to use AWS X-Ray tracing for this GraphqlApi.

authenticationType String: Security configuration for your GraphQL API
additionalAuthenticationProviders List<GraphQlApiAdditionalAuthenticationProvider>: A list of additional authentication providers for the GraphqlApi API.
apiType String: The value that indicates whether the GraphQL API is a standard API (GRAPHQL) or merged API (MERGED).
enhancedMetricsConfig GraphQlApiEnhancedMetricsConfig: Enables and controls the enhanced metrics feature. Enhanced metrics emit granular data on API usage and performance such as AppSync request and error counts, latency, and cache hits/misses. All enhanced metric data is sent to your CloudWatch account, and you can configure the types of data that will be sent.
environmentVariables Map<String,String>: A map containing the list of resources with their properties and environment variables.
introspectionConfig String: Sets the value of the GraphQL API to enable (ENABLED) or disable (DISABLED) introspection. If no value is provided, the introspection configuration will be set to ENABLED by default. This field will produce an error if the operation attempts to use the introspection feature while this field is disabled.
lambdaAuthorizerConfig GraphQlApiLambdaAuthorizerConfig: A LambdaAuthorizerConfig holds configuration on how to authorize AWS AppSync API access when using the AWS_LAMBDA authorizer mode. Be aware that an AWS AppSync API may have only one Lambda authorizer configured at a time.
logConfig GraphQlApiLogConfig: The Amazon CloudWatch Logs configuration.
mergedApiExecutionRoleArn String: The AWS Identity and Access Management service role ARN for a merged API.
name String: The API name
openIdConnectConfig GraphQlApiOpenIdConnectConfig: The OpenID Connect configuration.
ownerContact String: The owner contact information for an API resource.
queryDepthLimit Integer: The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in the body of query.
resolverCountLimit Integer: The maximum number of resolvers that can be invoked in a single request.
tags List<Tag>: An arbitrary set of tags (key-value pairs) for this GraphQL API.
userPoolConfig GraphQlApiUserPoolConfig: Optional authorization configuration for using Amazon Cognito user pools with your GraphQL endpoint.
visibility String: Sets the scope of the GraphQL API to public (GLOBAL) or private (PRIVATE). By default, the scope is set to Global if no value is provided.
xrayEnabled Boolean: A flag indicating whether to use AWS X-Ray tracing for this GraphqlApi.

authenticationType string: Security configuration for your GraphQL API
additionalAuthenticationProviders GraphQlApiAdditionalAuthenticationProvider[]: A list of additional authentication providers for the GraphqlApi API.
apiType string: The value that indicates whether the GraphQL API is a standard API (GRAPHQL) or merged API (MERGED).
enhancedMetricsConfig GraphQlApiEnhancedMetricsConfig: Enables and controls the enhanced metrics feature. Enhanced metrics emit granular data on API usage and performance such as AppSync request and error counts, latency, and cache hits/misses. All enhanced metric data is sent to your CloudWatch account, and you can configure the types of data that will be sent.
environmentVariables {[key: string]: string}: A map containing the list of resources with their properties and environment variables.
introspectionConfig string: Sets the value of the GraphQL API to enable (ENABLED) or disable (DISABLED) introspection. If no value is provided, the introspection configuration will be set to ENABLED by default. This field will produce an error if the operation attempts to use the introspection feature while this field is disabled.
lambdaAuthorizerConfig GraphQlApiLambdaAuthorizerConfig: A LambdaAuthorizerConfig holds configuration on how to authorize AWS AppSync API access when using the AWS_LAMBDA authorizer mode. Be aware that an AWS AppSync API may have only one Lambda authorizer configured at a time.
logConfig GraphQlApiLogConfig: The Amazon CloudWatch Logs configuration.
mergedApiExecutionRoleArn string: The AWS Identity and Access Management service role ARN for a merged API.
name string: The API name
openIdConnectConfig GraphQlApiOpenIdConnectConfig: The OpenID Connect configuration.
ownerContact string: The owner contact information for an API resource.
queryDepthLimit number: The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in the body of query.
resolverCountLimit number: The maximum number of resolvers that can be invoked in a single request.
tags Tag[]: An arbitrary set of tags (key-value pairs) for this GraphQL API.
userPoolConfig GraphQlApiUserPoolConfig: Optional authorization configuration for using Amazon Cognito user pools with your GraphQL endpoint.
visibility string: Sets the scope of the GraphQL API to public (GLOBAL) or private (PRIVATE). By default, the scope is set to Global if no value is provided.
xrayEnabled boolean: A flag indicating whether to use AWS X-Ray tracing for this GraphqlApi.

authentication_type str: Security configuration for your GraphQL API
additional_authentication_providers Sequence[GraphQlApiAdditionalAuthenticationProviderArgs]: A list of additional authentication providers for the GraphqlApi API.
api_type str: The value that indicates whether the GraphQL API is a standard API (GRAPHQL) or merged API (MERGED).
enhanced_metrics_config GraphQlApiEnhancedMetricsConfigArgs: Enables and controls the enhanced metrics feature. Enhanced metrics emit granular data on API usage and performance such as AppSync request and error counts, latency, and cache hits/misses. All enhanced metric data is sent to your CloudWatch account, and you can configure the types of data that will be sent.
environment_variables Mapping[str, str]: A map containing the list of resources with their properties and environment variables.
introspection_config str: Sets the value of the GraphQL API to enable (ENABLED) or disable (DISABLED) introspection. If no value is provided, the introspection configuration will be set to ENABLED by default. This field will produce an error if the operation attempts to use the introspection feature while this field is disabled.
lambda_authorizer_config GraphQlApiLambdaAuthorizerConfigArgs: A LambdaAuthorizerConfig holds configuration on how to authorize AWS AppSync API access when using the AWS_LAMBDA authorizer mode. Be aware that an AWS AppSync API may have only one Lambda authorizer configured at a time.
log_config GraphQlApiLogConfigArgs: The Amazon CloudWatch Logs configuration.
merged_api_execution_role_arn str: The AWS Identity and Access Management service role ARN for a merged API.
name str: The API name
open_id_connect_config GraphQlApiOpenIdConnectConfigArgs: The OpenID Connect configuration.
owner_contact str: The owner contact information for an API resource.
query_depth_limit int: The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in the body of query.
resolver_count_limit int: The maximum number of resolvers that can be invoked in a single request.
tags Sequence[TagArgs]: An arbitrary set of tags (key-value pairs) for this GraphQL API.
user_pool_config GraphQlApiUserPoolConfigArgs: Optional authorization configuration for using Amazon Cognito user pools with your GraphQL endpoint.
visibility str: Sets the scope of the GraphQL API to public (GLOBAL) or private (PRIVATE). By default, the scope is set to Global if no value is provided.
xray_enabled bool: A flag indicating whether to use AWS X-Ray tracing for this GraphqlApi.

authenticationType String: Security configuration for your GraphQL API
additionalAuthenticationProviders List<Property Map>: A list of additional authentication providers for the GraphqlApi API.
apiType String: The value that indicates whether the GraphQL API is a standard API (GRAPHQL) or merged API (MERGED).
enhancedMetricsConfig Property Map: Enables and controls the enhanced metrics feature. Enhanced metrics emit granular data on API usage and performance such as AppSync request and error counts, latency, and cache hits/misses. All enhanced metric data is sent to your CloudWatch account, and you can configure the types of data that will be sent.
environmentVariables Map<String>: A map containing the list of resources with their properties and environment variables.
introspectionConfig String: Sets the value of the GraphQL API to enable (ENABLED) or disable (DISABLED) introspection. If no value is provided, the introspection configuration will be set to ENABLED by default. This field will produce an error if the operation attempts to use the introspection feature while this field is disabled.
lambdaAuthorizerConfig Property Map: A LambdaAuthorizerConfig holds configuration on how to authorize AWS AppSync API access when using the AWS_LAMBDA authorizer mode. Be aware that an AWS AppSync API may have only one Lambda authorizer configured at a time.
logConfig Property Map: The Amazon CloudWatch Logs configuration.
mergedApiExecutionRoleArn String: The AWS Identity and Access Management service role ARN for a merged API.
name String: The API name
openIdConnectConfig Property Map: The OpenID Connect configuration.
ownerContact String: The owner contact information for an API resource.
queryDepthLimit Number: The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in the body of query.
resolverCountLimit Number: The maximum number of resolvers that can be invoked in a single request.
tags List<Property Map>: An arbitrary set of tags (key-value pairs) for this GraphQL API.
userPoolConfig Property Map: Optional authorization configuration for using Amazon Cognito user pools with your GraphQL endpoint.
visibility String: Sets the scope of the GraphQL API to public (GLOBAL) or private (PRIVATE). By default, the scope is set to Global if no value is provided.
xrayEnabled Boolean: A flag indicating whether to use AWS X-Ray tracing for this GraphqlApi.

Outputs

All input properties are implicitly available as output properties. Additionally, the GraphQlApi resource produces the following output properties:

ApiId string: Unique AWS AppSync GraphQL API identifier.
Arn string: The Amazon Resource Name (ARN) of the API key
GraphQlDns string: The fully qualified domain name (FQDN) of the endpoint URL of your GraphQL API.
GraphQlEndpointArn string: The GraphQL endpoint ARN.
GraphQlUrl string: The Endpoint URL of your GraphQL API.
Id string: The provider-assigned unique ID for this managed resource.
RealtimeDns string: The fully qualified domain name (FQDN) of the real-time endpoint URL of your GraphQL API.
RealtimeUrl string: The GraphQL API real-time endpoint URL.

ApiId string: Unique AWS AppSync GraphQL API identifier.
Arn string: The Amazon Resource Name (ARN) of the API key
GraphQlDns string: The fully qualified domain name (FQDN) of the endpoint URL of your GraphQL API.
GraphQlEndpointArn string: The GraphQL endpoint ARN.
GraphQlUrl string: The Endpoint URL of your GraphQL API.
Id string: The provider-assigned unique ID for this managed resource.
RealtimeDns string: The fully qualified domain name (FQDN) of the real-time endpoint URL of your GraphQL API.
RealtimeUrl string: The GraphQL API real-time endpoint URL.

apiId String: Unique AWS AppSync GraphQL API identifier.
arn String: The Amazon Resource Name (ARN) of the API key
graphQlDns String: The fully qualified domain name (FQDN) of the endpoint URL of your GraphQL API.
graphQlEndpointArn String: The GraphQL endpoint ARN.
graphQlUrl String: The Endpoint URL of your GraphQL API.
id String: The provider-assigned unique ID for this managed resource.
realtimeDns String: The fully qualified domain name (FQDN) of the real-time endpoint URL of your GraphQL API.
realtimeUrl String: The GraphQL API real-time endpoint URL.

apiId string: Unique AWS AppSync GraphQL API identifier.
arn string: The Amazon Resource Name (ARN) of the API key
graphQlDns string: The fully qualified domain name (FQDN) of the endpoint URL of your GraphQL API.
graphQlEndpointArn string: The GraphQL endpoint ARN.
graphQlUrl string: The Endpoint URL of your GraphQL API.
id string: The provider-assigned unique ID for this managed resource.
realtimeDns string: The fully qualified domain name (FQDN) of the real-time endpoint URL of your GraphQL API.
realtimeUrl string: The GraphQL API real-time endpoint URL.

api_id str: Unique AWS AppSync GraphQL API identifier.
arn str: The Amazon Resource Name (ARN) of the API key
graph_ql_dns str: The fully qualified domain name (FQDN) of the endpoint URL of your GraphQL API.
graph_ql_endpoint_arn str: The GraphQL endpoint ARN.
graph_ql_url str: The Endpoint URL of your GraphQL API.
id str: The provider-assigned unique ID for this managed resource.
realtime_dns str: The fully qualified domain name (FQDN) of the real-time endpoint URL of your GraphQL API.
realtime_url str: The GraphQL API real-time endpoint URL.

apiId String: Unique AWS AppSync GraphQL API identifier.
arn String: The Amazon Resource Name (ARN) of the API key
graphQlDns String: The fully qualified domain name (FQDN) of the endpoint URL of your GraphQL API.
graphQlEndpointArn String: The GraphQL endpoint ARN.
graphQlUrl String: The Endpoint URL of your GraphQL API.
id String: The provider-assigned unique ID for this managed resource.
realtimeDns String: The fully qualified domain name (FQDN) of the real-time endpoint URL of your GraphQL API.
realtimeUrl String: The GraphQL API real-time endpoint URL.

Supporting Types

GraphQlApiAdditionalAuthenticationProvider
, GraphQlApiAdditionalAuthenticationProviderArgs

AuthenticationType string: The authentication type for API key, AWS Identity and Access Management, OIDC, Amazon Cognito user pools, or AWS Lambda.
LambdaAuthorizerConfig Pulumi.AwsNative.AppSync.Inputs.GraphQlApiLambdaAuthorizerConfig: Configuration for AWS Lambda function authorization.
OpenIdConnectConfig Pulumi.AwsNative.AppSync.Inputs.GraphQlApiOpenIdConnectConfig: The OIDC configuration.
UserPoolConfig Pulumi.AwsNative.AppSync.Inputs.GraphQlApiCognitoUserPoolConfig: The Amazon Cognito user pool configuration.

AuthenticationType string: The authentication type for API key, AWS Identity and Access Management, OIDC, Amazon Cognito user pools, or AWS Lambda.
LambdaAuthorizerConfig GraphQlApiLambdaAuthorizerConfig: Configuration for AWS Lambda function authorization.
OpenIdConnectConfig GraphQlApiOpenIdConnectConfig: The OIDC configuration.
UserPoolConfig GraphQlApiCognitoUserPoolConfig: The Amazon Cognito user pool configuration.

authenticationType String: The authentication type for API key, AWS Identity and Access Management, OIDC, Amazon Cognito user pools, or AWS Lambda.
lambdaAuthorizerConfig GraphQlApiLambdaAuthorizerConfig: Configuration for AWS Lambda function authorization.
openIdConnectConfig GraphQlApiOpenIdConnectConfig: The OIDC configuration.
userPoolConfig GraphQlApiCognitoUserPoolConfig: The Amazon Cognito user pool configuration.

authenticationType string: The authentication type for API key, AWS Identity and Access Management, OIDC, Amazon Cognito user pools, or AWS Lambda.
lambdaAuthorizerConfig GraphQlApiLambdaAuthorizerConfig: Configuration for AWS Lambda function authorization.
openIdConnectConfig GraphQlApiOpenIdConnectConfig: The OIDC configuration.
userPoolConfig GraphQlApiCognitoUserPoolConfig: The Amazon Cognito user pool configuration.

authentication_type str: The authentication type for API key, AWS Identity and Access Management, OIDC, Amazon Cognito user pools, or AWS Lambda.
lambda_authorizer_config GraphQlApiLambdaAuthorizerConfig: Configuration for AWS Lambda function authorization.
open_id_connect_config GraphQlApiOpenIdConnectConfig: The OIDC configuration.
user_pool_config GraphQlApiCognitoUserPoolConfig: The Amazon Cognito user pool configuration.

authenticationType String: The authentication type for API key, AWS Identity and Access Management, OIDC, Amazon Cognito user pools, or AWS Lambda.
lambdaAuthorizerConfig Property Map: Configuration for AWS Lambda function authorization.
openIdConnectConfig Property Map: The OIDC configuration.
userPoolConfig Property Map: The Amazon Cognito user pool configuration.

GraphQlApiCognitoUserPoolConfig
, GraphQlApiCognitoUserPoolConfigArgs

AppIdClientRegex string: A regular expression for validating the incoming Amazon Cognito user pool app client ID.
AwsRegion string: The AWS Region in which the user pool was created.
UserPoolId string: The user pool ID

AppIdClientRegex string: A regular expression for validating the incoming Amazon Cognito user pool app client ID.
AwsRegion string: The AWS Region in which the user pool was created.
UserPoolId string: The user pool ID

appIdClientRegex String: A regular expression for validating the incoming Amazon Cognito user pool app client ID.
awsRegion String: The AWS Region in which the user pool was created.
userPoolId String: The user pool ID

appIdClientRegex string: A regular expression for validating the incoming Amazon Cognito user pool app client ID.
awsRegion string: The AWS Region in which the user pool was created.
userPoolId string: The user pool ID

app_id_client_regex str: A regular expression for validating the incoming Amazon Cognito user pool app client ID.
aws_region str: The AWS Region in which the user pool was created.
user_pool_id str: The user pool ID

appIdClientRegex String: A regular expression for validating the incoming Amazon Cognito user pool app client ID.
awsRegion String: The AWS Region in which the user pool was created.
userPoolId String: The user pool ID

GraphQlApiEnhancedMetricsConfig
, GraphQlApiEnhancedMetricsConfigArgs

DataSourceLevelMetricsBehavior string: Controls how data source metrics will be emitted to CloudWatch. Data source metrics include:
OperationLevelMetricsConfig string: Controls how operation metrics will be emitted to CloudWatch. Operation metrics include:
ResolverLevelMetricsBehavior string: Controls how resolver metrics will be emitted to CloudWatch. Resolver metrics include:

DataSourceLevelMetricsBehavior string: Controls how data source metrics will be emitted to CloudWatch. Data source metrics include:
OperationLevelMetricsConfig string: Controls how operation metrics will be emitted to CloudWatch. Operation metrics include:
ResolverLevelMetricsBehavior string: Controls how resolver metrics will be emitted to CloudWatch. Resolver metrics include:

dataSourceLevelMetricsBehavior String: Controls how data source metrics will be emitted to CloudWatch. Data source metrics include:
operationLevelMetricsConfig String: Controls how operation metrics will be emitted to CloudWatch. Operation metrics include:
resolverLevelMetricsBehavior String: Controls how resolver metrics will be emitted to CloudWatch. Resolver metrics include:

dataSourceLevelMetricsBehavior string: Controls how data source metrics will be emitted to CloudWatch. Data source metrics include:
operationLevelMetricsConfig string: Controls how operation metrics will be emitted to CloudWatch. Operation metrics include:
resolverLevelMetricsBehavior string: Controls how resolver metrics will be emitted to CloudWatch. Resolver metrics include:

data_source_level_metrics_behavior str: Controls how data source metrics will be emitted to CloudWatch. Data source metrics include:
operation_level_metrics_config str: Controls how operation metrics will be emitted to CloudWatch. Operation metrics include:
resolver_level_metrics_behavior str: Controls how resolver metrics will be emitted to CloudWatch. Resolver metrics include:

dataSourceLevelMetricsBehavior String: Controls how data source metrics will be emitted to CloudWatch. Data source metrics include:
operationLevelMetricsConfig String: Controls how operation metrics will be emitted to CloudWatch. Operation metrics include:
resolverLevelMetricsBehavior String: Controls how resolver metrics will be emitted to CloudWatch. Resolver metrics include:

GraphQlApiLambdaAuthorizerConfig
, GraphQlApiLambdaAuthorizerConfigArgs

AuthorizerResultTtlInSeconds int: The number of seconds a response should be cached for.
AuthorizerUri string: The ARN of the Lambda function to be called for authorization.
IdentityValidationExpression string: A regular expression for validation of tokens before the Lambda function is called.

AuthorizerResultTtlInSeconds int: The number of seconds a response should be cached for.
AuthorizerUri string: The ARN of the Lambda function to be called for authorization.
IdentityValidationExpression string: A regular expression for validation of tokens before the Lambda function is called.

authorizerResultTtlInSeconds Integer: The number of seconds a response should be cached for.
authorizerUri String: The ARN of the Lambda function to be called for authorization.
identityValidationExpression String: A regular expression for validation of tokens before the Lambda function is called.

authorizerResultTtlInSeconds number: The number of seconds a response should be cached for.
authorizerUri string: The ARN of the Lambda function to be called for authorization.
identityValidationExpression string: A regular expression for validation of tokens before the Lambda function is called.

authorizer_result_ttl_in_seconds int: The number of seconds a response should be cached for.
authorizer_uri str: The ARN of the Lambda function to be called for authorization.
identity_validation_expression str: A regular expression for validation of tokens before the Lambda function is called.

authorizerResultTtlInSeconds Number: The number of seconds a response should be cached for.
authorizerUri String: The ARN of the Lambda function to be called for authorization.
identityValidationExpression String: A regular expression for validation of tokens before the Lambda function is called.

GraphQlApiLogConfig
, GraphQlApiLogConfigArgs

CloudWatchLogsRoleArn string: The service role that AWS AppSync will assume to publish to Amazon CloudWatch Logs in your account.
ExcludeVerboseContent bool: Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level.
FieldLogLevel string: The field logging level. Values can be NONE, ERROR, INFO, DEBUG, or ALL.

CloudWatchLogsRoleArn string: The service role that AWS AppSync will assume to publish to Amazon CloudWatch Logs in your account.
ExcludeVerboseContent bool: Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level.
FieldLogLevel string: The field logging level. Values can be NONE, ERROR, INFO, DEBUG, or ALL.

cloudWatchLogsRoleArn String: The service role that AWS AppSync will assume to publish to Amazon CloudWatch Logs in your account.
excludeVerboseContent Boolean: Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level.
fieldLogLevel String: The field logging level. Values can be NONE, ERROR, INFO, DEBUG, or ALL.

cloudWatchLogsRoleArn string: The service role that AWS AppSync will assume to publish to Amazon CloudWatch Logs in your account.
excludeVerboseContent boolean: Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level.
fieldLogLevel string: The field logging level. Values can be NONE, ERROR, INFO, DEBUG, or ALL.

cloud_watch_logs_role_arn str: The service role that AWS AppSync will assume to publish to Amazon CloudWatch Logs in your account.
exclude_verbose_content bool: Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level.
field_log_level str: The field logging level. Values can be NONE, ERROR, INFO, DEBUG, or ALL.

cloudWatchLogsRoleArn String: The service role that AWS AppSync will assume to publish to Amazon CloudWatch Logs in your account.
excludeVerboseContent Boolean: Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level.
fieldLogLevel String: The field logging level. Values can be NONE, ERROR, INFO, DEBUG, or ALL.

GraphQlApiOpenIdConnectConfig
, GraphQlApiOpenIdConnectConfigArgs

AuthTtl double: The number of milliseconds that a token is valid after being authenticated.
ClientId string: The client identifier of the Relying party at the OpenID identity provider.
IatTtl double: The number of milliseconds that a token is valid after it's issued to a user.
Issuer string: The issuer for the OIDC configuration.

AuthTtl float64: The number of milliseconds that a token is valid after being authenticated.
ClientId string: The client identifier of the Relying party at the OpenID identity provider.
IatTtl float64: The number of milliseconds that a token is valid after it's issued to a user.
Issuer string: The issuer for the OIDC configuration.

authTtl Double: The number of milliseconds that a token is valid after being authenticated.
clientId String: The client identifier of the Relying party at the OpenID identity provider.
iatTtl Double: The number of milliseconds that a token is valid after it's issued to a user.
issuer String: The issuer for the OIDC configuration.

authTtl number: The number of milliseconds that a token is valid after being authenticated.
clientId string: The client identifier of the Relying party at the OpenID identity provider.
iatTtl number: The number of milliseconds that a token is valid after it's issued to a user.
issuer string: The issuer for the OIDC configuration.

auth_ttl float: The number of milliseconds that a token is valid after being authenticated.
client_id str: The client identifier of the Relying party at the OpenID identity provider.
iat_ttl float: The number of milliseconds that a token is valid after it's issued to a user.
issuer str: The issuer for the OIDC configuration.

authTtl Number: The number of milliseconds that a token is valid after being authenticated.
clientId String: The client identifier of the Relying party at the OpenID identity provider.
iatTtl Number: The number of milliseconds that a token is valid after it's issued to a user.
issuer String: The issuer for the OIDC configuration.

GraphQlApiUserPoolConfig
, GraphQlApiUserPoolConfigArgs

AppIdClientRegex string: A regular expression for validating the incoming Amazon Cognito user pool app client ID.
AwsRegion string: The AWS Region in which the user pool was created.
DefaultAction string: The action that you want your GraphQL API to take when a request that uses Amazon Cognito user pool authentication doesn't match the Amazon Cognito user pool configuration.
UserPoolId string: The user pool ID.

AppIdClientRegex string: A regular expression for validating the incoming Amazon Cognito user pool app client ID.
AwsRegion string: The AWS Region in which the user pool was created.
DefaultAction string: The action that you want your GraphQL API to take when a request that uses Amazon Cognito user pool authentication doesn't match the Amazon Cognito user pool configuration.
UserPoolId string: The user pool ID.

appIdClientRegex String: A regular expression for validating the incoming Amazon Cognito user pool app client ID.
awsRegion String: The AWS Region in which the user pool was created.
defaultAction String: The action that you want your GraphQL API to take when a request that uses Amazon Cognito user pool authentication doesn't match the Amazon Cognito user pool configuration.
userPoolId String: The user pool ID.

appIdClientRegex string: A regular expression for validating the incoming Amazon Cognito user pool app client ID.
awsRegion string: The AWS Region in which the user pool was created.
defaultAction string: The action that you want your GraphQL API to take when a request that uses Amazon Cognito user pool authentication doesn't match the Amazon Cognito user pool configuration.
userPoolId string: The user pool ID.

app_id_client_regex str: A regular expression for validating the incoming Amazon Cognito user pool app client ID.
aws_region str: The AWS Region in which the user pool was created.
default_action str: The action that you want your GraphQL API to take when a request that uses Amazon Cognito user pool authentication doesn't match the Amazon Cognito user pool configuration.
user_pool_id str: The user pool ID.

appIdClientRegex String: A regular expression for validating the incoming Amazon Cognito user pool app client ID.
awsRegion String: The AWS Region in which the user pool was created.
defaultAction String: The action that you want your GraphQL API to take when a request that uses Amazon Cognito user pool authentication doesn't match the Amazon Cognito user pool configuration.
userPoolId String: The user pool ID.

Tag
, TagArgs

Key string: The key name of the tag
Value string: The value of the tag

Key string: The key name of the tag
Value string: The value of the tag

key String: The key name of the tag
value String: The value of the tag

key string: The key name of the tag
value string: The value of the tag

key str: The key name of the tag
value str: The value of the tag

key String: The key name of the tag
value String: The value of the tag

Package Details

Repository: AWS Native pulumi/pulumi-aws-native
License: Apache-2.0

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi

pulumi/pulumi-aws-native

aws-native.appsync.GraphQlApi

On this page

On this page

Create GraphQlApi Resource

Constructor syntax

Parameters

GraphQlApi Resource Properties

Inputs

Outputs

Supporting Types

GraphQlApiAdditionalAuthenticationProvider
, GraphQlApiAdditionalAuthenticationProviderArgs

GraphQlApiCognitoUserPoolConfig
, GraphQlApiCognitoUserPoolConfigArgs

GraphQlApiEnhancedMetricsConfig
, GraphQlApiEnhancedMetricsConfigArgs

GraphQlApiLambdaAuthorizerConfig
, GraphQlApiLambdaAuthorizerConfigArgs

GraphQlApiLogConfig
, GraphQlApiLogConfigArgs

GraphQlApiOpenIdConnectConfig
, GraphQlApiOpenIdConnectConfigArgs

GraphQlApiUserPoolConfig
, GraphQlApiUserPoolConfigArgs

Tag
, TagArgs

Package Details

On this page

On this page

aws-native.appsync.GraphQlApi

On this page

On this page

Create GraphQlApi Resource

Constructor syntax

Parameters

GraphQlApi Resource Properties

Inputs

Outputs

Supporting Types

GraphQlApiAdditionalAuthenticationProvider, GraphQlApiAdditionalAuthenticationProviderArgs

GraphQlApiCognitoUserPoolConfig, GraphQlApiCognitoUserPoolConfigArgs

GraphQlApiEnhancedMetricsConfig, GraphQlApiEnhancedMetricsConfigArgs

GraphQlApiLambdaAuthorizerConfig, GraphQlApiLambdaAuthorizerConfigArgs

GraphQlApiLogConfig, GraphQlApiLogConfigArgs

GraphQlApiOpenIdConnectConfig, GraphQlApiOpenIdConnectConfigArgs

GraphQlApiUserPoolConfig, GraphQlApiUserPoolConfigArgs

Tag, TagArgs

Package Details

On this page

On this page

GraphQlApiAdditionalAuthenticationProvider
, GraphQlApiAdditionalAuthenticationProviderArgs

GraphQlApiCognitoUserPoolConfig
, GraphQlApiCognitoUserPoolConfigArgs

GraphQlApiEnhancedMetricsConfig
, GraphQlApiEnhancedMetricsConfigArgs

GraphQlApiLambdaAuthorizerConfig
, GraphQlApiLambdaAuthorizerConfigArgs

GraphQlApiLogConfig
, GraphQlApiLogConfigArgs

GraphQlApiOpenIdConnectConfig
, GraphQlApiOpenIdConnectConfigArgs

GraphQlApiUserPoolConfig
, GraphQlApiUserPoolConfigArgs

Tag
, TagArgs