From eb34f26e3c1f89e701312948372fea934ff8817c Mon Sep 17 00:00:00 2001 From: Eric Robertson Date: Tue, 20 Feb 2024 11:20:26 -0800 Subject: [PATCH 1/4] feat(appsync): Support for queryDepthLimit and resolverCountLimit --- ...efaultTestDeployAssert018781F2.assets.json | 19 ++ ...aultTestDeployAssert018781F2.template.json | 36 +++ .../cdk.out | 1 + .../integ.json | 12 + .../manifest.json | 131 +++++++++++ .../stack.assets.json | 19 ++ .../stack.template.json | 86 ++++++++ .../tree.json | 206 ++++++++++++++++++ .../test/integ.appsync-limit-configs.ts | 24 ++ packages/aws-cdk-lib/aws-appsync/README.md | 24 ++ .../aws-cdk-lib/aws-appsync/lib/graphqlapi.ts | 16 ++ .../aws-appsync/test/appsync.test.ts | 17 ++ 12 files changed, 591 insertions(+) create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/apiDefaultTestDeployAssert018781F2.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/apiDefaultTestDeployAssert018781F2.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/integ.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/stack.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/stack.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/tree.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.ts diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/apiDefaultTestDeployAssert018781F2.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/apiDefaultTestDeployAssert018781F2.assets.json new file mode 100644 index 0000000000000..8202fda5ae125 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/apiDefaultTestDeployAssert018781F2.assets.json @@ -0,0 +1,19 @@ +{ + "version": "36.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "source": { + "path": "apiDefaultTestDeployAssert018781F2.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/apiDefaultTestDeployAssert018781F2.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/apiDefaultTestDeployAssert018781F2.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/apiDefaultTestDeployAssert018781F2.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/cdk.out new file mode 100644 index 0000000000000..1f0068d32659a --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"36.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/integ.json new file mode 100644 index 0000000000000..1c3707aa5a091 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/integ.json @@ -0,0 +1,12 @@ +{ + "version": "36.0.0", + "testCases": { + "api/DefaultTest": { + "stacks": [ + "stack" + ], + "assertionStack": "api/DefaultTest/DeployAssert", + "assertionStackName": "apiDefaultTestDeployAssert018781F2" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/manifest.json new file mode 100644 index 0000000000000..7c691b1ab7250 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/manifest.json @@ -0,0 +1,131 @@ +{ + "version": "36.0.0", + "artifacts": { + "stack.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "stack.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "stack": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "stack.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/4a4743ab86ffb5a36ee7fe130a71132db740f65aa7f4c6b86ca1155f8b488b7e.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "stack.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "stack.assets" + ], + "metadata": { + "/stack/ApiLimitConfigs/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ApiLimitConfigsC74D7493" + } + ], + "/stack/ApiLimitConfigs/Schema": [ + { + "type": "aws:cdk:logicalId", + "data": "ApiLimitConfigsSchema1451D8D1" + } + ], + "/stack/ApiLimitConfigs/DefaultApiKey": [ + { + "type": "aws:cdk:logicalId", + "data": "ApiLimitConfigsDefaultApiKey7D682F04" + } + ], + "/stack/ApiLimitConfigs/NoneDS/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ApiLimitConfigsNoneDS3CA3BDA6" + } + ], + "/stack/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/stack/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "stack" + }, + "apiDefaultTestDeployAssert018781F2.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "apiDefaultTestDeployAssert018781F2.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "apiDefaultTestDeployAssert018781F2": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "apiDefaultTestDeployAssert018781F2.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "apiDefaultTestDeployAssert018781F2.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "apiDefaultTestDeployAssert018781F2.assets" + ], + "metadata": { + "/api/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/api/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "api/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/stack.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/stack.assets.json new file mode 100644 index 0000000000000..bb30ac7514210 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/stack.assets.json @@ -0,0 +1,19 @@ +{ + "version": "36.0.0", + "files": { + "4a4743ab86ffb5a36ee7fe130a71132db740f65aa7f4c6b86ca1155f8b488b7e": { + "source": { + "path": "stack.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "4a4743ab86ffb5a36ee7fe130a71132db740f65aa7f4c6b86ca1155f8b488b7e.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/stack.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/stack.template.json new file mode 100644 index 0000000000000..5c0a093e92174 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/stack.template.json @@ -0,0 +1,86 @@ +{ + "Resources": { + "ApiLimitConfigsC74D7493": { + "Type": "AWS::AppSync::GraphQLApi", + "Properties": { + "AuthenticationType": "API_KEY", + "Name": "ApiLimitConfigs", + "QueryDepthLimit": 2, + "ResolverCountLimit": 2 + } + }, + "ApiLimitConfigsSchema1451D8D1": { + "Type": "AWS::AppSync::GraphQLSchema", + "Properties": { + "ApiId": { + "Fn::GetAtt": [ + "ApiLimitConfigsC74D7493", + "ApiId" + ] + }, + "Definition": "type test {\n version: String!\n}\ntype Query {\n getTests: [test]!\n}\ntype Mutation {\n addTest(version: String!): test\n}\n" + } + }, + "ApiLimitConfigsDefaultApiKey7D682F04": { + "Type": "AWS::AppSync::ApiKey", + "Properties": { + "ApiId": { + "Fn::GetAtt": [ + "ApiLimitConfigsC74D7493", + "ApiId" + ] + } + }, + "DependsOn": [ + "ApiLimitConfigsSchema1451D8D1" + ] + }, + "ApiLimitConfigsNoneDS3CA3BDA6": { + "Type": "AWS::AppSync::DataSource", + "Properties": { + "ApiId": { + "Fn::GetAtt": [ + "ApiLimitConfigsC74D7493", + "ApiId" + ] + }, + "Name": "NoneDS", + "Type": "NONE" + } + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/tree.json new file mode 100644 index 0000000000000..7990b054a38cd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.js.snapshot/tree.json @@ -0,0 +1,206 @@ +{ + "version": "tree-0.1", + "tree": { + "id": "App", + "path": "", + "children": { + "stack": { + "id": "stack", + "path": "stack", + "children": { + "ApiLimitConfigs": { + "id": "ApiLimitConfigs", + "path": "stack/ApiLimitConfigs", + "children": { + "Resource": { + "id": "Resource", + "path": "stack/ApiLimitConfigs/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AppSync::GraphQLApi", + "aws:cdk:cloudformation:props": { + "authenticationType": "API_KEY", + "name": "ApiLimitConfigs", + "queryDepthLimit": 2, + "resolverCountLimit": 2 + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_appsync.CfnGraphQLApi", + "version": "0.0.0" + } + }, + "Schema": { + "id": "Schema", + "path": "stack/ApiLimitConfigs/Schema", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AppSync::GraphQLSchema", + "aws:cdk:cloudformation:props": { + "apiId": { + "Fn::GetAtt": [ + "ApiLimitConfigsC74D7493", + "ApiId" + ] + }, + "definition": "type test {\n version: String!\n}\ntype Query {\n getTests: [test]!\n}\ntype Mutation {\n addTest(version: String!): test\n}\n" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_appsync.CfnGraphQLSchema", + "version": "0.0.0" + } + }, + "DefaultApiKey": { + "id": "DefaultApiKey", + "path": "stack/ApiLimitConfigs/DefaultApiKey", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AppSync::ApiKey", + "aws:cdk:cloudformation:props": { + "apiId": { + "Fn::GetAtt": [ + "ApiLimitConfigsC74D7493", + "ApiId" + ] + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_appsync.CfnApiKey", + "version": "0.0.0" + } + }, + "LogGroup": { + "id": "LogGroup", + "path": "stack/ApiLimitConfigs/LogGroup", + "constructInfo": { + "fqn": "aws-cdk-lib.Resource", + "version": "0.0.0" + } + }, + "NoneDS": { + "id": "NoneDS", + "path": "stack/ApiLimitConfigs/NoneDS", + "children": { + "Resource": { + "id": "Resource", + "path": "stack/ApiLimitConfigs/NoneDS/Resource", + "attributes": { + "aws:cdk:cloudformation:type": "AWS::AppSync::DataSource", + "aws:cdk:cloudformation:props": { + "apiId": { + "Fn::GetAtt": [ + "ApiLimitConfigsC74D7493", + "ApiId" + ] + }, + "name": "NoneDS", + "type": "NONE" + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_appsync.CfnDataSource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_appsync.NoneDataSource", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.aws_appsync.GraphqlApi", + "version": "0.0.0" + } + }, + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "stack/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "stack/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + }, + "api": { + "id": "api", + "path": "api", + "children": { + "DefaultTest": { + "id": "DefaultTest", + "path": "api/DefaultTest", + "children": { + "Default": { + "id": "Default", + "path": "api/DefaultTest/Default", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + }, + "DeployAssert": { + "id": "DeployAssert", + "path": "api/DefaultTest/DeployAssert", + "children": { + "BootstrapVersion": { + "id": "BootstrapVersion", + "path": "api/DefaultTest/DeployAssert/BootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnParameter", + "version": "0.0.0" + } + }, + "CheckBootstrapVersion": { + "id": "CheckBootstrapVersion", + "path": "api/DefaultTest/DeployAssert/CheckBootstrapVersion", + "constructInfo": { + "fqn": "aws-cdk-lib.CfnRule", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.Stack", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", + "version": "0.0.0" + } + } + }, + "constructInfo": { + "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", + "version": "0.0.0" + } + }, + "Tree": { + "id": "Tree", + "path": "Tree", + "constructInfo": { + "fqn": "constructs.Construct", + "version": "10.3.0" + } + } + }, + "constructInfo": { + "fqn": "aws-cdk-lib.App", + "version": "0.0.0" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.ts new file mode 100644 index 0000000000000..62832101c5411 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-appsync/test/integ.appsync-limit-configs.ts @@ -0,0 +1,24 @@ +import * as path from 'path'; +import * as cdk from 'aws-cdk-lib'; +import * as appsync from 'aws-cdk-lib/aws-appsync'; +import { IntegTest } from '@aws-cdk/integ-tests-alpha'; + +const app = new cdk.App(); +const stack = new cdk.Stack(app, 'stack'); + +const api = new appsync.GraphqlApi(stack, 'ApiLimitConfigs', { + name: 'ApiLimitConfigs', + schema: appsync.SchemaFile.fromAsset(path.join(__dirname, 'appsync.test.graphql')), + queryDepthLimit: 2, + resolverCountLimit: 2, +}); + +api.addNoneDataSource('NoneDS', { + name: cdk.Lazy.string({ produce(): string { return 'NoneDS'; } }), +}); + +new IntegTest(app, 'api', { + testCases: [stack], +}); + +app.synth(); \ No newline at end of file diff --git a/packages/aws-cdk-lib/aws-appsync/README.md b/packages/aws-cdk-lib/aws-appsync/README.md index a496118c76e90..ca1890408a29d 100644 --- a/packages/aws-cdk-lib/aws-appsync/README.md +++ b/packages/aws-cdk-lib/aws-appsync/README.md @@ -755,4 +755,28 @@ const api = new appsync.GraphqlApi(this, 'api', { definition: appsync.Definition.fromFile(path.join(__dirname, 'appsync.schema.graphql')), introspectionConfig: appsync.IntrospectionConfig.DISABLED, }); +``` + +## Query Depth Limits + +There are times during which you may want more granular control over how the API functions during an operation. One such control is adding a limit to the amount of nested levels a query may process. By default, queries are able to process an unlimited amount of nested levels. Limiting queries to a specified amount of nested levels has potential implications for the performance and flexibility of your project. + +```ts +const api = new appsync.GraphqlApi(this, 'api', { + name: 'LimitQueryDepths', + definition: appsync.Definition.fromFile(path.join(__dirname, 'appsync.schema.graphql')), + queryDepthLimit: 2 +}); +``` + +## Resolver Count Limits + +You can control how many resolvers each query can process. By default, each query can process up to 10000 resolvers. By setting a limit. AppSync will not handle any resolvers past a certain number limit. + +```ts +const api = new appsync.GraphqlApi(this, 'api', { + name: 'LimitResolverCount', + definition: appsync.Definition.fromFile(path.join(__dirname, 'appsync.schema.graphql')), + resolverCountLimit: 2 +}); ``` \ No newline at end of file diff --git a/packages/aws-cdk-lib/aws-appsync/lib/graphqlapi.ts b/packages/aws-cdk-lib/aws-appsync/lib/graphqlapi.ts index 0ecb087b3f9e3..b88441d11d8f3 100644 --- a/packages/aws-cdk-lib/aws-appsync/lib/graphqlapi.ts +++ b/packages/aws-cdk-lib/aws-appsync/lib/graphqlapi.ts @@ -442,6 +442,20 @@ export interface GraphqlApiProps { * @default IntrospectionConfig.ENABLED */ readonly introspectionConfig?: IntrospectionConfig; + + /** + * A number indicating the maximum depth resolvers should be accepted when handling queries. + * + * @default - No Limit + */ + readonly queryDepthLimit?: number; + + /** + * A number indicating the maximum number of resolvers that should be accepted when handling queries. + * + * @default - No Limit + */ + readonly resolverCountLimit?: number; } /** @@ -657,6 +671,8 @@ export class GraphqlApi extends GraphqlApiBase { mergedApiExecutionRoleArn: this.mergedApiExecutionRole?.roleArn, apiType: this.definition.sourceApiOptions ? 'MERGED' : undefined, introspectionConfig: props.introspectionConfig, + queryDepthLimit: props.queryDepthLimit, + resolverCountLimit: props.resolverCountLimit, }); this.apiId = this.api.attrApiId; diff --git a/packages/aws-cdk-lib/aws-appsync/test/appsync.test.ts b/packages/aws-cdk-lib/aws-appsync/test/appsync.test.ts index ee7e2bf9707b4..db06626508633 100644 --- a/packages/aws-cdk-lib/aws-appsync/test/appsync.test.ts +++ b/packages/aws-cdk-lib/aws-appsync/test/appsync.test.ts @@ -313,4 +313,21 @@ test('when introspectionConfig is set it should be used when creating the API', Template.fromStack(stack).hasResourceProperties('AWS::AppSync::GraphQLApi', { IntrospectionConfig: 'DISABLED', }); +}); + +test('when query depth limits are set, they should be used on API', () => { + // WHEN + new appsync.GraphqlApi(stack, 'query-depth-limits', { + authorizationConfig: {}, + name: 'query-depth-limits', + schema: appsync.SchemaFile.fromAsset(path.join(__dirname, 'appsync.test.graphql')), + queryDepthLimit: 2, + resolverCountLimit: 2, + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::AppSync::GraphQLApi', { + QueryDepthLimit: 2, + ResolverCountLimit: 2, + }); }); \ No newline at end of file From 0e82e7d377da918c8d8647e575a6413361235f02 Mon Sep 17 00:00:00 2001 From: Eric Robertson Date: Wed, 21 Feb 2024 11:46:16 -0800 Subject: [PATCH 2/4] fixes for pr --- packages/aws-cdk-lib/aws-appsync/README.md | 11 +++-- .../aws-cdk-lib/aws-appsync/lib/graphqlapi.ts | 17 +++++-- .../aws-appsync/test/appsync.test.ts | 46 +++++++++++++++++-- 3 files changed, 63 insertions(+), 11 deletions(-) diff --git a/packages/aws-cdk-lib/aws-appsync/README.md b/packages/aws-cdk-lib/aws-appsync/README.md index ca1890408a29d..e3c37cd5b35db 100644 --- a/packages/aws-cdk-lib/aws-appsync/README.md +++ b/packages/aws-cdk-lib/aws-appsync/README.md @@ -759,24 +759,27 @@ const api = new appsync.GraphqlApi(this, 'api', { ## Query Depth Limits -There are times during which you may want more granular control over how the API functions during an operation. One such control is adding a limit to the amount of nested levels a query may process. By default, queries are able to process an unlimited amount of nested levels. Limiting queries to a specified amount of nested levels has potential implications for the performance and flexibility of your project. +By default, queries are able to process an unlimited amount of nested levels. +Limiting queries to a specified amount of nested levels has potential implications for the performance and flexibility of your project. ```ts const api = new appsync.GraphqlApi(this, 'api', { name: 'LimitQueryDepths', definition: appsync.Definition.fromFile(path.join(__dirname, 'appsync.schema.graphql')), - queryDepthLimit: 2 + queryDepthLimit: 2, }); ``` ## Resolver Count Limits -You can control how many resolvers each query can process. By default, each query can process up to 10000 resolvers. By setting a limit. AppSync will not handle any resolvers past a certain number limit. +You can control how many resolvers each query can process. +By default, each query can process up to 10000 resolvers. +By setting a limit AppSync will not handle any resolvers past a certain number limit. ```ts const api = new appsync.GraphqlApi(this, 'api', { name: 'LimitResolverCount', definition: appsync.Definition.fromFile(path.join(__dirname, 'appsync.schema.graphql')), - resolverCountLimit: 2 + resolverCountLimit: 2, }); ``` \ No newline at end of file diff --git a/packages/aws-cdk-lib/aws-appsync/lib/graphqlapi.ts b/packages/aws-cdk-lib/aws-appsync/lib/graphqlapi.ts index 35d0931968f98..e9a9dbf33861b 100644 --- a/packages/aws-cdk-lib/aws-appsync/lib/graphqlapi.ts +++ b/packages/aws-cdk-lib/aws-appsync/lib/graphqlapi.ts @@ -445,15 +445,17 @@ export interface GraphqlApiProps { /** * A number indicating the maximum depth resolvers should be accepted when handling queries. - * - * @default - No Limit + * Value must be withing range of 0 to 75 + * + * @default - The default value is 0 (or unspecified) which indicates no maximum depth. */ readonly queryDepthLimit?: number; /** * A number indicating the maximum number of resolvers that should be accepted when handling queries. - * - * @default - No Limit + * Value must be withing range of 0 to 10000 + * + * @default - The default value is 0 (or unspecified), which will set the limit to 10000 */ readonly resolverCountLimit?: number; } @@ -652,6 +654,13 @@ export class GraphqlApi extends GraphqlApiBase { if ((props.schema !== undefined) === (props.definition !== undefined)) { throw new Error('You cannot specify both properties schema and definition.'); } + if (props.queryDepthLimit !== undefined && (props.queryDepthLimit < 0 || props.queryDepthLimit > 75)) { + throw new Error('You must specify a query depth limit between 0 and 75.'); + } + if (props.resolverCountLimit !== undefined && (props.resolverCountLimit < 0 || props.resolverCountLimit > 10000)) { + throw new Error('You must specify a resolver count limit between 0 and 10000.'); + } + this.definition = props.schema ? Definition.fromSchema(props.schema) : props.definition!; if (this.definition.sourceApiOptions) { diff --git a/packages/aws-cdk-lib/aws-appsync/test/appsync.test.ts b/packages/aws-cdk-lib/aws-appsync/test/appsync.test.ts index db06626508633..62a6b6902ad7a 100644 --- a/packages/aws-cdk-lib/aws-appsync/test/appsync.test.ts +++ b/packages/aws-cdk-lib/aws-appsync/test/appsync.test.ts @@ -315,11 +315,11 @@ test('when introspectionConfig is set it should be used when creating the API', }); }); -test('when query depth limits are set, they should be used on API', () => { +test('when query limits are set, they should be used on API', () => { // WHEN - new appsync.GraphqlApi(stack, 'query-depth-limits', { + new appsync.GraphqlApi(stack, 'query-limits', { authorizationConfig: {}, - name: 'query-depth-limits', + name: 'query-limits', schema: appsync.SchemaFile.fromAsset(path.join(__dirname, 'appsync.test.graphql')), queryDepthLimit: 2, resolverCountLimit: 2, @@ -330,4 +330,44 @@ test('when query depth limits are set, they should be used on API', () => { QueryDepthLimit: 2, ResolverCountLimit: 2, }); +}); + +test('when query depth limit is out of range, it throws an error', () => { + + const errorString = 'You must specify a query depth limit between 0 and 75.' + + const buildWithLimit = (name, queryDepthLimit) => { + new appsync.GraphqlApi(stack, name, { + authorizationConfig: {}, + name: 'query-limits', + schema: appsync.SchemaFile.fromAsset(path.join(__dirname, 'appsync.test.graphql')), + queryDepthLimit + }); + } + + expect(() => buildWithLimit('query-limit-low', -1)).toThrow(errorString) + expect(() => buildWithLimit('query-limit-min', 0)).not.toThrow(errorString) + expect(() => buildWithLimit('query-limit-max', 75)).not.toThrow(errorString) + expect(() => buildWithLimit('query-limit-high', 76)).toThrow(errorString) + +}); + +test('when resolver limit is out of range, it throws an error', () => { + + const errorString = 'You must specify a resolver count limit between 0 and 10000.' + + const buildWithLimit = (name, resolverCountLimit) => { + new appsync.GraphqlApi(stack, name, { + authorizationConfig: {}, + name: 'query-limits', + schema: appsync.SchemaFile.fromAsset(path.join(__dirname, 'appsync.test.graphql')), + resolverCountLimit + }); + } + + expect(() => buildWithLimit('resolver-limit-low', -1)).toThrow(errorString) + expect(() => buildWithLimit('resolver-limit-min', 0)).not.toThrow(errorString) + expect(() => buildWithLimit('resolver-limit-max', 10000)).not.toThrow(errorString) + expect(() => buildWithLimit('resolver-limit-high', 10001)).toThrow(errorString) + }); \ No newline at end of file From 3664cdc13243335f4a190d6c577d46811ba4d640 Mon Sep 17 00:00:00 2001 From: Eric Robertson Date: Wed, 21 Feb 2024 12:19:45 -0800 Subject: [PATCH 3/4] linting fixes --- .../aws-cdk-lib/aws-appsync/lib/graphqlapi.ts | 4 +-- .../aws-appsync/test/appsync.test.ts | 28 +++++++++---------- 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/packages/aws-cdk-lib/aws-appsync/lib/graphqlapi.ts b/packages/aws-cdk-lib/aws-appsync/lib/graphqlapi.ts index e9a9dbf33861b..253b72402191e 100644 --- a/packages/aws-cdk-lib/aws-appsync/lib/graphqlapi.ts +++ b/packages/aws-cdk-lib/aws-appsync/lib/graphqlapi.ts @@ -446,7 +446,7 @@ export interface GraphqlApiProps { /** * A number indicating the maximum depth resolvers should be accepted when handling queries. * Value must be withing range of 0 to 75 - * + * * @default - The default value is 0 (or unspecified) which indicates no maximum depth. */ readonly queryDepthLimit?: number; @@ -454,7 +454,7 @@ export interface GraphqlApiProps { /** * A number indicating the maximum number of resolvers that should be accepted when handling queries. * Value must be withing range of 0 to 10000 - * + * * @default - The default value is 0 (or unspecified), which will set the limit to 10000 */ readonly resolverCountLimit?: number; diff --git a/packages/aws-cdk-lib/aws-appsync/test/appsync.test.ts b/packages/aws-cdk-lib/aws-appsync/test/appsync.test.ts index 62a6b6902ad7a..015491c97e891 100644 --- a/packages/aws-cdk-lib/aws-appsync/test/appsync.test.ts +++ b/packages/aws-cdk-lib/aws-appsync/test/appsync.test.ts @@ -334,40 +334,40 @@ test('when query limits are set, they should be used on API', () => { test('when query depth limit is out of range, it throws an error', () => { - const errorString = 'You must specify a query depth limit between 0 and 75.' + const errorString = 'You must specify a query depth limit between 0 and 75.'; const buildWithLimit = (name, queryDepthLimit) => { new appsync.GraphqlApi(stack, name, { authorizationConfig: {}, name: 'query-limits', schema: appsync.SchemaFile.fromAsset(path.join(__dirname, 'appsync.test.graphql')), - queryDepthLimit + queryDepthLimit, }); - } + }; - expect(() => buildWithLimit('query-limit-low', -1)).toThrow(errorString) - expect(() => buildWithLimit('query-limit-min', 0)).not.toThrow(errorString) - expect(() => buildWithLimit('query-limit-max', 75)).not.toThrow(errorString) - expect(() => buildWithLimit('query-limit-high', 76)).toThrow(errorString) + expect(() => buildWithLimit('query-limit-low', -1)).toThrow(errorString); + expect(() => buildWithLimit('query-limit-min', 0)).not.toThrow(errorString); + expect(() => buildWithLimit('query-limit-max', 75)).not.toThrow(errorString); + expect(() => buildWithLimit('query-limit-high', 76)).toThrow(errorString); }); test('when resolver limit is out of range, it throws an error', () => { - const errorString = 'You must specify a resolver count limit between 0 and 10000.' + const errorString = 'You must specify a resolver count limit between 0 and 10000.'; const buildWithLimit = (name, resolverCountLimit) => { new appsync.GraphqlApi(stack, name, { authorizationConfig: {}, name: 'query-limits', schema: appsync.SchemaFile.fromAsset(path.join(__dirname, 'appsync.test.graphql')), - resolverCountLimit + resolverCountLimit, }); - } + }; - expect(() => buildWithLimit('resolver-limit-low', -1)).toThrow(errorString) - expect(() => buildWithLimit('resolver-limit-min', 0)).not.toThrow(errorString) - expect(() => buildWithLimit('resolver-limit-max', 10000)).not.toThrow(errorString) - expect(() => buildWithLimit('resolver-limit-high', 10001)).toThrow(errorString) + expect(() => buildWithLimit('resolver-limit-low', -1)).toThrow(errorString); + expect(() => buildWithLimit('resolver-limit-min', 0)).not.toThrow(errorString); + expect(() => buildWithLimit('resolver-limit-max', 10000)).not.toThrow(errorString); + expect(() => buildWithLimit('resolver-limit-high', 10001)).toThrow(errorString); }); \ No newline at end of file From f3c8837070ace9c1e13166f1c80c6f5d35384f4b Mon Sep 17 00:00:00 2001 From: Eric Robertson Date: Mon, 26 Feb 2024 09:51:55 -0800 Subject: [PATCH 4/4] linting fix --- packages/aws-cdk-lib/aws-appsync/lib/graphqlapi.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/aws-cdk-lib/aws-appsync/lib/graphqlapi.ts b/packages/aws-cdk-lib/aws-appsync/lib/graphqlapi.ts index 259ae319578f0..38731509ffd90 100644 --- a/packages/aws-cdk-lib/aws-appsync/lib/graphqlapi.ts +++ b/packages/aws-cdk-lib/aws-appsync/lib/graphqlapi.ts @@ -459,7 +459,7 @@ export interface GraphqlApiProps { */ readonly resolverCountLimit?: number; - /** + /** * A map containing the list of resources with their properties and environment variables. * * There are a few rules you must follow when creating keys and values: