Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Amplify auth extension - IAM roles granted to schema #13905

Open
2 tasks
funes79 opened this issue Oct 10, 2024 · 0 comments
Open
2 tasks

Amplify auth extension - IAM roles granted to schema #13905

funes79 opened this issue Oct 10, 2024 · 0 comments
Labels
feature-request Request a new feature GraphQL Related to GraphQL API issues

Comments

@funes79
Copy link

funes79 commented Oct 10, 2024

Is this related to a new or existing framework?

Next.js

Is this related to a new or existing API?

Authentication

Is this related to another service?

No response

Describe the feature you'd like to request

Hi! I am not sure if this feature is missing or just not found in docs, but I think it would be very useful if we could define different "authorized" objects - one for UserPool and one for IAM. The idea is to add to the default userpool (front end users) a possibility to define multiple rules for IAM roles (backend services not necessarily related to Amplify)

Describe the solution you'd like

const schema = a
  .schema({
    Todo: a
      .model({
        content: a.string(),
      })
      .authorization((allow) => [
           allow.authenticated(),
           // plus IAM
          allow.iamRoles([env.COPIER_SERVICE_IAM_ROLES]).to(["read"]),
          allow.iamRoles([env.UPDATER_SERVICE_IAM_ROLES]).to(["read", "write"]),
]),

Describe alternatives you've considered

Considered altering CF resources, but not sure where to change and what.

Additional context

No response

Is this something that you'd be interested in working on?

  • 👋 I may be able to implement this feature request
  • ⚠️ This feature might incur a breaking change
@github-actions github-actions bot added pending-triage Issue is pending triage pending-maintainer-response Issue is pending a response from the Amplify team. labels Oct 10, 2024
@ashika112 ashika112 added the GraphQL Related to GraphQL API issues label Oct 10, 2024
@chrisbonifacio chrisbonifacio self-assigned this Oct 11, 2024
@chrisbonifacio chrisbonifacio added feature-request Request a new feature and removed pending-triage Issue is pending triage pending-maintainer-response Issue is pending a response from the Amplify team. labels Oct 11, 2024
@chrisbonifacio chrisbonifacio removed their assignment Oct 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature-request Request a new feature GraphQL Related to GraphQL API issues
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@chrisbonifacio @funes79 @ashika112