Provides an AppSync Data Source.
resource "aws_dynamodb_table" "example" {
name = "example"
read_capacity = 1
write_capacity = 1
hash_key = "UserId"
attribute {
name = "UserId"
type = "S"
}
}
data "aws_iam_policy_document" "assume_role" {
statement {
effect = "Allow"
principals {
type = "Service"
identifiers = ["appsync.amazonaws.com"]
}
actions = ["sts:AssumeRole"]
}
}
resource "aws_iam_role" "example" {
name = "example"
assume_role_policy = data.aws_iam_policy_document.assume_role.json
}
data "aws_iam_policy_document" "example" {
statement {
effect = "Allow"
actions = ["dynamodb:*"]
resources = [aws_dynamodb_table.example.arn]
}
}
resource "aws_iam_role_policy" "example" {
name = "example"
role = aws_iam_role.example.id
policy = data.aws_iam_policy_document.example.json
}
resource "aws_appsync_graphql_api" "example" {
authentication_type = "API_KEY"
name = "tf_appsync_example"
}
resource "aws_appsync_datasource" "example" {
api_id = aws_appsync_graphql_api.example.id
name = "tf_appsync_example"
service_role_arn = aws_iam_role.example.arn
type = "AMAZON_DYNAMODB"
dynamodb_config {
table_name = aws_dynamodb_table.example.name
}
}
This resource supports the following arguments:
api_id
- (Required) API ID for the GraphQL API for the data source.name
- (Required) User-supplied name for the data source.type
- (Required) Type of the Data Source. Valid values: AWS_LAMBDA
, AMAZON_DYNAMODB
, AMAZON_ELASTICSEARCH
, HTTP
, NONE
, RELATIONAL_DATABASE
, AMAZON_EVENTBRIDGE
, AMAZON_OPENSEARCH_SERVICE
.description
- (Optional) Description of the data source.dynamodb_config
- (Optional) DynamoDB settings. See DynamoDB Configelasticsearch_config
- (Optional) Amazon Elasticsearch settings. See ElasticSearch Configevent_bridge_config
- (Optional) AWS EventBridge settings. See Event Bridge Confighttp_config
- (Optional) HTTP settings. See HTTP Configlambda_config
- (Optional) AWS Lambda settings. See Lambda Configopensearchservice_config
- (Optional) Amazon OpenSearch Service settings. See OpenSearch Service Configrelational_database_config
(Optional) AWS RDS settings. See Relational Database Configservice_role_arn
- (Optional) IAM service role ARN for the data source. Required if type
is specified as AWS_LAMBDA
, AMAZON_DYNAMODB
, AMAZON_ELASTICSEARCH
, AMAZON_EVENTBRIDGE
, or AMAZON_OPENSEARCH_SERVICE
.This argument supports the following arguments:
table_name
- (Required) Name of the DynamoDB table.region
- (Optional) AWS region of the DynamoDB table. Defaults to current region.use_caller_credentials
- (Optional) Set to true
to use Amazon Cognito credentials with this data source.delta_sync_config
- (Optional) The DeltaSyncConfig for a versioned data source. See Delta Sync Configversioned
- (Optional) Detects Conflict Detection and Resolution with this data source.base_table_ttl
- (Optional) The number of minutes that an Item is stored in the data source.delta_sync_table_name
- (Required) The table name.delta_sync_table_ttl
- (Optional) The number of minutes that a Delta Sync log entry is stored in the Delta Sync table.This argument supports the following arguments:
endpoint
- (Required) HTTP endpoint of the Elasticsearch domain.region
- (Optional) AWS region of Elasticsearch domain. Defaults to current region.This argument supports the following arguments:
event_bus_arn
- (Required) ARN for the EventBridge bus.This argument supports the following arguments:
endpoint
- (Required) HTTP URL.authorization_config
- (Optional) Authorization configuration in case the HTTP endpoint requires authorization. See Authorization Config.This argument supports the following arguments:
authorization_type
- (Optional) Authorization type that the HTTP endpoint requires. Default values is AWS_IAM
.aws_iam_config
- (Optional) Identity and Access Management (IAM) settings. See AWS IAM Config.This argument supports the following arguments:
signing_region
- (Optional) Signing Amazon Web Services Region for IAM authorization.signing_service_name
- (Optional) Signing service name for IAM authorization.This argument supports the following arguments:
function_arn
- (Required) ARN for the Lambda function.This argument supports the following arguments:
endpoint
- (Required) HTTP endpoint of the OpenSearch domain.region
- (Optional) AWS region of the OpenSearch domain. Defaults to current region.This argument supports the following arguments:
http_endpoint_config
- (Required) Amazon RDS HTTP endpoint configuration. See HTTP Endpoint Config.source_type
- (Optional) Source type for the relational database. Valid values: RDS_HTTP_ENDPOINT
.This argument supports the following arguments:
db_cluster_identifier
- (Required) Amazon RDS cluster identifier.aws_secret_store_arn
- (Required) AWS secret store ARN for database credentials.database_name
- (Optional) Logical database name.region
- (Optional) AWS Region for RDS HTTP endpoint. Defaults to current region.schema
- (Optional) Logical schema name.This resource exports the following attributes in addition to the arguments above:
arn
- ARNIn Terraform v1.5.0 and later, use an import
block to import aws_appsync_datasource
using the api_id
, a hyphen, and name
. For example:
import {
to = aws_appsync_datasource.example
id = "abcdef123456-example"
}
Using terraform import
, import aws_appsync_datasource
using the api_id
, a hyphen, and name
. For example:
% terraform import aws_appsync_datasource.example abcdef123456-example