feat: Add mis build to the data factory

stocaaro · stocaaro · commit 29bfad70ccc2 · 2024-11-12T16:38:42.000-06:00
diff --git a/.changeset/rare-kiwis-live.md b/.changeset/rare-kiwis-live.md
@@ -0,0 +1,7 @@
+---
+'@aws-amplify/backend': patch
+'@aws-amplify/backend-data': patch
+'@aws-amplify/model-generator': patch
+---
+
+feat: Add mis build to S3 from the data construct factory
diff --git a/package-lock.json b/package-lock.json
diff --git a/packages/backend-data/package.json b/packages/backend-data/package.json
@@ -31,7 +31,8 @@
     "@aws-amplify/backend-output-storage": "^1.1.3",
     "@aws-amplify/backend-output-schemas": "^1.4.0",
     "@aws-amplify/data-construct": "^1.10.1",
-    "@aws-amplify/plugin-types": "^1.4.0",
-    "@aws-amplify/data-schema-types": "^1.2.0"
+    "@aws-amplify/data-schema-types": "^1.2.0",
+    "@aws-amplify/graphql-generator": "^0.5.1",
+    "@aws-amplify/plugin-types": "^1.4.0"
   }
 }
diff --git a/packages/backend-data/src/app_sync_policy_generator.ts b/packages/backend-data/src/app_sync_policy_generator.ts
@@ -14,7 +14,10 @@ export class AppSyncPolicyGenerator {
   /**
    * Initialize with the GraphqlAPI that the policies will be scoped to
    */
-  constructor(private readonly graphqlApi: IGraphqlApi) {
+  constructor(
+    private readonly graphqlApi: IGraphqlApi,
+    private readonly modelIntrospectionSchemaArn?: string
+  ) {
     this.stack = Stack.of(graphqlApi);
   }
   /**
@@ -29,13 +32,25 @@ export class AppSyncPolicyGenerator {
       .map((action) => actionToTypeMap[action])
       // convert Type to resourceName
       .map((type) => [this.graphqlApi.arn, 'types', type, '*'].join('/'));
-    return new Policy(this.stack, `${this.policyPrefix}${this.policyCount++}`, {
-      statements: [
+
+    const statements = [
+      new PolicyStatement({
+        actions: ['appsync:GraphQL'],
+        resources,
+      }),
+    ];
+
+    if (this.modelIntrospectionSchemaArn) {
+      statements.push(
         new PolicyStatement({
-          actions: ['appsync:GraphQL'],
-          resources,
-        }),
-      ],
+          actions: ['s3:GetObject'],
+          resources: [this.modelIntrospectionSchemaArn],
+        })
+      );
+    }
+
+    return new Policy(this.stack, `${this.policyPrefix}${this.policyCount++}`, {
+      statements,
     });
   }
 }
diff --git a/packages/backend-data/src/factory.test.ts b/packages/backend-data/src/factory.test.ts
@@ -85,7 +85,6 @@ const createConstructContainerWithUserPoolAuthRegistered = (
         authenticatedUserIamRole: new Role(stack, 'testAuthRole', {
           assumedBy: new ServicePrincipal('test.amazon.com'),
         }),
-        identityPoolId: 'identityPoolId',
         cfnResources: {
           cfnUserPool: new CfnUserPool(stack, 'CfnUserPool', {}),
           cfnUserPoolClient: new CfnUserPoolClient(stack, 'CfnUserPoolClient', {
@@ -101,6 +100,7 @@ const createConstructContainerWithUserPoolAuthRegistered = (
           ),
         },
         groups: {},
+        identityPoolId: 'identityPool',
       },
     }),
   });
@@ -567,6 +567,23 @@ void describe('DataFactory', () => {
                 },
               ],
             },
+            {
+              Action: 's3:GetObject',
+              Resource: {
+                'Fn::Join': [
+                  '',
+                  [
+                    {
+                      'Fn::GetAtt': [
+                        'modelIntrospectionSchemaBucketF566B665',
+                        'Arn',
+                      ],
+                    },
+                    '/modelIntrospectionSchema.json',
+                  ],
+                ],
+              },
+            },
           ],
         },
         Roles: [
@@ -675,6 +692,23 @@ void describe('DataFactory', () => {
                 ],
               },
             },
+            {
+              Action: 's3:GetObject',
+              Resource: {
+                'Fn::Join': [
+                  '',
+                  [
+                    {
+                      'Fn::GetAtt': [
+                        'modelIntrospectionSchemaBucketF566B665',
+                        'Arn',
+                      ],
+                    },
+                    '/modelIntrospectionSchema.json',
+                  ],
+                ],
+              },
+            },
           ],
         },
         Roles: [
@@ -701,6 +735,23 @@ void describe('DataFactory', () => {
                 ],
               },
             },
+            {
+              Action: 's3:GetObject',
+              Resource: {
+                'Fn::Join': [
+                  '',
+                  [
+                    {
+                      'Fn::GetAtt': [
+                        'modelIntrospectionSchemaBucketF566B665',
+                        'Arn',
+                      ],
+                    },
+                    '/modelIntrospectionSchema.json',
+                  ],
+                ],
+              },
+            },
           ],
         },
         Roles: [
diff --git a/packages/backend-data/src/factory.ts b/packages/backend-data/src/factory.ts

Original file line number	Diff line number	Diff line change
`@@ -31,7 +31,8 @@`
`31`	`31`	`"@aws-amplify/backend-output-storage": "^1.1.3",`
`32`	`32`	`"@aws-amplify/backend-output-schemas": "^1.4.0",`
`33`	`33`	`"@aws-amplify/data-construct": "^1.10.1",`
`34`		`- "@aws-amplify/plugin-types": "^1.4.0",`
`35`		`- "@aws-amplify/data-schema-types": "^1.2.0"`
	`34`	`+ "@aws-amplify/data-schema-types": "^1.2.0",`
	`35`	`+ "@aws-amplify/graphql-generator": "^0.5.1",`
	`36`	`+ "@aws-amplify/plugin-types": "^1.4.0"`
`36`	`37`	`}`
`37`	`38`	`}`