Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Amplify auth extension - IAM roles granted to schema #481

Open
2 tasks
funes79 opened this issue Oct 10, 2024 · 0 comments
Open
2 tasks

Amplify auth extension - IAM roles granted to schema #481

funes79 opened this issue Oct 10, 2024 · 0 comments
Labels
feature-request New feature or request GraphQL

Comments

@funes79
Copy link

funes79 commented Oct 10, 2024

Is this related to a new or existing framework?

Next.js

Is this related to a new or existing API?

Authentication

Is this related to another service?

No response

Describe the feature you'd like to request

Hi! I am not sure if this feature is missing or just not found in docs, but I think it would be very useful if we could define different "authorized" objects - one for UserPool and one for IAM. The idea is to add to the default userpool (front end users) a possibility to define multiple rules for IAM roles (backend services not necessarily related to Amplify)

Describe the solution you'd like

const schema = a
  .schema({
    Todo: a
      .model({
        content: a.string(),
      })
      .authorization((allow) => [
           allow.authenticated(),
           // plus IAM
          allow.iamRoles([env.COPIER_SERVICE_IAM_ROLES]).to(["read"]),
          allow.iamRoles([env.UPDATER_SERVICE_IAM_ROLES]).to(["read", "write"]),
]),

Describe alternatives you've considered

Considered altering CF resources, but not sure where to change and what.

Additional context

No response

Is this something that you'd be interested in working on?

  • 👋 I may be able to implement this feature request
  • ⚠️ This feature might incur a breaking change
@chrisbonifacio chrisbonifacio self-assigned this Oct 11, 2024
@chrisbonifacio chrisbonifacio removed their assignment Oct 11, 2024
@stocaaro stocaaro transferred this issue from aws-amplify/amplify-js Jan 8, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature-request New feature or request GraphQL
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@chrisbonifacio @funes79 @ashika112