Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Function Auth Role - "Read" Permission does not give "appsync:GraphQL" access in IAM Role. #6093

Closed
blazinaj opened this issue Dec 7, 2020 · 3 comments
Closed

Function Auth Role - "Read" Permission does not give "appsync:GraphQL" access in IAM Role. #6093

blazinaj opened this issue Dec 7, 2020 · 3 comments
Labels
api-graphql Issues related to GraphQL resources in the API category bug Something isn't working

Comments

@blazinaj
Copy link

blazinaj commented Dec 7, 2020

When creating an Amplify CLI Function, I am assuming that choosing the 'read' option will allow us to perform queries. When using this option, "appsync:GraphQL" does not get added to the IAM Role Policy for this Lambda, thus initializing an AppSync Client in the Lambda fails.

Adding 'Create', 'Update', or 'Delete' then adds the necessary "appsync:GraphQL" action to the Lambda role. This may be by design, but took us a bit to figure out. May not be a Bug per se.
@half2me
Copy link

half2me commented Dec 7, 2020
edited

I literally ran into this just today. There also doesn't seem to be a way to give only the appsync:GraphQL action to the role, without granting any other privileges. (Without manually editing the cf template)

@attilah attilah added api-graphql Issues related to GraphQL resources in the API category bug Something isn't working duplicate labels Dec 7, 2020
@attilah
Copy link
Contributor

attilah commented Dec 7, 2020

Duplicate of #4306, #5342 fixes it

@attilah attilah closed this as completed Dec 7, 2020
@github-actions
Copy link

This issue has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs.

Looking for a help forum? We recommend joining the Amplify Community Discord server *-help channels for those types of questions.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators May 25, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
api-graphql Issues related to GraphQL resources in the API category bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@attilah @half2me @blazinaj