feat: Add support for appsync apis (#1393)

client/client.go

@@ -17,6 +17,7 @@ import (
 	"github.com/aws/aws-sdk-go-v2/service/apigateway"
 	"github.com/aws/aws-sdk-go-v2/service/apigatewayv2"
 	"github.com/aws/aws-sdk-go-v2/service/applicationautoscaling"
+	"github.com/aws/aws-sdk-go-v2/service/appsync"
 	"github.com/aws/aws-sdk-go-v2/service/athena"
 	"github.com/aws/aws-sdk-go-v2/service/autoscaling"
 	"github.com/aws/aws-sdk-go-v2/service/backup"
@@ -123,6 +124,7 @@ type Services struct {
 	Apigateway             ApigatewayClient
 	Apigatewayv2           Apigatewayv2Client
 	ApplicationAutoscaling ApplicationAutoscalingClient
+	AppSync                AppSyncClient
 	Athena                 AthenaClient
 	Autoscaling            AutoscalingClient
 	Backup                 BackupClient
@@ -621,6 +623,7 @@ func initServices(region string, c aws.Config) Services {
 		Apigateway:             apigateway.NewFromConfig(awsCfg),
 		Apigatewayv2:           apigatewayv2.NewFromConfig(awsCfg),
 		ApplicationAutoscaling: applicationautoscaling.NewFromConfig(awsCfg),
+		AppSync:                appsync.NewFromConfig(awsCfg),
 		Athena:                 athena.NewFromConfig(awsCfg),
 		Autoscaling:            autoscaling.NewFromConfig(awsCfg),
 		Backup:                 backup.NewFromConfig(awsCfg),

client/services.go

@@ -8,6 +8,7 @@ import (
 	"github.com/aws/aws-sdk-go-v2/service/apigateway"
 	"github.com/aws/aws-sdk-go-v2/service/apigatewayv2"
 	"github.com/aws/aws-sdk-go-v2/service/applicationautoscaling"
+	"github.com/aws/aws-sdk-go-v2/service/appsync"
 	"github.com/aws/aws-sdk-go-v2/service/athena"
 	"github.com/aws/aws-sdk-go-v2/service/autoscaling"
 	"github.com/aws/aws-sdk-go-v2/service/backup"
@@ -132,6 +133,11 @@ type Apigatewayv2Client interface {
 	GetTags(ctx context.Context, params *apigatewayv2.GetTagsInput, optFns ...func(*apigatewayv2.Options)) (*apigatewayv2.GetTagsOutput, error)
 }
 
+//go:generate mockgen -package=mocks -destination=./mocks/mock_appsync.go . AppSyncClient
+type AppSyncClient interface {
+	ListGraphqlApis(ctx context.Context, params *appsync.ListGraphqlApisInput, optFns ...func(*appsync.Options)) (*appsync.ListGraphqlApisOutput, error)
+}
+
 //go:generate mockgen -package=mocks -destination=./mocks/mock_athena.go . AthenaClient
 type AthenaClient interface {
 	ListDataCatalogs(ctx context.Context, params *athena.ListDataCatalogsInput, optFns ...func(*athena.Options)) (*athena.ListDataCatalogsOutput, error)

docs/tables/aws_appsync_graphql_api_additional_authentication_providers.md

@@ -0,0 +1,18 @@
+
+# Table: aws_appsync_graphql_api_additional_authentication_providers
+Describes an additional authentication provider
+## Columns
+| Name        | Type           | Description  |
+| ------------- | ------------- | -----  |
+|graphql_api_cq_id|uuid|Unique CloudQuery ID of aws_appsync_graphql_apis table (FK)|
+|authentication_type|text|The authentication type: API key, Identity and Access Management (IAM), OpenID Connect (OIDC), Amazon Cognito user pools, or Lambda|
+|lambda_authorizer_config_authorizer_uri|text|The Amazon Resource Name (ARN) of the Lambda function to be called for authorization|
+|lambda_authorizer_config_authorizer_result_ttl_in_seconds|bigint|The number of seconds a response should be cached for|
+|lambda_authorizer_config_identity_validation_expression|text|A regular expression for validation of tokens before the Lambda function is called|
+|open_id_connect_config_issuer|text|The issuer for the OIDC configuration|
+|open_id_connect_config_auth_ttl|bigint|The number of milliseconds that a token is valid after being authenticated|
+|open_id_connect_config_client_id|text|The client identifier of the relying party at the OpenID identity provider|
+|open_id_connect_config_iat_ttl|bigint|The number of milliseconds that a token is valid after it's issued to a user|
+|user_pool_config_aws_region|text|The Amazon Web Services Region in which the user pool was created|
+|user_pool_config_user_pool_id|text|The user pool ID|
+|user_pool_config_app_id_client_regex|text|A regular expression for validating the incoming Amazon Cognito user pool app client ID|

docs/tables/aws_appsync_graphql_apis.md

@@ -0,0 +1,30 @@
+
+# Table: aws_appsync_graphql_apis
+Describes a GraphQL API
+## Columns
+| Name        | Type           | Description  |
+| ------------- | ------------- | -----  |
+|account_id|text|The AWS Account ID of the resource.|
+|region|text|The AWS Region of the resource.|
+|id|text|The API ID|
+|arn|text|The Amazon Resource Name (ARN)|
+|authentication_type|text|The authentication type|
+|lambda_authorizer_config_authorizer_uri|text|The Amazon Resource Name (ARN) of the Lambda function to be called for authorization|
+|lambda_authorizer_config_authorizer_result_ttl_in_seconds|bigint|The number of seconds a response should be cached for|
+|lambda_authorizer_config_identity_validation_expression|text|A regular expression for validation of tokens before the Lambda function is called|
+|log_config_cloud_watch_logs_role_arn|text|The service role that AppSync assumes to publish to CloudWatch logs in your account|
+|log_config_field_log_level|text|The field logging level|
+|log_config_exclude_verbose_content|boolean|Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level|
+|name|text|The API name|
+|open_id_connect_config_issuer|text|The issuer for the OIDC configuration|
+|open_id_connect_config_auth_ttl|bigint|The number of milliseconds that a token is valid after being authenticated|
+|open_id_connect_config_client_id|text|The client identifier of the relying party at the OpenID identity provider|
+|open_id_connect_config_iat_ttl|bigint|The number of milliseconds that a token is valid after it's issued to a user|
+|tags|jsonb|The tags|
+|uris|jsonb|The URIs|
+|user_pool_config_aws_region|text|The Amazon Web Services Region in which the user pool was created|
+|user_pool_config_default_action|text|The action that you want your GraphQL API to take when a request that uses Amazon Cognito user pool authentication doesn't match the Amazon Cognito user pool configuration|
+|user_pool_config_user_pool_id|text|The user pool ID|
+|user_pool_config_app_id_client_regex|text|A regular expression for validating the incoming Amazon Cognito user pool app client ID|
+|waf_web_acl_arn|text|The ARN of the WAF access control list (ACL) associated with this GraphqlApi, if one exists|
+|xray_enabled|boolean|A flag indicating whether to use X-Ray tracing for this GraphqlApi|

go.mod

@@ -3,7 +3,7 @@ module github.com/cloudquery/cq-provider-aws
 go 1.18
 
 require (
-	github.com/aws/aws-sdk-go-v2 v1.16.7
+	github.com/aws/aws-sdk-go-v2 v1.16.8
 	github.com/aws/aws-sdk-go-v2/config v1.15.14
 	github.com/aws/aws-sdk-go-v2/credentials v1.12.9
 	github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.20
@@ -12,6 +12,7 @@ require (
 	github.com/aws/aws-sdk-go-v2/service/apigateway v1.15.10
 	github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.12.8
 	github.com/aws/aws-sdk-go-v2/service/applicationautoscaling v1.15.8
+	github.com/aws/aws-sdk-go-v2/service/appsync v1.15.1
 	github.com/aws/aws-sdk-go-v2/service/autoscaling v1.23.5
 	github.com/aws/aws-sdk-go-v2/service/cloudformation v1.21.2
 	github.com/aws/aws-sdk-go-v2/service/cloudfront v1.18.4
@@ -103,8 +104,8 @@ require (
 	github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect
 	github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.3 // indirect
 	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.8 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.14 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.8 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.15 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.9 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/ini v1.3.15 // indirect
 	github.com/aws/aws-sdk-go-v2/service/athena v1.16.0
 	github.com/aws/aws-sdk-go-v2/service/backup v1.16.3

go.sum

@@ -55,8 +55,9 @@ github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kd
 github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6iT90AvPUL1NNfNw=
 github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo=
 github.com/aws/aws-sdk-go-v2 v1.16.6/go.mod h1:6CpKuLXg2w7If3ABZCl/qZ6rEgwtjZTn4eAf4RcEyuw=
-github.com/aws/aws-sdk-go-v2 v1.16.7 h1:zfBwXus3u14OszRxGcqCDS4MfMCv10e8SMJ2r8Xm0Ns=
 github.com/aws/aws-sdk-go-v2 v1.16.7/go.mod h1:6CpKuLXg2w7If3ABZCl/qZ6rEgwtjZTn4eAf4RcEyuw=
+github.com/aws/aws-sdk-go-v2 v1.16.8 h1:gOe9UPR98XSf7oEJCcojYg+N2/jCRm4DdeIsP85pIyQ=
+github.com/aws/aws-sdk-go-v2 v1.16.8/go.mod h1:6CpKuLXg2w7If3ABZCl/qZ6rEgwtjZTn4eAf4RcEyuw=
 github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.3 h1:S/ZBwevQkr7gv5YxONYpGQxlMFFYSRfz3RMcjsC9Qhk=
 github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.3/go.mod h1:gNsR5CaXKmQSSzrmGxmwmct/r+ZBfbxorAuXYsj/M5Y=
 github.com/aws/aws-sdk-go-v2/config v1.15.14 h1:+BqpqlydTq4c2et9Daury7gE+o67P4lbk7eybiCBNc4=
@@ -68,11 +69,13 @@ github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.8/go.mod h1:oL1Q3KuCq1D4NykQ
 github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.20 h1:J7/+NFr8N7ebaC/Khie8ptnWn0h436q1hblMeL53mww=
 github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.20/go.mod h1:IOgK2DAat3WO2qAaPmIzTdF+QqL18samL3dqZdjRBZI=
 github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.13/go.mod h1:wLLesU+LdMZDM3U0PP9vZXJW39zmD/7L4nY2pSrYZ/g=
-github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.14 h1:2C0pYHcUBmdzPj+EKNC4qj97oK6yjrUhc1KoSodglvk=
 github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.14/go.mod h1:kdjrMwHwrC3+FsKhNcCMJ7tUVj/8uSD5CZXeQ4wV6fM=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.15 h1:bx5F2mr6H6FC7zNIQoDoUr8wEKnvmwRncujT3FYRtic=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.15/go.mod h1:pWrr2OoHlT7M/Pd2y4HV3gJyPb3qj5qMmnPkKSNPYK4=
 github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.7/go.mod h1:93Uot80ddyVzSl//xEJreNKMhxntr71WtR3v/A1cRYk=
-github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.8 h1:2J+jdlBJWEmTyAwC82Ym68xCykIvnSnIN18b8xHGlcc=
 github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.8/go.mod h1:ZIV8GYoC6WLBW5KGs+o4rsc65/ozd+eQ0L31XF5VDwk=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.9 h1:5sbyznZC2TeFpa4fvtpvpcGbzeXEEs1l1Jo51ynUNsQ=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.9/go.mod h1:08tUpeSGN33QKSO7fwxXczNfiwCpbj+GxK6XKwqWVv0=
 github.com/aws/aws-sdk-go-v2/internal/ini v1.3.15 h1:QquxR7NH3ULBsKC+NoTpilzbKKS+5AELfNREInbhvas=
 github.com/aws/aws-sdk-go-v2/internal/ini v1.3.15/go.mod h1:Tkrthp/0sNBShQQsamR7j/zY4p19tVTAs+nnqhH6R3c=
 github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.5 h1:tEEHn+PGAxRVqMPEhtU8oCSW/1Ge3zP5nUgPrGQNUPs=
@@ -87,6 +90,8 @@ github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.12.8 h1:OQZODVKX58BBVtiGHdQ
 github.com/aws/aws-sdk-go-v2/service/apigatewayv2 v1.12.8/go.mod h1:YXBCG4l+2VBAd1a634Pz/iJvlTwKaTkdkj/BmtdS4X4=
 github.com/aws/aws-sdk-go-v2/service/applicationautoscaling v1.15.8 h1:obyX/RxIav+YBLkfW8wfD6f5XlHowqjJ9vYAwx+aogs=
 github.com/aws/aws-sdk-go-v2/service/applicationautoscaling v1.15.8/go.mod h1:289SWqwukb06IipOqjpcZYNiPNW4SH3wYKQPfpJXa1M=
+github.com/aws/aws-sdk-go-v2/service/appsync v1.15.1 h1:Y6aON7pWXCv8Y68WF66qjE9ZPnTOWaAh32RG/Lcb2cI=
+github.com/aws/aws-sdk-go-v2/service/appsync v1.15.1/go.mod h1:TfdM7u85zDQdH2WoGf07FBhNIL3jrBD8AYHAlab96aA=
 github.com/aws/aws-sdk-go-v2/service/athena v1.16.0 h1:QAejbkyqK2Z8bOtitlUt7/I/uTV08PvEiAzccfmGTkM=
 github.com/aws/aws-sdk-go-v2/service/athena v1.16.0/go.mod h1:uJUguNgKmnxoP19GOdVbPvEFNku5uV9guO0Dt+V3oB4=
 github.com/aws/aws-sdk-go-v2/service/autoscaling v1.23.5 h1:bOzF892bRTvBgcN3qgZ4KZZCAp8Gl7pWUxivVeJlR/0=

resources/provider/provider.go

@@ -9,6 +9,7 @@ import (
 	"github.com/cloudquery/cq-provider-aws/resources/services/apigateway"
 	"github.com/cloudquery/cq-provider-aws/resources/services/apigatewayv2"
 	"github.com/cloudquery/cq-provider-aws/resources/services/applicationautoscaling"
+	"github.com/cloudquery/cq-provider-aws/resources/services/appsync"
 	"github.com/cloudquery/cq-provider-aws/resources/services/athena"
 	"github.com/cloudquery/cq-provider-aws/resources/services/autoscaling"
 	"github.com/cloudquery/cq-provider-aws/resources/services/backup"
@@ -95,6 +96,7 @@ func Provider() *provider.Provider {
 			"apigatewayv2.domain_names":               apigatewayv2.Apigatewayv2DomainNames(),
 			"apigatewayv2.vpc_links":                  apigatewayv2.Apigatewayv2VpcLinks(),
 			"applicationautoscaling.policies":         applicationautoscaling.ApplicationautoscalingPolicies(),
+			"appsync.graphql_apis":                    appsync.GraphqlApis(),
 			"athena.data_catalogs":                    athena.DataCatalogs(),
 			"athena.work_groups":                      athena.WorkGroups(),
 			"autoscaling.groups":                      autoscaling.AutoscalingGroups(),

resources/services/appsync/gen.hcl

@@ -0,0 +1,45 @@
+service          = "aws"
+output_directory = "."
+add_generate     = true
+
+description_modifier "remove_read_only" {
+  words = ["  This member is required."]
+}
+
+resource "aws" "appsync" "graphql_apis" {
+  path = "github.com/aws/aws-sdk-go-v2/service/appsync/types.GraphqlApi"
+
+  ignoreError "IgnoreCommonErrors" {
+    path = "github.com/cloudquery/cq-provider-aws/client.IgnoreCommonErrors"
+  }
+  multiplex "AwsAccountRegion" {
+    path   = "github.com/cloudquery/cq-provider-aws/client.ServiceAccountRegionMultiplexer"
+    params = ["appsync"]
+  }
+  deleteFilter "AccountRegionFilter" {
+    path = "github.com/cloudquery/cq-provider-aws/client.DeleteAccountRegionFilter"
+  }
+
+  options {
+    primary_keys = ["arn"]
+  }
+
+  column "api_id" {
+    rename = "id"
+  }
+
+  userDefinedColumn "account_id" {
+    type        = "string"
+    description = "The AWS Account ID of the resource."
+    resolver "resolveAWSAccount" {
+      path = "github.com/cloudquery/cq-provider-aws/client.ResolveAWSAccount"
+    }
+  }
+  userDefinedColumn "region" {
+    type        = "string"
+    description = "The AWS Region of the resource."
+    resolver "resolveAWSRegion" {
+      path = "github.com/cloudquery/cq-provider-aws/client.ResolveAWSRegion"
+    }
+  }
+}