Amplify-cli: @auth Directive on Query & Mutation Type (Custom Resolvers)

@pechisworks @auth directive on custom queries are not supported, but what you did, adding the AppSync supported directives is correct!

However, if you utilize the @key directive and specifying the queryField parameter a custom query will be generated for your and the CLI will apply the @auth directive as needed. Since it is a query operation, only the @auth directives that controlling the read operations, they'll get the appropriate directives.

I'm closing the issue as answered, if something new comes up, please feel free to reopen the issue.

@attilah
Hello, Sir!

May I ask if it is still the case that @auth directives on custom queries (including those built with @function directive) are not yet supported?

Below is a long example of what I am trying to achieve - in short, I am attempting to have an @function custom query that would be executable only by either logged-in users or UnAuthed ones via IAM... [this example is just a test I am working on...]

querySummaries(type: String limit: Int nextToken: String): QueryableSummaryConnection @function(name: "inxset-gql-res-summary-${env}") @aws_api_key @aws_iam @aws_cognito_user_pools @auth(rules: [{allow: public, provider: apiKey, operations: [read]} {allow: public, provider: iam, operations: [read]} {allow: groups, groups: ["everyone"], operations: [read]}])

Thanks in advance!

UPDATE: #2701 may be relevant ...

@FOMSON querySummaries with those auth methods worked for you? This is something not documented well at all...

@MontoyaAndres

Sir! Hello to you too!

In short, the answer is yes.

The querySummaries is a custom Query I made with a Lambda resolver (using @function directive).

For backend use, I would recommend checking "Signing a request from Lambda" in the Amplify Docs.

For frontend use, please see "Using Amplify GraphQL client" in the Amplify Docs.

Hope this helps? Let us know if not :)

@FOMSON jajaja sorry for not being polite with you 😅 . Hello Fomson! Yeah, I'm just curious about it because I have this issue https://github.com/aws-amplify/amplify-cli/issues/4814 I don't know if this is something similar...

Not to worry! All good :) My name is Alex :)

I do not think you need to do anything similar to what you did:
DO NOT DO THIS _"...And I could fix it by going to the route backend/api/MY_API/parameters.json and adding:..."_
Also, I am not sure at what stage you project is but if not too developed, try either to reverse all changes to parameters.json, or (I'd recommend from experience), delete and start again.

Do you have Auth added to your project? If not, add it and select IAM as main and Cognito as another way for authentification. Don't worry about users, just add Auth.

Try and let us know how it goes? I spent about a week trying to figure it out but now it works as a beauty!

Yeah, it's just for testing I already removed it from that file, and yeah, this project already have auth, (multi auth, with IAM and cognito user group). What else I need to do? Just update the schema and add what you did in your previous comment?

Yes, do what I described above :)

But make sure that IAM Auth is the main (first) way of authentification, as I think рis s is what adds Authed and Unauthed roles :)

P.S. Do not edit files if you are not sure what they do (most things you need are dole with CLI), I had to delete projects multiple times as they can go crazy after some silly changes :)

Thanks! I'll take care about it! Thank you so much. This should be documented on the docs :(

Do let us know how it goes! Happy to help :)