fix: resource arn

aws-amplify · Nov 18, 2024 · 9896a4e · 9896a4e
1 parent 42de12a
commit 9896a4e
Show file tree

Hide file tree

Showing 4 changed files with 139 additions and 17 deletions.
diff --git a/codebuild_specs/e2e_workflow.yml b/codebuild_specs/e2e_workflow.yml
@@ -755,73 +755,73 @@ batch:
           CLI_REGION: ap-northeast-2
       depend-on:
         - publish_to_local_registry
-    - identifier: utils_ddb_iam_access_data_construct_custom_logic_amplify_table_5
+    - identifier: utils_overrides_ddb_iam_access_data_construct_custom_logic
       buildspec: codebuild_specs/run_cdk_tests.yml
       env:
         compute-type: BUILD_GENERAL1_LARGE
         variables:
           NODE_OPTIONS: '--max-old-space-size=14848'
           TEST_SUITE: >-
-            src/__tests__/utils.test.ts|src/__tests__/ddb-iam-access.test.ts|src/__tests__/data-construct.test.ts|src/__tests__/custom-logic.test.ts|src/__tests__/amplify-table-5.test.ts
+            src/__tests__/utils.test.ts|src/__tests__/overrides.test.ts|src/__tests__/ddb-iam-access.test.ts|src/__tests__/data-construct.test.ts|src/__tests__/custom-logic.test.ts
           CLI_REGION: eu-west-2
       depend-on:
         - publish_to_local_registry
     - identifier: >-
-        add_resources_references_migration_migration_validation_many_to_many_migration_base_migration
+        amplify_table_5_add_resources_references_migration_migration_validation_many_to_many_migration
       buildspec: codebuild_specs/run_cdk_tests.yml
       env:
         compute-type: BUILD_GENERAL1_LARGE
         variables:
           NODE_OPTIONS: '--max-old-space-size=14848'
           TEST_SUITE: >-
-            src/__tests__/add-resources.test.ts|src/__tests__/migration/references-migration.test.ts|src/__tests__/migration/migration-validation.test.ts|src/__tests__/migration/many-to-many-migration.test.ts|src/__tests__/migration/base-migration.test.ts
+            src/__tests__/amplify-table-5.test.ts|src/__tests__/add-resources.test.ts|src/__tests__/migration/references-migration.test.ts|src/__tests__/migration/migration-validation.test.ts|src/__tests__/migration/many-to-many-migration.test.ts
           CLI_REGION: ap-southeast-1
       depend-on:
         - publish_to_local_registry
     - identifier: >-
-        single_gsi_single_record_single_gsi_empty_table_single_gsi_1k_records_single_gsi_10k_records_replace_2_gsis_update_attr_single_
+        base_migration_single_gsi_single_record_single_gsi_empty_table_single_gsi_1k_records_single_gsi_10k_records
       buildspec: codebuild_specs/run_cdk_tests.yml
       env:
         compute-type: BUILD_GENERAL1_LARGE
         variables:
           NODE_OPTIONS: '--max-old-space-size=14848'
           TEST_SUITE: >-
-            src/__tests__/deploy-velocity-temporarily-disabled/single-gsi-single-record.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/single-gsi-empty-table.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/single-gsi-1k-records.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/single-gsi-10k-records.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/replace-2-gsis-update-attr-single-record.test.ts
+            src/__tests__/migration/base-migration.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/single-gsi-single-record.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/single-gsi-empty-table.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/single-gsi-1k-records.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/single-gsi-10k-records.test.ts
           CLI_REGION: ap-northeast-3
       depend-on:
         - publish_to_local_registry
     - identifier: >-
-        replace_2_gsis_update_attr_empty_table_replace_2_gsis_update_attr_1k_records_replace_2_gsis_update_attr_10k_records_replace_2_g
+        replace_2_gsis_update_attr_single_record_replace_2_gsis_update_attr_empty_table_replace_2_gsis_update_attr_1k_records_replace_2
       buildspec: codebuild_specs/run_cdk_tests.yml
       env:
         compute-type: BUILD_GENERAL1_LARGE
         variables:
           NODE_OPTIONS: '--max-old-space-size=14848'
           TEST_SUITE: >-
-            src/__tests__/deploy-velocity-temporarily-disabled/replace-2-gsis-update-attr-empty-table.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/replace-2-gsis-update-attr-1k-records.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/replace-2-gsis-update-attr-10k-records.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/replace-2-gsis-single-record.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/replace-2-gsis-empty-table.test.ts
+            src/__tests__/deploy-velocity-temporarily-disabled/replace-2-gsis-update-attr-single-record.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/replace-2-gsis-update-attr-empty-table.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/replace-2-gsis-update-attr-1k-records.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/replace-2-gsis-update-attr-10k-records.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/replace-2-gsis-single-record.test.ts
           CLI_REGION: ap-south-1
       depend-on:
         - publish_to_local_registry
     - identifier: >-
-        replace_2_gsis_1k_records_replace_2_gsis_10k_records_3_gsis_single_record_3_gsis_empty_table_3_gsis_1k_records
+        replace_2_gsis_empty_table_replace_2_gsis_1k_records_replace_2_gsis_10k_records_3_gsis_single_record_3_gsis_empty_table
       buildspec: codebuild_specs/run_cdk_tests.yml
       env:
         compute-type: BUILD_GENERAL1_LARGE
         variables:
           NODE_OPTIONS: '--max-old-space-size=14848'
           TEST_SUITE: >-
-            src/__tests__/deploy-velocity-temporarily-disabled/replace-2-gsis-1k-records.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/replace-2-gsis-10k-records.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/3-gsis-single-record.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/3-gsis-empty-table.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/3-gsis-1k-records.test.ts
+            src/__tests__/deploy-velocity-temporarily-disabled/replace-2-gsis-empty-table.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/replace-2-gsis-1k-records.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/replace-2-gsis-10k-records.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/3-gsis-single-record.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/3-gsis-empty-table.test.ts
           CLI_REGION: ap-southeast-1
       depend-on:
         - publish_to_local_registry
-    - identifier: 3_gsis_10k_records
+    - identifier: 3_gsis_1k_records_3_gsis_10k_records
       buildspec: codebuild_specs/run_cdk_tests.yml
       env:
         compute-type: BUILD_GENERAL1_LARGE
         variables:
           NODE_OPTIONS: '--max-old-space-size=14848'
           TEST_SUITE: >-
-            src/__tests__/deploy-velocity-temporarily-disabled/3-gsis-10k-records.test.ts
+            src/__tests__/deploy-velocity-temporarily-disabled/3-gsis-1k-records.test.ts|src/__tests__/deploy-velocity-temporarily-disabled/3-gsis-10k-records.test.ts
           CLI_REGION: ap-southeast-2
       depend-on:
         - publish_to_local_registry

diff --git a/packages/amplify-graphql-api-construct-tests/src/__tests__/overrides.test.ts b/packages/amplify-graphql-api-construct-tests/src/__tests__/overrides.test.ts
@@ -0,0 +1,103 @@
+import * as path from 'path';
+import { createNewProjectDir, deleteProjectDir } from 'amplify-category-api-e2e-core';
+import { DDB_AMPLIFY_MANAGED_DATASOURCE_STRATEGY } from '@aws-amplify/graphql-transformer-core';
+import { DynamoDBClient, DescribeTableCommand } from '@aws-sdk/client-dynamodb';
+import { initCDKProject, cdkDestroy, cdkDeploy } from '../commands';
+import { TestDefinition, writeStackConfig, writeTestDefinitions, writeOverrides } from '../utils';
+import { DURATION_1_HOUR } from '../utils/duration-constants';
+import { graphql } from '../graphql-request';
+
+jest.setTimeout(DURATION_1_HOUR);
+
+describe('CFN Overrides', () => {
+  describe('Amplify Managed Table', () => {
+    const projFolderName = 'amplify-managed-table-overrides';
+    let projRoot: string;
+
+    beforeEach(async () => {
+      projRoot = await createNewProjectDir(projFolderName);
+    });
+
+    afterEach(async () => {
+      try {
+        await cdkDestroy(projRoot, '--all');
+      } catch (err) {
+        console.log(`Error invoking 'cdk destroy': ${err}`);
+      }
+
+      deleteProjectDir(projRoot);
+    });
+
+    test('allow override table name', async () => {
+      const templatePath = path.resolve(path.join(__dirname, 'backends', 'configurable-stack'));
+      const name = await initCDKProject(projRoot, templatePath);
+      const testDefinitions: Record<string, TestDefinition> = {
+        'table-name-override': {
+          schema: /* GraphQL */ `
+            type Todo @model @auth(rules: [{ allow: public }]) {
+              id: ID!
+              content: String
+            }
+          `,
+          strategy: DDB_AMPLIFY_MANAGED_DATASOURCE_STRATEGY,
+        },
+      };
+
+      writeStackConfig(projRoot, { prefix: projFolderName });
+      writeTestDefinitions(testDefinitions, projRoot);
+      const tableName = `CustomTableName-${Date.now()}`;
+      const overrides = `
+        import { AmplifyGraphqlApi } from '@aws-amplify/graphql-api-construct';
+
+        export const applyOverrides = (api: AmplifyGraphqlApi): void => {
+          api.resources.cfnResources.amplifyDynamoDbTables['Todo'].tableName = '${tableName}';
+        };
+      `;
+      writeOverrides(overrides, projRoot);
+      const outputs = await cdkDeploy(projRoot, '--all');
+      const { awsAppsyncApiEndpoint, awsAppsyncApiKey } = outputs[name];
+      // TODO: set region
+      const ddbClient = new DynamoDBClient({ region: process.env.CLI_REGION || 'us-west-2' });
+      const describeTableResponseBefore = await ddbClient.send(new DescribeTableCommand({ TableName: tableName }));
+      expect(describeTableResponseBefore.Table?.TableName).toEqual(tableName);
+      expect(describeTableResponseBefore.Table?.ItemCount).toEqual(0);
+
+      const result = await graphql(
+        awsAppsyncApiEndpoint,
+        awsAppsyncApiKey,
+        /* GraphQL */ `
+          mutation CREATE_TODO {
+            createTodo(input: { content: "todo desc" }) {
+              id
+              content
+            }
+          }
+        `,
+      );
+      expect(result.statusCode).toEqual(200);
+      const todo = result.body.data.createTodo;
+
+      const listResult = await graphql(
+        awsAppsyncApiEndpoint,
+        awsAppsyncApiKey,
+        /* GraphQL */ `
+          query LIST_TODOS {
+            listTodos {
+              items {
+                id
+                content
+              }
+            }
+          }
+        `,
+      );
+
+      expect(listResult.statusCode).toEqual(200);
+      expect(listResult.body.data.listTodos.items[0].id).toEqual(todo.id);
+
+      const describeTableResponseAfter = await ddbClient.send(new DescribeTableCommand({ TableName: tableName }));
+      expect(describeTableResponseAfter.Table?.TableName).toEqual(tableName);
+      expect(describeTableResponseAfter.Table?.ItemCount).toEqual(1);
+    });
+  });
+});
diff --git a/packages/amplify-graphql-api-construct/src/__tests__/__functional__/overrides.test.ts b/packages/amplify-graphql-api-construct/src/__tests__/__functional__/overrides.test.ts
@@ -84,7 +84,14 @@ describe('overrides', () => {
           {
             Action: action,
             Effect: 'Allow',
-            Resource: 'CustomTableName',
+            Resource: {
+              'Fn::Sub': [
+                // this is the template string within the CFN template
+                // eslint-disable-next-line no-template-curly-in-string
+                'arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/${tableName}',
+                { tableName: 'CustomTableName' },
+              ],
+            },
           },
         ],
       },
@@ -102,13 +109,20 @@ describe('overrides', () => {
             Action: 'states:StartExecution',
             Effect: 'Allow',
             Resource: {
-              Ref: 'AmplifyTableWaiterStateMachine060600BC',
+              Ref: Match.stringLikeRegexp('^AmplifyTableWaiterStateMachine.*'),
             },
           },
           {
             Action: action,
             Effect: 'Allow',
-            Resource: 'CustomTableName',
+            Resource: {
+              'Fn::Sub': [
+                // this is the template string within the CFN template
+                // eslint-disable-next-line no-template-curly-in-string
+                'arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/${tableName}',
+                { tableName: 'CustomTableName' },
+              ],
+            },
           },
         ],
         Version: '2012-10-17',

diff --git a/packages/amplify-graphql-api-construct/src/amplify-dynamodb-table-wrapper.ts b/packages/amplify-graphql-api-construct/src/amplify-dynamodb-table-wrapper.ts
@@ -1,4 +1,4 @@
-import { CfnResource, RemovalPolicy, NestedStack } from 'aws-cdk-lib';
+import { CfnResource, RemovalPolicy, NestedStack, Fn } from 'aws-cdk-lib';
 import { BillingMode, StreamViewType } from 'aws-cdk-lib/aws-dynamodb';
 import { Role, PolicyStatement, Effect } from 'aws-cdk-lib/aws-iam';
 
@@ -209,7 +209,12 @@ export class AmplifyDynamoDbTableWrapper {
         'dynamodb:UntagResource',
         'dynamodb:ListTagsOfResource',
       ],
-      resources: [tableName],
+      // eslint-disable-next-line no-template-curly-in-string
+      resources: [
+        Fn.sub('arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/${tableName}', {
+          tableName,
+        }),
+      ],
     });
 
     const onEventRole = this.tableManagerStack.node.findChild('AmplifyManagedTableOnEventRole') as Role;