amplify-category-api
amplify-category-api copied to clipboard
Published
20 hours ago •
aws-amplify
aws-amplify
Can't set field-level authorization in amplify gen2
Environment information
System:
OS: Windows 10 10.0.19045
CPU: (8) x64 Intel(R) Core(TM) i5-8300H CPU @ 2.30GHz
Memory: 1.06 GB / 7.86 GB
Binaries:
Node: 20.16.0 - C:\Program Files\nodejs\node.EXE
Yarn: 1.22.10 - ~\AppData\Roaming\npm\yarn.CMD
npm: 10.8.1 - C:\Program Files\nodejs\npm.CMD
pnpm: undefined - undefined
NPM Packages:
@aws-amplify/backend: 1.0.4
@aws-amplify/backend-cli: 1.1.1
aws-amplify: 6.5.0
aws-cdk: 2.149.0
aws-cdk-lib: 2.149.0
typescript: 5.5.3
AWS environment variables:
AWS_NODEJS_CONNECTION_REUSE_ENABLED = 1
AWS_SDK_LOAD_CONFIG = 1
AWS_STS_REGIONAL_ENDPOINTS = regional
No CDK environment variables
Description
Even after specifying field level authorization for all required fields, it says required fields missing field-level authorization rules: below is the schema file amplify/data/resource.ts
import { type ClientSchema, a, defineData } from "@aws-amplify/backend";
const schema = a.schema({
Comment: a.customType({
content: a
.string()
.required()
.authorization((allow) => [
allow.publicApiKey().to(["read"]),
allow.authenticated(),
]),
username: a
.string()
.required()
.authorization((allow) => [
allow.publicApiKey().to(["read"]),
allow.authenticated(),
]),
dp: a
.string()
.required()
.authorization((allow) => [
allow.publicApiKey().to(["read"]),
allow.authenticated(),
]),
dn: a
.string()
.required()
.authorization((allow) => [
allow.publicApiKey().to(["read"]),
allow.authenticated(),
]),
}),
Video: a
.model({
partitionKey: a
.string()
.required()
.authorization((allow) => [
allow.publicApiKey().to(["read"]),
allow.owner(),
]),
sortKey: a
.string()
.required()
.authorization((allow) => [
allow.publicApiKey().to(["read"]),
allow.owner(),
]), ////video title or username + uuidv1
type: a
.string()
.required()
.authorization((allow) => [
allow.publicApiKey().to(["read"]),
allow.owner(),
]), ///specify type to avoid confusion
category: a.string(), /// category which is partition key for video entry
debate: a.json().array(), ///debate of the video
description: a.string(), ///channel or video description
url: a.string(), ///video url
thumbnail: a.string(), ///video thumbnail
dp: a.string(), ///user dp can store in both cases,
comment: a
.ref("Comment")
.array()
.authorization((allow) => [
allow.publicApiKey().to(["read"]),
allow.authenticated(),
]), ///only in case of video
dn: a.string(), //display name
username: a.string(),
})
.identifier(["partitionKey", "sortKey"])
.authorization((allow) => [
// allow.publicApiKey(),
allow.publicApiKey().to(["read"]),
// Allow signed-in user to create, read, update,
// and delete their __OWN__ posts.
allow.owner(),
]),
});
export type Schema = ClientSchema<typeof schema>;
export const data = defineData({
schema,
authorizationModes: {
defaultAuthorizationMode: "apiKey",
// API Key is used for a.allow.public() rules
apiKeyAuthorizationMode: {
expiresInDays: 30,
},
},
});
The error from the terminal is as below:
Failed to instantiate data construct
Caused By: When using field-level authorization rules you need to add rules to all of the model's required fields with at least read permissions. Found model "Video" with required fields ["partitionKey","sortKey","type"] missing field-level authorization rules.\n\nFor more information visit https://docs.amplify.aws/ction-rules
