amplify-cli: Ability to add DynamoDB triggers via amplify add function

Is it possible to make an existing function trigger from DynamoDB with amplify function update, or can I only do that when I create the function?

It would be nice if we could have an @trigger directive that works like the @function directive.

Also have this issue. It seems like creating a Lambda function doesn’t recognize the DynamoDB backend created when using amplify add api and you choose graphql.

I would second this request… the ability to configure a lambda to trigger based on Dynamo or Cognito or even SQS.

Hey guys, we released this functionality in the latest version of our CLI - 4.16.1. This was merged as a part of this PR - #2463

Update: If the DynamoDB created by amplify add api would be displayed in amplify-meta.json you could access it via the environment variables in the CloudFormation template (similar to how env and <you-appsync-api>GraphQLAPIIdOutput is accessed in "Parameters").

Until that is the case or until you can choose your existing DynamoDB in the Amplify prompts, here is a manual workaround:

Add you parameters (note AVOID COMMITTING THESE TO GIT, or use fake):

	"Parameters": {
		"env": {
			"Type": "String"
		},
		"storagetododynamoName": {
			"Type": "String",
			"Default": "<your-db-name>"
		},
		"storagetododynamoArn": {
			"Type": "String",
			"Default": "<your-db-arn>"
		}
	},

Append the policies manually which would be automatically generated for you:

"lambdaexecutionpolicy": {
    "DependsOn": ["LambdaExecutionRole"],
    "Type": "AWS::IAM::Policy",
    "Properties": {
    "PolicyName": "lambda-execution-policy",
    "Roles": [{ "Ref": "LambdaExecutionRole" }],
    "PolicyDocument": {
        "Version": "2012-10-17",
        "Statement": [
        {
            "Effect": "Allow",
            "Action": [
            "logs:CreateLogGroup",
            "logs:CreateLogStream",
            "logs:PutLogEvents"
            ],
            "Resource": {
            "Fn::Sub": [
                "arn:aws:logs:${region}:${account}:log-group:/aws/lambda/${lambda}:log-stream:*",
                {
                "region": { "Ref": "AWS::Region" },
                "account": { "Ref": "AWS::AccountId" },
                "lambda": { "Ref": "LambdaFunction" }
                }
            ]
            }
        },
        {
            "Effect": "Allow",
            "Action": [
            "dynamodb:GetItem",
            "dynamodb:Query",
            "dynamodb:Scan",
            "dynamodb:PutItem",
            "dynamodb:UpdateItem",
            "dynamodb:DeleteItem"
            ],
            "Resource": [{ "Ref": "storage<your-db-name>dynamoArn" }]
        }
        ]
    }
    }
},
"AmplifyResourcesPolicy": {
    "DependsOn": ["LambdaExecutionRole"],
    "Type": "AWS::IAM::Policy",
    "Properties": {
    "PolicyName": "amplify-lambda-execution-policy",
    "Roles": [{ "Ref": "LambdaExecutionRole" }],
    "PolicyDocument": {
        "Version": "2012-10-17",
        "Statement": [
        {
            "Effect": "Allow",
            "Action": [
            "dynamodb:Put*",
            "dynamodb:Create*",
            "dynamodb:BatchWriteItem",
            "dynamodb:Get*",
            "dynamodb:BatchGetItem",
            "dynamodb:List*",
            "dynamodb:Describe*",
            "dynamodb:Scan",
            "dynamodb:Query",
            "dynamodb:Update*",
            "dynamodb:RestoreTable*",
            "dynamodb:Delete*"
            ],
            "Resource": [{ "Ref": "storage<your-db-name>dynamoArn" }]
        }
        ]
    }
    }
}

If you used fake parameters, visit your Lambda function in your Lambda console and add the environment variables (storage<your-db-name>dynamoName and storage<your-db-name>dynamoArn) after you pushed the function (it will overwrite any existing variables). That way you can use you DynamoDB as if you had chosen CRUD function for Amazon DynamoDB table (Integration with Amazon API Gateway and Amazon DynamoDB) in amplify add auth.

Steps to reproduce:

> amplify function add
Using service: Lambda, provided by: awscloudformation
? Provide a friendly name for your resource to be used as a label for this category in the project: myfunction
? Provide the AWS Lambda function name: myfunction
? Choose the function template that you want to use: CRUD function for Amazon DynamoDB table (Integra
tion with Amazon API Gateway and Amazon DynamoDB)
? Choose a DynamoDB data source option Use DynamoDB table configured in the current Amplify project
There are no DynamoDB resources configured in your project currently

Have configured API backed by DynamoDB.

Any updates to this? It seems that the tutorial in the announcement is using two tables - one from the graphql.schema with @model directive and one from the storage

https://aws.amazon.com/de/blogs/mobile/amplify-framework-adds-support-for-aws-lambda-functions-and-amazon-dynamodb-custom-indexes-in-graphql-schemas/#

I think you can add the function then go to the DynamoDB table, go to “Triggers” and click “Create trigger” and add the trigger manually to that existing function.

any updates on this? the cli will only generates policies for the appsync, we need the policies for dynamodb like this:

        {
            "Effect": "Allow",
            "Action": [
            "dynamodb:GetItem",
            "dynamodb:Query",
            "dynamodb:Scan",
            "dynamodb:PutItem",
            "dynamodb:UpdateItem",
            "dynamodb:DeleteItem"
            ],
            "Resource": [{ "Ref": "storage<your-db-name>dynamoArn" }]
        }

@Buder This is actually something I am looking into right now, you can add a trigger through the DynamoDB console and create a lambda function or use an existing lambda function for that trigger, choosing the create a new function didn’t work for me so I created one manually and I needed to add the correct policies to that function’s role so that it will work with the dynamo trigger (dynamo will tell you what roles to add).