---
AWSTemplateFormatVersion: "2010-09-09"
Description: AWS AppSync API and Schema

Parameters:
  APIName:
    Type: String
    Description: "Name of the API, to generate names for resources"
    MinLength: 3
    MaxLength: 20
    AllowedPattern: '^[a-zA-Z][a-zA-Z0-9_]*$'
  DynamoDBUserTableName:
    Type: String
    Description: "User table name"
  DynamoDBUserTableArn:
    Type: String
    Description: "User table ARN"
  DynamoDBActivityTableName:
    Type: String
    Description: "Activity table name"
  DynamoDBActivityTableArn:
    Type: String
    Description: "Activity table ARN"
  DynamoDBActivityCategoryTableName:
    Type: String
    Description: "Activity category table name"
  DynamoDBActivityCategoryTableArn:
    Type: String
    Description: "Activity category table ARN"
  DynamoDBUserCaloriesAggTableName:
    Type: String
    Description: "User calories aggregate table name"
  DynamoDBUserCaloriesAggTableArn:
    Type: String
    Description: "User calories aggregate table ARN"
  GraphQlSchemaS3DescriptionLocation:
    Type: String
    Description: "GraphQL Schema file S3 location (e.g. s3://mybucket/schema.graphql)"

Resources:
  AppSyncApi:
    Type: "AWS::AppSync::GraphQLApi"
    Description: "The GraphQL API for the Calories tracker App"
    Properties:
      AuthenticationType: "API_KEY"
      Name: !Sub ${APIName}

  AppSyncApiKey:
    Type: "AWS::AppSync::ApiKey"
    Properties:
      Description: "Api key for app sync api"
      ApiId: !GetAtt 'AppSyncApi.ApiId'

  AppSyncSchema:
    Type: "AWS::AppSync::GraphQLSchema"
    Description: Calorie tracker app GraphQL Schema
    Properties:
      ApiId: !GetAtt AppSyncApi.ApiId
      DefinitionS3Location: !Sub ${GraphQlSchemaS3DescriptionLocation}

  AppSyncUserTableDataSource:
    Type: "AWS::AppSync::DataSource"
    Properties:
      ApiId: !GetAtt AppSyncApi.ApiId
      Name: !Ref DynamoDBUserTableName
      Description: "The User Table AppSync Data Source"
      Type: AMAZON_DYNAMODB
      ServiceRoleArn: !GetAtt DynamoDBRole.Arn
      DynamoDBConfig:
        TableName: !Sub ${DynamoDBUserTableName}
        AwsRegion: !Sub ${AWS::Region}

  AppSyncActivityTableDataSource:
    Type: "AWS::AppSync::DataSource"
    Properties:
      ApiId: !GetAtt AppSyncApi.ApiId
      Name: !Ref DynamoDBActivityTableName
      Description: "The Activity Table AppSync Data Source"
      Type: AMAZON_DYNAMODB
      ServiceRoleArn: !GetAtt DynamoDBRole.Arn
      DynamoDBConfig:
        TableName: !Sub ${DynamoDBActivityTableName}
        AwsRegion: !Sub ${AWS::Region}
  
  AppSyncActivityCategoryTableDataSource:
    Type: "AWS::AppSync::DataSource"
    Properties:
      ApiId: !GetAtt AppSyncApi.ApiId
      Name: !Ref DynamoDBActivityCategoryTableName
      Description: "The Activity category table AppSync Data Source"
      Type: AMAZON_DYNAMODB
      ServiceRoleArn: !GetAtt DynamoDBRole.Arn
      DynamoDBConfig:
        TableName: !Sub ${DynamoDBActivityCategoryTableName}
        AwsRegion: !Sub ${AWS::Region}

  AppSyncUserCalAggTableDataSource:
    Type: "AWS::AppSync::DataSource"
    Properties:
      ApiId: !GetAtt AppSyncApi.ApiId
      Name: !Ref DynamoDBUserCaloriesAggTableName
      Description: "The Activity Table AppSync Data Source"
      Type: AMAZON_DYNAMODB
      ServiceRoleArn: !GetAtt DynamoDBRole.Arn
      DynamoDBConfig:
        TableName: !Sub ${DynamoDBUserCaloriesAggTableName}
        AwsRegion: !Sub ${AWS::Region}

  DynamoDBRole:
    Type: AWS::IAM::Role
    Properties:
      RoleName: !Sub ${APIName}-appsync-dynamodb-role
      ManagedPolicyArns:
        - Ref: AppSyncDynamoDBPolicy
      AssumeRolePolicyDocument:
        Version: 2012-10-17
        Statement:
          - Effect: Allow
            Action:
              - sts:AssumeRole
            Principal:
              Service:
                - appsync.amazonaws.com
    DependsOn:
      - AppSyncDynamoDBPolicy

  AppSyncDynamoDBPolicy:
    Type: AWS::IAM::ManagedPolicy
    Properties:
      Description: Managed policy to allow AWS AppSync to access the tables.
      Path: /appsync/
      PolicyDocument:
        Version: 2012-10-17
        Statement:
          - Effect: Allow
            Action:
              - dynamodb:GetItem
              - dynamodb:PutItem
              - dynamodb:DeleteItem
              - dynamodb:UpdateItem
              - dynamodb:Query
              - dynamodb:Scan
              - dynamodb:BatchGetItem
              - dynamodb:BatchWriteItem
            Resource:
              - !Join ['', [ !Ref DynamoDBUserTableArn ]]
              - !Join ['', [ !Ref DynamoDBUserTableArn, '/*' ]]
              - !Join ['', [ !Ref DynamoDBActivityTableArn ]]
              - !Join ['', [ !Ref DynamoDBActivityTableArn, '/*' ]]
              - !Join ['', [ !Ref DynamoDBActivityCategoryTableArn ]]
              - !Join ['', [ !Ref DynamoDBActivityCategoryTableArn, '/*' ]]
              - !Join ['', [ !Ref DynamoDBUserCaloriesAggTableArn ]]
              - !Join ['', [ !Ref DynamoDBUserCaloriesAggTableArn, '/*' ]]

Outputs:
  AppSyncApiId:
    Value: !GetAtt 'AppSyncApi.ApiId'
    Description: AppSync api id
  AppSyncUserTableDataSourceName:
    Value: !GetAtt 'AppSyncUserTableDataSource.Name'
    Description: AppSync User table data source name
  AppSyncActivityTableDataSourceName:
    Value: !GetAtt 'AppSyncActivityTableDataSource.Name'
    Description: AppSync Activity table data source name
  AppSyncActivityCategoryTableDataSourceName:
    Value: !GetAtt 'AppSyncActivityCategoryTableDataSource.Name'
    Description: AppSync Activity category table data source name
  AppSyncUserAggTableDataSourceName:
    Value: !GetAtt 'AppSyncUserCalAggTableDataSource.Name'
    Description: AppSync User calorie aggregate table data source name