AppSync

Group-based auth with AppSync Lambda authoriser

AWS AppSync added support for Lambda authorizers on 30th July 2021 and it made it much easier to implement group-based authorization with 3rd party identity services. Group-based auth with AppSync and Cognito I previously wrote about how you can secure multi-tenant applications with AppSync and Cognito. Where you can use custom attributes to capture the tenant …

Group-based auth with AppSync Lambda authoriser Read More »

How to handle client errors gracefully with AppSync and Lambda

With API Gateway and Lambda, you can handle client errors gracefully by returning a 4xx response. module.exports.handler = async (event) => { // run validation logic return { statusCode: 400 } } This way, we can communicate clearly to the client that there’s a problem with its request. It also lets the Lambda invocation complete …

How to handle client errors gracefully with AppSync and Lambda Read More »

Building a custom IAM system has made me appreciate AWS IAM even more

In the last post I discussed my preferred approach for modelling multi-tenant applications with AppSync and Cognito. This approach supports the common requirements in these applications, where there are a number of distinct roles within each tenant. This approach (and others like it) works great when the tenants are isolated. But what if they are …

Building a custom IAM system has made me appreciate AWS IAM even more Read More »

How to model one-to-many relationships with AppSync and DynamoDB

Thank you to Josh for asking this question on the AppSync Masterclass forum. His original question goes like this: Let’s say I want to add a one-to-many relationship from Profile to a new property called “Tag” (a complex object with “name” and “color” properties) so a user can define their own Tags. I would also like a …

How to model one-to-many relationships with AppSync and DynamoDB Read More »

How to secure multi-tenant applications with AppSync and Cognito

One of the most common questions I get is “How do I build a multi-tenant application with AppSync and Cognito?”. If you google this topic on the internet you will no doubt come across many different opinions. It’s a topic that we’ll soon explore in the AppSync Masterclass but I want to take this opportunity …

How to secure multi-tenant applications with AppSync and Cognito Read More »

How I built a social network in 4 weeks with GraphQL and serverless

I have been involved with a client project to help the client launch a new social network for university students to engage with each other to do sports. Amongst other things, users can: Arrange activities and ask to join others’ activities (like a basketball match or to run in the park). There’s private messaging. Users …

How I built a social network in 4 weeks with GraphQL and serverless Read More »

AppSync Masterclass is open for early access!

I have some exciting news to share with you. That after some initial delays, the AppSync Masterclass is now open for Early Access with 40% launch discount. First of all, thank you so much for your patience, it’s taken us a bit longer than we expected but we’re here, at last. You can purchase the …

AppSync Masterclass is open for early access! Read More »

How to set up custom domain names for AppSync

I previously wrote about five reasons you should consider AppSync over API Gateway. One thing that API Gateway supports but you can’t do with AppSync out-of-the-box yet is custom domain names. Your shiny new AppSync API is available at XYZ.appsync-api.us-east-1.amazonaws.com/graphql, but you really want people to use your own domain instead because dev.example.com/graphql is much …

How to set up custom domain names for AppSync Read More »

How to model hierarchical access with AppSync

I have been working with a US client to build a first-of-its-kind app for managing medical consents. It falls under HIPAA compliance and it’s paramount that we do not allow unauthorized access to user data. As part of the app, we have built an admin tool that will be used by admin staff from the …

How to model hierarchical access with AppSync Read More »

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close