Reputation: 3615
Query and Mutate GraphQL from Lambda function in AWS-Amplify using Cognito for auth
I created a GraphQL api via the amplify api add command and added the schema below. I'm using cognito for auth.
type User @model
@auth(rules: [{ allow: owner }]) {
id: ID!
videos: [Video!] @connection(keyName: "videosByUser", fields: ["id"])
adverts: [Advert] @connection(keyName:"advertsByUser", fields: ["id"])
}
type Video @model
@key(name: "videosByUser", fields: ["userId"])
@auth(rules: [{ allow: owner, operations: [create, update, delete] }]) {
id: ID!
title: String!
description: String!
size: Float!
length: Float!
hashMarks: [Float!]!
userId: ID!
# bidrectional connection, if needed
# user: User! @connection(fields: ["userId"])
adverts: [VideoAdverts!] @connection(keyName: "advertsByVideo", fields: ["id"])
streamingLink: AWSURL
}
type VideoAdverts @model(queries: null)
@key(name: "advertsByVideo", fields: ["videoId", "advertId"])
@key(name: "videosByAdvert", fields: ["advertId", "videoId"]) {
id: ID!
videoId: ID!
advertId: ID!
video: Video! @connection(fields: ["videoId"])
advert: Advert! @connection(fields: ["advertId"])
}
type Advert @model
@key(name: "advertsByUser", fields: ["userId"])
@auth(rules: [{ allow: owner, operations: [create, update, delete] }]) {
id: ID!
title: String!
description: String!
size: Float!
length: Float!
creatorId: ID!
# bidrectional connection, if needed
# creator: Creator! @connection(fields: ["creatorId"])
videos: [VideoAdverts!] @connection(keyName: "videosByAdvert", fields: ["id"])
blacklist: [AdvertBlacklist!] @connection(keyName: "blacklistByAdvert", fields: ["id"])
startDate: AWSDateTime
endDate: AWSDateTime
}
This is my first amplify project and I'm having trouble figuring out how to implement the following use cases:
- Use a lambda function to query data and return to a client.
- Use a cron triggered lambda function to make an API call and use a mutation to update some fields.
All I have found so far from googling involves using lambdas to interact with data added via the amplify storage add command.
A few other examples I found here on Stackoverflow do not use cognito for auth.
Looks like I will be able to use cloudwatch to trigger lambdas, and so my main problem now is how to actually query and mutate a GraphQL api from a lambda, using cognito for authentication. Any help would be super helpful, thanks :)
Upvotes: 3
Views: 1742
Answers (1)
Reputation: 31
The key to authenticating your Lambda functions to interact with your AppSync API is to configure multiple authentication methods. You are using Cognito for your front end application users, however, you do not want to use that for your Lambda function authentication. AppSync supports multiple authentications mechanisms for your API. In your case, you will want to add IAM as the second authentication mechanism.
You can do this from the Amplify CLI:
$ amplify update api
Scanning for plugins...
Plugin scan successful
? Please select from one of the below mentioned services: GraphQL
? Choose the default authorization type for the API Amazon Cognito User Pool
Use a Cognito user pool configured as a part of this project.
? Do you want to configure advanced settings for the GraphQL API Yes, I want
to make some additional changes.
? Configure additional auth types? Yes
? Choose the additional authorization types you want to configure for the API IAM
Upvotes: 3
Related Questions
- How to get the current user from a Lambda resolver in AWS Amplify (GraphQL api and NodeJS Lambda)?
- How to properly do a GraphQL update mutation from a nodejs function
- Amplify Auth.signIn() ClientMetadata not sent to Lambda Trigger
- AWS Amplify GraphQL CreateOrUpdate / Upsert mutation
- Data-specific Authorization with AWS Amplify & AWS Cognito
- Calling AWS AppSync GraphQL API mutation query from lambda
- Getting access to cognito user attributes from within Lambda
- AWS Amplify GraphQL Schema that is linked to Cognito User Pool
- How to invoke Lambda function with Amplify using GraphQL API?
- AWS Amplify GraphQL filter by dynamic Cognito User Group