Securing an AWS AppSync API With Amazon Cognito

AWS AppSync authorization is a crucial configuration as it defines which users or identities are allowed to access an API. An AppSync API can define access controls for the queries, mutations, subscriptions, and fields defined in the schema. AppSync supports several identity providers to suit different use cases, and even allows fine-grained access control at the resolver level.

In this lab, you will learn the five supported authorization types, and perform the configurations necessary to associate an AppSync API with an Amazon Cognito User Pool. You will also provide an additional layer of data protection by applying fine-grained access controls on API resolvers.

Learning objectives

Upon completion of this intermediate-level lab, you will be able to:

• Provide authorized access to an AWS AppSync API using an Amazon Cognito User Pool
• Apply fine-grained access control to AWS AppSync resolvers

Intended audiences

• Candidates for the AWS Certified Developer - Associate Certification
• Cloud Architects
• Software Engineers
• Serverless Developers

Prerequisites

Familiarity with the following will be beneficial but is not required:

• AWS AppSync
• GraphQL
• AWS DynamoDB

The following content can be used to fulfill the prerequisite:

• Building a GraphQL API with AWS AppSync and DynamoDB
• Introduction to GraphQL
• Introduction to DynamoDB

Updates

July 7th, 2023 - Resolved intermittent deployment issue