Posted On: Jul 8, 2021
With today’s release, Amplify DataStore now supports multiple authorization modes, making it easy for developers to control how their users can access app data. DataStore provides frontend app developers the ability to build real-time apps with offline capabilities by storing data on-device (web browser or mobile device) and automatically synchronizing data to the cloud and across devices on an internet connection. Customers can configure authorization rules visually using Amplify Admin UI or by editing a GraphQL schema file using the Amplify CLI.
With Amplify DataStore, you can define different role-based authorization rules per data model - ‘who’ can access ‘what’ app data. The new authorization capabilities allow you to mix and match data access rules for anyone, any signed-in user, specific users, and user groups. For example, in a blog app, users who visits the app can read posts, but only users part of the “Writers” group have permission to create and update blog posts.