Tag: security

In this AWS AppSync Merged API – Best practices series, we cover important topics for developers, architects, and security engineers who are creating and managing AWS AppSync Merged and Source APIs. This multi-part series discusses best practices on schema composition, security, deployment and testing and subscriptions for Merged APIs. AWS AppSync offers Merged APIs, which […]

In a previous post, we explored how a public API Key for AWS AppSync provides a simple way of allowing access to resources, however, it does come with the following tradeoffs: Expiring after a certain amount of time. The key is passed on the x-api-key header of the request. Making it easy for bad actors […]

AWS AppSync is a managed GraphQL service offered by AWS. As a managed service, there are no servers to keep track of and scaling up and down due to traffic is automatically handled by AWS. In AppSync, there is no concept of a fully-public API. Every request must be protected by one of the following: […]

June 27, 2024: This blog post covers Amplify Gen 1. For new Amplify apps, we recommend using Amplify Gen 2. You can learn more about Gen 2 in our launch blog post. Note: The Amazon Cognito hosted UI (Web) does not support the custom authentication flow. According to the Gartner Group , 20% to 50% […]

This article was written by Brice Pellé, Principal Specialist Solutions Architect, AWS   AWS AppSync is a fully managed service that allows you to deploy Serverless GraphQL backends in the AWS cloud. With AppSync, you can have GraphQL backends that connect to multiple data sources, and that scale and grow with your usage. Whether you […]

This article was written by Brice Pellé, Principal Specialist Solutions Architect, AWS June 27, 2024: This blog post covers Amplify Gen 1. For new Amplify apps, we recommend using Amplify Gen 2. You can learn more about Gen 2 in our launch blog post. September 14, 2021: Amazon Elasticsearch Service has been renamed to Amazon […]