I am not sure how to send signed http request do AppSync GraphQL endpoint. There is no library for do that in AWS.
aws-amplifydon’t work because works only in browser, not in Lambda function.aws-sdkfor AppSync is only for admin usage, it doesn’t have methods for call user side api
It is possible to make IAM signed HTTP request from AWS Lambda? (in some easy way)
Advertisement
Answer
i would recommend reading this article: Backend GraphQL: How to trigger an AWS AppSync mutation from AWS Lambda,
quoting the author, https://stackoverflow.com/users/1313441/adrian-hall, we’ve:
GraphQL is routed over HTTPS. That means we can simulate the GraphQL client libraries with a simple HTTPS POST. Since we are using IAM, we need to sign the request before we deliver it. Here is my code for this:
// ... more code here
// POST the GraphQL mutation to AWS AppSync using a signed connection
const uri = URL.parse(env.GRAPHQL_API);
const httpRequest = new AWS.HttpRequest(uri.href, env.REGION);
httpRequest.headers.host = uri.host;
httpRequest.headers['Content-Type'] = 'application/json';
httpRequest.method = 'POST';
httpRequest.body = JSON.stringify(post_body);
AWS.config.credentials.get(err => {
const signer = new AWS.Signers.V4(httpRequest, "appsync", true);
signer.addAuthorization(AWS.config.credentials, AWS.util.date.getDate());
const options = {
method: httpRequest.method,
body: httpRequest.body,
headers: httpRequest.headers
};
fetch(uri.href, options)
// ... more code here
I’ve been using it as a template for all my Lambda->AppSync communication!