In this webinar, Yan Cui and Lumigo Software Engineer Guy Moses will discuss some of the power of GraphQL and AppSync and why AppSync + Lambda + DynamoDB should be your stack of choice in 2021 and beyond!
28. GET https://myapp.com/user/1234
REST API
GET https://myapp.com/sports/football
GET https://myapp.com/sports/squash
…
GET https://myapp.com/user/1234/activities
Underfetching
n+1 requests
66. AppSync supports 5 data sources
DynamoDB RDS
(Aurora Serverless)
ElasticSearch
NoSQL
High performance
Infinite scale
Semi-schema’d
Simple queries
Relational Database
Complex queries
Search engine
Full-text search
Lambda
Function as a Service
Integrate with any
other services
87. Fully managed GraphQL service
Caching
Monitoring/Logging
Websockets
WAF
Direct integration with Lambda/DynamoDB/RDS/ElasticSearch
88. Fully managed GraphQL service
Caching
Monitoring/Logging
Websockets
WAF
Direct integration with Lambda/DynamoDB/RDS/ElasticSearch
auth: Cognito/AWS_IAM/API_KEY/OPENID_CONNECT
89. Fully managed service for REST and Websocket APIs
Caching
Monitoring/Logging
Websockets
WAF
API Gateway
90. Fully managed service for REST and Websocket APIs
Caching
Monitoring/Logging
Websockets
WAF
Direct integration with most AWS services
API Gateway
92. Fully managed service for REST and Websocket APIs
Caching
Monitoring/Logging
Websockets
WAF
Direct integration with most AWS services
auth: Cognito/AWS_IAM/API_KEY/OPENID_CONNECT/LAMBDA
API Gateway
93. Fully managed service for REST and Websocket APIs
Caching
Monitoring/Logging
Websockets
WAF
Direct integration with most AWS services
auth: Cognito/AWS_IAM/API_KEY/OPENID_CONNECT/LAMBDA
Custom domain names
API Gateway
94. Fully managed service for REST and Websocket APIs
Caching
Monitoring/Logging
Websockets
WAF
Direct integration with most AWS services
auth: Cognito/AWS_IAM/API_KEY/OPENID_CONNECT/LAMBDA
Custom domain names
Private endpoints
API Gateway
95. Fully managed service for REST and Websocket APIs
Caching
Monitoring/Logging
Websockets
WAF
Direct integration with most AWS services
auth: Cognito/AWS_IAM/API_KEY/OPENID_CONNECT/LAMBDA
Custom domain names
Private endpoints
Resource policies
API Gateway
96. Fully managed service for REST and Websocket APIs
Caching
Monitoring/Logging
Websockets
WAF
Direct integration with most AWS services
auth: Cognito/AWS_IAM/API_KEY/OPENID_CONNECT/LAMBDA
Custom domain names
Private endpoints
Resource policies
API Gateway
97. Fully managed service for REST and Websocket APIs
Caching
Monitoring/Logging
Websockets
WAF
Direct integration with most AWS services
auth: Cognito/AWS_IAM/API_KEY/OPENID_CONNECT/LAMBDA
Custom domain names
Private endpoints
Resource policies
API Gateway
102. 1. Assign IAM role to each group to control which endpoints a user can access
How to implement group-based authentication in API Gateway
103. 1. Assign IAM role to each group to control which endpoints a user can access
2. Assign precedence to each group
How to implement group-based authentication in API Gateway
104. 1. Assign IAM role to each group to control which endpoints a user can access
2. Assign precedence to each group
3. Use a Lambda authorizer to:
How to implement group-based authentication in API Gateway
105. 1. Assign IAM role to each group to control which endpoints a user can access
2. Assign precedence to each group
3. Use a Lambda authorizer to:
1. Verify user belongs to the Cognito user pool and fetch user’s details
How to implement group-based authentication in API Gateway
106. 1. Assign IAM role to each group to control which endpoints a user can access
2. Assign precedence to each group
3. Use a Lambda authorizer to:
1. Verify user belongs to the Cognito user pool and fetch user’s details
2. Pick a group based on precedence
How to implement group-based authentication in API Gateway
107. 1. Assign IAM role to each group to control which endpoints a user can access
2. Assign precedence to each group
3. Use a Lambda authorizer to:
1. Verify user belongs to the Cognito user pool and fetch user’s details
2. Pick a group based on precedence
3. Generate policy for user
How to implement group-based authentication in API Gateway
108. 1. Assign IAM role to each group to control which endpoints a user can access
2. Assign precedence to each group
3. Use a Lambda authorizer to:
1. Verify user belongs to the Cognito user pool and fetch user’s details
2. Pick a group based on precedence
3. Generate policy for user
How to implement group-based authentication in API Gateway
124. no support for broadcasts
(e.g. broadcasting to a million connected users equates to fetching 1M items
from DynamoDB and then make 1M API calls to API Gateway…)
157. What you need
What AppSync offers
AppSync features you
need to replicate
158. What you need
What AppSync offers
AppSync features you
need to replicate
Direct integration
with DynamoDB
159. What you need
What AppSync offers
AppSync features you
need to replicate
Direct integration
with DynamoDB
Direct integration
with ElasticSearch
160. What you need
What AppSync offers
AppSync features you
need to replicate
Direct integration
with DynamoDB
Direct integration
with ElasticSearch
Direct integration
with RDS
161. What you need
What AppSync offers
AppSync features you
need to replicate
Direct integration
with DynamoDB
Direct integration
with ElasticSearch
Direct integration
with RDS
Direct integration
with HTTP
162. What you need
What AppSync offers
AppSync features you
need to replicate
Direct integration
with DynamoDB
Direct integration
with ElasticSearch
Direct integration
with RDS
Direct integration
with HTTP
Caching
163. What you need
What AppSync offers
AppSync features you
need to replicate
Direct integration
with DynamoDB
Direct integration
with ElasticSearch
Direct integration
with RDS
Direct integration
with HTTP
Resolver logging
Caching
164. What you need
What AppSync offers
AppSync features you
need to replicate
Direct integration
with DynamoDB
Direct integration
with ElasticSearch
Direct integration
with RDS
Direct integration
with HTTP
Caching
Resolver logging
Group-based auth
with Cognito