Securing an AWS AppSync API with Amazon Cognito
Lab Steps
Ready for the real environment experience?
Description
AWS AppSync authorization is a crucial configuration as it defines which users or identities are allowed to access an API. An AppSync API can define access controls for the queries, mutations, subscriptions, and fields defined in the schema. AppSync supports several identity providers to suit different use cases, and even allows fine-grained access control at the resolver level.
In this lab, you will learn the five supported authorization types, and perform the configurations necessary to associate an AppSync API with an Amazon Cognito User Pool. You will also provide an additional layer of data protection by applying fine-grained access controls on API resolvers.
Learning objectives
Upon completion of this intermediate-level lab, you will be able to:
- Provide authorized access to an AWS AppSync API using an Amazon Cognito User Pool
- Apply fine-grained access control to AWS AppSync resolvers
Intended audiences
- Candidates for the AWS Certified Developer - Associate Certification
- Cloud Architects
- Software Engineers
- Serverless Developers
Prerequisites
Familiarity with the following will be beneficial but is not required:
- AWS AppSync
- GraphQL
- AWS DynamoDB
The following content can be used to fulfill the prerequisite:
Jun is a Cloud Labs Developer with previous experience as a Software Engineer and Cloud Developer. He holds the AWS Certified Solutions Architect and DevOps Engineer Professional certifications. He also holds the AWS Certified Solutions Architect, Developer, and SysOps Administrator Associate certifications.
Jun is focused on giving back to the growing cloud community by sharing his knowledge and experience with students and creating engaging content.