🆕 Video Course Out Now: Rapid Docker on AWS

Calling AppSync GraphQL from Lambda

Michael Wittig – 26 Jul 2019 (updated 23 Aug 2019)

AWS AppSync provides an easy way to run a GraphQL API that triggers AWS Lambda functions and other AWS services. If you start with AppSync, you likely have existing systems running next to it. Sooner or later, you want to call the GraphQL API from your Lambda function (Node.js). For example, to trigger an AppSync subscription from another system.

Calling AppSync GraphQL from Lambda

To do so, you need:

  1. A GraphQL client library
  2. Authentication
  3. Send your GraphQL request to the AppSync endpoint

Let’s walk through the steps.

Installing the library dependencies

The easiest way to talk to an AppSync GraphQL API is by using the aws-appsync package which wraps the apollo GraphQL client package. The libraries assume that they run in a browser environment where the Fetch API is available. The package cross-fetch provides a polyfill to bring The Fetch API to Node.js environments as well. The package graphql-tag is used to parse a GraphQL query.

npm i aws-appsync@1.8.1
npm i cross-fetch@3.0.4
npm i graphql-tag@2.10.1

Creating a client with authentication

AppSync supports multiple authentication types. If your API uses AWS_IAM, you are all fine. If not:

Cover of Amazon Web Services in Action

Level up, strengthen your AWS skills.

Our book Amazon Web Services in Action is a comprehensive introduction to computing, storing, and networking in the AWS cloud. You'll find clear, relevant coverage of all the essential AWS services, emphasizing best practices for security, high availability, and scalability. Get the first chapter for free!

  1. In your AppSync Api Settings, go to Additional auth providers and add AWS_IAM
  2. Add the schema directive @aws_iam to the mutation like this
type Mutation {
# used internally to trigger the subscription
test(value: String!): String
@aws_iam
}

In your JavaScript code, create a client object:

const appsync = require('aws-appsync');
const gql = require('graphql-tag');
require('cross-fetch/polyfill');

const graphqlClient = new appsync.AWSAppSyncClient({
url: 'APPSYNC_ENDPOINT_URL',
region: process.env.AWS_REGION,
auth: {
type: 'AWS_IAM',
credentials: {
accessKeyId: process.env.AWS_ACCESS_KEY_ID,
secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY,
sessionToken: process.env.AWS_SESSION_TOKEN
}
},
disableOffline: true
});

Now, you are ready to send your GraphQL request to the AppSync endpoint

Sending your GraphQL request to the AppSync endpoint

Finally, you create your GraphQL query and send it to the endpoint.

const mutation = gql`mutation Test($value: String!) {
test(value: $value)
}`;
await graphqlClient.mutate({
mutation,
variables: {
value: 'test'
}
});

Keep in mind that your Lambda function needs the following permission to invoke the AppSync API endpoint (replace REGION with the region identifier and AWS_ACCOUNT_ID with the AWS account id):

{
"Effect": "Allow",
"Action": "appsync:GraphQL",
"Resource": "arn:aws:appsync:REGION:ACCOUNT_ID:apis/API_ID/types/Mutation/fields/test"
}

Summary

Invoking a AppSync GraphQL API endpoint from Lambda requires a few tricks. A typical use case for calling an AppSync API from a Lambda function is to trigger a subscription from an external system.

Michael Wittig

Michael Wittig

I’m an independent consultant, technical writer, and programming founder. All these activities have to do with AWS. I’m writing this blog and all other projects together with my brother Andreas.

In 2009, we joined the same company as software developers. Three years later, we were looking for a way to deploy our software—an online banking platform—in an agile way. We got excited about the possibilities in the cloud and the DevOps movement. It’s no wonder we ended up migrating the whole infrastructure of Tullius Walden Bank to AWS. This was a first in the finance industry, at least in Germany! Since 2015, we have accelerated the cloud journeys of startups, mid-sized companies, and enterprises. We have penned books like Amazon Web Services in Action and Rapid Docker on AWS, we regularly update our blog, and we are contributing to the Open Source community. Besides running a 2-headed consultancy, we are entrepreneurs building Software-as-a-Service products.

We are available for projects.

You can contact me via Email, Twitter, and LinkedIn.

Briefcase icon
Hire me