DEV Community

Cover image for Lessons learned: AWS AppSync Subscriptions

Lessons learned: AWS AppSync Subscriptions

Filip Pýrek on May 26, 2021

AWS AppSync AWS AppSync, simply said API Gateway for GraphQL since it allows you to connect your GraphQL schema to different data source...
Collapse
 
matiangul profile image
Mateusz Angulski • Edited

Thank you for the article, mostly for the point number 5 as most of the people here in the comments ;)

I have one comment though:

because it doesn't really matter what you return as an output for the resolver

that's no longer true. If in the subscription response mapping template your are returning something, eg $util.toJson($context.result) then it might block you from starting the connection. Changing it to $util.toJson(null) helped me to mitigate that issue.

Image description

Collapse
 
pavankumar_pamuru profile image
Pavankumar

Great Article..
Almost these all are not in the documentation.

If this is the case in 5th point. How the feature Enhanced Filters will work not able to find working of enhanced fitlers. Can anyone know this

Collapse
 
filippyrek profile image
Filip Pýrek

Hi there,

the article was written before existence of Enhanced Filters, so I'm not sure how exactly it behaves at the moment.

Maybe somebody else will be able to help. 🙂

Collapse
 
cyuste profile image
cyuste

Thank you very much, great article!

Collapse
 
filippyrek profile image
Filip Pýrek • Edited

Thanks, happy it helped! 🙌 😊

Collapse
 
bboure profile image
Benoît Bouré

Great article!

I learned all these the hard way too :)

I did not know about 5, I had never tried it. I also wonder if you can invoke a DynamoDB resolver too (I don't see why it would not work).

Apart from authorization, I think maybe a use case for that could be to log subscription requests or do something with them, if you wanted to do that for some reason.

Collapse
 
filippyrek profile image
Filip Pýrek

Thanks for the feedback @bboure ! 🙂
Yes, the 5th point was quite important for us, because we were trying to figure out how to handle authorization for the subscriptions.

Collapse
 
suzandev profile image
Sujan Tamang • Edited

I got this case where the mutation response is in nested structure but the arguments is flat.

Mutation Response:

{
  a: {
    b: "smth"
  }
}
Enter fullscreen mode Exit fullscreen mode

The Subscription:

subscription (b: "smth") {
  a {
    b
  }
}
Enter fullscreen mode Exit fullscreen mode
Collapse
 
dmitryame profile image
Dmitry Amelchenko

Filip, do you do anything special in your CDK stack file to enable graphQL subscription annotations? I'm kind of stuck, probably something stupid, but for me, the subscription never fires.
stackoverflow.com/questions/702773...

Collapse
 
filippyrek profile image
Filip Pýrek

Hi Dmitry, I don't use CDK for this so I can't tell you. But since the schema is being given to CloudFormation in a raw form [1] it should work out of the box. But maybe the CDK construct has some special (broken) inner mechanism for schema validation or something like that.


[1] docs.aws.amazon.com/AWSCloudFormat...

Collapse
 
davidlewisgardin profile image
david-lewis-gardin

I spent a couple of days wondering why my EventBridge rule wasn't triggering the AppSync mutation before I found out that while the documentation says "The AWS AppSync API must support IAM authorization to be used as an EventBridge target", what isn't clear is that IAM must be the primary authorisation mode, not an additional mode.

Collapse
 
alexvladut profile image
alex-vladut

Nice article @filippyrek , it's great that you put it together!
I would be curious if you have any in-depth article or reference on how you solved this problem of subscriptions being tightly coupled to the mutations by making use of local resolvers, like you're hinting in the beginning of the article:

(...) we discovered that they are tightly coupled with mutations.
We solved that problem by creating dummy mutations with pass-through lambda resolvers which can be invoked only by IAM users.
Later on we discovered "local resolvers" which can do the same job with no need for invoking lambda function.

Collapse
 
robertlevy profile image
Robert Levy

Has anyone ever ran into an issue where they have a frontend that subscribes successfully, receiving the startAck, but cannot ever receive data messages. The subscription works perfectly in the AWS console, but it's just silence in my app.

Collapse
 
mwallenberg profile image
MWallenberg

Number 5 is no longer true - at some point during late summer 2022 it must have been patched by AWS.

We set up a resolver to throw an exception if authorization failed. It worked for a month or two, but at some point the behavior changed such that the connection is established even when the exception is thrown.

Collapse
 
mwallenberg profile image
MWallenberg

After some more testing, it seems that the behavior changed when we enabled advanced filtering. After disabling advanced filtering, the resolver can once again be used to block access as the blog post describes.

So there's a gotcha - don't enable advanced filtering if you plan on using tip number 5.

Collapse
 
zachjonesnoel profile image
Jones Zachariah Noel

Hey Filip, beautifully put across. I was stuck on the 3rd and 4th point and learnt about it the hard way. This definitely helps out developers who are trying it for the first time.

Collapse
 
filippyrek profile image
Filip Pýrek

Thank you!

Collapse
 
hoanbk profile image
nguyenhoanrv

great article