AWS AppSync charges you for the # of GraphQL operations (each request could be a GraphQL query/mutation).
Is there a way to protect from malicious users that spam AppSync and GraphQL operations?
I.E., is it possible to limit the # of GraphQL operations per user (perhaps that every user has a quota).
Is it also possible to detect this type of user and ban them?
Asked
Active
Viewed 449 times
0
August Jelemson
- 962
- 1
- 10
- 29
1 Answers
2
You can use AWS WAF (Web Application Firewall). Rate based rules might be something that you can use.
Musa Çıbık
- 87
- 4
-
Is it possible to use AWS WAF Rate Based Rules with AWS AppSync? – August Jelemson Mar 09 '21 at 15:13
-
1Yes, it is possible. AWS WAF can be deployed on Amazon CloudFront, the Application Load Balancer (ALB), Amazon API Gateway, and AWS AppSync – Musa Çıbık Mar 09 '21 at 15:15