Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Not able to give separate permissions to queries that call lambdas #150

Closed
mguja-fcc opened this issue Oct 30, 2021 · 2 comments
Closed

Not able to give separate permissions to queries that call lambdas #150

mguja-fcc opened this issue Oct 30, 2021 · 2 comments
Labels
@auth question Further information is requested

Comments

@mguja-fcc
Copy link

mguja-fcc commented Oct 30, 2021
edited
Loading

Not able to give separate permissions to queries that call lambdas. For example, I have two queries and want to give separate permissions to. Query invokeLambda any logged in user should get access to but access to invokeGetGroups should be access only by Admins group. How can I accomplish this ? Now only Admins group gets access to both queries.

type Query {
  invokeLambda: String @function(name: "pythonLambda-${env}") 
  invokeGetGroups: String @function(name: "getGroups-${env}")
  @auth(
      rules: [
        { allow: groups, groups: ["Admins"] }
        ])
}

Amplify CLI version: 6.2.1
@mguja-fcc mguja-fcc added the question Further information is requested label Oct 30, 2021
@cjihrig cjihrig added the @auth label Oct 30, 2021
@GeorgeBellTMH
Copy link

I agree it would be great if @auth could be used with functions in graphql...but you can also just add the logic into the lambda itself until they develop things a bit more...for example: event.identity.claims["cognito:groups"].includes("admin")

@ammarkarachi ammarkarachi self-assigned this Nov 8, 2021
@alharris-at alharris-at transferred this issue from aws-amplify/amplify-cli May 17, 2022
@josefaidt
Copy link
Contributor

Closing due to age, @mguja-fcc if you are still experiencing this issue please reply back to this thread and we can re-open to investigate further 🙂

@josefaidt josefaidt closed this as not planned Won't fix, can't repro, duplicate, stale Aug 11, 2022
Siqi-Shan added a commit that referenced this issue Dec 10, 2024
@Siqi-Shan
chore: dependabot alert fix #150
71795f6
Siqi-Shan added a commit that referenced this issue Dec 10, 2024
@Siqi-Shan
chore: dependabot alert fix #150 (#3064)
e4d1691
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@auth question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@cjihrig @josefaidt @GeorgeBellTMH @mguja-fcc @ammarkarachi