By using AWS re:Post, you agree to the Terms of Use

Questions tagged with AWS AppSync

Sort by most recent
  • 1
  • 12 / page

Browse through the questions and answers listed below or filter and sort to narrow down your results.

AppSync can't connect to Cognito in eu-north-1

Hello AWS re:Post I have an AppSync API and a Cognito userpool in the region eu-north-1. Until last week, I've been authenticating my queries with the cognito pool. One day last week, I wake up and it doesn't work in the AppSync GUI. When I go to the API settings, it doesn't show any userpools for the selected region (eu-north-1). If I select another region and switch back to eu-north-1, I get an error message saying "Error: Network Failure" as seen on below screenshot: ![Enter image description here](/media/postImages/original/IMsi-hCA_NQ3KYeicLXYkQKw) I've tried the following things so far: Make a new cognito pool in eu-north-1 -> Doesn't work, can't see new pool either Make a new cognito pool in another region -> Works, can see this pool, but my stack and domains are set up on eu-north-1 Make a new AppSync API in eu-north-1 -> Doesn't work, still same error Make new AppSync API in another region -> Doesn't work, still same error This error has me stumbled. What can I possibly be doing wrong to get this result? Is there a connectivity problem between AppSync and Cognito on eu-north-1? At first (after the GUI problem appeared), I was still able to make queries to the API from external programs, authenticating with the cognito pool, but this obviously stopped working as soon as I started testing with other Cognito Pools since I have no way of selecting the original again. Let me know if I can provide any other relevant information Best regards, Alexander
0
answers
0
votes
16
views
asked 2 days ago

appsync graphql query fails with error type OpenSearch:UserIllegalArgumentException

we are trying to add an OpenSearch datasource to our existing AppSync setup. all other datasources for AppSync have been DynamDB up to this point is this error type indicating a problem with the resolver mapping templates or a problem re AppSync accessing OpenSearch ie misconfigured access policies? we are using the nodejs CDK to deploy via CodePipeline we have added an OpenSearch Domain, and it is being populated by a lambda listening for writes to a DynamoDB table - this part is working we have created an OpenSearch Datasource, and created a resolver using the following as request and response mapping templates ``` const requestTemplate = `{ "version":"2017-02-28", "operation":"GET", "path":"/id/shipments/_search", "params":{ "body":{ "from":0, "to": 20 } } }`; const responseTemplate = `{ "shipments": [ #foreach($entry in $context.result.hits.hits) #if( $velocityCount > 1 ) , #end $utils.toJson($entry.get("_source")) #end ], "total": -1 }`; const datasourceId = `ShipmentsListDatasource`; const datasource = new appsync.OpenSearchDataSource( this, getId(datasourceId, this.props), { domain: this.openSearchDomain, api: this.api, } ); datasource.createResolver({ typeName: GraphQLTypeName.Query, fieldName: "listShipments", requestMappingTemplate: appsync.MappingTemplate.fromString( requestTemplate ), responseMappingTemplate: appsync.MappingTemplate.fromString( responseTemplate ), }); ``` access to the OpenSearch domain has been configured like this ``` private configureOpenSearch() { const openSearchAppsyncRole = new iam.Role( this, "a-role-name-here", { assumedBy: new iam.ServicePrincipal("appsync.amazonaws.com"), } ); const lambdaPolicyStatement = new iam.PolicyStatement({ actions: ["es:*"], resources: [`${this.openSearchDomain.domainArn}/*`], principals: [new iam.ArnPrincipal(this.baseStack.lambdaRole.roleArn)], }); const rolePolicyStatement = new iam.PolicyStatement({ actions: ["es:*"], resources: [`${this.openSearchDomain.domainArn}/*`], effect: iam.Effect.ALLOW, notPrincipals: [openSearchAppsyncRole] }) this.openSearchDomain.addAccessPolicies(lambdaPolicyStatement, rolePolicyStatement); this.openSearchDomain.grantRead(openSearchAppsyncRole); this.openSearchDomain.grantIndexReadWrite( "id", this.shipmentsOpenSearchLambda ); } ``` any requests to the graphql endpoint for this particular query return the following ``` { "data": null, "errors": [{ "path": ["listShipments"], "data": null, "errorType": "OpenSearch:UserIllegalArgumentException", "errorInfo": null, "locations": [{ "line": 3, "column": 5, "sourceName": null }], "message": "OpenSearch responded with an error: Bad Request" }] } ```
0
answers
0
votes
29
views
asked a month ago
  • 1
  • 12 / page