AWS WAF ACL attached to Amazon AppSync GraphQL API

AWS WAF → AWS AppSync

Create an AppSync graphql API protected with WAF rules. This WebACL limits the requests to certain countries and protects against common graphql attacks.

This sample project demonstrates how to protect an AppSync Graphql API against attacks using WAF (Web Application Firewall) rules.

This pattern deploys a graphql API with DynamoDB resolvers, and a WAF web ACL with rules for protecting GraphQL APIs.

< Back to all patterns

Language:: TypeScript
Framework:: AWS SAM

Download this pattern (.zip)

View this pattern on GitHub

Clone repo

git clone https://github.com/aws-samples/serverless-patterns/cd serverless-patterns/waf-appsync-cdk

Deploy

cdk deploy --all

Testing

See the GitHub repo for detailed testing instructions.

Cleanup

Delete the stack: cdk destroy.

Additional resources

Using AWS WAF to protect your APIs

AWS WAF

Building WAF rules

AWS AppSync

Created by:

Harun Hasdal

Senior Solutions Architect @ AWS. Serverless advocate.

Follow on LinkedIn