aws-appsync-community icon indicating copy to clipboard operation
aws-appsync-community copied to clipboard

Published 20 hours ago verified publisher icon aws

Feature request: $util functions to generate signed S3 URL's

Open stickystyle opened this issue 5 years ago • 16 comments

I currently have an API that manages a lot of files stored in S3, with the file metadata stored in a DBD table. It would be nice if there was a VTL mapping template $util function that could generate a pre-signed URL for an S3 object right in the template. Currently, one has to create a lambda function that will generate these URL's, and thus incur the lambda startup time and billing. It would seem like a simple thing to add as the generation of the URL doesn't require any network requests, it just needs to generate the signature.

stickystyle avatar Apr 29 '19 20:04 stickystyle

Thank you for your interest in AppSync. I will bring your request to the team.

vlekakis avatar Apr 29 '19 23:04 vlekakis

This would be a HUGE win for AppSync as it would perfectly fill the file uploads void in GraphQL using a proper and proven cloud native architecture. 100ms Lambda bill time makes using a Lambda to sign a URL (or even a large array of signed URL's) a costly operation. While you could offset that cost by writing a simple containerized S3 URL signing service, that requires fronting access to the containers via API Gateway and only public API endpoints are supported by AppSync (unless that has changed?) which means there's no way to enforce authentication/authorization at the gateway level (still unsure whether passing through a JWT from AppSync to an API Gateway-fronted backend is a supported operation allowing OAuth 2 authentication/authorization at the service level.)

This single signed S3 URL $util function would completely eliminate the need for any and all of this.

mdavid avatar Apr 01 '20 03:04 mdavid

@vlekakis Is there any update on this?

Pruxis avatar Aug 12 '20 14:08 Pruxis

Is there any update on this?

ben-elsen avatar Feb 11 '21 12:02 ben-elsen

@vlekakis Have there been any updates/development on this feature in the past 2 years? As already written in this issue, it would increase the use-cases of AppSync a lot.

calii23 avatar Apr 24 '21 11:04 calii23

Any updates on this? This would be definitely really handy.

vastamaki avatar Aug 26 '21 12:08 vastamaki

This missing feature is the only reason my read-only AppSync queries need to invoke lambda, seems like an huge missing link between two of AWS's most prominent services.

atomos avatar Aug 26 '21 19:08 atomos

@vlekakis Any updates/development on this? it has been several years and this would really make a large impact to many developers.

AlexHartford avatar Jan 27 '22 21:01 AlexHartford

👍

MainAero avatar Feb 11 '22 19:02 MainAero

+1

raphaelfavier avatar Apr 19 '22 19:04 raphaelfavier

I'd also like to see this implemented. Has there been any activity on this?

kierancrown avatar Aug 17 '22 14:08 kierancrown

Would be a great improvement ! Has anyone found a way to do this without a lambda ?

aleguern avatar Aug 24 '22 05:08 aleguern

still open and unaddressed after 3 years?! cmon. There is a clear need for this functionality, please address ASAP.

statmatt avatar Sep 29 '22 14:09 statmatt

+1

orekav avatar Nov 25 '23 18:11 orekav

+1

Akm-mt avatar Jan 25 '24 10:01 Akm-mt

It would be great!

ilfoxo avatar Jan 29 '24 00:01 ilfoxo