#Query GraphQL from Lambda

Hi @half plume 👋

Can you explain a bit more what your use case is? You mentioned that the lambda is triggered on sign up. Is this a Cognito trigger such as Post Confirmation Trigger?

Are you trying to grant the lambda itself access to the graphql api? If so, you can do so by adding an auth rule to the model that allows IAM and updating the function with permissions to access the GraphQL API.

For more information, refer to our docs on Calling GraphQL API from a Lambda function:

https://docs.amplify.aws/guides/functions/graphql-from-lambda/q/platform/js/#iam-authorization

Hi @granite lodge Thank you for a quick reply! I appreciate your help.

You are right! It is one of my use cases where I have a lambda function triggered by Cognito's Pre sign-up Lambda trigger. Another use case is a function that runs periodically. In both cases, I need to update both tables, and given they are having owner within their respective @auth directives, I have to specify that the owner field is a string and populate it always manually. I am noit would change with AIM authentication.

My question is more general: what is the best option for a scenario where you need to update or create new entries in both tables from a lambda function? I need to use GraphQL, as I have subscriptions running in my front end. The only way I found working is to create a special user that is part of the Developers group that has the correct rights, and then from lambda function to sign in by using USER_PASSWORD_AUTH. Is there any other option? A better way?

Thank you!