amazon-web-services - AWS Amplify API - Prevent public read access for field
问题描述
Problem
I created a GraphQL API with AWS Amplify that has both Cognito User Pools and IAM authentication. I want unauthenticated users to read a majority of the fields on the book model (e.g. title, description, etc.) but I want some fields to be limited to authenticated users (e.g. chapters).
However, since the providers are different (Cognito vs. IAM) the unauthenticated users are able to read every field regardless of group field level auth rules.
Question
How can I prevent public read access for certain fields while allowing it for other fields?
Schema
type Book
@model
@searchable
@auth(
rules: [
{allow: public, provider: iam, operations: [read]},
{allow: groups, groups: ["Customer"], operations: [read]},
{allow: groups, groups: ["Admin"], operations: [create, read, update, delete]}
]
)
{
id: ID!
title: String!
description: String!
chapters: [Chapter!]
@auth(rules: [
{allow: groups, groups: ["Customer"], operations: [read]},
{allow: groups, groups: ["Admin"], operations: [create, read, update, delete]}
])
}
解决方案
推荐阅读
- vue.js - VueJS:动态更改 SCSS 变量颜色或动态导入 scss 文件
- spring - RestController 方法没有被调用
- gnuplot - 如何在gnuplot中使用列头的子字符串?
- git - git stash -u 将未跟踪的文件留在工作目录中
- python - 如何使用 python boto3 从多个 AWS 账户生成 EC2 库存
- php - 使用 PHP Mysql Flutter 用户特定的推送通知
- node.js - 我们可以使用 node.js 从 Apache solr 获取数据到我们的网站吗?
- android - Flutter:无法加载资产图像提供者:AssetImage(bundle:null,名称:“assets/images/rose.jpg”)
- reactjs - TypeScript React 功能组件 - 缺少类型“元素”的以下属性:类型、道具、键错误
- python - gRPC 和断管