This update includes incremental changes to incorporate AppSync's new features to best practices along with some general housekeeping.
The biggest change is the rewrite of the RDS chapter to use the new tagged templates which is now the recommended (and actually useful) way to integrate with an RDS data source. It took a few years for AppSync to reach this point, but now it's actually capable to interact with relational databases in a developer-friendly way.
A smaller change is that enhanced filtering now supports nested fields. My first thought was that it deprecates my recommendation to have a separate type for subscription events but then I realized that it does not change much. I added a chapter instead on why it's still important.
A small change is that since AppSync now supports disabling the introspection queries there is no need to add WAF for that. Now there is a note saying this in the WAF chapter.
In the housekeeping side, I updated the appsync-subscription-observable library so that it now comes with types and provenance.
Finally, a good amount of typos that were reported are now fixed. If you see a mistake, please let me know!
Finally, AppSync added support to using the JavaScript runtime in unit resolvers so I could remove all the notes saying that it's not supported. I'm still undecided whether I should refactor the existing examples where a 1-step pipeline was needed because of lack of support for JavaScript. On one hand, a unit resolver is smaller: only a single resource, instead of 2. On the other hand, adding a pipeline does not make the code harder to read as the resolver function works like a unit resolver.
Moreover, I realized that the file handling example code did not deploy. I fixed the deployment, made some tweaks to it, and also fixed a client-side error.
The URL of the book changed to be on the www subdomain. This is to make the infrastructure a bit simpler, after spending countless hours fighting with various limitations on the domain apex. Currently, the domain is registered on Cloudflare but I wanted to move the authoritative name server to Route 53. Well, it turned out that it is not possible in the free tier, but there are no restrictions on subdomains. Browsers generally don't show the www part, so the perceived URL will be the same.
There is a page rule that automatically redirects to the new subdomain, and everything works as before. You'll need to enter your license key again (sorry about that!), but otherwise there are no changes in functionality.
Content-wise, there are some minor refactoring here and there, but nothing significant.
I recently witnessed a security incident where the Cognito JWT tokens appeared in the logs for a Lambda function. After some investigation, the root cause was uncovered: an AppSync API called the Lambda with the full resolver context and for debugging the function logged the event object.
This was surprising to me. With full resolver logging AppSync outputs the context but that does not contain any sensitive values. What happens is that from its own logs AppSync removes the HTTP request property but it is still available to the resolvers. As a result, anything that logs the full context object exposes the authorization header.
Read more in the Request property chapter.
I'm happy to announce that the book has now reached 1.0!
This means it is content complete and contains everything I wanted to include in it. It does not mean it can not be extended, but I don't plan to include any major topics that is not already included. It is more than 650 pages long (the PDF version) and includes 25 downloadable code repositories.
It was a long ride. The first commit dates back to Dec 1, 2021, which means I've been working on it on and off for 18 months. There were some major rewrites, the most notable when AppSync started supporting Javascript resolvers. That single feature warranted an almost complete rework of one third of the existing content.
In the end, I included more then I initially planned. I wanted to focus exclusively on the backend, i.e. how to write and deploy an AppSync API and keep the client-side out-of-scope. Then at some point I realized that there are unique challenges on the API consumer side that are important enough to include in the book.
And what about the future? I'll keep the contents up-to-date whenever something worthwile is coming, though I don't expect that AppSync gets big new features in the near future, more like small and niche updates.
A list of new and updated chapters from the changelog:
The book is now updated with several new chapters, and you can access the content right now on the webpage and you can download the PDF and Epub versions from there as well.
There are a lot of new topics covered, even a few extra that I originally did not want to include but then realized they are too important to skip, such as the client-side chapters.
The current version covers all chapters I wanted to include in the book, the only missing thing is a bigger example application with a step-by-step walkthrough on how to write a realistic AppSync app from the ground up. When that's ready, I'll call the book content complete :)
A list of new and updated chapters from the changelog:
I've just pushed the biggest update to date to the book, and you can access the content right now on the webpage and you can download the PDF and Epub versions from there as well.
AppSync added support to Javascript resolvers a few months ago and I realized it's a huge improvement on the best practices for AppSync development. Originally, only VTL was available and it was terrible. Most of the programming errors and complications were due to using a templating language to generate JSON.
Then Javascript became an option and I started thinking if it could replace VTL entirely. As it turns out, while they are not equivalent, the new runtime is sufficient to handle almost everything. As I believe anybody who is learning AppSync should concentrate only on the Javascript runtime, I removed VTL and rewrote all examples and instructions in JS. This affected around 1/3 of the book.
The new runtime is slowly getting features to bridge the gap between JS and VTL and I'm monitoring the tickets closely. I'll rewrite the workarounds presented in the book when they will no longer be necessary. But even in its current state using Javascript makes development much easier and familiar.
From the changelog:
I've just pushed an update to the book with new chapters, and you can download the updated book right now.
This is one of the bigger updates with a ton of new content.
There are new chapters, and you can download the updated book right now.
What's changed?
And please let me know if you have any issues with accessing the website, the PDF, or the Epub. The whole system is still new and there might be rough edges.
I've just pushed the biggest update to the book :) There are some new chapters (see the end of this post) but most importantly this changes how you can access the book.
(1) Gumroad now generates a license key for you. Find it in the Library/Product's download page, on this link, or send me a mail and I'll help figuring it out.
(2) Then go here: https://www.graphql-on-aws-appsync-book.com/_members/ and enter the key. Congratulations, you now have full access to the web version and you can download the PDF and the Epub from there.
Why the change?
The book is now more than 250 pages long and I realized that a PDF or even an Epub is not the best format. I found myself using it as a reference in a browser tab more and more, and that is super convenient. So with this change I'm promoting the web version as a first-class format.
Of course, you can still download the PDF and the Epub from the website if you prefer those.
And what's new in the contents?
I hope you find these changes useful, and please let me know if you have any problems accessing the contents! It's a big change under the hood, so there might be edge cases.
There are new chapters, and you can download the updated book right now.
What's changed?
There are new chapters, and you can download the updated book right now.
What's changed?
There are new chapters, and you can download the updated book right now.
What's changed?