A Bird’s Eye View on GraphQL and AWS AppSync

Giulia Busnelli
Jul 29 · 6 min read

In a data-driven world, one of the most important needs is data exchanging between multiple systems and applications.

For this, as we all think about choosing the proper storage and computing system, we also need to pick the right API technology.

At Quantyca one of our design principles is to be open to polyglotism, even when it comes to APIs. For this reason, we studied GraphQL and when and how to go for it in our projects.

In this blog post, I will present you with a summary of our learnings. We will take a look at the following topics:

🎯 What is GraphQL and when and why (not) use it

🎯 GraphQL architecture — the big picture

🎯 AWS AppSync — a cloud-based fully managed GraphQL service

What is GraphQL and when and why (not) use it

Image for post
Image for post

According to GraphQL Foundation website:

It was developed by Facebook in 2012 and now open-sourced as a specification.

By being a query language, the main feature of GraphQL is that it gives clients the power to ask for exactly what data they need. Nothing more and nothing less. This characteristic prevents both over fetching and under fetching. The former implies retrieving data that is actually not needed while the latter means retrieving not enough information to meet data requirements.

Also, GraphQL queries allow to access not just the properties of one resource but also smoothly follow reference between them. That ability can be leveraged especially in domains where there are a lot of resources extremely interconnected.

Besides this, GraphQL provides a complete description of the capabilities of the APIs. It lays out a type system to describe data in your APIs and to clearly define supported operations. Thanks to the GraphQL introspection system, you will no longer worry about lacking proper ways of knowing what operations are supported by an API, how to use them, and what are input arguments and possible responses.

I just let you taste the potential of GraphQL, but it is important to understand the tradeoffs of this technology to choose the right tool for the right job.

The biggest issue is that letting clients run any query they want can be a double-edged sword. Let’s list some pros and cons of this powerful feature:

👍 Clients can minimize the amount of data that needs to be transferred over the network and thus improve application performance even on slow network connections.

👍 There is no need to build and maintain specific APIs to fulfill each possible client application requirement.

👎 Clients can ask for as much data as they want. So, if you are not careful, a few big queries can bring your server down to its knees.

👎 Complex queries are hard to design and develop because such complexity cannot be split over several endpoints.

Therefore, when do we say to GraphQL?

Definitely, the flexibility and richness of GraphQL are game-changers for rich mobile and web applications but add complexity that may not be worthwhile for simple APIs.

GraphQL architecture — the big picture

Image for post
Image for post
Photo by Luke Ellis-Craven on Unsplash

As mentioned earlier, GraphQL is a specification. It defines both the rules for the query language and the execution engine. These rules include: how to draft queries, how the type system works, how to perform schema introspection and validation, and how a well-formed response must be.

Therefore, the first thing you need to get started with GraphQL is an implementation of the execution engine. Out there is a heterogeneous landscape of GraphQL servers. Each implementation decides upon which software language to use and it can add its own features (such as caching and monitoring).

But every GraphQL server needs to fill in data for every field in the schema. Through resolvers, servers can populate data in any way you define, for example by fetching data from a database or a third-party API.

Then GraphQL clients come into play. You can query a GraphQL server directly with an HTTP request but you can simplify your life by using a dedicated client library. GraphQL clients will seamlessly take care of constructing and sending queries, parsing the responses, and updating your UI.

Over the years a lot of projects have sprung up. You can find a list of server libraries here and a list of clients here.

I will quote here the ones that I consider the most interesting:

AWS AppSync — a cloud-based fully managed GraphQL service

Image for post
Image for post
Adapted from AWS AppSync product page

As stated above, using GraphQL require manual installation and maintenance of software infrastructure components. Plus, nowadays mobile and web application users demand quick access to information at scale so at least we need to worry about high availability, reliability, and fan-out capabilities.

This is where AWS AppSync comes to rescue.

AWS AppSync is a

🔥 cloud-based 🔥 fully managed 🔥 serverless

GraphQL implementation.

As follows, AWS AppSync does not require any manual installation nor any maintenance and it scales up and down dynamically depending on the load. So you waste no time setting up your infrastructure and you can immediately focus on creating valuable functionalities.

Additionally, AWS AppSync has its own way of spicing up GraphQL.

First of all, the most advantageous feature is that AWS AppSync has built-in resolvers that automatically translate GraphQL requests and fetch information from a range of pre-configured data sources. Indeed, AWS AppSync can streamline the connections to services like AWS DynamoDB, AWS Aurora, AWS Elasticsearch, and AWS Lambda functions in addition to any arbitrary HTTP endpoint. By leveraging built-in resolvers, developers can simplify the retrieval and manipulation of data and consequently cuts down implementation effort and time.

Moreover, AWS AppSync implements server-side data caching. Developers can selectively cache data fields and operations defined in the GraphQL schema with customizable expiration. This way, there is a reduced need to directly access data sources and performance can be improved.

Last but not least, AWS AppSync grants enterprise-level security and fine-grained access control. It integrates flawlessly with AWS IAM and AWS Cognito for email and password functionality, social providers, OAuth features, as well as enterprise federation with SAML.

Here you find a recap of AWS AppSync key features and advantages.

✨ It is a cloud-based, fully managed, serverless implementation of GraphQL spec.

✨ Thanks to built-in resolvers, AWS AppSync simplifies the retrieval and manipulation of data across certain AWS data services.

✨ It implements server-side data caching for delivering data that doesn’t change frequently at low latency.

✨ It grants enterprise-level security and fine-grained access control by joining forces with AWS IAM and AWS Cognito.


GraphQL is a brand new paradigm for implementing API that is especially powerful for data-intensive mobile and web applications. The cloud-based and serverless implementation provided by AWS AppSync represents the cherry on top thanks to its incredible advantages.

Have you ever used GraphQL and AWS AppSync and for which use cases? Do you think that they are valuable tools that have more pros than cons or vice-versa? Let me know in the comments section below.


Quantyca — Data at Core

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade
A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store