Really new to AWS and AppSync. I have pretty simple microservices backend app and I want to use existing endpoints to be my source for AppSync. Found this resource:
https://docs.aws.amazon.com/appsync/latest/devguide/tutorial-http-resolvers.html
Not really clear on how do I deal with auth on my endpoints?
Any help or direction towards the right resource is really appreciated.
You have multiple options depending on the authentication mechanisms of your endpoints.
If your existing endpoint supports SigV4 authentication and you can assign a service role to your AppSync service which allows invocation of your endpoint, then you can use https://docs.aws.amazon.com/appsync/latest/devguide/tutorial-http-resolvers.html#invoking-aws-services
If your existing endpoint is protected with username/password or API key, you can use e.g. the pipeline resolver to first read the sensitive data from Secrets Manager/SSM Parameter Store, and then use them in HTTP call to your endpoint, for guidance see https://blog.iamjkahn.com/2020/01/securely-storing-api-secrets-for-aws-appsync-http-resolvers.html
If your existing endpoint is requiring an access token with which expires, then you can again use pipeline resolver to resolve valid access token before using HTTP data source, or replace data source of your resolver to lambda data source where you will deal with access token management together with your endpoint invocation.