Does making an AppSync request from another backend AWS service leave the network for DNS lookup?

Question

If I have a lambda acting as an AppSync client does it leave the network to do a DNS lookup of the AppSync url provided? I am guessing that if I use an ApolloClient it would need to but what about if you use the aws-sdk AppSyncClient? Trying to speed up calls that pass through a BFF and would love any input!

Answer

Hi, @James_Lundin

Do you care if Lambda's communication to your AppSync endpoint goes outside the AWS Global Network?

Since Lambda itself runs in a managed VPC, I think it will implicitly resolve the name in the internal DNS.  
And since the AppSync endpoint is always public, the result of name resolution is a public IP address.  
However, the following documents state that if the source and destination are AWS networks, they will stay on the AWS Global network.

https://aws.amazon.com/vpc/faqs/?nc1=h_ls

> Packets that originate from the AWS network with a destination on the AWS network stay on the AWS global network, except traffic to or from AWS China Regions.

So, in this case, it's a communication from Lambda's managed VPC to AppSync's managed edge, so I think it stays inside.

This behavior is the same for both the Apollo Client and the AWS SDK, as it's about how Lambda resolves names and how the AWS network sends packets.

Does making an AppSync request from another backend AWS service leave the network for DNS lookup?

관련 콘텐츠