Does making an AppSync request from another backend AWS service leave the network for DNS lookup?

0

If I have a lambda acting as an AppSync client does it leave the network to do a DNS lookup of the AppSync url provided? I am guessing that if I use an ApolloClient it would need to but what about if you use the aws-sdk AppSyncClient? Trying to speed up calls that pass through a BFF and would love any input!

1 Answer
1

Hi, @James_Lundin

Do you care if Lambda's communication to your AppSync endpoint goes outside the AWS Global Network?

Since Lambda itself runs in a managed VPC, I think it will implicitly resolve the name in the internal DNS.
And since the AppSync endpoint is always public, the result of name resolution is a public IP address.
However, the following documents state that if the source and destination are AWS networks, they will stay on the AWS Global network.

https://aws.amazon.com/vpc/faqs/?nc1=h_ls

Packets that originate from the AWS network with a destination on the AWS network stay on the AWS global network, except traffic to or from AWS China Regions.

So, in this case, it's a communication from Lambda's managed VPC to AppSync's managed edge, so I think it stays inside.

This behavior is the same for both the Apollo Client and the AWS SDK, as it's about how Lambda resolves names and how the AWS network sends packets.

profile picture
EXPERT
iwasa
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions