- 1. How Appsync Subscriptions work
- 2. How to trigger a subscription from a Lambda function
- 3. The lifecycle of websocket connections and subscriptions
For the subecsription, we can write vtl to check if the logged in user matches the userId input or the PK of the item returned:
#if(! ${context.result})
$utils.unauthorized()
#elseif(${context.identity.cognitoIdentityId} != ${context.arguments.userId})
$utils.unauthorized()
#else
$util.toJson($ctx.result)
#end