Get rid of the need for all auth rules in lambdas when calling graphql.
Just a few posts on the topic:
I believe they are completely unnecessary. If I can call a regular DQL query, it is definitely not more secure. Simple is better. Hacking the auth rules and changing them is bad coding IMHO, and erroneous work for developers. If the lambda is called from a custom mutation, that custom mutation should have it’s own auth rules. Simple.
This is probably the easiest fix. Allow DQL within lambdas to accept JSON Mutation Format. You could easily update the code here.
My suggestion would be something as simple as:
"Content-Type": typeof obj == 'object' ? "application/json" : "application/rdf"
It may be a little more complicated than that, but you get the drift.