AppSync GraphQL API query depth limit not set

aws-appsync-query-depth-limit-not-set

Type:

Finding

Rule Severity:

High

The AppSync GraphQL API has a query depth limit of 0.

Without a query depth limit, the AppSync API is more susceptible to resource exhaustion from deeply nested queries. This could result in excessive memory and CPU consumption, negatively impacting the API’s performance and availability. As the API processes deeply nested queries, it could slow down or become unresponsive, affecting user experience and potentially disrupting critical services.

Remediation

Set a query depth limit on the AppSync GraphQL API.

Example Attack Scenario

How to Identify with Example Scenario

How to Resolve with Example Scenario

How to Identify with Example Scenario

Find the text in bold to identify issues such as these in API specifications

How to Resolve with Example Scenario

Modify the text in bold to resolve issues such as these in API specifications
References:

More findings

All Findings