AWS Glossary – Rabie Akela

0-9

.env.local: A .env.local file is used in a development project to declare local environment variables, such as API keys, database credentials, or other secrets. The values defined in this file are specific to your local machine and will override variables set in more general files like .env. Crucially, this file is intended for sensitive or user-specific data and should always be included in the project’s .gitignore file to prevent accidentally committing private credentials to a shared code repository.

Amplify: AWS Amplify is a development platform with a set of tools and services for building secure, scalable full-stack applications, powered by AWS. It simplifies adding features like authentication, APIs, data storage, and hosting by providing a straightforward declarative interface for front-end web and mobile developers.

Amplify Auth: Amplify Auth is a pre-configured component of the AWS Amplify framework that handles user authentication and authorization, built directly on top of Amazon Cognito. It provides a simple-to-use interface for developers to quickly implement complete user sign-up, sign-in, password management, and access control flows in their applications.

API proxy: An API proxy is an interface that sits between a client application and a backend service, acting as a single entry point for all incoming API requests. It intercepts these requests, forwards them to the correct backend service, and then returns the service’s response back to the client. This architectural pattern is primarily used to decouple the client from the backend, allowing you to add a layer of security, rate limiting, caching, or request transformation without altering the core logic of your backend services.

API_KEY auth mode: The API_KEY auth mode is a straightforward method for securing an AWS AppSync API where requests are authorized using a static, auto-generated string. This key must be included in the x-api-key request header for the API call to be accepted. This approach is primarily intended for public APIs, development, or prototyping, as it allows you to track usage and provide basic protection without implementing a full user authentication flow.

AppSync: AWS AppSync is a managed service that uses GraphQL to make it easy for applications to get exactly the data they need from one or more data sources. It allows developers to build scalable APIs by securely connecting to sources like AWS DynamoDB, Lambda, and other web APIs, handling the request parsing and resolution for them.

AppSync scalars: AppSync scalars are the built-in, primitive data types in AWS AppSync that represent a single value in a GraphQL schema, such as a string, integer, or boolean. In addition to the five standard GraphQL scalars, AppSync provides its own set of powerful, AWS-specific scalars like AWSDate, AWSTimestamp, and AWSEmail. These extended scalars are extremely useful as they come with built-in validation, automatically ensuring that the data for a field conforms to a specific format without requiring custom resolver logic.

AuthGuard: An AuthGuard is a security mechanism used in web frameworks to protect application routes by verifying that a user is authenticated. It functions as a checkpoint that automatically intercepts incoming requests to a protected resource to determine if the user has a valid, active session or authentication token. If the user is successfully authenticated, the guard allows the request to proceed; otherwise, it typically redirects the user to a login page or returns an “Unauthorized” error, preventing access for unauthenticated users.

CloudFormation: AWS CloudFormation is an Infrastructure as Code (IaC) service that allows you to define and provision your AWS cloud resources in a predictable and repeatable way. You describe your desired infrastructure, including resources like EC2 instances or S3 buckets, in a template file using YAML or JSON. CloudFormation then reads this template and automatically builds the specified environment, managing dependencies and handling the creation, updating, or deletion of your resources as a single unit called a stack.

Cognito: Amazon Cognito is a robust AWS service that provides authentication, authorization, and user management for your web and mobile apps. It allows you to add user sign-up and sign-in features quickly and scales to millions of users, supporting sign-in with social identity providers like Apple, Google, and Facebook, or through its own user directory system.

Cognito Groups: Cognito Groups are a feature within a User Pool that allow you to organize users into logical collections, such as “admins,” “editors,” or “subscribers.” This grouping is primarily used to manage permissions and implement role-based access control (RBAC), as a user’s group membership can be passed in their identity token to your backend for authorization decisions.

Cognito User Pool: A Cognito User Pool is your own secure user directory within Amazon Cognito that manages user registration, authentication, and account recovery. It handles the user lifecycle and, upon a successful sign-in, provides JSON Web Tokens (JWTs) to grant authenticated users access to protected APIs or resources.

CSS (Cascading Style Sheets): CSS (Cascading Style Sheets) is a stylesheet language used to describe the presentation and visual styling of a document written in a markup language like HTML. It handles the look and feel of a web page, controlling everything from colors, fonts, and spacing to the layout of elements on the page. CSS works by using selectors to target specific HTML elements and then applying style properties to them, with the “cascading” aspect referring to the rules that determine how styles are applied when multiple conflicting rules target the same element.

Data Source: A data source is the underlying storage system or compute service that holds the data an application interacts with. This can be anything from a database like Amazon DynamoDB, a serverless function like AWS Lambda, or an existing HTTP API endpoint. In services like AWS AppSync, you formally connect these backends as data sources to your API. Resolvers then act as the bridge, translating GraphQL requests into operations that the specific data source can understand and execute.

Document Object Model (DOM): The Document Object Model (DOM) is a programming interface for web documents that represents the page’s structure as a tree of objects. Each node in this tree corresponds to a part of the document, such as elements, attributes, and text, allowing the page to be understood and manipulated by programs. This model enables scripts like JavaScript to dynamically read and change the content, structure, and style of a document, which is how modern interactive websites are built.

esbuild: esbuild is an extremely fast, next-generation JavaScript bundler and minifier written in the Go programming language. Its main purpose is to bundle JavaScript and its variants (like TypeScript and JSX) for use in a web browser, but it can also be used for other formats. Designed for performance, it is significantly faster than many older bundlers and is often used as a core dependency in other high-level tools like Vite or the AWS CDK.

GraphQL: GraphQL is an open-source query language for APIs that allows clients to request exactly the data they need, preventing the common issues of over or under-fetching information. It operates using a strongly-typed schema that describes the full capabilities of an API, enabling developers to retrieve complex, nested data from multiple resources in a single, predictable call.

GraphQL Code Generator: GraphQL Code Generator is a command-line tool that generates typed code, such as TypeScript types, React hooks, or Angular services, directly from your GraphQL schema and operations. This automation saves significant development time by eliminating boilerplate and ensures that your front-end code is always in sync with the API’s data structure, preventing type-related errors.

GraphQLAPIURL: A GraphQLAPIURL is the specific web address that serves as the single endpoint for all interactions with a GraphQL API. Unlike REST APIs that use multiple URLs for different resources, all GraphQL queries, mutations, and subscriptions are directed to this one URL. Client applications are configured with this URL to send POST requests containing the GraphQL operation and any variables, which the server then processes to fetch or manipulate data.

HTML (HyperText Markup Language): HTML (HyperText Markup Language) is the standard markup language used to create and design the fundamental structure of web pages and their content. It uses a system of tags to define elements like headings, paragraphs, links, and images, forming the skeleton of a website. While HTML provides the basic structure and semantic meaning of the content, it works in conjunction with CSS for styling and JavaScript for interactivity to create a complete and functional web page.

IAM Role: An IAM Role is an AWS identity with specific permissions that can be assumed temporarily by a trusted entity, such as an AWS service, an application, or a user. Unlike an IAM user, a role does not have its own permanent credentials like a password or access keys. This mechanism allows you to securely delegate access, as the entity assuming the role is granted temporary security credentials to perform only the actions specified in the role’s permission policies.

ID Token: An ID Token is a security token in the form of a JSON Web Token (JWT) that is granted by an OpenID Connect provider, like Amazon Cognito, upon successful user authentication. It contains claims about the identity of the authenticated user, such as their email, username, and the time of authentication. This token is primarily intended for the client-side application to understand who the user is and to personalize the user experience, whereas a separate Access Token is used to authorize requests to a protected backend API.

Identity Object: The identity object is a data structure available within the context of an AWS AppSync resolver that holds information about the user or service that made the API request. Its contents depend on the API’s authorization type and can include details like the username, Cognito group membership, or IAM role. This object is crucial for implementing fine-grained access control, as your resolver logic can inspect its properties to make authorization decisions or to fetch data specific to the authenticated user.

Infrastructure as Code (IaC): Infrastructure as Code (IaC) is the practice of managing and provisioning computer data centers through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools. It treats infrastructure components like servers, databases, and networks as software, allowing you to write code to define, deploy, and update them. This approach enables automation, version control, and collaboration, leading to faster and more reliable environment setups while eliminating manual errors.

JavaScript (JS): JavaScript (JS) is a high-level, dynamic programming language that is one of the core technologies of the World Wide Web, alongside HTML and CSS. It is the primary scripting language for web pages, enabling interactive features, complex animations, and dynamic content updates directly within the user’s browser. While originally a client-side language, the creation of environments like Node.js has allowed JavaScript to be used for server-side programming as well, making it a versatile choice for building entire full-stack applications.

JSON Web Token (JWT): JSON Web Token (JWT) is an open-standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed using a secret or a public/private key pair. JWTs are commonly used for authentication and authorization, where a server generates a token for a logged-in user, who then sends the token back with future requests to access protected resources.

Lambda resolver: A Lambda resolver is a data source for an AWS AppSync API that connects a GraphQL field to an AWS Lambda function to retrieve or modify data. When a query or mutation for that field is executed, AppSync invokes the designated Lambda function, passing along contextual information, and then returns the function’s response to the client. This approach provides maximum flexibility, allowing developers to run complex business logic or connect to any data source, such as a third-party API or a relational database, that can be accessed from a Lambda function.

Mapping template: In AWS AppSync and API Gateway, a mapping template is a script written in Velocity Template Language (VTL) that translates data from a source format to a destination format. There are two types: request mapping templates, which convert an incoming API request into a format the backend data source understands, and response mapping templates, which convert the data source’s output back into a format the API client expects. Essentially, these templates act as a crucial adapter layer, allowing a standardized API call to interact seamlessly with a specific backend service by shaping the data on its way in and on its way out.

Next.js App Router: The Next.js App Router is a routing system introduced in Next.js 13 that uses a directory-based approach within an app folder to define routes. It is built on top of React Server Components, allowing for a more powerful and flexible way to structure applications.
This model enables advanced features like nested routes and shared layouts that don’t re-render on navigation, while also simplifying data fetching by co-locating it with the components on the server.

React: React, often referred to as React.js or ReactJS, is an open-source JavaScript library for building user interfaces, especially for single-page applications where the UI needs to be fast and interactive. It allows developers to create large web applications that can change data over time without reloading the page. React’s core strength lies in its component-based architecture, where you build encapsulated components that manage their own state, and then compose them to make complex UIs. It uses a Virtual DOM to efficiently update and render only the components that have changed, which significantly improves performance.

Resolver: In GraphQL, a Resolver is a function responsible for fetching the data for a single field in your schema. When a query is executed, the GraphQL server calls the resolver for each requested field, connecting the API to your backend data source, such as a database or another API. These resolvers contain the business logic to translate the incoming request, fetch the necessary information from the data source, and then shape the response to match the schema’s requirements.

Role-Based Access Control (RBAC): Role-Based Access Control (RBAC) is a security method that restricts network access based on a person’s role within an organization. Permissions are assigned to specific roles rather than to individual users. Users are then granted access to information or functionalities based on the roles they are assigned, which simplifies security administration by managing a few roles instead of potentially thousands of individual user permissions.

RoleGuard: A RoleGuard is a specialized security component used in application frameworks to implement Role-Based Access Control (RBAC) on routes or API endpoints. It intercepts an incoming request and checks if the authenticated user has the necessary role before allowing access to the protected resource. This guard works by examining the user’s identity, often from a JWT or session data, to determine their assigned roles and then denies access if they do not match the permissions required for that specific route.

Schema Definition Language (SDL): The Schema Definition Language (SDL) is the syntax used to write a GraphQL schema in a clear, human-readable, and language-agnostic way. It allows you to define the API’s entire type system, including all object types, fields, and the queries and mutations that clients can execute. This SDL file acts as a universal contract between the client and server, serving as a single source of truth that enables tools to perform validation and code generation.

schema.graphql: A schema.graphql file is the conventional name for the file that contains the complete definition of a GraphQL API, written in the Schema Definition Language (SDL). This file acts as the authoritative contract between the client and the server, specifying all of the available data types, fields, queries, mutations, and subscriptions. It serves as the single source of truth for the API’s structure, enabling development tools to provide powerful features like autocompletion, validation, and automatic code generation for both the front and back end.

Server-Side Rendering (SSR): Server-Side Rendering (SSR) is an application’s ability to convert HTML files on the server into a fully rendered HTML page for the client. The web browser then receives this complete page, which has already been processed by the server.
This approach generally leads to faster initial page loads and improved search engine optimization (SEO), as search engines can crawl and index the content more effectively than with client-side rendered pages.

Serverless Application Model (SAM): The AWS Serverless Application Model (SAM) is an open-source framework for building serverless applications on AWS. It provides a simplified, shorthand syntax on top of AWS CloudFormation to easily define and model your serverless resources like Lambda functions, APIs, and event sources. SAM also includes a command-line interface (CLI) that enables you to locally build, test, and debug your serverless applications in a Lambda-like execution environment before deploying them to the AWS cloud.

Tailwind CSS: Tailwind CSS is a popular, utility-first CSS framework for rapidly building custom user interfaces. Instead of providing pre-styled components, it gives you low-level utility classes like flex, pt-4, and text-center that you compose directly in your HTML. This approach allows developers to create completely custom designs without ever leaving their HTML or writing custom CSS, resulting in a highly efficient workflow and a consistent styling system.

template.yaml: A template.yaml file is the standard manifest file used by the AWS Serverless Application Model (SAM) to define the resources of a serverless application. It is an Infrastructure as Code (IaC) template that describes your Lambda functions, API Gateway endpoints, DynamoDB tables, and other necessary components in a structured YAML format. This file is then processed by the SAM CLI, which converts it into a more verbose AWS CloudFormation template and deploys the entire application stack to your AWS account.

TypedDocumentNode: A TypedDocumentNode is an object that represents a parsed GraphQL document, such as a query or mutation, while also including the specific TypeScript types for its result data and input variables. Utilizing a TypedDocumentNode provides end-to-end type safety, allowing GraphQL clients and developer tools to automatically infer the shape of your data and catch errors at compile-time.

USER_POOLS auth mode: The USER_POOLS auth mode is a method for securing an AWS AppSync GraphQL API using Amazon Cognito User Pools as the primary identity provider. API requests are authorized by validating the JSON Web Token (JWT) that a user receives upon signing in through the configured User Pool. This mode enables fine-grained access control directly within the GraphQL schema, allowing you to grant or deny permissions for specific operations and data fields based on the authenticated user’s membership in different Cognito Groups.

Velocity Template Language (VTL): Velocity Template Language (VTL) is a Java-based template engine used within AWS AppSync to create resolver mapping templates. These templates translate incoming GraphQL requests into a format understood by the backend data source, like DynamoDB, and then transform the data source’s response back into a GraphQL-compliant structure. VTL uses a simple syntax with variables and directives to access request context, manipulate JSON, and apply conditional logic, acting as the essential glue between your API layer and your data layer.

Virtual DOM: A Virtual DOM (VDOM) is a programming concept where a lightweight, in-memory representation of the actual browser’s Document Object Model (DOM) is maintained by UI libraries like React. When the state of an application changes, this virtual representation is updated first, which is significantly faster than manipulating the real DOM directly. The library then compares the updated Virtual DOM with a previous snapshot of it, a process called “diffing,” to calculate the minimal set of changes required. These specific changes are then efficiently applied in a batch to the actual browser DOM, leading to a significant performance increase.

YAML: YAML (a recursive acronym for “YAML Ain’t Markup Language”) is a human-readable data-serialization language often used for writing configuration files. It uses indentation to represent data structure, which makes it clean and easy to read compared to formats like JSON or XML. Due to its simplicity, YAML is widely used in applications for configuration, in tools like AWS CloudFormation for defining infrastructure, and for any scenario where data needs to be easily written and understood by people.

Engineering Machines Intelligence

Communities