How to give separate permissions to GraphQL queries in AWS Amplify

I need to give separate permissions to separate GraphQL queries. For example, currently I have defined two queries @auth gives permission to Admin group to these two queries. How can I give access to any logged in user(Cognito Pools) to invokeLambda query and only Admin group to invokeGetGroups query ? I can’t seem to figure out how it is done.

type Query {
      rules: [
        { allow: groups, groups: ["Admins"] }])
  invokeLambda: String @function(name: "pythonLambda-${env}") 
  invokeGetGroups: String @function(name: "getPatchGroups-${env}")

Read more here: Source link