graphql – Appsync – owner authorization with condition

I have type SomeEntity in schema with field isPrivate.
It is protected with @auth directive, which allows create operation for everyone and read only for owners:

@auth(
  rules: [
    { allow: groups, groups: ["user"], operations: [create] }
    { allow: owner, operations: [read] }
  ]
)

Now I’m thinking how to allow read operation for ovner if isPrivate == true and allowed for everyone if isPrivate == false.
Is it possible to do using schema only or I need custom Lambda resolver for this?

Read more here: Source link