Add GraphQL Mutations + Subscriptions support for GovCloud version #141
Description
Describe the solution you'd like
We need a containerized GraphQL service that can replace AppSync for FedRAMP High/GovCloud deployments. The solution should:
- Expose GraphQL API - Support mutations (uploadDocument), queries (getDocument), and subscriptions (onUpdateDocument)
- Run in containers - Deploy behind ALB for FedRAMP High compliance instead of using AppSync
- Maintain existing workflow - Customer calls uploadDocument → gets presigned S3 URL → uploads file → receives completion notification via
subscription - Enable on-premises integration - Allow external applications to integrate directly with the document processing pipeline through GraphQL API
The customer workflow would remain identical:
• Call uploadDocument mutation to get presigned POST URL
• Upload file directly to S3 using presigned URL
• Subscribe to onUpdateDocument to receive processing completion events
• Fetch results using getDocument or similar queries
Describe alternatives you've considered
Post-processing Lambda hook - Won't work because the on-premises application needs bidirectional API communication. They can't easily integrate with S3 buckets and event-driven AWS components directly from their environment.
Custom API layer - Customer would have to build a separate interface layer and handle authentication, authorization, and API design from scratch, significantly increasing complexity and development time.
Additional context
• Environment: AWS GovCloud with FedRAMP High requirements
• Usage: Headless/API-only (no UI needed)
• Integration: On-premises applications need GraphQL API access
• Compliance: AppSync is not FedRAMP High certified, blocking current deployment
• Architecture: Need containerized GraphQL service behind ALB instead of managed AppSync