GraphQL Query Limits
Overview
Depot supports configurable GraphQL query limits to protect against oversized or overly complex queries. These limits
are enforced by the connector and can be configured via the frontend.graphql property on the Environment construct.
All properties are optional. If a property is not set, default limit is enforced for that dimension.
Configuration
import { Environment } from "@stage-tech/depot-cdk";
new Environment(stack, "MyEnvironment", {
account: { name: "example", id: Aws.ACCOUNT_ID },
name: "example",
frontend: {
graphql: {
maxQueryDepth: 10,
maxQueryComplexity: 100,
maxQueryCharacters: 5000,
}
}
});
Properties
| Property | Type | Description |
|---|---|---|
maxQueryCharacters | number | Max characters allowed in a query |
maxQueryTokens | number | Max tokens allowed in a query |
maxWhitespaceTokens | number | Max whitespace tokens in a query |
maxRuleDepth | number | Max parser rule depth |
maxQueryComplexity | number | Max computed query complexity |
maxQueryDepth | number | Max nesting depth of a query |
tip
Start with permissive limits and tighten them based on observed query patterns. Setting limits too aggressively may block legitimate queries.