Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

AWS SAM - Enforcing Request Validation in API Gateway Method by SAM Template

I am working on a SAM application having a lambda function with API Gateway as source of event. API Endpoint is a POST Method requiring a set of parameters in request body. API Gateway provides us the capability of validating request body by specifying a request Model using AWS Console.

Refer Screenshots below of AWS Console options:

enter image description here

enter image description here

I need to set similar options via SAM template and able to link a Model with the request body but not able to set request validator option and is not able to find any documentation or example also.

Below is my SAM Template

AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31

Description: SAM Template

Parameters: 
  Stage: 
    Type: String
    Default: dev

Resources:
  MyApiGateway:
    Type: AWS::Serverless::Api
    Properties:
      Name: My AWS Serverless API
      StageName: !Ref Stage
      Models: 
        ExchangeRate: 
          $schema: "http://json-schema.org/draft-04/schema#"
          properties: 
            base: 
              type: string
            target: 
              type: string
          required: 
            - base
            - target
          title: User
          type: object

  ExchangeRateFunction:
    Type: AWS::Serverless::Function
    Properties:
      CodeUri: functions/exchange-rate/
      Handler: index.handler
      Runtime: nodejs12.x
      Description: Function to Get Currency Exchange Rate
      MemorySize: 128
      Timeout: 3
      Policies:
        - AWSLambdaBasicExecutionRole
      Events:
        HelloWorld:
          Type: Api
          Properties:
            RestApiId: !Ref MyApiGateway
            Path: /exchange
            Method: POST
            RequestModel:
              Model: ExchangeRate
              Required: true

Outputs:
  ExchangeRateFunction:
    Description: "Exchange Rate Lambda Function ARN"
    Value: !GetAtt ExchangeRateFunction.Arn
  MyApiGateway:
    Description: "My Seed API EndPoint"
    Value: !Sub "https://${MyApiGateway}.execute-api.${AWS::Region}.amazonaws.com/${Stage}"

Documentation referred

  • https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-api.html
  • https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html

Please let me know how can I set 'Request Validator' to 'Validate body' option using SAM template. Will appreciate the help

like image 528
manpreet Avatar asked Feb 07 '20 08:02

manpreet


People also ask

How do I validate headers in API gateway?

Go to the Integration Request tab of your endpoint, click Mapping Templates , set Request body passthrough to never , add a mapping template for application/javascript , and click Method Request Passthrough from the dropdown next to Generate template .

Which section of the AWS serverless application model template is required and identifies an AWS CloudFormation template file as an AWS Sam template file?

The declaration Transform: AWS::Serverless-2016-10-31 is required for AWS SAM template files. This declaration identifies an AWS CloudFormation template file as an AWS SAM template file. For more information about transforms, see Transform in the AWS CloudFormation User Guide.

What is API request validation?

Validation can mean a lot of things, but in API land it generally means figuring out if the data being sent to the API is any good or not. Validation can happen in a lot of different places - it can happen on the server, and it can happen in the client.


2 Answers

Add ValidateBody: true i.e.

RequestModel:
 Model: ExchangeRate
 Required: true
 ValidateBody: true
like image 199
Kudzai Gadzira Avatar answered Oct 13 '22 21:10

Kudzai Gadzira


I've ran into the same problem, apparently this feature is lacking from SAM for a while, as you can see from this previous question:

How to add a request validator in a AWS SAM template for AWS::Serverless::Api?

Also, a few issues have been opened in GitHub, the last one being:

https://github.com/awslabs/serverless-application-model/issues/1403

I've hacked a solution that includes two additional properties in the SAM specification to solve this issue, but I wouldn't expect it to actually become a PR. I can provide further instructions if you'd like to use my forked repo to deploy from a develop branch.

like image 44
Paolo Rechia Avatar answered Oct 13 '22 19:10

Paolo Rechia