Aws-sam-cli: [Feature Request] Schema validation on an API Gateway Request

Created on 19 Apr 2018  路  13Comments  路  Source: aws/aws-sam-cli

I defined a schema to validate API request. It works fine in API Gateway but sam local doesn't execute the request validation. The lambda function is then executed with incorrect payload.

RestApi:
    Type: AWS::Serverless::Api
    Properties:
        StageName: Prod
        Cors: 
          AllowOrigin: "'*'"
          AllowHeaders:
            "'Content-Type'"
        DefinitionBody:
            swagger: "2.0"
            info:
              title:
                Ref: AWS::StackName
            x-amazon-apigateway-request-validators:
              all: 
                validateRequestBody: true
                validateRequestParameters: true
            paths:
              "/object":
                post:
                  x-amazon-apigateway-request-validator: all
                  parameters:
                    - in: body
                      name: Object
                      required: true
                      schema:
                        type: object
                        properties:
                          title:
                            type: string
                            minLength: 10
                            maxLength: 200
                          description:
                            type: string
                            minLength: 10
                            maxLength: 600
                        required:
                          - title
                          - description
                  x-amazon-apigateway-integration:
                    httpMethod: POST
                    type: aws_proxy
                    uri:
                      Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${Post.Arn}/invocations
                  responses: {}

Is it the normal behavior ? Will it be implemented ?

arelocastart-api stagpm-review typfeature
Source
picture Hugodby
👍17

Most helpful comment

SAM CLI does not do any schema validation on the request like API Gateway does. Marking this as a feature request and will update the title to reflect the request.

picture jfuss on 9 May 2018
👍22

All 13 comments

SAM CLI does not do any schema validation on the request like API Gateway does. Marking this as a feature request and will update the title to reflect the request.

jfuss picture jfuss on 9 May 2018
👍22

Note that in addition to not supporting schema validation, template mapping for requests and responses are also not supported -- would including request and response mapping be bundled with schema validation?

I can align how I extract payload data between the gateway integration and sam local via a request template of {"body": $input.json('$')}, still working on aligning the response as return {statusCode: 200, body: responseBody}; does not make the output JSON available via curl.

d-smith picture d-smith on 27 Jan 2019

Would love to see this as a feature. It would be great to be able to use API Gateway with AWS SAM but if even one API needs integration then it feels cleaner to manually manage all of them.

RyPope picture RyPope on 12 Feb 2019
👍2

Any update on this? Bit of a gap in my integration tests if I can't test the validation

feelgoodman picture feelgoodman on 2 Apr 2019
👍6

Adding RequestParameters to AWS::Serverless::Function, doesn't enforce it. Even though the query string is defined as required, but it's not enforced. 

            RequestParameters: 
              - method.request.querystring.myString: 
                  Required: true

And in API GW console, under URL Query String Parameters, it shows this warning:

You have marked some query string parameter as required but thee request validator assigned to this method is not configured to validate parameters. To ensure that incoming HTTP requests include the required query string parameters, select an appropriate request validator.

This makes us to need to updated RequestParameters in template (in order to have updated Swagger specs) and to update Lambda business logic (to perform validation). So it's extra work and can lead to inconsistency.

azarboon picture azarboon on 3 Dec 2019
👍5

This would be nice to be able to run integration tests locally. Without validation included it really keeps you thinking about validation in lambda code.

teemuniiranen picture teemuniiranen on 21 Feb 2020

+1

dtelaroli picture dtelaroli on 31 Mar 2020
👍1

+1

joshgoodson picture joshgoodson on 2 Apr 2020

+1

alez007 picture alez007 on 29 Apr 2020

+1

mengelseatz picture mengelseatz on 2 May 2020

+1

edinpark01 picture edinpark01 on 12 May 2020

At a minimum, it would be really helpful for this to be flagged in the debug logs. I spent hours tweaking my OpenAPI file assuming that I was doing something wrong in the x-amazon-apigateway-request-validators stanza, only to find out after uploading it to the AWS Gateway that my validations were fine and it was just an SAM CLI issue :(.

steviec picture steviec on 5 Aug 2020

You have this bug if you use the console, but if you use CLI you must not have this problem.

aws apigateway import-rest-api --body file://swagger.yaml --region <region>

or for version 2 : aws2 apigateway import-rest-api --cli-binary-format raw-in-base64-out --body file://swagger.yaml --region <region>

atigm picture atigm on 3 Sep 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

asyba picture asyba  路  3Comments
Caian picture Caian  路  3Comments
terlar picture terlar  路  3Comments
joekiller picture joekiller  路  4Comments
GerbenRampaart picture GerbenRampaart  路  3Comments