How To Validate HTTP Requests Before They Reach Lambda
Nowadays, I’m writing on Substack.
One of the many appeals of architecting an application as serverless functions is that you can spend more time writing the core application logic. However when it comes to AWS Lambdas by default you are still responsible for writing the functionality that validates the requests that are passed into the Lambda function. Let’s see how we can hand this off to AWS API Gateway so you can avoid writing the same boilerplate validation code in your functions.
In this short guide I will demonstrate how you can validate your API requests using API Gateway and Lambda. We will set up a simple Lambda function, hook it up to API Gateway and validate the requests before they reach our function.
Let’s imagine we want to create an API that can be used to query for the status of different self driving vehicles you are operating.
Heads up! The code snippets used in this article are available via this gist.
Set up Lambda function
- From the AWS Lambda console, click on Create function and select Author From Scratch. In this case we call our function Fleet, choose Python 3.6 as our runtime environment and create a new role called LambdaRole for AWS to set up permissions for this function.
2. Upon creation of the function you are greeted with some template code:
3. Add some pre-made data.
For the purposes of this tutorial, the Lambda will include a dictionary with some pre-made data. We can see that we have two cars and two trucks in our fleet, one in each category is en route and the other one on standby.
4. Get the requested category.
Let’s modify the template code to return the information about the requested category. Our function code now looks like this:
5. Set up a test event in the Lambda console. Click on Configure Test Events.
We will be using Lambda Proxy Integration in API Gateway which will pass everything to our backend resource (in this case, our Lambda function) as a JSON document including the entire resource path, not just the event body itself. This is why we include “body” key in the test event:
Let’s try querying for the status of all cars by clicking on the Test button. You should see the following response providing us the status of all vehicles in the category “cars” in our fleet:
Before we move onto setting up the API Gateway, let’s query for a category that does not exist in our data dictionary.
Modify the test event to query for category “trains” instead:
Hit the Test button and Lambda responds with a Python KeyError because “trains” key does not exist in our data dictionary:
We could write application logic that checks if there is a KeyError and handle the issue in our function or we can explore how we can validate what reaches our Lambda function in the first place. Let’s do the latter. (Of course in a serious case you would have exception handling in place in your function as well).
Set up API Gateway
- From the AWS API Gateway console, click on Create API. Choose REST as the API type and call it FleetAPI:
2. Set up a POST method.
Set the Integration type to Lambda Function and make sure to click on Use Lambda Proxy Integration. This makes the integration to Lambda seamless as it enables requests to be proxied to Lambda with request details available in the event of our handler function. Pick the Lambda Function in the Lambda Region you created your function in. Hit Save.
Let’s test our API before deploying it.
Click on the Client Test button in API Gateway and provide a sample request body (note this is a json object of the body itself), and you should receive a response from Lambda providing us with status of all cars:
As before if we were to request for a non-existent category the Lambda function would not be able to provide us a successful response and instead would respond with an Internal server error.
To avoid this we need to create a model schema to define the structure of the body that is acceptable by the API.
Build a Model schema
This is going to be a JSON object that defines what is the expected structure of our HTTP request body. As of writing this article, AWS API Gateway uses JSON Schema draft-04.
In the API Gateway console choose Models and create a new model named FleetSchema with the following content.
You can see that the enum key defines the accepted categories — “cars” and “trucks”.
The required key with the value category defines that the category key must be passed in the request body.
Navigate to the POST Method Request, set Request Body to accept application/json and pick the FleetSchema model we just created:
Under HTTP Request Headers set Content-Type Header to be required in the request:
Under Request Validator set the validation method to Validate body, query string parameters and headers:
Now if you were to test the API by providing “trains” as the category the request body gets validated and instead of Internal server error we get Invalid request body message. The request did not get passed to our Lambda function.
Passing an accepted category (“cars” or “trucks”) provides us the required information. Great!
Let’s Deploy our API by clicking on Actions > Deploy API.
Create a new Deployment stage, in this case we’re naming it development.
After deployment we are provided a link to invoke our API.
Let’s test the deployed API
We’ll invoke the API using curl.
Passing an accepted category gives us the status of the requested vehicles:
Passing an unaccepted category results in the request being denied:
