amazon-web-servicesaws-api-gatewayaws-serverlessaws-sam

Add advanced validation for AWS::Serverless::Api GET query params


Im trying to add "advanced" validation to AWS::Serverless::Api GET request, query params.

I.e. minimal value of Int param: {page} should be 1. Or enum checking values

But Api gateway doesnt handle these kind of validations and only checks whether param is set.

How to do that?

I found on aws docs only information about body validation like creating models. However, it does not work with query-params

Cloudformation config

  SearchApi:
    Type: AWS::Serverless::Api
    Properties:
      Name: !Sub ${AWS::StackName}
      StageName: !Ref StageName
      DefinitionBody:
        openapi: "3.0.1"
        info: {}
        paths:
          /api/search:
            get:
              parameters:
                - name: text
                  in: "query"
                  required: true
                  schema:
                    type: "string"

                - name: page
                  in: "query"
                  required: true
                  schema:
                    type: integer
                    minimum: 1

                - name: hitsPerPage
                  in: query
                  required: true
                  schema:
                    type: integer
                    minimum: 1

                - name: subscription
                  in: query
                  required: true
                  schema:
                    type: string
                    enum: [PLUS, FREE, HD]
                    
                - name: distributionTenant
                  in: query
                  required: true
                  schema:
                    type: "string"
                    minLength: 4
  
              responses:
                "200":
                  description: "200 response"
                  headers:
                    Access-Control-Allow-Origin:
                      schema:
                        type: "string"
                    Access-Control-Allow-Methods:
                      schema:
                        type: "string"
                    Access-Control-Allow-Credentials:
                      schema:
                        type: "string"
                    Access-Control-Allow-Headers:
                      schema:
                        type: "string"
                  content: {}
              x-amazon-apigateway-request-validator: "params-only"
              x-amazon-apigateway-integration:
                credentials: !Ref APIGatewayRole
                httpMethod: "POST"
                uri:
                  Fn::Sub: "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${SearchFunction.Arn}/invocations"
                passthroughBehavior: "when_no_match"
                type: "aws_proxy"

        x-amazon-apigateway-request-validators:
          params-only:
            validateRequestParameters: true
            validateRequestBody: false

Solution

  • From official aws qa:

    Unfortunately, we do not have option to do advanced validation on the headers and query string parameters of incoming request. However, in case of Request Body, we can make use of JSON schema model to validate the payload structure.

    Link: https://repost.aws/questions/QUITruD8XeQN-dsmMU-6NqYQ#ANqyHGhMsvSH2Ib_fUvQd-Xw