level 100

Gateway Validation

Reduce service charges and boilerplate code by validating data at the API Gateway

Context

Functions exposed as API endpoints need to handle incoming request data. API consumers may unintentionally pass badly formatted data, or bad actors may maliciously attempt to inject bad data into public endpoints. We need to validate data before it is processed. Validation logic is often verbose, repetitive, boilerplate code that requires additional dependencies and needs to be shared across services. Additionally, in the direct cost model of Lambda even invalid data is tied directly to an invocation charge.

Solution

Validate HTTPs requests at the API Gateway using JSON Schema - a data definition vocabulary for validating JSON documents. API Gateway can use JSON Schema models to validate incoming request payloads.

Validating at the gateway means that invalid requests will not incur a Lambda invocation. If a Lambda function is exposed via API Gateway, you are already paying for the API Gateway request and validation is essentially free.

Notes

API Gateway supports JSON Schema Draft 0-4. Draft 0-7 is the latest version.

API Gateway can also validate the presence of parameter values in the request path, query string, or header. Complex structural validations are not supported.

The default API Gateway validation error is … inadequate. Configure a custom GatewayResponse to return detailed errors to API consumers.

Cost Profile

Service Charge
API Gateway Request
API Gateway Data Transfer
Lambda Request
Lambda (Compute Time x Memory)
CloudWatch Log Data Ingestion

* Lambda functions are only invoked if the request data is valid.

Related Patterns