A Serverless Framework plugin that adds request validation to your AWS API Gateway endpoints.
# Using npm
npm install --save-dev serverless-api-gateway-request-validator
# Using Serverless plugin install
serverless plugin install -n serverless-api-gateway-request-validatorThen add the plugin to your serverless.yml file:
plugins:
- serverless-api-gateway-request-validatorAdd request validation to your functions in serverless.yml:
functions:
myFunction:
handler: handler.myFunction
events:
- http:
path: /my-path
method: post
request:
validator:
type: ALL # Options: BODY_ONLY, PARAMS_ONLY, ALL
schemas:
application/json: ${file(schemas/my-schema.json)}
# Optional: Parameter validation configuration
parameters:
paths:
paramName: true # Required path parameter
querystrings:
queryName: false # Optional query parameter
headers:
headerName: true # Required headerBODY_ONLY: Validates only the request bodyPARAMS_ONLY: Validates only the request parameters (path, query, header)ALL: Validates both body and parameters
You can specify three types of parameters to validate:
- Path Parameters: Parameters that are part of the URL path (e.g.,
/users/{id}) - Query Parameters: Parameters that are part of the URL query string (e.g.,
/users?page=1&limit=10) - Header Parameters: Parameters that are part of the HTTP headers
For each parameter, you can specify whether it is required (true) or optional (false).
functions:
createUser:
handler: handlers/users.create
events:
- http:
path: /users
method: post
request:
validator:
type: ALL
schemas:
application/json: ${file(schemas/create-user.json)}functions:
getUser:
handler: handlers/users.get
events:
- http:
path: /users/{id}
method: get
request:
validator:
type: PARAMS_ONLY
parameters:
paths:
id: true # Required path parameterfunctions:
listUsers:
handler: handlers/users.list
events:
- http:
path: /users
method: get
request:
validator:
type: PARAMS_ONLY
parameters:
querystrings:
page: false # Optional query parameter
limit: false # Optional query parameter
sort: false # Optional query parameterservice: my-service
provider:
name: aws
runtime: nodejs18.x
region: us-east-1
plugins:
- serverless-api-gateway-request-validator
functions:
createUser:
handler: handlers/users.create
events:
- http:
path: /users
method: post
request:
validator:
type: ALL
schemas:
application/json: ${file(schemas/create-user.json)}
updateUser:
handler: handlers/users.update
events:
- http:
path: /users/{id}
method: put
request:
validator:
type: ALL
schemas:
application/json: ${file(schemas/update-user.json)}
parameters:
paths:
id: true
headers:
Authorization: true{
"$schema": "http://json-schema.org/draft-07/schema#",
"type": "object",
"required": ["name", "email"],
"properties": {
"name": {
"type": "string",
"minLength": 1
},
"email": {
"type": "string",
"format": "email"
},
"age": {
"type": "integer",
"minimum": 18
},
"address": {
"type": "object",
"properties": {
"street": { "type": "string" },
"city": { "type": "string" },
"zipCode": { "type": "string" }
}
}
}
}This plugin works by:
- Analyzing your Serverless configuration during the packaging phase
- Finding any HTTP events with validator configurations
- Creating AWS::ApiGateway::RequestValidator resources in the CloudFormation template
- Adding AWS::ApiGateway::Model resources for your JSON schemas
- Linking these resources to your API Gateway methods
MIT