From 6f95c4e766e390de29bf8869ebe5fc39d402664b Mon Sep 17 00:00:00 2001 From: EC2 Default User Date: Sun, 12 Jan 2025 09:38:11 +0000 Subject: [PATCH 1/8] Added new pattern --- apigw-data-validation-tf/README.md | 60 ++++++ apigw-data-validation-tf/example-pattern.json | 59 ++++++ apigw-data-validation-tf/lambda/app.py | 9 + apigw-data-validation-tf/main.tf | 177 ++++++++++++++++++ 4 files changed, 305 insertions(+) create mode 100644 apigw-data-validation-tf/README.md create mode 100644 apigw-data-validation-tf/example-pattern.json create mode 100644 apigw-data-validation-tf/lambda/app.py create mode 100644 apigw-data-validation-tf/main.tf diff --git a/apigw-data-validation-tf/README.md b/apigw-data-validation-tf/README.md new file mode 100644 index 000000000..3ca759d23 --- /dev/null +++ b/apigw-data-validation-tf/README.md @@ -0,0 +1,60 @@ +# AWS Service 1 to AWS Service 2 + +This pattern << explain usage >> + +Learn more about this pattern at Serverless Land Patterns: << Add the live URL here >> + +Important: this application uses various AWS services and there are costs associated with these services after the Free Tier usage - please see the [AWS Pricing page](https://aws.amazon.com/pricing/) for details. You are responsible for any AWS costs incurred. No warranty is implied in this example. + +## Requirements + +* [Create an AWS account](https://portal.aws.amazon.com/gp/aws/developer/registration/index.html) if you do not already have one and log in. The IAM user that you use must have sufficient permissions to make necessary AWS service calls and manage AWS resources. +* [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html) installed and configured +* [Git Installed](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git) +* [AWS Serverless Application Model](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-cli-install.html) (AWS SAM) installed + +## Deployment Instructions + +1. Create a new directory, navigate to that directory in a terminal and clone the GitHub repository: + ``` + git clone https://github.com/aws-samples/serverless-patterns + ``` +1. Change directory to the pattern directory: + ``` + cd _patterns-model + ``` +1. From the command line, use AWS SAM to deploy the AWS resources for the pattern as specified in the template.yml file: + ``` + sam deploy --guided + ``` +1. During the prompts: + * Enter a stack name + * Enter the desired AWS Region + * Allow SAM CLI to create IAM roles with the required permissions. + + Once you have run `sam deploy --guided` mode once and saved arguments to a configuration file (samconfig.toml), you can use `sam deploy` in future to use these defaults. + +1. Note the outputs from the SAM deployment process. These contain the resource names and/or ARNs which are used for testing. + +## How it works + +Explain how the service interaction works. + +## Testing + +Provide steps to trigger the integration and show what should be observed if successful. + +## Cleanup + +1. Delete the stack + ```bash + aws cloudformation delete-stack --stack-name STACK_NAME + ``` +1. Confirm the stack has been deleted + ```bash + aws cloudformation list-stacks --query "StackSummaries[?contains(StackName,'STACK_NAME')].StackStatus" + ``` +---- +Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. + +SPDX-License-Identifier: MIT-0 diff --git a/apigw-data-validation-tf/example-pattern.json b/apigw-data-validation-tf/example-pattern.json new file mode 100644 index 000000000..5663059c7 --- /dev/null +++ b/apigw-data-validation-tf/example-pattern.json @@ -0,0 +1,59 @@ +{ + "title": "API Gateway data validation", + "description": "This pattern creates an Amazon API Gateway that handles simple data validation at the endpoint without invoking the Lambda function when the data validation fails.", + "language": "YAML", + "level": "300", + "framework": "Terraform", + "introBox": { + "headline": "How it works", + "text": [ + "The data model is declared in the API Gateway resource. The Lambda function then requires the request body to be validated against this model." + ] + }, + "gitHub": { + "template": { + "repoURL": "https://github.com/aws-samples/serverless-patterns/tree/main/apigw-data-validation-tf", + "templateURL": "serverless-patterns/apigw-data-validation-tf", + "projectFolder": "apigw-data-validation-tf", + "templateFile": "main.tf" + } + }, + "resources": { + "bullets": [ + { + "text": "API Gateway model example", + "link": "https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html#sam-api-models" + }, + { + "text": "JSON Schema", + "link": "https://datatracker.ietf.org/doc/html/draft-zyp-json-schema-04#section-4.1" + } + ] + }, + "deploy": { + "text": [ + "terraform init", + "terraform apply" + ] + }, + "testing": { + "text": [ + "See the Github repo for detailed testing instructions." + ] + }, + "cleanup": { + "text": [ + "terraform destroy", + "terraform show" + ] + }, + "authors": [ + { + "name": "Makendran G", + "image": "https://drive.google.com/file/d/1mUObnbmn52UWL-Zn39EpgpneiBNv3LCN/view?usp=sharing", + "bio": "Cloud Support Engineer @ AWS", + "linkedin": "makendran", + "twitter": "@MakendranG" + } + ] +} \ No newline at end of file diff --git a/apigw-data-validation-tf/lambda/app.py b/apigw-data-validation-tf/lambda/app.py new file mode 100644 index 000000000..ab542c439 --- /dev/null +++ b/apigw-data-validation-tf/lambda/app.py @@ -0,0 +1,9 @@ +import json +def lambda_handler(event, context): + return { + "statusCode": 200, + "body": json.dumps({ + "message": "Data validation succeded", + "data": json.loads(event["body"]) + }), + } \ No newline at end of file diff --git a/apigw-data-validation-tf/main.tf b/apigw-data-validation-tf/main.tf new file mode 100644 index 000000000..ef3314dd5 --- /dev/null +++ b/apigw-data-validation-tf/main.tf @@ -0,0 +1,177 @@ +# Provider configuration +provider "aws" { + region = "us-east-1" # Change this to your desired region +} + +# API Gateway REST API +resource "aws_api_gateway_rest_api" "main_api" { + name = "validation-api" + description = "API Gateway with data validation" + + body = jsonencode({ + openapi = "3.0.1" + info = { + title = "validation-api" + version = "1.0" + } + components = { + schemas = { + Vehicle = { + type = "object" + required = ["make", "model", "year"] + properties = { + make = { + type = "string" + } + model = { + type = "string" + } + year = { + type = "integer" + minimum = 2010 + } + color = { + type = "string" + enum = ["green", "red", "blue"] + } + } + } + } + } + }) +} + +# Lambda Function +resource "aws_lambda_function" "process_function" { + filename = "lambda.zip" # Make sure to create this zip file with your Lambda code + function_name = "process-function" + role = aws_iam_role.lambda_role.arn + handler = "app.lambda_handler" + runtime = "python3.9" + architectures = ["arm64"] + timeout = 3 +} + +# IAM Role for Lambda +resource "aws_iam_role" "lambda_role" { + name = "process_function_rolde" + + assume_role_policy = jsonencode({ + Version = "2012-10-17" + Statement = [ + { + Action = "sts:AssumeRole" + Effect = "Allow" + Principal = { + Service = "lambda.amazonaws.com" + } + } + ] + }) +} + +# Basic Lambda execution policy +resource "aws_iam_role_policy_attachment" "lambda_basic" { + policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + role = aws_iam_role.lambda_role.name +} + +# API Gateway Resource +resource "aws_api_gateway_resource" "api_resource" { + rest_api_id = aws_api_gateway_rest_api.main_api.id + parent_id = aws_api_gateway_rest_api.main_api.root_resource_id + path_part = "{id}" +} + +# API Gateway Method +resource "aws_api_gateway_method" "api_method" { + rest_api_id = aws_api_gateway_rest_api.main_api.id + resource_id = aws_api_gateway_resource.api_resource.id + http_method = "POST" + authorization = "NONE" + + request_parameters = { + "method.request.querystring.order" = true + "method.request.header.custom-agent" = true + } + + request_validator_id = aws_api_gateway_request_validator.validator.id + request_models = { + "application/json" = aws_api_gateway_model.vehicle_model.name + } +} + +# Request Validator +resource "aws_api_gateway_request_validator" "validator" { + name = "validator" + rest_api_id = aws_api_gateway_rest_api.main_api.id + validate_request_body = true + validate_request_parameters = true +} + +# Vehicle Model +resource "aws_api_gateway_model" "vehicle_model" { + rest_api_id = aws_api_gateway_rest_api.main_api.id + name = "Vehicledd" + description = "Vehicle model for validation" + content_type = "application/json" + + schema = jsonencode({ + type = "object" + required = ["make", "model", "year"] + properties = { + make = { + type = "string" + } + model = { + type = "string" + } + year = { + type = "integer" + minimum = 2010 + } + color = { + type = "string" + enum = ["green", "red", "blue"] + } + } + }) +} + +# Lambda Integration +resource "aws_api_gateway_integration" "lambda_integration" { + rest_api_id = aws_api_gateway_rest_api.main_api.id + resource_id = aws_api_gateway_resource.api_resource.id + http_method = aws_api_gateway_method.api_method.http_method + type = "AWS_PROXY" + integration_http_method = "POST" + uri = aws_lambda_function.process_function.invoke_arn +} + +# Lambda Permission +resource "aws_lambda_permission" "api_gateway" { + statement_id = "AllowAPIGatewayInvoke" + action = "lambda:InvokeFunction" + function_name = aws_lambda_function.process_function.function_name + principal = "apigateway.amazonaws.com" + source_arn = "${aws_api_gateway_rest_api.main_api.execution_arn}/*/*/*" +} + +# API Gateway Deployment +resource "aws_api_gateway_deployment" "api_deployment" { + rest_api_id = aws_api_gateway_rest_api.main_api.id + depends_on = [aws_api_gateway_integration.lambda_integration] +} + +# API Gateway Stage +resource "aws_api_gateway_stage" "prod" { + deployment_id = aws_api_gateway_deployment.api_deployment.id + rest_api_id = aws_api_gateway_rest_api.main_api.id + stage_name = "Prod" +} + +# Output +output "api_endpoint" { + description = "API Gateway endpoint URL for Prod stage" + value = "${aws_api_gateway_stage.prod.invoke_url}" +} \ No newline at end of file From 3805b4d57aacb19ffb5aa607b5cb5f5a2a75be5e Mon Sep 17 00:00:00 2001 From: EC2 Default User Date: Sun, 12 Jan 2025 09:38:58 +0000 Subject: [PATCH 2/8] Added new pattern --- apigw-data-validation-tf/lambda.zip | Bin 0 -> 312 bytes apigw-data-validation-tf/lambda/app.py | 9 --------- 2 files changed, 9 deletions(-) create mode 100644 apigw-data-validation-tf/lambda.zip delete mode 100644 apigw-data-validation-tf/lambda/app.py diff --git a/apigw-data-validation-tf/lambda.zip b/apigw-data-validation-tf/lambda.zip new file mode 100644 index 0000000000000000000000000000000000000000..acd7d0f5fa5b3dffb0117ecbee5ca6eab5c252f3 GIT binary patch literal 312 zcmWIWW@Zs#U|`^25O>yz+F~gAZ5ojG9EjN%WEc_)3iJvpLqj+jn0;%S)2)EGw1S&~ zk>v$50|S@{?K{hL$bqNjeQno<-o!3 zWqNflH%6TN$Qe-!U*S0`ZbY5DVr@R){ard>G)($_7%!2!uXB`WlGC F006XDX(j*w literal 0 HcmV?d00001 diff --git a/apigw-data-validation-tf/lambda/app.py b/apigw-data-validation-tf/lambda/app.py deleted file mode 100644 index ab542c439..000000000 --- a/apigw-data-validation-tf/lambda/app.py +++ /dev/null @@ -1,9 +0,0 @@ -import json -def lambda_handler(event, context): - return { - "statusCode": 200, - "body": json.dumps({ - "message": "Data validation succeded", - "data": json.loads(event["body"]) - }), - } \ No newline at end of file From 2de5d6ebfcc1fd681caae5a86c9a3366af20bf7f Mon Sep 17 00:00:00 2001 From: EC2 Default User Date: Sun, 12 Jan 2025 13:59:49 +0000 Subject: [PATCH 3/8] New serverless Pattern --- apigw-data-validation-tf/README.md | 79 ++++++++++++++++++++---------- 1 file changed, 54 insertions(+), 25 deletions(-) diff --git a/apigw-data-validation-tf/README.md b/apigw-data-validation-tf/README.md index 3ca759d23..b49a596cd 100644 --- a/apigw-data-validation-tf/README.md +++ b/apigw-data-validation-tf/README.md @@ -1,8 +1,8 @@ -# AWS Service 1 to AWS Service 2 +# Amazon API Gateway data validation models -This pattern << explain usage >> +This pattern creates an Amazon API Gateway that handles simple data validation at the endpoint without invoking the Lambda function when the data validation fails. -Learn more about this pattern at Serverless Land Patterns: << Add the live URL here >> +Learn more about this pattern at Serverless Land Patterns: [https://serverlessland.com/patterns/apigw-custom-resource-policy](https://serverlessland.com/patterns/apigw-custom-resource-policy) Important: this application uses various AWS services and there are costs associated with these services after the Free Tier usage - please see the [AWS Pricing page](https://aws.amazon.com/pricing/) for details. You are responsible for any AWS costs incurred. No warranty is implied in this example. @@ -11,50 +11,79 @@ Important: this application uses various AWS services and there are costs associ * [Create an AWS account](https://portal.aws.amazon.com/gp/aws/developer/registration/index.html) if you do not already have one and log in. The IAM user that you use must have sufficient permissions to make necessary AWS service calls and manage AWS resources. * [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html) installed and configured * [Git Installed](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git) -* [AWS Serverless Application Model](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-cli-install.html) (AWS SAM) installed +* [Terraform](https://learn.hashicorp.com/tutorials/terraform/install-cli?in=terraform/aws-get-started) installed ## Deployment Instructions -1. Create a new directory, navigate to that directory in a terminal and clone the GitHub repository: +1. Create a new directory, navigate to that directory in a terminal and clone the repository: ``` git clone https://github.com/aws-samples/serverless-patterns ``` -1. Change directory to the pattern directory: +1. Change directory to this pattern's directory ``` - cd _patterns-model + cd serverless-patterns/apigw-data-validation-tf ``` -1. From the command line, use AWS SAM to deploy the AWS resources for the pattern as specified in the template.yml file: +1. From the command line, initialize Terraform to downloads and install the providers defined in the configuration: ``` - sam deploy --guided + terraform init ``` -1. During the prompts: - * Enter a stack name - * Enter the desired AWS Region - * Allow SAM CLI to create IAM roles with the required permissions. - - Once you have run `sam deploy --guided` mode once and saved arguments to a configuration file (samconfig.toml), you can use `sam deploy` in future to use these defaults. - -1. Note the outputs from the SAM deployment process. These contain the resource names and/or ARNs which are used for testing. +1. From the command line, apply the configuration in the main.tf file: + ``` + terraform apply + ``` +1. Note the outputs from the deployment process. These contain the resource names and/or ARNs which are used for testing. ## How it works -Explain how the service interaction works. +The data model is declared in the API Gateway resource. The Lambda function then requires the request body to be validated against this model. ## Testing -Provide steps to trigger the integration and show what should be observed if successful. +After the application is deployed try the following scenarios. + +### Create a new vehicle entering valid data: +``` +curl --location --request POST 'https://t9nde3gpp2.execute-api.us-east-1.amazonaws.com/Prod/123?order=ORD12345' \ +--header 'Content-Type: application/json' \ +--header 'custom-agent: MyMobileApp/1.0' \ +--data-raw '{ + "make":"MINI", + "model":"Countryman", + "year": 2010 +}' +``` +Expected response: `{"message": "Data validation succeded", "data": {"make": "MINI", "model": "Countryman", "year": 2010}}` +### Now enter a year less than 2010 +``` +curl --location --request POST 'https://t9nde3gpp2.execute-api.us-east-1.amazonaws.com/Prod/123?order=ORD12345' \ +--header 'Content-Type: application/json' \ +--header 'custom-agent: MyMobileApp/1.0' \ +--data-raw '{ + "make":"MINI", + "model":"Countryman", + "year": 2002 +}' +``` +Expected response: `{"message": "Invalid request body"}` + +Try some other combinations and see what you get! ## Cleanup - -1. Delete the stack + +1. Change directory to the pattern directory: + ``` + cd apigw-data-validation-tf + ``` +1. Delete all created resources by Terraform ```bash - aws cloudformation delete-stack --stack-name STACK_NAME + terraform destroy ``` -1. Confirm the stack has been deleted +1. Confirm all created resources has been deleted ```bash - aws cloudformation list-stacks --query "StackSummaries[?contains(StackName,'STACK_NAME')].StackStatus" + terraform show ``` + ---- Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. -SPDX-License-Identifier: MIT-0 +SPDX-License-Identifier: MIT-0 \ No newline at end of file From 4899e290f2e8d75d7750732eec5952baf4634283 Mon Sep 17 00:00:00 2001 From: Makendran Date: Sun, 2 Feb 2025 14:43:15 +0530 Subject: [PATCH 4/8] Update README.md --- apigw-data-validation-tf/README.md | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/apigw-data-validation-tf/README.md b/apigw-data-validation-tf/README.md index b49a596cd..178876d4d 100644 --- a/apigw-data-validation-tf/README.md +++ b/apigw-data-validation-tf/README.md @@ -33,6 +33,18 @@ Important: this application uses various AWS services and there are costs associ ``` 1. Note the outputs from the deployment process. These contain the resource names and/or ARNs which are used for testing. +## API Endpoint + +After running `terraform apply`, you will see outputs including the API endpoint URL. You'll need this URL for testing. The output will look similar to: +``` +api_endpoint = "https://xxxxx.execute-api.us-east-1.amazonaws.com/Prod" +``` + +Note: When testing, append `/123?order=ORD12345` to this base URL. For example, if your API endpoint is `https://xxxxx.execute-api.us-east-1.amazonaws.com/Prod`, your full testing URL would be: +``` +`https://xxxxx.execute-api.us-east-1.amazonaws.com/Prod/123?order=ORD12345` +``` + ## How it works The data model is declared in the API Gateway resource. The Lambda function then requires the request body to be validated against this model. @@ -86,4 +98,4 @@ Try some other combinations and see what you get! ---- Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. -SPDX-License-Identifier: MIT-0 \ No newline at end of file +SPDX-License-Identifier: MIT-0 From e384986455e642fa756d7c846b61b80837d67ad7 Mon Sep 17 00:00:00 2001 From: Makendran Date: Sun, 2 Feb 2025 14:47:44 +0530 Subject: [PATCH 5/8] Update example-pattern.json Updated the description as per comment - https://github.com/aws-samples/serverless-patterns/pull/2583#discussion_r1935278772 --- apigw-data-validation-tf/example-pattern.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apigw-data-validation-tf/example-pattern.json b/apigw-data-validation-tf/example-pattern.json index 5663059c7..3fcb18d63 100644 --- a/apigw-data-validation-tf/example-pattern.json +++ b/apigw-data-validation-tf/example-pattern.json @@ -1,6 +1,6 @@ { "title": "API Gateway data validation", - "description": "This pattern creates an Amazon API Gateway that handles simple data validation at the endpoint without invoking the Lambda function when the data validation fails.", + "description": "Creates an API Gateway with request validation, rejecting invalid requests before Lambda invocation using model schema validation.", "language": "YAML", "level": "300", "framework": "Terraform", @@ -56,4 +56,4 @@ "twitter": "@MakendranG" } ] -} \ No newline at end of file +} From 24197e45a06589420d0a945e9c4df22ac46ce8a0 Mon Sep 17 00:00:00 2001 From: Makendran Date: Sun, 2 Feb 2025 14:25:50 +0000 Subject: [PATCH 6/8] Added src/app.py and removed zip folder --- apigw-data-validation-tf/lambda.zip | Bin 312 -> 0 bytes apigw-data-validation-tf/main.tf | 35 +++++++++++++++++++++++++--- apigw-data-validation-tf/src/app.py | 9 +++++++ 3 files changed, 41 insertions(+), 3 deletions(-) delete mode 100644 apigw-data-validation-tf/lambda.zip create mode 100644 apigw-data-validation-tf/src/app.py diff --git a/apigw-data-validation-tf/lambda.zip b/apigw-data-validation-tf/lambda.zip deleted file mode 100644 index acd7d0f5fa5b3dffb0117ecbee5ca6eab5c252f3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 312 zcmWIWW@Zs#U|`^25O>yz+F~gAZ5ojG9EjN%WEc_)3iJvpLqj+jn0;%S)2)EGw1S&~ zk>v$50|S@{?K{hL$bqNjeQno<-o!3 zWqNflH%6TN$Qe-!U*S0`ZbY5DVr@R){ard>G)($_7%!2!uXB`WlGC F006XDX(j*w diff --git a/apigw-data-validation-tf/main.tf b/apigw-data-validation-tf/main.tf index ef3314dd5..a99d0d4f7 100644 --- a/apigw-data-validation-tf/main.tf +++ b/apigw-data-validation-tf/main.tf @@ -3,6 +3,30 @@ provider "aws" { region = "us-east-1" # Change this to your desired region } +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 4.0" + } + archive = { + source = "hashicorp/archive" + version = "~> 2.0" + } + null = { + source = "hashicorp/null" + version = "~> 3.0" + } + } +} + +# Archive the Lambda function code +data "archive_file" "lambda_zip" { + type = "zip" + source_dir = "${path.module}/src" + output_path = "${path.module}/lambda.zip" +} + # API Gateway REST API resource "aws_api_gateway_rest_api" "main_api" { name = "validation-api" @@ -43,18 +67,23 @@ resource "aws_api_gateway_rest_api" "main_api" { # Lambda Function resource "aws_lambda_function" "process_function" { - filename = "lambda.zip" # Make sure to create this zip file with your Lambda code + filename = data.archive_file.lambda_zip.output_path + source_code_hash = data.archive_file.lambda_zip.output_base64sha256 function_name = "process-function" role = aws_iam_role.lambda_role.arn handler = "app.lambda_handler" runtime = "python3.9" architectures = ["arm64"] timeout = 3 + + depends_on = [ + data.archive_file.lambda_zip + ] } # IAM Role for Lambda resource "aws_iam_role" "lambda_role" { - name = "process_function_rolde" + name = "process_function_role" assume_role_policy = jsonencode({ Version = "2012-10-17" @@ -112,7 +141,7 @@ resource "aws_api_gateway_request_validator" "validator" { # Vehicle Model resource "aws_api_gateway_model" "vehicle_model" { rest_api_id = aws_api_gateway_rest_api.main_api.id - name = "Vehicledd" + name = "Vehicle" description = "Vehicle model for validation" content_type = "application/json" diff --git a/apigw-data-validation-tf/src/app.py b/apigw-data-validation-tf/src/app.py new file mode 100644 index 000000000..ab542c439 --- /dev/null +++ b/apigw-data-validation-tf/src/app.py @@ -0,0 +1,9 @@ +import json +def lambda_handler(event, context): + return { + "statusCode": 200, + "body": json.dumps({ + "message": "Data validation succeded", + "data": json.loads(event["body"]) + }), + } \ No newline at end of file From d5bd2bcf734c98effdee293bba11752651c15bb9 Mon Sep 17 00:00:00 2001 From: Makendran Date: Sun, 2 Feb 2025 20:02:03 +0530 Subject: [PATCH 7/8] Update main.tf --- apigw-data-validation-tf/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apigw-data-validation-tf/main.tf b/apigw-data-validation-tf/main.tf index a99d0d4f7..1225ff756 100644 --- a/apigw-data-validation-tf/main.tf +++ b/apigw-data-validation-tf/main.tf @@ -72,7 +72,7 @@ resource "aws_lambda_function" "process_function" { function_name = "process-function" role = aws_iam_role.lambda_role.arn handler = "app.lambda_handler" - runtime = "python3.9" + runtime = "python3.13" architectures = ["arm64"] timeout = 3 @@ -203,4 +203,4 @@ resource "aws_api_gateway_stage" "prod" { output "api_endpoint" { description = "API Gateway endpoint URL for Prod stage" value = "${aws_api_gateway_stage.prod.invoke_url}" -} \ No newline at end of file +} From 1f90c18e2125e874e79f00422c56d8d69d07900e Mon Sep 17 00:00:00 2001 From: Udit Parikh Date: Sun, 23 Mar 2025 16:29:20 +0530 Subject: [PATCH 8/8] Create apigw-data-validation-tf.json --- .../apigw-data-validation-tf.json | 76 +++++++++++++++++++ 1 file changed, 76 insertions(+) create mode 100644 apigw-data-validation-tf/apigw-data-validation-tf.json diff --git a/apigw-data-validation-tf/apigw-data-validation-tf.json b/apigw-data-validation-tf/apigw-data-validation-tf.json new file mode 100644 index 000000000..913478384 --- /dev/null +++ b/apigw-data-validation-tf/apigw-data-validation-tf.json @@ -0,0 +1,76 @@ +{ + "title": "API Gateway data validation", + "description": "Creates an API Gateway with request validation, rejecting invalid requests before Lambda invocation using model schema validation.", + "language": "YAML", + "level": "300", + "framework": "Terraform", + "introBox": { + "headline": "How it works", + "text": [ + "The data model is declared in the API Gateway resource. The Lambda function then requires the request body to be validated against this model." + ] + }, + "gitHub": { + "template": { + "repoURL": "https://github.com/aws-samples/serverless-patterns/tree/main/apigw-data-validation-tf", + "templateURL": "serverless-patterns/apigw-data-validation-tf", + "projectFolder": "apigw-data-validation-tf", + "templateFile": "main.tf" + } + }, + "resources": { + "bullets": [ + { + "text": "API Gateway model example", + "link": "https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html#sam-api-models" + }, + { + "text": "JSON Schema", + "link": "https://datatracker.ietf.org/doc/html/draft-zyp-json-schema-04#section-4.1" + } + ] + }, + "deploy": { + "text": [ + "terraform init", + "terraform apply" + ] + }, + "testing": { + "text": [ + "See the Github repo for detailed testing instructions." + ] + }, + "cleanup": { + "text": [ + "terraform destroy", + "terraform show" + ] + }, + "authors": [ + { + "name": "Makendran G", + "image": "https://drive.google.com/file/d/1mUObnbmn52UWL-Zn39EpgpneiBNv3LCN/view?usp=sharing", + "bio": "Cloud Support Engineer @ AWS", + "linkedin": "makendran", + "twitter": "@MakendranG" + } + ], + "patternArch": { + "icon1": { + "x": 20, + "y": 50, + "service": "internet" + }, + "icon2": { + "x": 80, + "y": 50, + "service": "apigw", + "label": "API Gateway REST API" + }, + "line1": { + "from": "icon1", + "to": "icon2" + } + } +}