API schema validation

Learn how to validate incoming requests before they enter the application layer.
AWS API Gateway offers request (schema) validation. Schema validation is done with JSON schemas which are similar to, but ultimately not the same as, OpenAPI schemas.
These validators allow our gateway to respond to incorrect requests without us needing to do much of anything about them, other than provide the validator. Also, we have the benefit of our Lambda functions not running if the in-going input is not looking the way we expect it to.
It can't be understated how important it is to actually use the capabilities of the cloud components/services we are using. It's primitive and wrong to have to do basic request validation in our application layer—use the built-in capabilities in API Gateway and similar services and do more business-oriented validation as needed in the application instead.
Once again, since we have a manual approach, any validation schemas need to be handled separately from our code and the OpenAPI schema.
We only use validators for POST requests, which means the FeatureToggles function is in scope, but not the FakeUser function.
🎯 Example: See api/FeatureToggles.validator.json. It's attached to our feature toggles function in serverless.yml on lines 96-98.
handler: src/FeatureToggles/controllers/FeatureTogglesController.handler
description: Feature toggles
- http:
method: POST
path: /featureToggles
application/json: ${file(api/FeatureToggles.validator.json)}