Do not send raw body to AWS Lambda via API Gateway - amazon-web-services

I have an aws lambda function written in node. I have a HTTP API in API Gateway which calls this lambda function.
The "issue" that I'm having is that my request payload which is a JSON, is sent wrapped in a raw body along with a bunch of other fields which I don't really need in my lambda.
How can I have the HTTP API to only send my payload?
If I use a REST API, at least by default, it works the way I expect.

Related

AWS Lambda with API Gateway and with "Raw JSON Payload"

I have a Lambda written in C# that is called via API Gateway. The Lambda's Handler() function has the following signature:
public async Task<APIGatewayProxyResponse> Handler(APIGatewayProxyRequest request, ILambdaContext context)
This Lambda works fine when called from an HTTP client.
I have another Lambda with this signature that also works just fine:
public async Task<int> Handler(JObject jasonRequest, ILambdaContext context)
I have only ever called this Lambda from the AWS Console though.
What I need is for the same Lambda to be able to be called either way. I need to be able to identify an incoming API Gateway request (so that I can retrieve the request.Path and request.Body and return a response.StatusCode) but I also need to be able to call the Lambda by passing it a "raw JSON payload" (not sure of the terminology here), as I do when testing the Lambda in the AWS Console.
So, is there a way to set up my Lambda's signature and return type so that I can respond to both API Gateway requests as well raw JSON payloads? I am not asking this just to be able to test via the AWS Console. Another team at our company will call the Lambda via EventBridge and I think it will send a raw JSON payload.

How to create a usage plan for AWS HTTP API?

I am using AWS API Gateway with HTTP API which invokes a lambda function. However HTTP API doesn't include USAGE feature. According to my requirement I need to create a usage for a client depending on the status code of the response sent back by the lambda. Since I cant access the response sent by lambda in API Gateway, I am looking for an custom solution. I am planing to use STEP function.
For example:
Instead of API Gateway directly invoking a lambda function it can call a STEP function where I can execute LambdaA. next it would trigger LambdaB with response from LambdaA as input to LambdaB in a sequential manner. I don't know If this is the right approach
I would like to know what is best way of solving this problem...thanks in advance

How does AWS lambda get triggered by an api request?

Im assuming lambda is like the missing piece of the puzzle for a complete api request. So you create the apigateway and then write the lambda function which bridges the gap between taking a request and returning the output of the lambda function as the http response.
I've successfully followed guides on how to set up an API gateway that triggers AWS lambda to do something, but I still don't really understand what is being done.
How is the function def handler(event, context): being called by the aws apigateway? How does it get triggered and how is the output of handler sent back?
You do not need a Lambda "in the middle". Using Lambda Proxy integration in the API Gateway you can receive the full information about the request (endpoint URL, query parameters, etc) in your targeted Lambda event.
Have a look at the following Tutorial how to setup Lambda Proxy integration with API Gateway.
The tricky thing you should care about is the structure of the response that you will return from your lambda_handler. See the requirements here.
Answering the question of "how this happens"... In short, when an HTTP request comes to your API endpoint it is automatically routed to the mapped Lambda function. Behind the scenes a new container for the Function is spawned and your request comes to the event of the lambda_handler. API Gateway by default also creates a CloudFront distribution in front of itself to serve your requests more efficiently. Once your Lambda returns the response, API Gateway parses it and constructs the HTTP response out of it. The nice thing is that all of this is managed by AWS.

Decision Making at API gateway Integration Request

I have a API gateway connected to SQS service, currently it just forward all the incoming requests bodies to SQS by SendMessage action.
I hope at integration request step I can check if the request has a certain field. If so, return a custom response and do not call the SQS service, otherwise forward the request body to SQS as I am doing right now.
I can do this by using a lambda function triggered by API gateway but i am wondering if I can do this without using lambda.
You may achieve that by setting up a request validator on AWS Api Gateway as explained here

Rejecting an application/x-www-urlencoded call from Slack with AWS Api gateway if field doesn't match

I have POST requests coming from Slack's outgoing webhooks, which are going through the API Gateway to an AWS Lambda function.
I want to filter requests with the API gateway before they ever make it to my lambda function, to reduce the number of times the lambda function will be called, for security purposes.
Technically, it doesn't matter where the call comes from, or where it's going.
The core of my problem is that I want to know how to filter/reject an API call with the AWS Api Gateway if a field doesn't match what I expect.
For example, consider this json.
{
"body": "token=specificToken&someOtherField=someValue"
}
I want to reject the request if the token field doesn't match the expected "specificToken" value.
You can use a custom authorizer of the REQUEST type to do that. A REQUEST-type custom authorizer can use the request body for authorizing the request.
Reference: Create an API Gateway Custom Authorizer Lambda Function (Scroll down to the REQUEST type)
Basically, you write another Lambda that serves as a middleware between your API Gateway. This custom authorizer will decide whether to allow the request or to return Unauthorized to API Gateway.
We had the same requirement (verifying a request from slack with a lambda authorizer), and sadly the REQUEST type does NOT have access to the body of the request. Headers, path, querystring... but not body. This appears to be by design. See Access POST Request body from Custom Authorizer Lambda Function.
We experimented with a custom body mapping template to pull values out of the body and put them into headers, but the mapping is applied after authorisation so this does not work.
Finally, we decided to put our own token in the querystring of the webhook called by our slash command, and verify that instead, which is possible inside a REQUEST authorizer. Not as secure, but it works.