serverless-disable-request-validators
Serverless v2 plugin to disable API Gateway request validators.
What it does
It gives you the ability to disable or remove the API Gateway Request Validator on Serverless v2 until the Serverless Framework team introduces an opt-out flag or another mechanism to avoid the automatic creation of Request Validators in API Gateway when your Lambda functions have an schema associated with them.
If you have all request validations implemented in your Lambda, you probably don't to use the API Gateway Request Validator.
There are 3 legitimate use cases for these schemas:
- Apply basic request validation at the API Gateway level (before it reaches the Lambda);
- Export the API definition in another format - https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-export-api.html
- Generate a client SDK for some languages - https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-generate-sdk-console.html
If you want cases 2 and 3 but not case 1, this plugin can help you!
Install
yarn add --dev serverless-disable-request-validators# ornpm install -D serverless-disable-request-validators
Enable the plugin
Add the following plugin to your serverless.yml
:
plugins: - serverless-disable-request-validators
Configure
You can configure the plugin behavior using the custom
section in your serverless.yml
file.
- Only disable the
body
andparameters
validations directly in all validator resources (AWS::ApiGateway::RequestValidator
):
custom: serverless-disable-request-validators: action: disable
- Only disassociate all the validator resources (
AWS::ApiGateway::RequestValidator
) from API resources (AWS::ApiGateway::Method
), effectively deleting the references to the validator resources:
custom: serverless-disable-request-validators: action: disassociate
- To delete all validator (
AWS::ApiGateway::RequestValidator
) resources:
custom: serverless-disable-request-validators: action: delete
If no custom configuration is provided, the default action
is disable
.
Caveats
If during the same deploy you try to disassociate your APIs resources from a validator and also delete the referenced validator resource, it will fail with the following error message:
The reason seems to be that your deployed APIs still reference the validator resources and CloudFormation doesn't handle the dependency between them correctly. The solution is to deploy twice, as follows:
- Deploy 1: disassociate the validator using
action: disassociate
. - Deploy 2: delete the validator using
action: delete
.