I am trying to call RestApi on Apigateway from the Lambda function from our VPC(not default, default is working). it throws a 403 error, I couldn't find any details on the CloudWatch logs or Apigateway logs. I think that I am not able to hit Apigateway from Lambda. I tried with Apigateway Resource Policy to allow my VPC request, but nothing changed.
I tried the following things:
Endpoint is working from Postman and over cURL
there is no ApiKey
there is no authX, token, bearer
I am able to call any external endpoint
I am able to call Apigateway Endpoint from default VPC
We are using Nat Instance instead of NatGateway
problem: Requests from Lambda to Apigateway Endpoint(get, post)
Lambda/Node.js Code piece:
const { default: axios } = require('axios')
exports.handler = async (event) => {
const res = await axios.get(
'https://XXXX.execute-api.REGION.amazonaws.com/ABC/hello-world/healthcheck',
{"headers": { "x-api-key": "18yXXXXXXXXXaSI0usGYYYYYY" }})
console.log(JSON.stringify(res,null,2))
const response = {
statusCode: 200,
body: JSON.stringify('Hello from Lambda!'),
}
return response
}
Error Response
{
"message":"Request failed with status code 403",
"name":"AxiosError",
"config":{
"transitional":{
"silentJSONParsing":true,
"forcedJSONParsing":true,
"clarifyTimeoutError":false
},
"transformRequest":[
null
],
"transformResponse":[
null
],
"timeout":0,
"xsrfCookieName":"XSRF-TOKEN",
"xsrfHeaderName":"X-XSRF-TOKEN",
"maxContentLength":-1,
"maxBodyLength":-1,
"env":{
},
"headers":{
"Accept":"application/json, text/plain, */*",
"x-api-key":"18yXXXXXXXXXaSI0usGYYYYYY",
"User-Agent":"axios/0.27.2"
},
"method":"get",
"url":"https://XXXX.execute-api.REGION.amazonaws.com/ABC/hello-world/healthcheck"
},
"code":"ERR_BAD_REQUEST",
"status":403
}
This is Node JS Lambda, I am returning status code 200 as the response , when i call my lambda function through api gateway, i am getting 502 error, i am sending post request to my API Gateway URL. I am using Lambda proxy api integration.
request( options, function ( error, res, body ) {
if ( error ) {
console.log( "this is error", error );
return callback( error );
} else {
// console.dir( body );
const response = {
statusCode: 200,
body: JSON.stringify({
message: 'Your function executed successfully!',
// input: event,
}),
};
return callback( null, {
response,
} );
}
} );
I am Seeing this is the logs
(543396a4-952b-451e-8e61-6aeedd2463e9) Endpoint response body before transformations:
{
"response": {
"statusCode": 200,
"body": "{\"message\":\"Your function executed successfully!\"}"
}
}
(543396a4-952b-451e-8e61-6aeedd2463e9) Execution failed due to configuration error:
Malformed Lambda proxy response
(543396a4-952b-451e-8e61-6aeedd2463e9) Method completed with status: 502
It's a bit unintuitive, but the response needs to have a couple of additional properties, and the json payload needs to be a bit more well-formed.
The final response will be:
return {
statusCode: 200,
headers: {
"Access-Control-Allow-Origin": "*", // or add a specific site (can only provide one origin, not multiple)
"Content-Type": "application/json" // must include the content type
},
isBase64Encoded: false, // not necessarily required, but good practice
body: JSON.stringify({
"message": "Your function executed successfully!"
})
}
Notice:
json quotes on the property name
json no longer has a dangling comma
Content-Type is added in the header
The key takeaway here is the body for a json response for the body must be properly formed and stringified.
I have a rather simple situation. I make a call to an endpoint in my Google Cloud Functions, it sends a simple response. I try to console.log.
Angular component
async submitHandler(formDirective: FormGroupDirective) {
this.loading = true;
const formValue = JSON.stringify(this.reqForm.value);
this.http.post('https://myApp.cloudfunctions.net/myEndpoint', formValue)
.subscribe(res => {
console.log(res);
this.success = true;
formDirective.resetForm();
},
(err) => { console.log(err) });
this.loading = false;
}
Google Cloud Function
const functions = require('firebase-functions');
const cors = require('cors')({ origin: true });
const admin = require('firebase-admin');
admin.initializeApp();
exports.myEndpoint = functions.https.onRequest((req, res) => {
return cors(req, res, () => {
const body = JSON.parse(req.body);
const name = body.name;
console.log("REQUEST BODY >>> ", body);
console.log("REQUEST NAME >>> ", name);
if (!name) {
res.status(400).send('missing name!')
}
res.send(name.split('').reverse().join(''))
});
});
The cloud function responds with the name field reversed. So, "name": "Kenny" would respond with "ynneK". That's what I should see in my front end when I console.log(res).
Here's my front end error:
HttpErrorResponse {headers: HttpHeaders, status: 200, statusText: "OK", url: "https://myApp.cloudfunctions.net/myEndpoint", ok: false, …}
error: {error: SyntaxError: Unexpected token l in JSON at position 0 at JSON.parse (<anonymous>) at XMLHttp…, text: "llaH ynneK"}
headers: HttpHeaders {normalizedNames: Map(0), lazyUpdate: null, lazyInit: ƒ}
message: "Http failure during parsing for https://myApp.cloudfunctions.net/myEndpoint"
name: "HttpErrorResponse"
ok: false
status: 200
statusText: "OK"
url: "https://myApp.cloudfunctions.net/myEndpoint"
__proto__: HttpResponseBase
As you can see in the second line of "error: {.." I have text: "llaH ynneK"}. So, I don't think it's a server problem, I think it's a local Angular problem.
What am I doing wrong? Should I set response headers to application/json in the cloud function endpoint? I'm not sure what I'm doing wrong here.
The flow is:
JSON.stringify form data and send in post request (seemed to be the only way it'd work)
GCF endpoint gets it and JSON.parse(req.body)
endpoint does it's thing, then sends back to client res.send()
Client gets response to make sure all is well, but the error occurs when trying to read it.
Thanks for any help.
I am trying to set up a hello world example with AWS lambda and serving it through api gateway. I clicked the "Create a Lambda Function", which set up the api gatway and selected the Blank Function option. I added the lambda function found on AWS gateway getting started guide:
exports.handler = function(event, context, callback) {
callback(null, {"Hello":"World"}); // SUCCESS with message
};
The issue is that when I make a GET request to it, it's returning back a 502 response { "message": "Internal server error" }. And the logs say "Execution failed due to configuration error: Malformed Lambda proxy response".
Usually, when you see Malformed Lambda proxy response, it means your response from your Lambda function doesn't match the format API Gateway is expecting, like this
{
"isBase64Encoded": true|false,
"statusCode": httpStatusCode,
"headers": { "headerName": "headerValue", ... },
"body": "..."
}
If you are not using Lambda proxy integration, you can login to API Gateway console and uncheck the Lambda proxy integration checkbox.
Also, if you are seeing intermittent Malformed Lambda proxy response, it might mean the request to your Lambda function has been throttled by Lambda, and you need to request a concurrent execution limit increase on the Lambda function.
If lambda is used as a proxy then the response format should be
{
"isBase64Encoded": true|false,
"statusCode": httpStatusCode,
"headers": { "headerName": "headerValue", ... },
"body": "..."
}
Note : The body should be stringified
Yeah so I think this is because you're not actually returning a proper http response there which is why you're getting the error.
personally I use a set of functions like so:
module.exports = {
success: (result) => {
return {
statusCode: 200,
headers: {
"Access-Control-Allow-Origin" : "*", // Required for CORS support to work
"Access-Control-Allow-Credentials" : true // Required for cookies, authorization headers with HTTPS
},
body: JSON.stringify(result),
}
},
internalServerError: (msg) => {
return {
statusCode: 500,
headers: {
"Access-Control-Allow-Origin" : "*", // Required for CORS support to work
"Access-Control-Allow-Credentials" : true // Required for cookies, authorization headers with HTTPS
},
body: JSON.stringify({
statusCode: 500,
error: 'Internal Server Error',
internalError: JSON.stringify(msg),
}),
}
}
} // add more responses here.
Then you simply do:
var responder = require('responder')
// some code
callback(null, responder.success({ message: 'hello world'}))
For Python3:
import json
def lambda_handler(event, context):
return {
'statusCode': 200,
'headers': {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*'
},
'body': json.dumps({
'success': True
}),
"isBase64Encoded": False
}
Note the body isn't required to be set, it can just be empty:
'body': ''
I had this issue, which originated from an invalid handler code which looks completely fine:
exports.handler = (event, context) => {
return {
isBase64Encoded: false,
body: JSON.stringify({ foo: "bar" }),
headers: {
'Access-Control-Allow-Origin': '*',
},
statusCode: 200,
};
}
I got the hint from examining the somewhat confusing API Gateway response logs:
> Endpoint response body before transformations: null
The way to fix it would be to either
Add the async keyword (async function implicitly returns a Promise):
exports.handler = async (event, context) => {
return {
isBase64Encoded: false,
body: JSON.stringify({ foo: "bar" }),
headers: {
'Access-Control-Allow-Origin': '*',
},
statusCode: 200,
};
}
Return a Promise:
exports.handler = (event, context) => {
return new Promise((resolve) => resolve({
isBase64Encoded: false,
body: JSON.stringify({ foo: "bar" }),
headers: {
'Access-Control-Allow-Origin': '*',
},
statusCode: 200,
}));
}
Use the callback:
exports.handler = (event, context, callback) => {
callback({
isBase64Encoded: false,
body: JSON.stringify({ foo: "bar" }),
headers: {
'Access-Control-Allow-Origin': '*',
},
statusCode: 200,
});
}
My handler was previously declared async without ever using await, so I removed the async keyword to reduce complexity of the code, without realizing that Lambda expects either using async/await/Promise or callback return method.
From the AWS docs
In a Lambda function in Node.js, To return a successful response, call
callback(null, {"statusCode": 200, "body": "results"}). To throw an
exception, call callback(new Error('internal server error')). For a
client-side error, e.g., a required parameter is missing, you can call
callback(null, {"statusCode": 400, "body": "Missing parameters of
..."}) to return the error without throwing an exception.
Just a piece of code for .net core and C# :
using Amazon.Lambda.APIGatewayEvents;
...
var response = new APIGatewayProxyResponse
{
StatusCode = (int)HttpStatusCode.OK,
Body = JsonConvert.SerializeObject(new { msg = "Welcome to Belarus! :)" }),
Headers = new Dictionary<string, string> { { "Content-Type", "application/json" } }
};
return response;
Response from lambda will be :
{"statusCode":200,"headers":{"Content-Type":"application/json"},"multiValueHeaders":null,"body":"{\"msg\":\"Welcome to Belarus! :)\"}","isBase64Encoded":false}
Response from api gateway will be :
{"msg":"Welcome to Belarus! :)"}
I've tried all of above suggestion but it doesn't work while body value is not String
return {
statusCode: 200,
headers: {
"Content-Type": "application/json",
"Access-Control-Allow-Origin": "*"
},
body: JSON.stringify({
success: true
}),
isBase64Encoded: false
};
A very very special case, if you pass the headers directly there is a chance you have this header:
"set-cookie": [ "........" ]
But Amazon needs this:
"set-cookie": "[ \\"........\\" ]"
For anyone else who struggles when the response appears valid. This does not work:
callback(null,JSON.stringify( {
isBase64Encoded: false,
statusCode: 200,
headers: { 'headerName': 'headerValue' },
body: 'hello world'
})
but this does:
callback(null,JSON.stringify( {
'isBase64Encoded': false,
'statusCode': 200,
'headers': { 'headerName': 'headerValue' },
'body': 'hello world'
})
Also, it appears that no extra keys are allowed to be present on the response object.
If you're using Go with https://github.com/aws/aws-lambda-go, you have to use events.APIGatewayProxyResponse.
func hello(ctx context.Context, event ImageEditorEvent) (events.APIGatewayProxyResponse, error) {
return events.APIGatewayProxyResponse{
IsBase64Encoded: false,
StatusCode: 200,
Headers: headers,
Body: body,
}, nil
}
I had this error because I accidentally removed the variable ServerlessExpressLambdaFunctionName from the CloudFormation AWS::Serverless::Api resource. The context here is https://github.com/awslabs/aws-serverless-express "Run serverless applications and REST APIs using your existing Node.js application framework, on top of AWS Lambda and Amazon API Gateway"
Most likely your returning body is in JSON format, but only STRING format is allowed for Lambda proxy integration with API Gateway.
So wrap your old response body with JSON.stringify().
In case the above doesn't work for anyone, I ran into this error despite setting the response variable correctly.
I was making a call to an RDS database in my function. It turned out that what was causing the problem was the security group rules (inbound) on that database.
You'll probably want to restrict the IP addresses that can access the API, but if you want to get it working quick / dirty to test out if that change fixes it you can set it to accept all like so (you can also set the range on the ports to accept all ports too, but I didn't do that in this example):
A common cause of the "Malformed Lambda proxy response" error is headers that are not {String: String, ...} key/values pairs.
Since set-cookie headers can and do appear in multiples, they are represented
in http.request.callback.response as the set-cookie key having an Array of
Strings value instead of a single String. While this works for developers, AWS
API Gateway doesn't understand it and throws a "Malformed Lambda proxy response"
error.
My solution is to do something like this:
function createHeaders(headers) {
const singleValueHeaders = {}
const multiValueHeaders = {}
Object.entries(headers).forEach(([key, value]) => {
const targetHeaders = Array.isArray(value) ? multiValueHeaders : singleValueHeaders
Object.assign(targetHeaders, { [key]: value })
})
return {
headers: singleValueHeaders,
multiValueHeaders,
}
}
var output = {
...{
"statusCode": response.statusCode,
"body": responseString
},
...createHeaders(response.headers)
}
Note that the ... above does not mean Yada Yada Yada. It's the ES6 spread operator.
Here's another approach. Configure the mapping template in your API gateway integration request and response. Go to IntegrationRequest -> MappingTemplate -> select "When there are no templates defined" -> type application/json for content-type. Then you don't have to explicitly send a json. Even the response you get at your client can be a plain string.
The format of your function response is the source of this error. For API Gateway to handle a Lambda function's response, the response must be JSON in this format:
{
"isBase64Encoded": true|false,
"statusCode": httpStatusCode,
"headers": { "headerName": "headerValue", ... },
"body": "..."
}
Here's an example function in Node.js with the response correctly formatted:
exports.handler = (event, context, callback) => {
var responseBody = {
"key3": "value3",
"key2": "value2",
"key1": "value1"
};
var response = {
"statusCode": 200,
"headers": {
"my_header": "my_value"
},
"body": JSON.stringify(responseBody),
"isBase64Encoded": false
};
callback(null, response);
};
Ref: https://aws.amazon.com/premiumsupport/knowledge-center/malformed-502-api-gateway/
Python 3.7
Before
{
"isBase64Encoded": False,
"statusCode": response.status_code,
"headers": {
"Content-Type": "application/json",
},
"body": response.json()
}
After
{
"isBase64Encoded": False,
"statusCode": response.status_code,
"headers": {
"Content-Type": "application/json",
},
"body": str(response.json()) //body must be of string type
}
If you're just new to AWS and just want your URL working,
If you haven't created a trigger for your Lambda Function, navigate to the function in Lambda Functions app and create trigger choosing API Gateway.
Navigate to API Gateway App -> Choose your Particular Lambda's API Gateway (Method execution) -> Click on INTEGRATION Request -> Uncheck "Use Lambda Proxy integration" (check box).
Then click on "<-Method Execution" & click on Test Client section. Provide the options and click test button. You should see a success response.
If you are still unable to get a success response, create an alias for the correct version (if you have multiple versions in the Lambda Function)
Pick the URL from the logs and use your POST/GET Tool (Postman) and choose authentication as AWS Signature - provide your authentication keys(AccessKey & SecretKey) in the postman request with AWS Region & Service Name as lambda.
P.S : This may only help beginners and may be irrelevant to others.