I deployed an HTTP API through AWS SAM with Lambda integration. Most of the HTTP response status codes are working, but not 409. When my Lambda sends a response with status code: 409 the API responds with 500 to the client. No error logs are to be found in CloudWatch. The response works correctly when tested locally (sam start-api).
I exported that API's specification and added necessary path attributes such as 409 response. Then I reimported the OpenAPI specification (with Fail on warnings) with success. I redeployed the SAM template with the OpenAPI specification as well. But that didn't change the API behavior. But afterward, when I exported the specification it was again in its unchanged state.
Here's my OpenAPI specification for one path:
openapi: '3.0.1'
info:
title: 'files'
version: '1.0'
servers:
- url: 'https://{}.execute-api.eu-west-1.amazonaws.com/{basePath}'
variables:
basePath:
default: 'dev'
paths:
/files:
put:
summary: Returns Presigned URL for specified file
responses:
'200':
description: OK.
content:
application/json:
schema:
type: object
properties:
url:
type: string
description: s3 url
'400':
description: Bad request.
'401':
$ref: '#/components/responses/Unauthorized'
'404':
description: Not Found.
'409':
description: Conflict.
content:
application/json:
schema:
type: object
headers:
x-overwrite:
schema:
type: string
description: Allows force overwrite of existing objects.
'5XX':
description: Internal server error.
security:
- Auth0Authorizer: []
x-amazon-apigateway-integration:
payloadFormatVersion: '2.0'
type: 'aws_proxy'
httpMethod: 'POST'
uri: 'arn:aws:apigateway:REGION:lambda:path/2015-03-31/functions/arn:aws:lambda:REGION:ACCOUNTID:function:FUNCTION/invocations'
connectionType: 'INTERNET'
components:
responses:
Unauthorized:
description: Unauthorized. When missing JWT token in authorization header.
content:
application/json:
schema:
$ref: '#components/schemas/Error'
schemas:
Error:
type: object
properties:
code:
type: string
message:
type: string
required:
- code
- message
securitySchemes:
Authorizer:
type: 'oauth2'
flows: {}
x-amazon-apigateway-authorizer:
identitySource: '$request.header.Authorization'
jwtConfiguration:
audience:
- ''
issuer: ''
type: 'jwt'
x-amazon-apigateway-cors:
allowMethods:
- 'DELETE'
- 'GET'
- 'PATCH'
- 'POST'
- 'PUT'
allowHeaders:
- '*'
maxAge: 0
allowCredentials: false
allowOrigins:
- ''
- ''
x-amazon-apigateway-importexport-version: '1.0'
After successful reimport the exported API response specification is defaulted to:
responses:
default:
description: 'Default response for PUT /files'
What might be causing the API to send the 500 response instead of 409? Why is API defaulting the response specification?