Articles

Import and Export OpenAPI Specs in API Gateway (2026)

April 16, 2026 4 min read

You can treat OpenAPI specifications in API Gateway like a JSON or YAML file that describes your API. But the surprising thing is that API Gateway doesn’t just read these files; it actively uses them to generate and validate requests and responses, and even to create client SDKs.

Let’s see this in action. Imagine you have a simple API that returns a greeting.

Here’s a minimal OpenAPI spec for it:

openapi: 3.0.0
info:
  title: Greeting API
  version: 1.0.0
paths:
  /hello:
    get:
      summary: Returns a greeting
      responses:
        '200':
          description: A successful greeting
          content:
            application/json:
              schema:
                type: object
                properties:
                  message:
                    type: string
                    example: "Hello, world!"

Now, let’s say you want to import this into API Gateway. You’d go to your API, click "Import/Export," and then select "Import OpenAPI." You’d paste this YAML (or JSON) content directly into the editor.

Once imported, API Gateway will create the /hello path and the GET method for you. You can then configure the integration (e.g., a Lambda function, an HTTP endpoint) to handle requests to this path. The crucial part is that API Gateway now understands that a GET request to /hello should return a JSON object with a message property of type string.

If you later try to deploy a Lambda function that returns something else, say { "greeting": "Hi there!" }, API Gateway will flag it during deployment as a mismatch. It’s enforcing the contract defined in your OpenAPI spec. This validation is one of its most powerful, and often overlooked, features. It prevents runtime errors by catching contractual violations before your API goes live.

The mental model here is that API Gateway acts as a contract enforcer and code generator.

Problem Solved: Manually defining every single path, method, request parameter, and response schema in the API Gateway console is tedious and error-prone, especially for large APIs. OpenAPI specs provide a declarative, machine-readable way to define your API’s structure and behavior.

How it Works Internally: When you import an OpenAPI spec, API Gateway parses it. It translates the paths, operations (like get, post), parameters, requestBody, and responses into its internal representation. For each path and method, it creates corresponding resources and methods in the API Gateway configuration. The schemas defined under components are used to validate incoming requests and outgoing responses against the defined structure. If you configure request or response transformations, these too can be guided by the OpenAPI spec.

Levers You Control:

  • openapi version: Specifies which version of the OpenAPI standard your document adheres to. API Gateway supports OpenAPI 2.0 and 3.0.
  • info block: Contains metadata like title, description, and version of your API.
  • servers block: Defines the base URLs for your API. API Gateway uses this to understand where your backend services are hosted.
  • paths: This is the core. It maps URL paths (e.g., /users/{userId}) to HTTP methods (e.g., get, post).
  • operationId: A unique identifier for each operation. API Gateway can use this to map operations to specific backend integrations, especially for AWS services like Lambda.
  • parameters: Defines any query parameters, path parameters, header parameters, or cookies expected by an operation. API Gateway uses these for request validation.
  • requestBody: Describes the structure of the payload for operations that accept a body (like POST or PUT).
  • responses: Defines the possible HTTP status codes and the structure of the response bodies for each. This is critical for response validation.
  • schemas: Under components, these define reusable data structures that can be referenced throughout your spec, promoting consistency.

One of the most powerful, yet often underutilized, aspects of importing OpenAPI specs is the ability to generate client SDKs. Once your API is defined and deployed in API Gateway with a valid OpenAPI spec, you can navigate to "API Gateway" -> "SDK generation" in the AWS console. API Gateway will use the imported spec to build downloadable SDKs for various languages (like JavaScript, Java, Python). This isn’t just a simple wrapper; it generates classes and methods that mirror your API’s paths and operations, complete with request parameter handling and response parsing, all derived directly from your OpenAPI definition.

The next concept you’ll likely encounter is how to handle more complex request and response transformations using the OpenAPI spec as a foundation.

Want structured learning?

Take the full Apigateway course →