[dynamodb] No validation on attributes

[Lilja]

We ran into this issue in production. Moto fails to validate that an attribute must be of a proper type when using put_object:

import boto3
from moto import mock_dynamodb


@mock_dynamodb
def test_whatever():
    session = boto3.Session()
    dynamodb = session.resource("dynamodb")
    hello_index  = {
        "IndexName": "hello-index",
        "KeySchema": [{"AttributeName": "hello", "KeyType": "HASH"}],
        "Projection": {"ProjectionType": "ALL"},
    }
    table_name = "lilja-test"

    # Let's create a table with [id: str, hello: str], with an index to hello
    dynamodb.create_table(
        TableName=table_name,
        KeySchema=[
            {"AttributeName": "id", "KeyType": "HASH"},
        ],
        AttributeDefinitions=[
            {"AttributeName": "id", "AttributeType": "S"},
            {"AttributeName": "hello", "AttributeType": "S"},
        ],
        GlobalSecondaryIndexes=[hello_index],
        BillingMode="PAY_PER_REQUEST",
    )

    table = dynamodb.Table(table_name)
    resp = table.put_item(
        TableName=table_name,
        Item={
            'id': 'woop',
            'hello': None,
        },
    )
    print(resp)

Running this is fine. But if I click and manually add these resources in AWS console and run a script:

import boto3

resource = boto3.resource("dynamodb")

table = resource.Table("lilja-test")

resp = table.put_item(
    TableName="lilja-test",
    Item={
        'id': 'woop',
        'hello': None,
    },
)

print(resp)

Traceback (most recent call last):
  File "/Users/lilja/code/temp/script.py", line 7, in <module>
    resp = table.put_item(
  File "/Users/lilja/Library/Caches/pypoetry/virtualenvs/temp-SZio7nyt-py3.9/lib/python3.9/site-packages/boto3/resources/factory.py", line 580, in do_action
    response = action(self, *args, **kwargs)
  File "/Users/lilja/Library/Caches/pypoetry/virtualenvs/temp-SZio7nyt-py3.9/lib/python3.9/site-packages/boto3/resources/action.py", line 88, in __call__
    response = getattr(parent.meta.client, operation_name)(*args, **params)
  File "/Users/lilja/Library/Caches/pypoetry/virtualenvs/temp-SZio7nyt-py3.9/lib/python3.9/site-packages/botocore/client.py", line 530, in _api_call
    return self._make_api_call(operation_name, kwargs)
  File "/Users/lilja/Library/Caches/pypoetry/virtualenvs/temp-SZio7nyt-py3.9/lib/python3.9/site-packages/botocore/client.py", line 960, in _make_api_call
    raise error_class(parsed_response, operation_name)
botocore.exceptions.ClientError: An error occurred (ValidationException) when calling the PutItem operation: One or more parameter values were invalid: Type mismatch for Index Key hello Expected: S Actual: NULL IndexName: hello-index

# pypoetry.toml
[tool.poetry.dependencies]
python = "^3.9"
boto3 = "^1.26.17"
moto = {extras = ["dynamodb"], version = "^4.0.10"}
pytest = "^7.2.0"

[bblommers]

Thanks for raising this and providing the test case @Lilja - marking it as an enhancement to add validation here.

Would you like to submit a PR for this yourself?

[Lilja]

Would you like to submit a PR for this yourself?

Not at this time, maybe in the future.

[aarushisoni]

i would like to contribute to this issue

[bblommers]

Sounds good @aarushisoni - let me know if you need any help or pointers!

[aarushisoni]

It would be helpful if you can tell me in which file I can find this code

[bblommers]

We already validate whether the table-attributes exist here: https://github.com/spulec/moto/blob/08ed9038e7618f426e6eba4e27968cb99b1e11ec/moto/dynamodb/responses.py#L378

Reading the error above, the message is different when index-attributes do not exist. So we'll probably have to add another validation here, in the same style.

[bblommers]

Oh, and tests for these kinds of error-scenarios tend to live in tests/test_dynamodb/exceptions/test_dynamodb_exceptions.py @aarushisoni

[Lilja]

thanks @bblommers