Security News
PyPI Introduces Digital Attestations to Strengthen Python Package Security
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
@alma-cdk/origin-verify
Advanced tools
Enforce API Gateway or Application Load Balancer traffic via CloudFront.
npm i -D @alma-cdk/origin-verify
Enforce API Gateway or Application Load Balancer traffic via CloudFront by generating a Secrets Manager secret value which is used as a CloudFront Origin Custom header and a WAFv2 WebACL header match rule.
🚧 Do not use for production critial stuff! This construct is still very much work in progress and breaking changes may occur. 🚧
import { OriginVerify } from '@alma-cdk/origin-verify';
import { Distribution } from 'aws-cdk-lib/aws-cloudfront';
const api: RestApi; // TODO: implement the RestApi
const apiDomain: string; // TODO: implement the domain
const verification = new OriginVerify(this, 'OriginVerify', {
origin: api.deploymentStage,
});
new Distribution(this, 'CDN', {
defaultBehavior: { origin: new HttpOrigin(apiDomain, {
customHeaders: {
[verification.headerName]: verification.headerValue,
},
}) },
})
Internally this construct creates the headerValue
by using AWS Secrets Manager but the secret value is exposed directly by using secretValue.unsafeUnwrap()
method: This is:
FAQs
Enforce origin traffic via CloudFront.
The npm package @alma-cdk/origin-verify receives a total of 251 weekly downloads. As such, @alma-cdk/origin-verify popularity was classified as not popular.
We found that @alma-cdk/origin-verify demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.