@cloudcomponents/cdk-lambda-at-edge-pattern
Advanced tools
CDK Constructs for Lambda@Edge pattern: HttpHeaders
CDK Constructs for Lambda@Edge pattern: HttpHeaders
TypeScript/JavaScript:
npm i @cloudcomponents/cdk-lambda-at-edge-pattern
Python:
pip install cloudcomponents.cdk-lambda-at-edge-pattern
import { Construct, RemovalPolicy, Stack, StackProps } from '@aws-cdk/core';
import { StringParameter } from '@aws-cdk/aws-ssm';
import { SecurityPolicyProtocol } from '@aws-cdk/aws-cloudfront';
import { StaticWebsite } from '@cloudcomponents/cdk-static-website';
import { HttpHeaders } from '@cloudcomponents/cdk-lambda-at-edge-pattern';
export class StaticWebsiteStack extends Stack {
constructor(scope: Construct, id: string, props: StackProps) {
super(scope, id, props);
const certificateArn = StringParameter.valueFromLookup(
this,
'/certificate/cloudcomponents.org',
);
const website = new StaticWebsite(this, 'StaticWebsite', {
bucketConfiguration: {
removalPolicy: RemovalPolicy.DESTROY,
},
aliasConfiguration: {
domainName: 'cloudcomponents.org',
names: ['www.cloudcomponents.org', 'cloudcomponents.org'],
acmCertRef: certificateArn,
},
});
// A us-east-1 stack is generated under the hood
const httpHeaders = new HttpHeaders(this, 'HttpHeaders', {
httpHeaders: {
'Content-Security-Policy':
"default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; object-src 'none'; connect-src 'self'",
'Strict-Transport-Security':
'max-age=31536000; includeSubdomains; preload',
'Referrer-Policy': 'same-origin',
'X-XSS-Protection': '1; mode=block',
'X-Frame-Options': 'DENY',
'X-Content-Type-Options': 'nosniff',
'Cache-Control': 'no-cache',
},
});
website.addLambdaFunctionAssociation(httpHeaders);
}
}
new cloudfront.Distribution(this, 'myDist', {
defaultBehavior: {
origin: new origins.S3Origin(myBucket),
edgeLambdas: [httpHeaders],
},
});
new cloudfront.CloudFrontWebDistribution(this, 'MyDistribution', {
originConfigs: [
{
s3OriginSource: {
s3BucketSource: sourceBucket
},
behaviors: [
{
isDefaultBehavior: true,
lambdaFunctionAssociations: [httpHeaders],
}
]
}
]
});
const httpHeaders = new HttpHeaders(this, 'HttpHeaders', {
httpHeaders: {
'Content-Security-Policy':
"default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; object-src 'none'; connect-src 'self'",
'Strict-Transport-Security':
'max-age=31536000; includeSubdomains; preload',
'Referrer-Policy': 'same-origin',
'X-XSS-Protection': '1; mode=block',
'X-Frame-Options': 'DENY',
'X-Content-Type-Options': 'nosniff',
'Cache-Control': 'no-cache',
},
});
https://chrisschuld.com/2020/05/gatsby-hosting-on-cloudfront/
const originMutation = new OriginMutation(stack, 'OriginMutation');
See API.md.
See more complete examples.
FAQs
CDK Constructs for Lambda@Edge pattern: HttpHeaders
The npm package @cloudcomponents/cdk-lambda-at-edge-pattern receives a total of 477 weekly downloads. As such, @cloudcomponents/cdk-lambda-at-edge-pattern popularity was classified as not popular.
We found that @cloudcomponents/cdk-lambda-at-edge-pattern demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Socket detected malicious node-ipc versions with obfuscated stealer/backdoor behavior in a developing npm supply chain attack.
Security News
TeamPCP and BreachForums are promoting a Shai-Hulud supply chain attack contest with a $1,000 prize for the biggest package compromise.
Security News
Packagist urges PHP projects to update Composer after a GitHub token format change exposed some GitHub Actions tokens in CI logs.