Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@serverless/aws-cloudfront

Package Overview
Dependencies
Maintainers
5
Versions
12
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@serverless/aws-cloudfront

 

  • 6.0.0
  • latest
  • npm
  • Socket score

Version published
Weekly downloads
234
decreased by-1.68%
Maintainers
5
Weekly downloads
 
Created
Source

aws-cloudfront

 

Deploy an AWS CloudFront distribution for the provided origins using Serverless Components.

 

  1. Install
  2. Create
  3. Configure
  4. Deploy

 

1. Install

$ npm install -g serverless

2. Create

$ mkdir cdn
$ cd cdn

the directory should look something like this:

|- serverless.yml
|- .env      # your AWS api keys

# .env
AWS_ACCESS_KEY_ID=XXX
AWS_SECRET_ACCESS_KEY=XXX

3. Configure

# serverless.yml

distribution:
  component: '@serverless/aws-cloudfront'
  inputs:
    region: us-east-1
    enabled: true # optional
    comment: 'My distribution' # optional
    defaults: # optional
      ttl: 15
      allowedHttpMethods: ['HEAD', 'GET']
      forward: # optional
        # array of header names, 'none' or 'all'
        headers: ['Accept', 'Accept-Language']
        # array of cookie names, 'none' or 'all'
        cookies: ['my-cookie]
        queryString: true
        queryStringCacheKeys: ['queryKey']
      viewerProtocolPolicy: 'https-only' # optional
      smoothStreaming: true # optional
      compress: true # optional
      fieldLevelEncryptionId: '123' # optional
      lambda@edge: # added to cloudfront default cache behavior
        viewer-request: arn:aws:lambda:us-east-1:123:function:myFunc:version
    origins:
      - https://my-bucket.s3.amazonaws.com
Custom cache behavior

Custom cache behaviors support the same config parameters as the default cache behavior (see the example above).

# serverless.yml

distribution:
  component: '@serverless/aws-cloudfront'
  inputs:
    origins:
      - url: https://my-assets.com
        pathPatterns:
          /static/images: # route any /static/images requests to https://my-assets.com
            ttl: 10
            allowedHttpMethods: ['GET', 'HEAD'] # optional
            forward: # optional
              headers: 'all' 
              cookies: ['auth-token']
              queryString: true
            compress: false # optional
            # ...
Lambda@Edge
# serverless.yml

distribution:
  component: '@serverless/aws-cloudfront'
  inputs:
    origins:
      - url: https://sampleorigin.com
        pathPatterns:
          /sample/path:
            ttl: 10
            lambda@edge:
              viewer-request: arn:aws:lambda:us-east-1:123:function:myFunc:version # lambda ARN including version
Private S3 Content

To restrict access to content that you serve from S3 you can mark as private your S3 origins:

# serverless.yml

distribution:
  component: '@serverless/aws-cloudfront'
  inputs:
    origins:
      - url: https://my-private-bucket.s3.amazonaws.com
        private: true

A bucket policy will be added that grants CloudFront with access to the bucket objects. Note that it doesn't remove any existing permissions on the bucket. If users currently have permission to access the files in your bucket using Amazon S3 URLs you will need to manually remove those.

This is documented in more detail here: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html

4. Deploy

$ serverless

 

New to Components?

Checkout the Serverless Components repo for more information.

FAQs

Package last updated on 07 Oct 2019

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc