Security News
OpenJS: “XZ Utils Cyberattack Likely Not an Isolated Incident”
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.
serverless-api-cloudfront
Advanced tools
Weekly downloads
Readme
Automatically creates properly configured AWS CloudFront distribution that routes traffic to API Gateway.
Due to limitations of API Gateway Custom Domains, we realized that setting self-managed CloudFront distribution is much more powerful.
:zap: Pros
$ npm install --save-dev serverless-api-cloudfront
# add in your serverless.yml
plugins:
- serverless-api-cloudfront
custom:
apiCloudFront:
domain: my-custom-domain.com
certificate: arn:aws:acm:us-east-1:000000000000:certificate/00000000-1111-2222-3333-444444444444
waf: 00000000-0000-0000-0000-000000000000
compress: true
logging:
bucket: my-bucket.s3.amazonaws.com
prefix: my-prefix
cookies: none
headers:
- x-api-key
querystring:
- page
- per_page
priceClass: PriceClass_100
minimumProtocolVersion: TLSv1
domain
can be list, so if you want to add more domains, instead string you list multiple ones:domain:
- my-custom-domain.com
- secondary-custom-domain.com
cookies
can be all (default), none or a list that lists the cookies to whitelistcookies:
- FirstCookieName
- SecondCookieName
headers
can be all, none (default) or a list of headers (see CloudFront custom behaviour):headers: all
querystring
can be all (default), none or a list, in which case all querystring parameters are forwarded, but cache is based on the list:querystring: all
priceClass
can be PriceClass_All
(default), PriceClass_100
or PriceClass_200
:priceClass: PriceClass_All
minimumProtocolVersion
can be TLSv1
(default), TLSv1_2016
, TLSv1.1_2016
, TLSv1.2_2018
or SSLv3
:minimumProtocolVersion: TLSv1
FAQs
CloudFront distribution in front of your API Gateway
The npm package serverless-api-cloudfront receives a total of 369 weekly downloads. As such, serverless-api-cloudfront popularity was classified as not popular.
We found that serverless-api-cloudfront demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.
Company News
Come meet the Socket team at BSidesSF and RSA! We're sponsoring several fun networking events and we would love to see you there.
Security News
OSI is starting a conversation aimed at removing the excuse of the SaaS loophole for companies navigating licensing and the complexities of doing business with open source.