Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
serverless-appsync-cloudfront
Advanced tools
Automatically creates properly configured AWS CloudFront distribution that routes traffic to AppSync.
This plugin is modified from serverless-api-cloudfront & serverless-domain-manager plugins to support AppSync instead of API Gateway.
:zap: Pros
npm i --save-dev serverless-appsync-cloudfront
or
yarn add -D serverless-appsync-cloudfront
# add in your serverless.yml
plugins:
- serverless-appsync-cloudfront
# All of these custom parameters are optional
custom:
appSyncCloudFront:
domainName: my-custom-domain.com
certificate: arn:aws:acm:us-east-1:000000000000:certificate/00000000-1111-2222-3333-444444444444
waf: 00000000-0000-0000-0000-000000000000
compress: true
logging:
bucket: my-bucket.s3.amazonaws.com
prefix: my-prefix
cookies: none
headers:
- x-api-key
querystring:
- page
- per_page
priceClass: PriceClass_100
minimumProtocolVersion: TLSv1
enabled: true
domain
can be list, so if you want to add more domains, instead string you list multiple ones:domain:
- my-custom-domain.com
- secondary-custom-domain.com
cookies
can be all (default), none or a list that lists the cookies to whitelistcookies:
- FirstCookieName
- SecondCookieName
headers
can be all, none (default) or a list of headers (see CloudFront custom behaviour):headers: all
querystring
can be all (default), none or a list, in which case all querystring parameters are forwarded, but cache is based on the list:querystring: all
priceClass
can be PriceClass_All
(default), PriceClass_100
or PriceClass_200
:priceClass: PriceClass_All
minimumProtocolVersion
can be TLSv1
(default), TLSv1_2016
, TLSv1.1_2016
, TLSv1.2_2018
or SSLv3
:minimumProtocolVersion: TLSv1
enabled
can be true
(default) or false
. Can be used to disable cloudfront distribution deployment.enabled: true
In order to make this plugin work as expected a few additional IAM Policies might be needed on your AWS profile.
More specifically this plugin needs the following policies attached:
cloudfront:CreateDistribution
cloudfront:GetDistribution
cloudfront:UpdateDistribution
cloudfront:DeleteDistribution
cloudfront:TagResource
You can read more about IAM profiles and policies in the Serverless documentation.
FAQs
CloudFront distribution in front of your AppSync
We found that serverless-appsync-cloudfront demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.