Documentation ΒΆ
Overview ΒΆ
Enforce origin traffic via CloudFront.
Enforce origin traffic via CloudFront.
Enforce origin traffic via CloudFront.
Enforce origin traffic via CloudFront.
Index ΒΆ
Constants ΒΆ
This section is empty.
Variables ΒΆ
This section is empty.
Functions ΒΆ
func NewOriginVerify_Override ΒΆ
func NewOriginVerify_Override(o OriginVerify, scope constructs.Construct, id *string, props *OriginVerifyProps)
Associates an origin with WAFv2 WebACL to verify traffic contains specific header with a secret value.
Use `verifyHeader` value to assign custom headers into CloudFront config.
Example:
import { OriginVerify } from '@alma-cdk/origin-verify'; import { Distribution } from 'aws-cdk-lib/aws-cloudfront'; const api: RestApi; // TODO: implement the RestApi const apiDomain: string; // TODO: implement the domain const verification = new OriginVerify(this, 'OriginVerify', { origin: api.deploymentStage, }); new Distribution(this, 'CDN', { defaultBehavior: { origin: new HttpOrigin(apiDomain, { customHeaders: { [verification.headerName]: verification.headerValue, }, protocolPolicy: OriginProtocolPolicy.HTTPS_ONLY, }) }, })
Experimental.
func OriginVerify_IsConstruct ΒΆ
func OriginVerify_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.
func OriginVerify_OriginVerifyHeader ΒΆ
func OriginVerify_OriginVerifyHeader() *string
Types ΒΆ
type IVerification ΒΆ
type IVerification interface { // CloudFront Origin Custom Header name used in the WAFv2 WebACL verification. // Experimental. HeaderName() *string // Secret Value used as the CloudFront Origin Custom Header value. // // Example: // 'xxxxEXAMPLESECRET' // // Experimental. HeaderValue() *string }
Interface describing the "contract" of return values from the constructor. Experimental.
type OriginVerify ΒΆ
type OriginVerify interface { constructs.Construct IVerification // CloudFront Origin Custom Header name used in the WAFv2 WebACL verification. // Experimental. HeaderName() *string // Secret Value used as the CloudFront Origin Custom Header value. // // Example: // 'xxxxEXAMPLESECRET' // // Experimental. HeaderValue() *string // The tree node. // Experimental. Node() constructs.Node // Returns a string representation of this construct. // Experimental. ToString() *string }
Associates an origin with WAFv2 WebACL to verify traffic contains specific header with a secret value. Experimental.
func NewOriginVerify ΒΆ
func NewOriginVerify(scope constructs.Construct, id *string, props *OriginVerifyProps) OriginVerify
Associates an origin with WAFv2 WebACL to verify traffic contains specific header with a secret value.
Use `verifyHeader` value to assign custom headers into CloudFront config.
Example:
import { OriginVerify } from '@alma-cdk/origin-verify'; import { Distribution } from 'aws-cdk-lib/aws-cloudfront'; const api: RestApi; // TODO: implement the RestApi const apiDomain: string; // TODO: implement the domain const verification = new OriginVerify(this, 'OriginVerify', { origin: api.deploymentStage, }); new Distribution(this, 'CDN', { defaultBehavior: { origin: new HttpOrigin(apiDomain, { customHeaders: { [verification.headerName]: verification.headerValue, }, protocolPolicy: OriginProtocolPolicy.HTTPS_ONLY, }) }, })
Experimental.
type OriginVerifyProps ΒΆ
type OriginVerifyProps struct { // Origin to protect. // // Accepted types: // - `IStage` (from `aws-cdk-lib/aws-apigateway`) // - `IApplicationLoadBalancer` (from `aws-cdk-lib/aws-elasticloadbalancingv2`). // Experimental. Origin interface{} `field:"required" json:"origin" yaml:"origin"` // Metric name for the WebACL. // Experimental. AclMetricName *string `field:"optional" json:"aclMetricName" yaml:"aclMetricName"` // By default `x-origin-verify` is used. // // To override it, provide a value for // this. Recommendation is to use something with a `x-` prefix. // Experimental. HeaderName *string `field:"optional" json:"headerName" yaml:"headerName"` // Metric name for the allowed requests. // Experimental. RuleMetricName *string `field:"optional" json:"ruleMetricName" yaml:"ruleMetricName"` // Any additional rules to add into the created WAFv2 WebACL. // Experimental. Rules *[]interface{} `field:"optional" json:"rules" yaml:"rules"` // The secret which is used to verify the CloudFront distribution. // // Optional: By default this construct will generate a `new Secret`. // Experimental. SecretValue awscdk.SecretValue `field:"optional" json:"secretValue" yaml:"secretValue"` }
Properties for `OriginVerify` constructor. Experimental.