JSPM

serverless-appsync-cloudfront

0.9.5
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 818
  • Score
    100M100P100Q110275F
  • License MIT

CloudFront distribution in front of your AppSync

Package Exports

  • serverless-appsync-cloudfront

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (serverless-appsync-cloudfront) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

serverless-appsync-cloudfront

serverless MIT licensed

Automatically creates properly configured AWS CloudFront distribution that routes traffic to AppSync.

This plugin is modified from serverless-api-cloudfront & serverless-domain-manager plugins to support AppSync instead of API Gateway.

⚡ Pros

  • Allows you to set-up custom domain for your AppSync
  • Web Application Firewall support - enable AWS WAF to protect your API from security threats

Installation

Either point to this repository from your package.json or clone this repo to .serverless_plugins folder in your project.

TODO: pending NPM release

Configuration

  • All appSyncCloudFront configuration parameters are optional - e.g. don't provide ACM Certificate ARN to use default CloudFront certificate (which works only for default cloudfront.net domain).
  • First deployment may be quite long (e.g. 10 min) as Serverless is waiting for CloudFormation to deploy CloudFront distribution.
# add in your serverless.yml

plugins:
  - serverless-appsync-cloudfront

custom:
  appSyncCloudFront:
    domainName: my-custom-domain.com
    certificate: arn:aws:acm:us-east-1:000000000000:certificate/00000000-1111-2222-3333-444444444444
    waf: 00000000-0000-0000-0000-000000000000
    compress: true
    logging:
      bucket: my-bucket.s3.amazonaws.com
      prefix: my-prefix
    cookies: none
    headers:
      - x-api-key
    querystring:
      - page
      - per_page
    priceClass: PriceClass_100
    minimumProtocolVersion: TLSv1

Notes

  • domain can be list, so if you want to add more domains, instead string you list multiple ones:
domain:
  - my-custom-domain.com
  - secondary-custom-domain.com
  • cookies can be all (default), none or a list that lists the cookies to whitelist
cookies:
  - FirstCookieName
  - SecondCookieName
headers: all
  • querystring can be all (default), none or a list, in which case all querystring parameters are forwarded, but cache is based on the list:
querystring: all
  • priceClass can be PriceClass_All (default), PriceClass_100 or PriceClass_200:
priceClass: PriceClass_All
minimumProtocolVersion: TLSv1

IAM Policy

In order to make this plugin work as expected a few additional IAM Policies might be needed on your AWS profile.

More specifically this plugin needs the following policies attached:

  • cloudfront:CreateDistribution
  • cloudfront:GetDistribution
  • cloudfront:UpdateDistribution
  • cloudfront:DeleteDistribution
  • cloudfront:TagResource

You can read more about IAM profiles and policies in the Serverless documentation.