Skip to content

Serverless Plugin - CloudFront distribution in front of your Lambda Url

License

Notifications You must be signed in to change notification settings

t2tx/serverless-lambda-cloudfront

 
 

Repository files navigation

serverless-lambda-cloudfront

serverless npm version MIT licensed npm downloads

Automatically creates properly configured AWS CloudFront distribution that routes traffic to Lambda Url.

⚡ Pros

  • Allows you to set-up custom domain for your Lambda Url
  • Enables CDN caching of resources - so you don't waste Lambda invocations for serving static files (just set proper Cache-Control in API responses)
  • Much more CloudWatch statistics of API usage (like bandwidth metrics)
  • Real world access log - out of the box, API Gateway currently does not provide any kind of real "apache-like" access logs for your invocations
  • Web Application Firewall support - enable AWS WAF to protect your API from security threats

Installation

$ npm install --save-dev serverless-lambda-cloudfront

Configuration

  • All lambdaCloudFront configuration parameters are optional - e.g. don't provide ACM Certificate ARN to use default CloudFront certificate (which works only for default cloudfront.net domain).
  • This plugin does not set-up automatically Route53 for newly created CloudFront distribution. After creating CloudFront distribution, manually add Route53 ALIAS record pointing to your CloudFront domain name.
  • First deployment may be quite long (e.g. 10 min) as Serverless is waiting for CloudFormation to deploy CloudFront distribution.
# add in your serverless.yml

plugins:
  - serverless-lambda-cloudfront

custom:
  lambdaCloudFront:
    lambda: myFunction
    domain: my-custom-domain.com
    certificate: arn:aws:acm:us-east-1:000000000000:certificate/00000000-1111-2222-3333-444444444444
    waf: 00000000-0000-0000-0000-000000000000
    compress: true
    logging:
      bucket: my-bucket.s3.amazonaws.com
      prefix: my-prefix
    cookies: none
    headers:
      - x-api-key
    querystring:
      - page
      - per_page
    priceClass: PriceClass_100
    minimumProtocolVersion: TLSv1

...

functions:
  myFunction:
    url: true
    ...

Notes

  • domain can be list, so if you want to add more domains, instead string you list multiple ones:
domain:
  - my-custom-domain.com
  - secondary-custom-domain.com
  • cookies can be all (default), none or a list that lists the cookies to whitelist
cookies:
  - FirstCookieName
  - SecondCookieName
headers: all
  • querystring can be all (default), none or a list, in which case all querystring parameters are forwarded, but cache is based on the list:
querystring: all
  • priceClass can be PriceClass_All (default), PriceClass_100 or PriceClass_200:
priceClass: PriceClass_All
minimumProtocolVersion: TLSv1

IAM Policy

In order to make this plugin work as expected a few additional IAM Policies might be needed on your AWS profile.

More specifically this plugin needs the following policies attached:

  • cloudfront:CreateDistribution
  • cloudfront:GetDistribution
  • cloudfront:UpdateDistribution
  • cloudfront:DeleteDistribution
  • cloudfront:TagResource

You can read more about IAM profiles and policies in the Serverless documentation.

About

Serverless Plugin - CloudFront distribution in front of your Lambda Url

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • JavaScript 100.0%