By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Strict transport security header on appsync responses

0

What's the best way to have strict transport security header added to appsync responses?

I have seen recommendations around setting up cloudfront in front of appsync and setting the headers in cloudfront.

Topics
ServerlessFront-End Web & MobileApplication IntegrationAWS Well-Architected Framework
Tags
AWS AppSyncSecurity
Language
English
bbigs
asked 2 years ago758 views
1 Answer
0

Hi,

I do see that there are similar workarounds to the workaround which you have mentioned. However, there is a feature that was just recently released by AppSync which adds support for custom response headers. Please refer to this page for the announcement of the feature.

This adds a new resolver utility $util.http.addResponseHeaders() to configure additional headers in the response for a GraphQL API operation.

The other workarounds will add additional workload/steps so it is recommended to use this utility to add headers in the appsync response.

AWS
SUPPORT ENGINEER
Ryan_A
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content