2 Answers
1
Accepted Answer
Lambda function URLs do not support WAF. If you need WAF, use API Gateway instead of function URLs.
If you use a CloudFront distribution instead, you will need to make sure that the requests are coming from CF. Users may be able to guess the URL and invoke the function directly, bypassing WAF. To prevent that you could add a special header with some secret value in CloudFront and you will need to verify that header in your Lambda functions.
1
AWS WAF cannot be configured on Lambda Function URLs.
You can set Lambda Function URLs to CloudFront origin and enable AWS WAF for CloudFront.
answered a month ago
Sounds good. Thank you!
Relevant questions
Lambda Function URL /ping endpoint
asked 3 months agocan we attach the custom domain to lambda function urls ?
Accepted Answerasked 4 months agois it possible that SQS Triggers to a Lambda Function Alias?
Accepted Answerasked 6 months agoAWS IoT unable to invoke lambda function
Accepted Answerasked 2 months agocalling IAM auth function urls from Lambda
Accepted Answerasked 2 months agoIs Lambda Function URLs fixed?
asked a month agoHow does data transfer pricing work between lambda function urls and cloudfront?
asked 4 months agoIs it possible to kill/stop a running lambda function?
asked 5 years agoAWS WAF with AWS Lambda Function URLs?
Accepted Answerasked a month agoMutual TLS for AWS Lambda Function URL
asked 4 months ago
Thanks for the additional info, very useful!
Cheers!