API Gateway/Cloudfront and Shield Advanced Configuration


Can Shield Advanced be used to protect an API Gateway with Edge Optimized endpoints?

I know that a system managed Cloudfront is put in front of such endpoints, but I'm not sure if Shield Advanced can be applied to it.

I'm thinking we probably need to go for Regional Endpoints and add our own Cloudfront to be able to use Shield Advanced...

Thanks in advance.

1 Answer
Accepted Answer

I believe you're right; you can't set up Shield Advanced for API Gateway's AWS-managed CloudFront distribution. AWS has a walkthrough of setting up the custom CloudFront distribution for API Gateway for just these types of advanced configuration needs here: https://repost.aws/knowledge-center/api-gateway-cloudfront-distribution

Leo K
answered 14 days ago
profile picture
reviewed 14 days ago
  • Thanks Leo

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions