- 最新
- 投票最多
- 评论最多
Unfortunately, at this point in time the Amplify Console officially does not support AWS WAF integration with the generated CloudFront URL. The Amplify CloudFront URL does come with AWS Shield standard.
The Amplify service team have identified this as a known feature request. Please refer to this open GitHub issue which is pertaining to the feature request and it can be tracked here: https://github.com/aws-amplify/amplify-console/issues/36
There's a way to setup WAF for your custom domain creating a documentation but the underlying amplifyapp.com domain is still technically live, so it's security by obscurity in essence.
You can now directly associate an AWS WAF WebACL to your AWS Amplify apps through a one-click integration in the Amplify console or using infrastructure as code (IaC) - see Firewall support for AWS Amplify hosted sites.
For the original questions asked above:
- Please view the answers on this Re:Post question issue-with-geographic-restrictions-on-cloudfront-distribution
- A few things to note:
- CloudFront geo-restriction blocks happen prior to WAF invocation
- as of writing, a CloudFront geo-restriction blocked request counts towards your CloudFront Requests and data transfer out charges
- an AWS WAF blocked request does not count towards your CloudFront Requests and data transfer out charges
To enable AWS WAF for web applications hosted by AWS Amplify please refer to the following documentation - https://docs.aws.amazon.com/amplify/latest/userguide/security.html
相关内容
AWS 官方已更新 7 个月前- AWS 官方已更新 4 年前
- AWS 官方已更新 2 年前
- AWS 官方已更新 3 年前
