Feature: Provide ability to create customer managed (as opposing to API Gateway managed) Cloudfront distribution

[huksley]

Currently, this excellent plugin creates API Gateway managed cloud front distribution, which is not visible in CloudFront management.

Also, WAF is cannot be assigned to this distribution right now.

https://forums.aws.amazon.com/thread.jspa?threadID=227000

It would be good to have a switch which allows creating customer managed CloudFront distributions (default is API gateway managed)

[jconstance-amplify]

Hi @huksley,

I wouldn't say I'm opposed to the idea of creating and automatically setting up a customer-managed CloudFront Distribution, but I'm curious as to how folks think it would be done. Anyone have any opinions on this?

[Vad1mo]

For our cloudfront setup it would already help if the plugin would just create the domain and leaver the API Gateway out. This can be handled in the AWS::CloudFront::Distribution

[Vad1mo]

looks good now, thank you ❤️

[jconstance-amplify]

Right, there's no issue with using CloudFormation to create a CloudFront Distribution. My question was more so around how do people think this should be done in the context of this plugin? In my mind, there are two options. We could allow people to create the CloudFront Distribution themselves, either inside serverless's custom resources section, and then the plugin is in charge of adding/updating an origin (and maybe a behavior?) to that CloudFront Distribution. The other option would be to add support to the plugin for actually creating the CloudFront Distribution. I don't like this second option very much because it would require this plugin to duplicate a lot of work that serverless is already doing in other places, and I'd rather have the plugin be more focused. What do people think of that?

[vladistan]

I like second option.

[huksley]

Another rationale for this feature would be that Custom Domains created via API Gateway does not support HTTP (as HTTP to HTTPS redirect), making them ineligible for general-purpose sites.

Consider the following StackOverflow discussion: https://stackoverflow.com/questions/47311081/redirect-http-requests-to-https-on-aws-api-gateway-using-custom-domains

I also experienced this deploying the app recently: https://github.com/huksley/veresk/issues/2