Open adamjkeller opened 4 days ago
Absolutely! Making it p2 for now. Please help us prioritize with 👍
Let us hide the unnecessary complexity of FunctionURLs and let's make the API similar to the new S3 origins! Lambda functions support just one function URL. Therefore, instead of
// Old way
const functionUrl = lambdaFunction.addFunctionUrl();
const functionUrlDomainName = Fn.parseDomainName(functionUrl.url);
const lambdaOrigin = new origins.LambdaOrigin(functionUrlDomainName, config);
I would like to propose, similar to https://github.com/aws/aws-cdk-rfcs/issues/617
const lambdaOrigin = origins.LambdaOrigin.withFunctionDefaults(lambdaFunction);
// and
const lambdaOrigin = origins.LambdaOrigin.withOriginAccessControl(lambdaFunction);
cc @gracelu0
Describe the feature
In April 2024, the Cloudfront team announced support for Origin Access Control (OAC) for Lambda function URL origins. Add a new construct that will support this as an origin.
Use Case
Exposing Lambda Function URL's on the public internet has a lot of risk, but there are use cases where customers need to expose these lambda functions on the public internet, but would prefer to have the protections that come with CloudFront (ie, DDoS protection, Web Application Firewall, etc).
Proposed Solution
No response
Other Information
No response
Acknowledgements
CDK version used
N/A
Environment details (OS name and version, etc.)
N/A