Open h-m-f-t opened 1 year ago
Given that we don't need path forwarding, but we do require HTTPS and HSTS, the best solution is to create a CloudFront distribution from a static website (just a 301 redirect) in an S3 bucket with a Lambda@Edge to inject the security headers. We have done this before, e.g. here.
With directives now hosted on cisa.gov directly, this repo is no longer maintained. The one function the Federalist/cloud.gov Pages site still performs is redirecting to cisa.gov (see #320). Since "cyber.dhs.gov" is featured in many non-CISA pages and documents, there should be a redirect from cyber.dhs.gov to cisa.gov that happens outside of this project. This should be a web-centric solution, as there are a bunch of other DNS-y things happening in the cyber.dhs.gov zone.
DNS for the cyber.dhs.gov zone is managed in Route53. One idea to maintain a redirect is to use R53 + S3, but there may be better approaches.
cc: @dav3r @felddy @jsf9k @mcdonnnj as Maintainers of the Zone 🦸 for ideas.