RJPearson94/terraform-aws-open-next v2.0.0

on GitHub

V2 of the Open Next Module

• Improved OpenNext 2.x support
  • Support for server actions (this is not supported with lambda@edge)
• More deployment and configuration options
• CloudFront continuous deployments
  • AWS Developer Guide - https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/continuous-deployment.html
  • AWS Blog - https://aws.amazon.com/blogs/networking-and-content-delivery/use-cloudfront-continuous-deployment-to-safely-validate-cdn-changes/
• Lambda function URLs with IAM Auth (using lambda@edge auth function)
  • AWS Blog - https://aws.amazon.com/blogs/compute/protecting-an-aws-lambda-function-url-with-amazon-cloudfront-and-lambdaedge/
• WAF
  • Includes AWS recommended rules (AWSManagedRulesAmazonIpReputationList, AWSManagedRulesCommonRuleSet & AWSManagedRulesKnownBadInputsRuleSet)
  • Configure multiple IP rate-based rules
  • Configure SQL injection rules
  • Configure account takeover protection rules
  • Configure account creation fraud prevention rules
  • Configure basic auth
    • This is inspired by Vercel's password-protected deployment feature - https://vercel.com/guides/how-do-i-add-password-protection-to-my-vercel-deployment
    • Credit to Shinji Nakamatu for this idea - https://dev.to/snaka/implementing-secure-access-control-using-aws-waf-with-ip-address-and-basic-authentication-45hn
  • Custom rules (with custom response bodies) i.e. add a maintenance page to take the website offline when maintenance is taking place
    • Credit to Paul L for this idea - https://repost.aws/questions/QUeXIw1g0hSxiF0BpugsT7aw/how-to-implement-the-maintenance-page-using-route-53-to-switch-between-cloudfront-distributions
  • Configure default action (with custom response bodies)
• Custom Error Pages

And more.