API Protect: AWS CloudFront Integration

Owned by John Gerlock
Last updated: Oct 04, 2023
2 min read

Overview

Our CloudFront integration mirrors “Origin request” traffic to an instance of our Network Analyzer deployed in your environment. Your data never leaves your environment, only request metadata generated by the Analyzer is sent to Data Theorem.

Installation

From the Active Protection page on the Data Theorem portal, select “AWS Cloufront vTap”

Name The Integration

 

Deploy the CloudFormation Stack

This will open a new browser window and prompt you to login to your AWS account.

 

Update Your CloudFront Distribution

Once the Analyzer and the Lambda are deployed in your environment, your Cloudfront distribution needs to trigger the Lambda to mirror the traffic to the Analyzer.

 

In your AWS account, select the CloudFront distribution you wish to protect and click “Edit”.

 

In the “Function Associations” section make the following changes

Set “Origin request” to “Lambda@Edge”

Set “Function ARN / Name” to the function arn value returned from Step 1

Check “Include body”

 

 

Success!

Once you update your CloudFront Distribution you may return to the Data Theorem portal. It can take several minutes for CloudFront to update all edge deployments. Once they are updated, your APIs are protected and should be visible in the console.