API Protect: AWS CloudFront Integration
- John Gerlock
Overview
Our CloudFront integration mirrors “Origin request” traffic to an instance of our Network Analyzer deployed in your environment. Your data never leaves your environment, only request metadata generated by the Analyzer is sent to Data Theorem.
Installation
From the Active Protection page on the Data Theorem portal, select “AWS Cloufront vTap”
Name The Integration
Deploy the CloudFormation Stack
This will open a new browser window and prompt you to login to your AWS account.
Update Your CloudFront Distribution
Once the Analyzer and the Lambda are deployed in your environment, your Cloudfront distribution needs to trigger the Lambda to mirror the traffic to the Analyzer.
In your AWS account, select the CloudFront distribution you wish to protect and click “Edit”.
In the “Function Associations” section make the following changes
Set “Origin request” to “Lambda@Edge”
Set “Function ARN / Name” to the function arn value returned from Step 1
Check “Include body”
Success!
Once you update your CloudFront Distribution you may return to the Data Theorem portal. It can take several minutes for CloudFront to update all edge deployments. Once they are updated, your APIs are protected and should be visible in the console.