New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AWS::ApiGateway::DomainName- (new parameter) #3
Comments
We are interested in this parameter being available. In the meantime, we need to update from TLS 1.0 to TLS 1.2 via Web console or AWS CLI. We are not able to define this using SAM/CF |
I would suggest making TLS 1.2 the default value for new domains, to make sure those who miss this setting is still getting the best possible security. |
I think the response will be, "changing the default to TLS 1.2 breaks backwards compatibility". If it is, we need CloudFormation to think about better ways of versioning these resources so people can get security upgrades like this by default, but pin behavior for compatibility if needed. |
I'd like to see this fwiw, we've just hit wanting this at my place and are now having to look into alternatives. Anything I can do to help let me know. Thanks. |
Should SecurityPolicy also be in AWS::ApiGatewayV2::DomainName DomainNameConfiguration? https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-domainname-domainnameconfiguration.html |
Add new parameters to AWS::ApiGateway::DomainName -> Security Policy, DomainNameStatus
Scope of request -> Create Domain Name API takes additional input: security policy
3. Expected behavior -> in Create, allow setting security policy. In Update, allow changing to a different security policy.
4. Test case recommendation (optional) -> Once done, get domain name should return domain name with new attributes security policy and status
5. Links to existing API doc (optional) -> API docs at https://docs.aws.amazon.com/apigateway/api-reference/resource/domain-name/
6. Category tag (optional) -> Networking/Content Delivery
7. Any additional context (optional)
The text was updated successfully, but these errors were encountered: