AWS::ApiGateway::DomainName- (new parameter) #3
Comments
luiseduardocolon
changed the title
luiseduardocolon
changed the title
luiseduardocolon
added
the
networking & content deliv
|
We are interested in this parameter being available. In the meantime, we need to update from TLS 1.0 to TLS 1.2 via Web console or AWS CLI. We are not able to define this using SAM/CF |
|
I would suggest making TLS 1.2 the default value for new domains, to make sure those who miss this setting is still getting the best possible security. |
|
I think the response will be, "changing the default to TLS 1.2 breaks backwards compatibility". If it is, we need CloudFormation to think about better ways of versioning these resources so people can get security upgrades like this by default, but pin behavior for compatibility if needed. |
|
I'd like to see this fwiw, we've just hit wanting this at my place and are now having to look into alternatives. Anything I can do to help let me know. Thanks. |
|
Should SecurityPolicy also be in AWS::ApiGatewayV2::DomainName DomainNameConfiguration? https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-domainname-domainnameconfiguration.html |
Add new parameters to AWS::ApiGateway::DomainName -> Security Policy, DomainNameStatus
Scope of request -> Create Domain Name API takes additional input: security policy
3. Expected behavior -> in Create, allow setting security policy. In Update, allow changing to a different security policy.
4. Test case recommendation (optional) -> Once done, get domain name should return domain name with new attributes security policy and status
5. Links to existing API doc (optional) -> API docs at https://docs.aws.amazon.com/apigateway/api-reference/resource/domain-name/
6. Category tag (optional) -> Networking/Content Delivery
7. Any additional context (optional)
The text was updated successfully, but these errors were encountered: