aws-cloudfront-apigateway - AWS Solutions Constructs


All classes are under active development and subject to non-backward compatible changes or removal in any future version. These are not subject to the Semantic Versioning model. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package.

Language Package

This AWS Solutions Construct implements an Amazon CloudFront distribution in front of an Amazon API Gateway REST API.

Here is a minimal deployable pattern definition in TypeScript:

import * as api from '@aws-cdk/aws-apigateway'; import * as lambda from "@aws-cdk/aws-lambda"; import { CloudFrontToApiGateway } from '@aws-solutions-constructs/aws-cloudfront-apigateway'; const lambdaProps: lambda.FunctionProps = { code: lambda.Code.fromAsset(`${__dirname}/lambda`), runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler' }; const lambdafunction = new lambda.Function(this, 'LambdaFunction', lambdaProps); const apiGatewayProps: api.LambdaRestApiProps = { handler: lambdafunction, endpointConfiguration: { types: [api.EndpointType.REGIONAL] }, defaultMethodOptions: { authorizationType: api.AuthorizationType.NONE } }; const apiGateway = new api.LambdaRestApi(this, 'LambdaRestApi', apiGatewayProps); new CloudFrontToApiGateway(this, 'test-cloudfront-apigateway', { existingApiGatewayObj: apiGateway });


new CloudFrontToApiGateway(scope: Construct, id: string, props: CloudFrontToApiGatewayProps);


Pattern Construct Props

Name Type Description
existingApiGatewayObj api.RestApi The regional API Gateway that will be fronted with the CloudFront
cloudFrontDistributionProps? cloudfront.DistributionProps Optional user provided props to override the default props for the CloudFront Distribution.
insertHttpSecurityHeaders? boolean Optional user provided props to turn on/off the automatic injection of best practice HTTP security headers in all responses from CloudFront

Pattern Properties

Name Type Description
apiGateway api.RestApi Returns an instance of the API Gateway REST API created by the pattern.
cloudFrontLoggingBucket? s3.Bucket Returns an instance of the logging bucket created by the pattern for the CloudFront web distribution.
cloudFrontWebDistribution cloudfront.CloudFrontWebDistribution Returns an instance of the CloudFront web distribution created by the pattern.
edgeLambdaFunctionVersion? lambda.Version Returns an instance of the Lambda edge function version created by the pattern.

Default settings

Out-of-the-box implementation of this pattern without any overrides will set the following defaults:

Amazon CloudFront

  • Configure Access logging for CloudFront WebDistribution

  • Enable automatic injection of best practice HTTP security headers in all responses from CloudFront WebDistribution

Amazon API Gateway

  • User provided API Gateway object is used as-is

  • Enable X-Ray tracing



To view the code for this pattern, create/view issues and pull requests, and more: