如何通过 cloudformation 将 aws shield 添加到 route 53?
How to add aws shield to a route 53 via cloudformation?
通过 cloudformation 将自定义域名添加到 api 网关。请参阅下面的模板,资源包括托管区域、ssl 证书...是否可以将 aws 屏蔽到路由 53。
route53HostedZone:
Type: AWS::Route53::HostedZone
Properties:
HostedZoneName: !Ref Domain
....
cert:
Type: AWS::CertificateManager::Certificate
Properties:
DomainName: !Ref Domain
ValidationMethod: DNS
Alias:
Type: AWS::Route53::Recordset
Properties:
Type: A
Name: !Ref Domain
AliasTarget:
DNSName: !GetAtt ApiConfig
...
ApiConfig:
Type: AWS::ApiGateway::DomainName
Properties:
RegionalCertificateArn:
Ref: cert
DomainName:
Ref: !Ref Domain
....
Shield Standard 由默认启用,您无需执行任何操作即可在您的 CFN 中使用它。来自 docs:
All AWS customers benefit from the automatic protections of AWS Shield Standard, at no additional charge.
通过 cloudformation 将自定义域名添加到 api 网关。请参阅下面的模板,资源包括托管区域、ssl 证书...是否可以将 aws 屏蔽到路由 53。
route53HostedZone:
Type: AWS::Route53::HostedZone
Properties:
HostedZoneName: !Ref Domain
....
cert:
Type: AWS::CertificateManager::Certificate
Properties:
DomainName: !Ref Domain
ValidationMethod: DNS
Alias:
Type: AWS::Route53::Recordset
Properties:
Type: A
Name: !Ref Domain
AliasTarget:
DNSName: !GetAtt ApiConfig
...
ApiConfig:
Type: AWS::ApiGateway::DomainName
Properties:
RegionalCertificateArn:
Ref: cert
DomainName:
Ref: !Ref Domain
....
Shield Standard 由默认启用,您无需执行任何操作即可在您的 CFN 中使用它。来自 docs:
All AWS customers benefit from the automatic protections of AWS Shield Standard, at no additional charge.