Limit `catalog-proxy` traffic to only from Cloudfront #4413

nickumia-reisys · 2023-08-03T15:03:30Z

User Story

In order to complete #4059, the Data.gov O&M team wants to implement a new solution to track whether requests are coming from cloudfront or not.

Acceptance Criteria

GIVEN the nginx config has been updated and deployed
AND Forward User-Agent from AWS CloudFront to catalog app #4059 is implemented
WHEN I visit catalog.data.gov
THEN I am able to visit the site without issues

Background

Hide/Redirect cloud.gov url for catalog app if it is behind CDN #3909
- Nginx conf rework catalog.data.gov#512
- allow health check catalog.data.gov#515

Security Considerations (required)

...

Sketch

See @FuhuXia

Preliminary work has been started, Use HOST know whether we are from CDN catalog.data.gov#1014

The text was updated successfully, but these errors were encountered:

nickumia-reisys · 2023-09-18T14:54:50Z

Completed manually, assisted by

Add PUBLIC_ROUTE into nginx server_name catalog.data.gov#1046

nickumia-reisys added this to data.gov team board Aug 3, 2023

nickumia-reisys mentioned this issue Aug 3, 2023

Forward User-Agent from AWS CloudFront to catalog app #4059

Closed

2 tasks

hkdctol moved this to 📔 Product Backlog in data.gov team board Aug 3, 2023

hkdctol moved this from 📔 Product Backlog to 📟 Sprint Backlog [7] in data.gov team board Aug 3, 2023

nickumia-reisys mentioned this issue Aug 21, 2023

Use HOST know whether we are from CDN GSA/catalog.data.gov#1014

Closed

nickumia-reisys self-assigned this Aug 28, 2023

nickumia-reisys moved this from 📟 Sprint Backlog [7] to 🏗 In Progress [8] in data.gov team board Aug 28, 2023

FuhuXia self-assigned this Aug 30, 2023

FuhuXia mentioned this issue Aug 30, 2023

Add PUBLIC_ROUTE into nginx server_name GSA/catalog.data.gov#1046

Merged

This was referenced Aug 31, 2023

Deployment Failure GSA/catalog.data.gov#1047

Closed

O+M 2023-09-01 #4435

Closed

nickumia-reisys moved this from 🏗 In Progress [8] to ✔ Done in data.gov team board Aug 31, 2023

nickumia-reisys closed this as completed Sep 18, 2023

nickumia-reisys added component/catalog Related to catalog component playbooks/roles O&M Operations and maintenance tasks for the Data.gov platform logging labels Oct 9, 2023

nickumia-reisys moved this from ✔ Done to 🗄 Closed in data.gov team board Oct 9, 2023

nickumia-reisys added Feature and removed logging labels Oct 9, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Limit `catalog-proxy` traffic to only from Cloudfront #4413

Limit `catalog-proxy` traffic to only from Cloudfront #4413

nickumia-reisys commented Aug 3, 2023 •

edited by FuhuXia

Loading

nickumia-reisys commented Sep 18, 2023

Limit catalog-proxy traffic to only from Cloudfront #4413

Limit catalog-proxy traffic to only from Cloudfront #4413

Comments

nickumia-reisys commented Aug 3, 2023 • edited by FuhuXia Loading

User Story

Acceptance Criteria

Background

Security Considerations (required)

Sketch

nickumia-reisys commented Sep 18, 2023

Limit `catalog-proxy` traffic to only from Cloudfront #4413

Limit `catalog-proxy` traffic to only from Cloudfront #4413

nickumia-reisys commented Aug 3, 2023 •

edited by FuhuXia

Loading