1

I have an S3 hosted site behind a Cloudfront and WAF. I set up a Cognito hosted UI with a custom domain (auth.example.com where example.com is my site). Cognito generates a Cloudfront distribution that is aliased in Route 53 to my domain but doesn't appear listed as an option under Add Resources to WAF ACL. As a result I can't add the hosted UI pages to my WAF.

How do I get the hosted UI behind the WAF ?

elpa
  • 11
  • 1
  • How would you expect your WAF to interact with S3? S3 should be static pages, and a WAF is normally used to protect against attacks such as XSS and SQLi – LTPCGO Sep 08 '19 at 20:49
  • The S3 static pages are protected by the WAF. It's the Cognito hosted UI I'd like to also protect under the same WAF. – elpa Sep 08 '19 at 22:38

0 Answers0