11# AWS CloudFront Proxy for LaunchDarkly
22
3- A CloudFront distribution that acts as a reverse proxy for LaunchDarkly client SDK and events APIs. For when network calls need to come from a specific URL instead of LaunchDarkly.
3+ An AWS CloudFront distribution that acts as a reverse proxy for LaunchDarkly client SDK and events APIs. For when network calls need to come from a specific URL instead of LaunchDarkly.
44
5- ## Architecture
6-
7- ```
8- Your Application → CloudFront Edge → LaunchDarkly APIs
9- ↓ (cached)
10- ```
11-
12- ### Endpoint Mappings
13-
14- | ** Path Pattern** | ** Target Origin** | ** LaunchDarkly Domain** | ** Purpose** |
15- | -----------------| -------------------| -------------------------| -------------|
16- | ` / ` (default) | ` LDClientSdkOrigin ` | ` clientsdk.launchdarkly.com ` | Default flag polling |
17- | ` /eval/* ` | ` LDClientStreamOrigin ` | ` clientstream.launchdarkly.com ` | 🔄 ** Streaming evaluations** |
18- | ` /stream/* ` | ` LDClientStreamOrigin ` | ` clientstream.launchdarkly.com ` | 🔄 ** Real-time streaming** |
19- | ` /stream/eval/* ` | ` LDClientStreamOrigin ` | ` clientstream.launchdarkly.com ` | 🔄 ** Combined streaming** |
20- | ` /clientstream/* ` | ` LDClientStreamOrigin ` | ` clientstream.launchdarkly.com ` | 🔄 ** Alternative streaming** |
21- | ` /events/* ` | ` LDEventsOrigin ` | ` events.launchdarkly.com ` | 📊 Event tracking |
22- | ` /goals/* ` | ` LDClientSdkOrigin ` | ` clientsdk.launchdarkly.com ` | 🎯 Goal tracking |
23- | ` /sdk/eval/users/* ` | ` LDClientSdkOrigin ` | ` clientsdk.launchdarkly.com ` | 👤 User-specific evaluations |
24- | ` /sdk/evalx/* ` | ` LDAppOrigin ` | ` app.launchdarkly.com ` | 🔧 Extended evaluation APIs |
25- | ` /sdk/* ` | ` LDAppOrigin ` | ` app.launchdarkly.com ` | ⚙️ SDK management APIs |
26-
27- > ** Note:** All streaming endpoints (` /eval/* ` , ` /stream/* ` , ` /clientstream/* ` ) use ** no-cache policies** for real-time updates.
5+ > ** Note:** All streaming endpoints use ** no-cache policies** for real-time updates.
286
297## Quick Start
308
@@ -43,33 +21,6 @@ aws sts get-caller-identity
4321aws sso login --profile YOUR-PROFILE
4422```
4523
46- ### Deploy the CloudFront Proxy
47-
48- ``` bash
49- cd infrastructure
50-
51- aws cloudformation deploy \
52- --template-file templates/cloudfront.yaml \
53- --stack-name ld-cloudfront-proxy \
54- --parameter-overrides \
55- UseCustomDomain=false \
56- PriceClass=PriceClass_100 \
57- EnableLogging=false
58- ```
59-
60- ** ⏱️ Deployment time:** ~ 15-20 minutes (CloudFront global propagation)
61-
62- ### Get Your Proxy URL
63-
64- ``` bash
65- aws cloudformation describe-stacks \
66- --stack-name ld-cloudfront-proxy \
67- --query ' Stacks[0].Outputs'
68- --output table
69- ```
70-
71- This will return your CloudFront domain (e.g., ` d1a2b3c4d5e6f7.cloudfront.net ` )
72-
7324## Configuration Options
7425
7526| Parameter | Default | Options | Description |
@@ -90,22 +41,22 @@ This will return your CloudFront domain (e.g., `d1a2b3c4d5e6f7.cloudfront.net`)
9041- ** PriceClass_All** : Global coverage - Highest cost
9142
9243### Custom Domain Setup Options
93-
94- ** ⚠️ PREREQUISITES:** Before using ` UseCustomDomain=true ` , you must complete the following setup:
44+
45+ ** ⚠️ PREREQUISITES:** Before using ` UseCustomDomain=true ` , you must complete the following setup!!
9546
9647#### Step 1: Get Your Route 53 Hosted Zone ID
9748``` bash
9849# Find your hosted zone ID (replace with your domain)
9950aws route53 list-hosted-zones --query ' HostedZones[?Name==`my-awesome-domain.com.`].[Id,Name]'
10051
101- # Example output: Zone ID like Z04794713N147BEH1NVCF
52+ # Example output: Zone ID like Z01741713N143BEH1HBBD
10253```
10354
10455#### Step 2: Create ACM Certificate (Required)
10556``` bash
10657# Request SSL certificate (MUST be in us-east-1 for CloudFront)
10758aws acm request-certificate \
108- --domain-name ld .my-awesoome-domain.com \
59+ --domain-name flags .my-awesoome-domain.com \
10960 --validation-method DNS \
11061 --region us-east-1
11162
@@ -122,39 +73,86 @@ aws route53 change-resource-record-sets --hosted-zone-id YOUR-ZONE-ID --change-b
12273 "Changes": [{
12374 "Action": "CREATE",
12475 "ResourceRecordSet": {
125- "Name": "_validation-string.ld .my-awesome-domain.com.",
76+ "Name": "_validation-string.flags .my-awesome-domain.com.",
12677 "Type": "CNAME",
12778 "TTL": 300,
12879 "ResourceRecords": [{"Value": "_validation-value.acm-validations.aws."}]
12980 }
13081 }]
13182}'
13283
133- # Verify certificate is issued (wait 1-2 minutes)
84+ # Verify certificate is issued...this will take a few minutes
13485aws acm describe-certificate --certificate-arn YOUR-CERT-ARN --region us-east-1 \
13586 --query ' Certificate.Status'
13687# Should return: ISSUED
13788```
13889
139- #### Option 1: Automatic DNS (Recommended)
140- If you have a Route 53 hosted zone, the template can automatically create DNS records:
90+ Once validated, proceed to Option 1 for deployment. If you are not using a custom domain, use Option 2 for deployment.
91+
92+ ### Option 1: AWS CloudFront Reverse proxy with Custom DNS
93+
94+ ** Deployment time:** ~ 15-20 minutes (CloudFront global propagation)
95+
96+ If you have a Route 53 hosted zone, the template can automatically create DNS records.
97+
98+ NOTE: Ensure you have followed the above steps in the Custom Domain Setup Options section prior to running the below command.
14199
142100``` bash
143101aws cloudformation deploy \
144102 --template-file templates/cloudfront.yaml \
145103 --stack-name ld-cloudfront-proxy \
146104 --parameter-overrides \
147105 UseCustomDomain=true \
148- DomainName=ld .my-awesome-domain.com \
106+ DomainName=flags .my-awesome-domain.com \
149107 AcmCertificateArn=my-awesome-arn \
150108 AutoCreateDNS=true \
151109 HostedZoneId=my-awesome-hosted-zone-id \
152110 PriceClass=PriceClass_100
153111```
154112
113+ Your reverse proxy URL will be the DomainName specified in the above command, but you can also run the below command to get it:
114+ ### Get Your Proxy URL
115+
116+ ``` bash
117+ aws cloudformation describe-stacks \
118+ --stack-name ld-cloudfront-proxy \
119+ --query ' Stacks[0].Outputs'
120+ --output table
121+ ```
122+
123+ This will return your CloudFront domain (e.g., ` flags.my-awesome-domain.com ` )
124+
125+
126+ ### Option 2: AWS CloudFront Reverse proxy with generic DNS
127+
128+ ** Deployment time:** ~ 15-20 minutes (CloudFront global propagation)
129+
130+ ``` bash
131+ cd infrastructure
132+
133+ aws cloudformation deploy \
134+ --template-file templates/cloudfront.yaml \
135+ --stack-name ld-cloudfront-proxy \
136+ --parameter-overrides \
137+ UseCustomDomain=false \
138+ PriceClass=PriceClass_100 \
139+ EnableLogging=false
140+ ```
141+
142+ ### Get Your Proxy URL
143+
144+ ``` bash
145+ aws cloudformation describe-stacks \
146+ --stack-name ld-cloudfront-proxy \
147+ --query ' Stacks[0].Outputs'
148+ --output table
149+ ```
150+
151+ This will return your CloudFront domain: ` d4a2b1c1d5e6f9.cloudfront.net `
152+
155153## 📱 SDK Configuration
156154
157- Once deployed, configure your LaunchDarkly SDKs to use your CloudFront proxy:
155+ Once deployed, configure your LaunchDarkly SDKs to use your CloudFront proxy by specifying the options with the reverse proxy URL.
158156
159157### React SDK (React Applications)
160158``` javascript
@@ -165,14 +163,14 @@ const LDProvider = await asyncWithLDProvider({
165163 key: " unique-device-id"
166164 },
167165 options: {
168- baseUrl: ' https://ld.my-awesome-domain.com'
169- eventsUrl: ' https://ld.my-awesome-domain.com'
170- streamUrl: ' https://ld.my-awesome-domain.com'
171- streaming: true
166+ baseUrl: ' https://flags.my-awesome-domain.com'
167+ eventsUrl: ' https://flags.my-awesome-domain.com'
168+ streamUrl: ' https://flags.my-awesome-domain.com'
172169 }
173170});
174171```
175172
173+ You may need to restart your application.
176174
177175## What Gets Deployed
178176
@@ -206,7 +204,7 @@ aws cloudformation deploy \
206204aws cloudformation delete-stack --stack-name ld-cloudfront-proxy
207205```
208206
209- ** ⏱️ Deletion time:** ~ 15-20 minutes (CloudFront global propagation)
207+ ** Deletion time:** ~ 15-20 minutes (CloudFront global propagation)
210208
211209## Monitoring & Troubleshooting
212210
@@ -235,7 +233,8 @@ aws cloudformation list-stacks --stack-status-filter CREATE_COMPLETE UPDATE_COMP
235233| ** Server-side SDKs** | ❌ No | Java, .NET, Python, Go, Node.js (server-side) |
236234| ** Event Tracking** | ✅ Yes | From any SDK type |
237235
238- ** Note:** Server-side SDKs use different endpoints (` sdk.launchdarkly.com ` ) not currently proxied by this template.
236+ ** Note:** Server-side SDKs use different endpoints (` sdk.launchdarkly.com ` ) not currently proxied by this template. The reverse proxy was not intended for server side use as the endpoints are not exposed to consumer bases.
237+
239238
240239## Multi-Project Usage
241240
@@ -246,9 +245,3 @@ Different LaunchDarkly projects within the same organization can use different c
246245- ** Project C** : Uses a different proxy or region
247246
248247Each project configures its SDK independently using different SDK keys and base URLs.
249-
250- ## Contributing
251-
252- 1 . Test changes in a development AWS account first
253- 2 . Validate CloudFormation templates before committing
254- 3 . Update documentation for any parameter changes
0 commit comments