api gateway create_domain_name should include parameter for securityPolicy to allow setting TLS_1_2
Opened this issue · 0 comments
Context
boto3.client('apigateway')
has function create_domain_name
that supports argument securityPolicy='TLS_1_0'|'TLS_1_2'
that isn't being used today. This would enable users to set TLS 1.2 for their custom domain name in API gateway. By default, TLS 1.0 is being used.
Expected Behavior
There should be a zappa_settings.json
configuration that can be used to set tls_1_2 that would be picked up if certificate_arn
is set.
Actual Behavior
API Gateway custom domain is defaulting to TLS 1.0, and users have to manually set TLS 1.2 if they require it.
Possible Fix
zappa_settings.json
Add argument tls_version
with options 1.0 or 1.2, the default being 1.0 (as it stands today).
cli.py
dns_name = self.zappa.create_domain_name(
should support this argument, passing in either securityPolicy='TLS_1_0'
or securityPolicy='TLS_1_2'
core.py
def create_domain_name(self,
should support this argument.
Steps to Reproduce
- Default deployment with certificate_arn set
- zappa certify dev
Your Environment
- Zappa version used: latest
- Operating System and Python version:
mac catalina + python 3.7.7 - The output of
pip freeze
: - Link to your project (optional):
- Your
zappa_settings.json
:
"dev": {
"app_function": "example.flask_app",
"aws_region": "us-east-1",
"profile_name": "dev-example",
"project_name": "example",
"runtime": "python3.7",
"s3_bucket": "example",
"manage_roles": false,
"role_name": "example-role",
"lambda_description": "example dev",
"memory_size": 128, // lambda memory size, default 256MB
"apigateway_description": "example dev",
"apigateway_policy": "example.json",
"iam_authorization": true,
"tags": {
"Company": "example",
"Department": "example",
"Environment": "Development"
},
"keep_warm": true,
"certificate_arn": "arn:aws:acm:us-east-1:123456789:certificate/555-444-333-222-111",
"domain": "example.com",
"events": [{
"function": "example.task",
"expressions": ["cron(5 */4 ? * * *)"]
}],
"environment_variables": {
"STAGE": "dev"
}