hmm I'm not getting any output or logging anything when I hit the url

I've created a route Route: emails.webnd.co.uk/* Zone: webnd.co.uk Does that look like it should do something if I just hit emails.webnd.co.uk?

Not if it's an Worker Route, you'll need to create a record for it. For originless setups, CF Recommends

AAAA

emails.webnd.co.uk

100::

Proxied. Or just use a Worker Custom Domain

yeah a custom domain will be easier i guess

It's working now, thanks!

I have a CNAME (abc.com) to a lambda url (abc.execute-api.amazonaws.com) that enforces the hostname. I want to replace that with a worker. So I have something like:

handle(request: Request) {
    const newRequest = new Request(request, {
        cf: {
            resolveOverride: "abc.com",
        },
    });

    return fetch("abc.execute-api.amazonaws.com", newRequest);
}

Which isn't working. Not sure if there's something wrong with that or it's just not something I can do with workers

what's the end goal?

to have mTLS agreement between lambda and worker so cloudflare can't be bypassed

you can throw API Gateway out completely, and use aws4fetch for that instead. https://github.com/mhart/aws4fetch/tree/master/example

or if you want to use Lambda URLs instead (which I find have some convenient benefits, like being able to use route53 to load balance between regions and ARM/Intel Lambda functions), here's my example: https://github.com/Manouchehri/cloudflare-worker-to-aws-lambda-function-url-example/blob/main/src/index.ts

humm, that's an interesting approach. I like it. Might be easier to not have to deal with the certs on both ends

mTLS agreement would still be cool to have

interesting...

Can you do mTLS without API gateway though?

no, but I wouldn't have to

API gateway is the issue atm, anyone can go straight to it and bypass CF WAF

so mTLS with a Worker would work, but at an extra cost. aws4fetch would remove the need for API gateway completely.

so your idea sounds much better bc it completely eliminates the need for mTLS and since it's a newer thing I'd also have to make sure it works in China

you have access to CF in China?

yeah, we have enterprise account. Most things don't work 100% in China though

and AWS in China too?

yep

this is a cool thing

i like it

ah kk then yeah oddly my solution would probably be my favourite one too, even over mTLS. 😛

thanks btw 🙂

np

I've changed it up a little, but look at this too if you wanna route to multiple Lambda Function URL endpoints. 🙂 https://discord.com/channels/595317990191398933/779390076219686943/1072557208287596624

This is what my route53 dashboard looks like. The reason I have duplicate entries for each region, is because one is for ARM (90%) and the other is for Intel (10%).