You define a policy like "Verify JWT" or "Block SQLi patterns" in YAML. The tool compiles this into: - *AWS:* CloudFront Functions (JS) + Lambda@Edge (for heavier tasks) + WAF Rules. - *Cloudflare:* Workers (TS) using native APIs like `crypto.subtle`.
It handles the platform-specific quirks (e.g., CloudFront's limited JS environment vs Cloudflare's full Node-like environment) so you don't have to rewrite your security logic when switching providers.
Open source and ready for feedback: https://github.com/albert-einshutoin/cdn-security-framework
0 comments