To configure the WAF-as-a-Service Content Delivery Network (CDN) for your application:
- Set Enable CDN to On and click Save. You can remain on this screen while CDN activates or return later. A notification will pop up once all domains configured for your application are listed along with the associated TXT keys.
Configure your DNS by adding the TXT verification records to match these values. You can use the copy icons to capture the values to use when creating the records. Domains will automatically show as Approved once the records have propagated through the DNS system. How long this will take depends on the Time To Live established with each one.
- Once all domains are Approved, you can set Route traffic through CDN to On. This begins the rollout of your application in the CDN network. Again, you do not need to remain on this page and you will be notified once rollout is finished.
- Optional: By default, CDN will generate and manage certificates. However, you can provide your own certificate:
- Click the three dots in the Action column and select HTTPS Settings.
- In the pop-up window, select Bring your own certificate (BYOC) and enter your certificate and private key. Click Add.
- Once rollout is complete, the Enable CDN setting will no longer be active and Block traffic not sent through CDN will become active. Enabling this will ensure all traffic goes through CDN and prevents other routes. However, doing so immediately could block legitimate traffic that is not routed via CDN yet, so it is a good practice to wait a few hours before blocking direct traffic.