Use a CDN in front of a Cloud-IAM's Keycloak deployment
A CDN (like Cloudflare, AWS Cloudfront, ...) is a reverse proxy at scale with additional features such as intelligent filtering, caching, routing, ...
This implies that the end-user requests are not directly routed to the Cloud-IAM cluster, but an additional server (company) interacts before proxying them to the cluster.
In this article, we will assume that the domain my-custom.domain.tld will serve requests from the deployment deployment.cloud-iam.com.
Cloud-IAM's deployments can be 'CDNifed'. In this case, there is no need to declare a custom domain in Cloud-IAM console.
The CDN becomes responsible of managing the TLS certificate for my-custom.domain.tld. It must be configured to use a full encryption mode to ensure the requests are still encrypted end-to-end.
However, all the traffic at the edge of the deployment will come from the CDN server IPs. Depending on the load of your traffic, this could lead to rate-limiting. Please contact the support to adjust the rate limiting settings.
How to setup a custom domain
How to setup a reverse-proxy
This implies that the end-user requests are not directly routed to the Cloud-IAM cluster, but an additional server (company) interacts before proxying them to the cluster.
In this article, we will assume that the domain my-custom.domain.tld will serve requests from the deployment deployment.cloud-iam.com.
Cloud-IAM's deployments can be 'CDNifed'. In this case, there is no need to declare a custom domain in Cloud-IAM console.
The CDN becomes responsible of managing the TLS certificate for my-custom.domain.tld. It must be configured to use a full encryption mode to ensure the requests are still encrypted end-to-end.
However, all the traffic at the edge of the deployment will come from the CDN server IPs. Depending on the load of your traffic, this could lead to rate-limiting. Please contact the support to adjust the rate limiting settings.
Related
How to setup a custom domain
How to setup a reverse-proxy
Updated on: 06/05/2022
Thank you!