Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.esperr.com/llms.txt

Use this file to discover all available pages before exploring further.

Recipe PathThis guide corresponds to recipes/aws.

What this integration does

The Lambda recipe extracts request context from the event, asks Esper for a mitigation result, and either returns a mitigation response or forwards the request onward. It should call POST /api/v1/runtime/mitigation on the Esper API host. Example from the recipe: 
const clientIP =
  event.headers["X-Forwarded-For"] ||
  event.requestContext?.identity?.sourceIp ||
  "127.0.0.1";

const mitigationData = JSON.stringify({
  ip: clientIP,
  user_agent: event.headers["User-Agent"] || event.headers["user-agent"],
  path: event.path || event.rawPath,
  method: event.httpMethod || event.requestContext?.http?.method,
  aws_request_id: event.requestContext?.requestId,
});

Environment variables

  • ESPER_API_KEY
  • ESPER_API_URL

Deploy

cd recipes/aws
sam build
sam deploy --guided
Operational FitThis recipe is a good fit for teams already standardized on AWS primitives and who want Esper enforcement or telemetry collection without introducing a separate always-on service.

Current behavior notes

  • Monitor is the safest place to start.
  • Challenge currently returns challenge data instead of redirecting into an Esper-hosted verification flow.
  • Block returns an immediate deny response from Lambda.