Remove CORS

Changed (non-breaking)

• Remove the CORS middleware since it is not required for this application.

Cleanup IAM policy, update webauthn Go library

Changed (non-breaking)

• Replace deprecated duo-labs/webauthn with go-webauthn/webauthn.

Fixed

• Whitespace formatting using go fmt and gofumpt.
• Remove the duplicate "..._global" resource from the Lambda Role's policy
  • The api_key_table and webauthn_table values now include the full table name, so this transitional additional resource name (where we manually appended the "_global" suffix) is no longer needed.

Improve DNS failover using intermediate CNAME records

Added

• Add intermediate CNAMEs for easier failover
• Output domain names used by DNS CNAME failover records

Fixed

• Wait for certificate to be issued before trying to use it

---

Note: If desired, you could use terraform state mv to reduce the amount of deletion-and-recreation that some included terraform module-renames and resource-renames will cause (if that matters to you):

terraform state mv module.dns_for_failover.module.fail_over_cname module.dns_for_failover.module.fail_over_cnames
terraform state mv module.dns_for_failover.module.custom_domains module.dns_for_failover.module.api_gateway_domains_and_certs

Use GlobalTables, add DNS for failover

Changed (BREAKING)

• Change Cloudflare zone/domain name variable
• Switch to using global table for api-keys
• Switch to using global table for u2f/webauthn records

Changed (non-breaking)

• Restrict IAM permissions by AWS account, not region

Added

• Add CNAME DNS records for failover

Fixed

• Fix api_name values to match code in codeship/deploy.sh
• Use calculate API stage as serverless_stage as well