Expose Cloudfront configuration for private construct hub

[MrArnoldPalmer]

Users wishing to deploy private instances of construct hub may want to put some sort of authorization in front of their cloudfront distribution in order to prevent access outside of their organization. In order to aid this we should allow passing in custom configuration to all relevant cloudfront properties from the top level construct. Notably this may require customization to the defaultBehavior and additionalBehaviors.

There may be more ergonomic ways to allow access to known verification workflows without requiring users to configure their own behaviors by overriding the existing ones.

[MrArnoldPalmer]

Currently the cloudfront.Distribution construct does not expose the trustedSigners property for configuration which is required by certain signer implementations.

Additionally OIDC is another option which requires allowing passing a custom request edge function for all behaviors.

[github-actions]

This issue is now marked as stale because it hasn't seen activity for a while. Add a comment or it will be closed soon.

[MrArnoldPalmer]

keep

[github-actions]

This issue is now marked as stale because it hasn't seen activity for a while. Add a comment or it will be closed soon.

[github-actions]

Closing this issue as it hasn't seen activity for a while. Please add a comment @mentioning a maintainer to reopen.

[github-actions]

This issue is now marked as stale because it hasn't seen activity for a while. Add a comment or it will be closed soon. If you wish to exclude this issue from being marked as stale, add the "backlog" label.

[MrArnoldPalmer]

keep