ThreatReaction
🛡Threat Reaction|Documentation

Application

The Application page exposes settings and metadata for the Threat Reaction stack itself: the CloudFormation stack name, deployed template version, the S3 frontend bucket, and operational controls like the country access policy and template update flow.

In the app: /application

Stack Information

Shows the CloudFormation stack name, the AWS region, the currently deployed template version, and the S3 bucket used to host the Svelte SPA. This information is injected at deploy time via the config.json file served by CloudFront — it is read-only in the app.

Template Version Check

Click Check for Updates in the app header (or from this page) to compare the currently deployed template version against the latest version published to the Threat Reaction publisher S3 bucket. If a newer version exists, an update banner appears in the header with the version numbers.

Applying an Update

When an update is available:

  1. Click Update in the banner. The app opens the AWS CloudFormation console pre-loaded with your stack and the new template URL.
  2. Review the change set in CloudFormation. Most updates are safe — they add Lambda code, update DynamoDB indexes, or refresh the frontend build.
  3. Apply the change set. CloudFormation rolls out the update in-place.
  4. Return to the Threat Reaction app and click Completed in the banner.
  5. Use the hard-refresh option to clear browser cache and load the new frontend build.

License Binding

The license key is cryptographically bound to the AWS Account ID of the deployment. Moving the stack to a different AWS account requires requesting a new license from the customer panel. The Account ID is shown on this page for reference when requesting a replacement license.

Country Access Policy

An optional allowlist or blocklist of ISO 3166-1 alpha-2 country codes applied at the CloudFront distribution level. When configured, requests from countries not on the allowlist (or on the blocklist) receive a 403 response before reaching the API Gateway or Lambda. This is a coarse geographic control — it does not replace WAF rules or IAM policies.

Frontend Build Versioning

The SPA version number shown in the app header comes from the build metadata injected at package-build time. The template version and SPA version should stay in sync — a mismatch can cause API incompatibilities if the frontend expects endpoints that the older Lambda does not provide.

💡 Tip

After every stack update, clear your browser cache or use the hard-refresh option in the update banner. CloudFront caches the SPA aggressively; without a cache invalidation the browser may continue serving the old JavaScript bundle.

⚠️ Warning

Changing the country access policy takes effect within a few minutes as CloudFront propagates the update to edge nodes globally. Plan this change during a low-traffic window if your team accesses the app from multiple countries.

ℹ️ Note

Template updates are backward-compatible whenever possible. If a breaking change is introduced, the release notes on the Threat Reaction GitHub repository will flag it explicitly.