Securing the PFC


I’m developing an Alexa voice interface for the PFC.

The Alexa skill’s code runs in an AWS Lambda instance which communicates with the PFC over the Internet via CouchDB REST APIs and openag_brain REST APIs proxied by CouchDB. For security purposes, these APIs need to be authenticated and encrypted via TLS/SSL and the CouchDB “admin party” needs to be ended.

The steps I’ve taken to secure the PFC can be found here which may be of general use for people that want to access the PFC’s API over the Internet.