Skip to content

Commit

Permalink
Use dynamic to write cors rule optionally
Browse files Browse the repository at this point in the history 
* This is a cleaner backwards compatible change
* This also allows for the override of cors_rule if the
  end user so desires.
  • Loading branch information
Derek Hammer committed Nov 10, 2020
1 parent a262f54 commit 0b6dd9e
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 5 deletions.
15 changes: 10 additions & 5 deletions aws/static_site/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,11 +20,16 @@ resource "aws_s3_bucket" "mod" {
}
)

cors_rule {
allowed_headers = ["*"]
allowed_methods = ["GET"]
allowed_origins = var.enable_cors_get ? ["*"] : []
max_age_seconds = 3000
dynamic "cors_rule" {
for_each = var.enable_cors_get ? var.cors_rule : []

content {
allowed_methods = cors_rule.value.allowed_methods
allowed_origins = cors_rule.value.allowed_origins
allowed_headers = lookup(cors_rule.value, "allowed_headers", null)
expose_headers = lookup(cors_rule.value, "expose_headers", null)
max_age_seconds = lookup(cors_rule.value, "max_age_seconds", null)
}
}

website {
Expand Down
11 changes: 11 additions & 0 deletions aws/static_site/variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,3 +25,14 @@ variable "enable_cors_get" {
type = bool
default = false
}

variable "cors_rule" {
description = "List of maps containing rules for Cross-Origin Resource Sharing."
type = any
default = [{
allowed_headers = ["*"]
allowed_methods = ["GET"]
allowed_origins = ["*"]
max_age_seconds = 3000
}]
}

0 comments on commit 0b6dd9e

Please sign in to comment.