diff --git a/aws/static_site/main.tf b/aws/static_site/main.tf
index 5b04f4a..58d39c9 100644
--- a/aws/static_site/main.tf
+++ b/aws/static_site/main.tf
@@ -20,11 +20,16 @@ resource "aws_s3_bucket" "mod" {
     }
   )
 
-  cors_rule {
-    allowed_headers = ["*"]
-    allowed_methods = ["GET"]
-    allowed_origins = var.enable_cors_get ? ["*"] : []
-    max_age_seconds = 3000
+  dynamic "cors_rule" {
+    for_each = var.enable_cors_get ? var.cors_rule : []
+
+    content {
+      allowed_methods = cors_rule.value.allowed_methods
+      allowed_origins = cors_rule.value.allowed_origins
+      allowed_headers = lookup(cors_rule.value, "allowed_headers", null)
+      expose_headers  = lookup(cors_rule.value, "expose_headers", null)
+      max_age_seconds = lookup(cors_rule.value, "max_age_seconds", null)
+    }
   }
 
   website {
diff --git a/aws/static_site/variables.tf b/aws/static_site/variables.tf
index 9583027..8cd4b27 100644
--- a/aws/static_site/variables.tf
+++ b/aws/static_site/variables.tf
@@ -25,3 +25,14 @@ variable "enable_cors_get" {
   type = bool
   default = false
 }
+
+variable "cors_rule" {
+  description = "List of maps containing rules for Cross-Origin Resource Sharing."
+  type        = any
+  default     = [{
+    allowed_headers = ["*"]
+    allowed_methods = ["GET"]
+    allowed_origins = ["*"]
+    max_age_seconds = 3000
+  }]
+}