Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/cloudandthings/terraform-aws-cors

Last synced: 4 days ago
JSON representation

Host: GitHub
URL: https://github.com/cloudandthings/terraform-aws-cors
Owner: cloudandthings
License: apache-2.0
Created: 2023-12-27T10:42:58.000Z (11 months ago)
Default Branch: main
Last Pushed: 2024-01-01T13:47:41.000Z (11 months ago)
Last Synced: 2024-01-01T15:41:07.397Z (11 months ago)
Language: HCL
Size: 26.4 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 3
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Contributing: .github/contributing.md
- License: LICENSE

Awesome Lists containing this project

README

        # Terraform AWS CORS

A single module to setup CORS for both REST and HTTP APIs.

## Headers

The following commonly used headers are set by default: `Content-Type`, `X-Amz-Date`, `Authorization`, `X-Api-Key`, `X-Amz-Security-Token`. These can be disbaled using the `disable_default_headers` variable.

Additional headers can be set using the `allowed_headers` variable.

## Usage with REST API (v1)

### Basic usage

`REST` APIs only support a single origin, if more than one is supplied the module will throw a validation error.

```hcl

module "basic_cors_rest" {

  source  = "cloudandthings/cors/aws"

  version = "1.0.0"

  api_gateway_type = 'REST'

  api              = aws_api_gateway_rest_api.your_api.id

  resources = [

    aws_api_gateway_resource.a.id,

    aws_api_gateway_resource.b.id

  ]

  methods = [

    "GET",

    "POST"

  ]

  allowed_origins = ['*']

}

```

### All features

```hcl

module "basic_cors_rest" {

  source  = "cloudandthings/cors/aws"

  version = "1.0.0"

  api_gateway_type = "REST"

  api              = aws_api_gateway_rest_api.your_api.id

  resources = [

    aws_api_gateway_resource.a.id,

    aws_api_gateway_resource.b.id

  ]

  methods = [

    "GET",

    "POST",

    "PUT",

    "DELETE",

    "HEAD",

    "PATCH",

    "OPTIONS"

  ]

  allowed_origins = ["http://your_domain"]

  disable_default_headers = true

  allowed_headers = [

    "Authentication"

  ]

}

```

## Usage with HTTP API (v2)

## Caveats

- **PROXY_INTEGRATION** does not allow you to modify the response. This means you need to set the CORS headers in your code (see examples folder).

- The module will create an `OPTIONS` method on every provided API resource. The browser will not always send a preflight request, this can be forced by adding some custom header ("X-PING: pong").

## Terraform Documentation

### Inputs

| Name | Description | Type | Default | Required |

|------|-------------|------|---------|:--------:|

|  [allowed\_headers](#input\_allowed\_headers) | A list of additionally allowed headers. If you are using Access-Control-Allow-Headers as a wildcard, you must specify ['*'] explicitly. | `list(string)` | `[]` | no |

|  [allowed\_origins](#input\_allowed\_origins) | A list of allowed origins. REST API only support a single origin. | `list(string)` | n/a | yes |

|  [api](#input\_api) | ID of the API Gateway. | `string` | n/a | yes |

|  [api\_gateway\_type](#input\_api\_gateway\_type) | The type of the API Gateway to create. Valid values are REST (v1) or HTTP (v2). Defaults to REST. | `string` | n/a | yes |

|  [disable\_default\_headers](#input\_disable\_default\_headers) | Whether to disable the default headers. Defaults to false. | `bool` | `false` | no |

|  [methods](#input\_methods) | List of permitted HTTP methods. OPTIONS is added by default. | `list(string)` | n/a | yes |

|  [rest\_resources](#input\_rest\_resources) | List of the IDs of an aws\_api\_gateway\_resource resource. This must be set if api\_gateway\_type is REST. | `list(string)` | `[]` | no |

----

### Modules

| Name | Source | Version |

|------|--------|---------|

|  [http](#module\_http) | ./local-modules/HTTP | n/a |

|  [rest](#module\_rest) | ./local-modules/REST | n/a |

----

### Outputs

| Name | Description |

|------|-------------|

|  [headers](#output\_headers) | A list of headers that are allowed in a preflight request. |

|  [methods](#output\_methods) | A list of methods that are allowed in a preflight request. |

|  [origins](#output\_origins) | A list of origins that are allowed in a preflight request. |

----

### Providers

No providers.

----

### Requirements

| Name | Version |

|------|---------|

|  [terraform](#requirement\_terraform) | >= 0.15.0 |

|  [aws](#requirement\_aws) | >= 4.9 |

|  [null](#requirement\_null) | >= 3.1 |

----

### Resources

No resources.

----