CORS error for the API Gateway when created using terraform, but working if GET method is created manually from AWS console

contact2rames · March 18, 2024, 4:29pm

Terraform Core and AWS Version

providers.tf:
terraform {
required_version = “>= 0.13.1”
required_providers
{
aws = “>= 3.69”
} }

Also tried in my local with : terraform v1.7.3 and aws 5.3.0

Below is my terraform main.tf code:

Terraform Configuration Files

Terraform Configuration Files
resource “aws_api_gateway_resource” “sidenav_details_gw” {
parent_id = var.aws_api_gateway_resource_aws
path_part = var.sidenav_details_partname
rest_api_id = var.api_gateway_rest_api_id
}
resource “aws_api_gateway_method” “sidenav_details_options_method” {
authorization = “NONE”
http_method = “OPTIONS”
resource_id = aws_api_gateway_resource.sidenav_details_gw.id
rest_api_id = var.api_gateway_rest_api_id
}
resource “aws_api_gateway_method” “get_sidenav_details_method” {
authorization = “CUSTOM”
authorizer_id = var.aws_api_gateway_authorizer_id
http_method = “GET”
resource_id = aws_api_gateway_resource.sidenav_details_gw.id
rest_api_id = var.api_gateway_rest_api_id
request_validator_id = var.aws_api_gateway_request_validator_id
}
resource “aws_lambda_permission” “apigw_lambda_perm” {
statement_id = “AllowExecutionFromAPIGateway”
action = “lambda:InvokeFunction”
function_name = var.lambda_sidenav_details_function_name
principal = “apigateway.amazonaws.com”
source_arn = “arn:aws:execute-api:{var.region}:{var.aws_account}:${var.api_gateway_rest_api_id}/*”
}
resource “aws_api_gateway_integration” “sidenav_details_mock_intg” {
http_method = aws_api_gateway_method.sidenav_details_options_method.http_method
resource_id = aws_api_gateway_resource.sidenav_details_gw.id
rest_api_id = var.api_gateway_rest_api_id
type = “MOCK”
}
resource “aws_api_gateway_integration” “get_sidenav_details_method_integration” {
http_method = aws_api_gateway_method.get_sidenav_details_method.http_method
resource_id = aws_api_gateway_resource.sidenav_details_gw.id
rest_api_id = var.api_gateway_rest_api_id
integration_http_method = “POST” # Specify the HTTP method used for the Lambda integration
type = “AWS_PROXY”
uri = var.lambda_sidenav_details_function_invoke_arn
credentials = var.lambda_role_arn
request_templates = {
“application/json” = <<REQUEST_TEMPLATE
{
“Authorization”: “$input.params(‘Authorization’)” #pass the Authorization header to your Lambda
}
REQUEST_TEMPLATE
}
}
resource “aws_api_gateway_method_response” “method_response_200_1” {
rest_api_id = var.api_gateway_rest_api_id
resource_id = aws_api_gateway_resource.sidenav_details_gw.id
http_method = aws_api_gateway_method.get_sidenav_details_method.http_method #GET Method
status_code = “200”

response_models = {
“application/json” = “Empty” # Adjust the response model accordingly
}

response_parameters = {
“method.response.header.Access-Control-Allow-Origin” = true,
“method.response.header.Access-Control-Allow-Headers” = true,
“method.response.header.Access-Control-Allow-Methods” = true,
}
}

OPTIONS Method Response
resource “aws_api_gateway_method_response” “sidenav_details_method_response_200” {
rest_api_id = var.api_gateway_rest_api_id
resource_id = aws_api_gateway_resource.sidenav_details_gw.id
http_method = aws_api_gateway_method.sidenav_details_options_method.http_method
status_code = “200”

response_models = {
“application/json” = “Empty” # Adjust the response model accordingly
}

response_parameters = {
“method.response.header.Access-Control-Allow-Credentials” = true,
“method.response.header.Access-Control-Allow-Headers” = true,
“method.response.header.Access-Control-Allow-Methods” = true,
“method.response.header.Access-Control-Allow-Origin” = true,

}
depends_on = [aws_api_gateway_integration.get_sidenav_details_method_integration,
aws_api_gateway_method.sidenav_details_options_method,
]
}

OPTIONS Integration Response
resource “aws_api_gateway_integration_response” “sidenav_details_intg_response” {
rest_api_id = var.api_gateway_rest_api_id
resource_id = aws_api_gateway_resource.sidenav_details_gw.id
http_method = aws_api_gateway_method.sidenav_details_options_method.http_method
status_code = “200”

response_templates = {
“application/json” = “”
}

response_parameters = {
“method.response.header.Access-Control-Allow-Credentials” = “‘true’”
“method.response.header.Access-Control-Allow-Headers” = “‘Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,token,role,email’”
“method.response.header.Access-Control-Allow-Methods” = “‘GET,OPTIONS’”
“method.response.header.Access-Control-Allow-Origin” = “‘*’”
}
depends_on = [
aws_api_gateway_integration.get_sidenav_details_method_integration,
aws_api_gateway_integration.sidenav_details_mock_intg,
aws_api_gateway_method.sidenav_details_options_method,
aws_api_gateway_method_response.sidenav_details_method_response_200,
]
}

contact2rames · March 21, 2024, 1:10pm

Do anyone has any clue on why AWS is giving CORS error?

Thanks in advance.