diff --git a/lib/mesh-v2-stack.ts b/lib/mesh-v2-stack.ts index aa2645d..17abe6c 100644 --- a/lib/mesh-v2-stack.ts +++ b/lib/mesh-v2-stack.ts @@ -151,6 +151,58 @@ export class MeshV2Stack extends cdk.Stack { sampledRequestsEnabled: true, }, rules: [ + { + name: 'AllowPreflightOptions', + priority: 0, + action: { allow: {} }, + statement: { + andStatement: { + statements: [ + { + byteMatchStatement: { + fieldToMatch: { + method: {}, + }, + positionalConstraint: 'EXACTLY', + searchString: 'OPTIONS', + textTransformations: [ + { + priority: 0, + type: 'NONE', + }, + ], + }, + }, + { + orStatement: { + statements: allowedOrigins.map(origin => ({ + byteMatchStatement: { + fieldToMatch: { + singleHeader: { + Name: 'origin', + }, + }, + positionalConstraint: 'EXACTLY', + searchString: origin, + textTransformations: [ + { + priority: 0, + type: 'LOWERCASE', + }, + ], + }, + })), + }, + }, + ], + }, + }, + visibilityConfig: { + cloudWatchMetricsEnabled: true, + metricName: 'AllowPreflightOptions', + sampledRequestsEnabled: true, + }, + }, { name: 'AllowSpecificOrigins', priority: 1, @@ -161,7 +213,7 @@ export class MeshV2Stack extends cdk.Stack { byteMatchStatement: { fieldToMatch: { singleHeader: { - name: 'origin', + Name: 'origin', }, }, positionalConstraint: 'EXACTLY',