smalruby · takaokouji · Feb 5, 2026 · Feb 5, 2026 · Feb 5, 2026
diff --git a/lib/mesh-v2-stack.ts b/lib/mesh-v2-stack.ts
@@ -2,7 +2,6 @@ import * as cdk from 'aws-cdk-lib/core';
 import * as dynamodb from 'aws-cdk-lib/aws-dynamodb';
 import * as appsync from 'aws-cdk-lib/aws-appsync';
 import * as lambda from 'aws-cdk-lib/aws-lambda';
-import * as wafv2 from 'aws-cdk-lib/aws-wafv2';
 import * as route53 from 'aws-cdk-lib/aws-route53';
 import * as acm from 'aws-cdk-lib/aws-certificatemanager';
 import * as targets from 'aws-cdk-lib/aws-route53-targets';
@@ -135,114 +134,6 @@ export class MeshV2Stack extends cdk.Stack {
       },
     });
 
-    // WAF configuration (Only for production)
-    if (stage === 'prod') {
-      const allowedOrigins = [
-        'https://smalruby.app',
-        'https://smalruby.jp'
-      ];
-
-      const webAcl = new wafv2.CfnWebACL(this, 'MeshV2ApiWebAcl', {
-        defaultAction: { block: {} },
-        scope: 'REGIONAL',
-        visibilityConfig: {
-          cloudWatchMetricsEnabled: true,
-          metricName: 'MeshV2ApiWebAcl',
-          sampledRequestsEnabled: true,
-        },
-        rules: [
-          {
-            name: 'AllowPreflightOptions',
-            priority: 0,
-            action: { allow: {} },
-            statement: {
-              andStatement: {
-                statements: [
-                  {
-                    byteMatchStatement: {
-                      fieldToMatch: {
-                        method: {},
-                      },
-                      positionalConstraint: 'EXACTLY',
-                      searchString: 'OPTIONS',
-                      textTransformations: [
-                        {
-                          priority: 0,
-                          type: 'NONE',
-                        },
-                      ],
-                    },
-                  },
-                  {
-                    orStatement: {
-                      statements: allowedOrigins.map(origin => ({
-                        byteMatchStatement: {
-                          fieldToMatch: {
-                            singleHeader: {
-                              Name: 'origin',
-                            },
-                          },
-                          positionalConstraint: 'EXACTLY',
-                          searchString: origin,
-                          textTransformations: [
-                            {
-                              priority: 0,
-                              type: 'LOWERCASE',
-                            },
-                          ],
-                        },
-                      })),
-                    },
-                  },
-                ],
-              },
-            },
-            visibilityConfig: {
-              cloudWatchMetricsEnabled: true,
-              metricName: 'AllowPreflightOptions',
-              sampledRequestsEnabled: true,
-            },
-          },
-          {
-            name: 'AllowSpecificOrigins',
-            priority: 1,
-            action: { allow: {} },
-            statement: {
-              orStatement: {
-                statements: allowedOrigins.map(origin => ({
-                  byteMatchStatement: {
-                    fieldToMatch: {
-                      singleHeader: {
-                        Name: 'origin',
-                      },
-                    },
-                    positionalConstraint: 'EXACTLY',
-                    searchString: origin,
-                    textTransformations: [
-                      {
-                        priority: 0,
-                        type: 'LOWERCASE',
-                      },
-                    ],
-                  },
-                })),
-              },
-            },
-            visibilityConfig: {
-              cloudWatchMetricsEnabled: true,
-              metricName: 'AllowSpecificOrigins',
-              sampledRequestsEnabled: true,
-            },
-          },
-        ],
-      });
-
-      new wafv2.CfnWebACLAssociation(this, 'MeshV2ApiWebAclAssociation', {
-        resourceArn: this.api.arn,
-        webAclArn: webAcl.attrArn,
-      });
-    }
-
     // Route53 Alias record for Custom Domain
     if (customDomain && zone) {
       // Extract subdomain from customDomain (e.g., "graphql.api.smalruby.app" -> "graphql")

diff --git a/spec/fixtures/mutations/create_group.graphql b/spec/fixtures/mutations/create_group.graphql
@@ -17,7 +17,6 @@ mutation CreateGroup(
     fullId
     name
     hostId
-    createdAt
     expiresAt
     useWebSocket
     pollingIntervalSeconds

diff --git a/spec/fixtures/queries/list_groups_by_domain.graphql b/spec/fixtures/queries/list_groups_by_domain.graphql
@@ -5,7 +5,6 @@ query ListGroupsByDomain($domain: String!) {
     fullId
     name
     hostId
-    createdAt
     expiresAt
   }
 }
diff --git a/spec/requests/group_management_spec.rb b/spec/requests/group_management_spec.rb
@@ -23,7 +23,6 @@
       )
       expect(response["data"]["createGroup"]["hostId"]).to eq(variables[:hostId])
       expect(response["data"]["createGroup"]["id"]).to be_present
-      expect(response["data"]["createGroup"]["createdAt"]).to match_iso8601
       expect(response["data"]["createGroup"]["fullId"]).to match(/\A.+@test\.example\.com\z/)
     end
 

diff --git a/test/mesh-v2.test.ts b/test/mesh-v2.test.ts
@@ -1,5 +1,5 @@
 import * as cdk from 'aws-cdk-lib/core';
-import { Template } from 'aws-cdk-lib/assertions';
+import { Template, Match } from 'aws-cdk-lib/assertions';
 import * as MeshV2 from '../lib/mesh-v2-stack';
 
 describe('MeshV2Stack', () => {
@@ -29,8 +29,8 @@ describe('MeshV2Stack', () => {
     // Environment Variables
     template.hasResourceProperties('AWS::AppSync::GraphQLApi', {
       EnvironmentVariables: {
-        MESH_EVENT_TTL_SECONDS: '10',
-        MESH_POLLING_INTERVAL_SECONDS: '2'
+        MESH_EVENT_TTL_SECONDS: Match.anyValue(),
+        MESH_POLLING_INTERVAL_SECONDS: Match.anyValue()
       }
     });
 
@@ -72,82 +72,5 @@ describe('MeshV2Stack', () => {
       TypeName: 'Query'
     });
   });
-
-  test('WAF is created when stage is prod', () => {
-    const app = new cdk.App({
-      context: {
-        stage: 'prod'
-      }
-    });
-    const stack = new MeshV2.MeshV2Stack(app, 'MyProdTestStack', {
-      env: { account: '123456789012', region: 'us-east-1' }
-    });
-    const template = Template.fromStack(stack);
-
-    template.resourceCountIs('AWS::WAFv2::WebACL', 1);
-    template.hasResourceProperties('AWS::WAFv2::WebACL', {
-      DefaultAction: { Block: {} },
-      Scope: 'REGIONAL',
-      Rules: [
-        {
-          Name: 'AllowSpecificOrigins',
-          Priority: 1,
-          Action: { Allow: {} },
-          Statement: {
-            OrStatement: {
-              Statements: [
-                {
-                  ByteMatchStatement: {
-                    FieldToMatch: {
-                      SingleHeader: { name: 'origin' }
-                    },
-                    PositionalConstraint: 'EXACTLY',
-                    SearchString: 'https://smalruby.app',
-                    TextTransformations: [
-                      {
-                        Priority: 0,
-                        Type: 'LOWERCASE'
-                      }
-                    ]
-                  }
-                },
-                {
-                  ByteMatchStatement: {
-                    FieldToMatch: {
-                      SingleHeader: { name: 'origin' }
-                    },
-                    PositionalConstraint: 'EXACTLY',
-                    SearchString: 'https://smalruby.jp',
-                    TextTransformations: [
-                      {
-                        Priority: 0,
-                        Type: 'LOWERCASE'
-                      }
-                    ]
-                  }
-                }
-              ]
-            }
-          }
-        }
-      ]
-    });
-
-    template.resourceCountIs('AWS::WAFv2::WebACLAssociation', 1);
-  });
-
-  test('WAF is not created when stage is stg', () => {
-    const app = new cdk.App({
-      context: {
-        stage: 'stg'
-      }
-    });
-    const stack = new MeshV2.MeshV2Stack(app, 'MyStgTestStack', {
-      env: { account: '123456789012', region: 'us-east-1' }
-    });
-    const template = Template.fromStack(stack);
-
-    template.resourceCountIs('AWS::WAFv2::WebACL', 0);
-    template.resourceCountIs('AWS::WAFv2::WebACLAssociation', 0);
-  });
 });
+
-Original file line number
+Diff line change
@@ Expand Up / @@ -5,7 +5,6 @@ query ListGroupsByDomain($domain: String!) { @@
         fullId
         name
         hostId
-        createdAt
         expiresAt
       }
     }