From aed920d161e81518e7e1a423cc3dd415c5f77172 Mon Sep 17 00:00:00 2001
From: yuekui <liyuekui@gmail.com>
Date: Fri, 28 Mar 2025 19:10:39 -0700
Subject: [PATCH] Allow using multiple cors origins

---
 main.tf | 17 ++++++++---------
 1 file changed, 8 insertions(+), 9 deletions(-)

diff --git a/main.tf b/main.tf
index 12d80708..634d6280 100644
--- a/main.tf
+++ b/main.tf
@@ -354,15 +354,14 @@ resource "aws_s3_bucket_cors_configuration" "origin" {
 
   bucket = one(aws_s3_bucket.origin).id
 
-  dynamic "cors_rule" {
-    for_each = distinct(compact(concat(var.cors_allowed_origins, var.aliases, var.external_aliases)))
-    content {
-      allowed_headers = var.cors_allowed_headers
-      allowed_methods = var.cors_allowed_methods
-      allowed_origins = [cors_rule.value]
-      expose_headers  = var.cors_expose_headers
-      max_age_seconds = var.cors_max_age_seconds
-    }
+  cors_rule {
+    allowed_headers = var.cors_allowed_headers
+    allowed_methods = var.cors_allowed_methods
+    allowed_origins = sort(
+      distinct(compact(concat(var.cors_allowed_origins, var.aliases, var.external_aliases)))
+    )
+    expose_headers  = var.cors_expose_headers
+    max_age_seconds = var.cors_max_age_seconds
   }
 
   depends_on = [time_sleep.wait_for_aws_s3_bucket_settings]