jing-teksystems
commented
4 hours ago It turns out this issue was caused by the managed rule AWS-AWSManagedRulesAdminProtectionRuleSet in the WAF WebACL. After removing the rule, the search works.
Closed jing-teksystems closed 4 hours ago
jing-teksystems
commented
4 hours ago It turns out this issue was caused by the managed rule AWS-AWSManagedRulesAdminProtectionRuleSet in the WAF WebACL. After removing the rule, the search works.
Describe the bug We are using AWS EDUS v1.0.11. When the http request has key word “admin” in it, the request failed with CORS error and the request won’t reach the backend lambda with below error
To Reproduce
Expected behavior Kendra search for keyword 'admin' should return documents that has 'admin' in it
Please complete the following information about the solution:
Version: 1.0.11
[ us-east-1 ] Region: [e.g. us-east-1]
[Yes ] Was the solution modified from the version published on this repository?
[ No] If the answer to the previous question was yes, are the changes available on GitHub?
[ Yes] Have you checked your service quotas for the sevices this solution uses?
Were there any errors in the CloudWatch Logs? Lambda was not invoked, API gateway returns 403 error for the
OPTIONS request. Error message from browser is: /search:1 Access to XMLHttpRequest at 'https://xxxx.execute-api.us-east-1.amazonaws.com/prod/search/kendra/admin' from origin 'https://xxxxx.cloudfront.net/' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Screenshots
Additional context The search works well for other search text which doesn't contain 'admin' in it