AWS::S3::Bucket CorsRule - Amazon CloudFormation
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::S3::Bucket CorsRule

Specifies a cross-origin access rule for an Amazon S3 bucket.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{ "AllowedHeaders" : [ String, ... ], "AllowedMethods" : [ String, ... ], "AllowedOrigins" : [ String, ... ], "ExposedHeaders" : [ String, ... ], "Id" : String, "MaxAge" : Integer }

YAML

AllowedHeaders: - String AllowedMethods: - String AllowedOrigins: - String ExposedHeaders: - String Id: String MaxAge: Integer

Properties

AllowedHeaders

Headers that are specified in the Access-Control-Request-Headers header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed.

Required: No

Type: Array of String

Update requires: No interruption

AllowedMethods

An HTTP method that you allow the origin to run.

Allowed values: GET | PUT | HEAD | POST | DELETE

Required: Yes

Type: Array of String

Allowed values: GET | PUT | HEAD | POST | DELETE

Update requires: No interruption

AllowedOrigins

One or more origins you want customers to be able to access the bucket from.

Required: Yes

Type: Array of String

Update requires: No interruption

ExposedHeaders

One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).

Required: No

Type: Array of String

Update requires: No interruption

Id

A unique identifier for this rule. The value must be no more than 255 characters.

Required: No

Type: String

Maximum: 255

Update requires: No interruption

MaxAge

The time in seconds that your browser is to cache the preflight response for the specified resource.

Required: No

Type: Integer

Minimum: 0

Update requires: No interruption

Examples

Enable cross-origin resource sharing

The following example template shows a public S3 bucket with two cross-origin resource sharing rules.

JSON

{ "AWSTemplateFormatVersion": "2010-09-09", "Resources": { "S3Bucket": { "Type": "AWS::S3::Bucket", "Properties": { "AccessControl": "PublicRead", "CorsConfiguration": { "CorsRules": [ { "AllowedHeaders": [ "*" ], "AllowedMethods": [ "GET" ], "AllowedOrigins": [ "*" ], "ExposedHeaders": [ "Date" ], "Id": "myCORSRuleId1", "MaxAge": 3600 }, { "AllowedHeaders": [ "x-amz-*" ], "AllowedMethods": [ "DELETE" ], "AllowedOrigins": [ "http://www.example.com", "http://www.example.net" ], "ExposedHeaders": [ "Connection", "Server", "Date" ], "Id": "myCORSRuleId2", "MaxAge": 1800 } ] } } } }, "Outputs": { "BucketName": { "Value": { "Ref": "S3Bucket" }, "Description": "Name of the sample Amazon S3 bucket with CORS enabled." } } }

YAML

AWSTemplateFormatVersion: 2010-09-09 Resources: S3Bucket: Type: 'AWS::S3::Bucket' Properties: AccessControl: PublicRead CorsConfiguration: CorsRules: - AllowedHeaders: - '*' AllowedMethods: - GET AllowedOrigins: - '*' ExposedHeaders: - Date Id: myCORSRuleId1 MaxAge: 3600 - AllowedHeaders: - x-amz-* AllowedMethods: - DELETE AllowedOrigins: - 'http://www.example.com' - 'http://www.example.net' ExposedHeaders: - Connection - Server - Date Id: myCORSRuleId2 MaxAge: 1800 Outputs: BucketName: Value: !Ref S3Bucket Description: Name of the sample Amazon S3 bucket with CORS enabled.