AWS::S3::Bucket CorsConfiguration - Amazon CloudFormation
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::S3::Bucket CorsConfiguration

Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see Enabling Cross-Origin Resource Sharing in the Amazon S3 User Guide.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{ "CorsRules" : [ CorsRule, ... ] }

Properties

CorsRules

A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.

Required: Yes

Type: Array of CorsRule

Update requires: No interruption

Examples

Enable cross-origin resource sharing

The following example template shows a public S3 bucket with two cross-origin resource sharing rules.

JSON

{ "AWSTemplateFormatVersion": "2010-09-09", "Resources": { "S3Bucket": { "Type": "AWS::S3::Bucket", "Properties": { "AccessControl": "PublicRead", "CorsConfiguration": { "CorsRules": [ { "AllowedHeaders": [ "*" ], "AllowedMethods": [ "GET" ], "AllowedOrigins": [ "*" ], "ExposedHeaders": [ "Date" ], "Id": "myCORSRuleId1", "MaxAge": 3600 }, { "AllowedHeaders": [ "x-amz-*" ], "AllowedMethods": [ "DELETE" ], "AllowedOrigins": [ "http://www.example.com", "http://www.example.net" ], "ExposedHeaders": [ "Connection", "Server", "Date" ], "Id": "myCORSRuleId2", "MaxAge": 1800 } ] } } } }, "Outputs": { "BucketName": { "Value": { "Ref": "S3Bucket" }, "Description": "Name of the sample Amazon S3 bucket with CORS enabled." } } }

YAML

AWSTemplateFormatVersion: 2010-09-09 Resources: S3Bucket: Type: 'AWS::S3::Bucket' Properties: AccessControl: PublicRead CorsConfiguration: CorsRules: - AllowedHeaders: - '*' AllowedMethods: - GET AllowedOrigins: - '*' ExposedHeaders: - Date Id: myCORSRuleId1 MaxAge: 3600 - AllowedHeaders: - x-amz-* AllowedMethods: - DELETE AllowedOrigins: - 'http://www.example.com' - 'http://www.example.net' ExposedHeaders: - Connection - Server - Date Id: myCORSRuleId2 MaxAge: 1800 Outputs: BucketName: Value: !Ref S3Bucket Description: Name of the sample Amazon S3 bucket with CORS enabled.