GetBucketCors
Note
This operation is not supported for directory buckets.
Returns the Cross-Origin Resource Sharing (CORS) configuration information set for the bucket.
To use this operation, you must have permission to perform the
s3:GetBucketCORS
action. By default, the bucket owner has this permission
and can grant it to others.
When you use this API operation with an access point, provide the alias of the access point in place of the bucket name.
When you use this API operation with an Object Lambda access point, provide the alias of the Object Lambda access point in place of the bucket name.
If the Object Lambda access point alias in a request is not valid, the error code InvalidAccessPointAliasError
is returned.
For more information about InvalidAccessPointAliasError
, see List of
Error Codes.
For more information about CORS, see Enabling Cross-Origin Resource Sharing.
The following operations are related to GetBucketCors
:
Request Syntax
GET /?cors HTTP/1.1
Host: Bucket
.s3.amazonaws.com
x-amz-expected-bucket-owner: ExpectedBucketOwner
URI Request Parameters
The request uses the following URI parameters.
- Bucket
-
The bucket name for which to get the cors configuration.
When you use this API operation with an access point, provide the alias of the access point in place of the bucket name.
When you use this API operation with an Object Lambda access point, provide the alias of the Object Lambda access point in place of the bucket name. If the Object Lambda access point alias in a request is not valid, the error code
InvalidAccessPointAliasError
is returned. For more information aboutInvalidAccessPointAliasError
, see List of Error Codes.Required: Yes
- x-amz-expected-bucket-owner
-
The account ID of the expected bucket owner. If the account ID that you provide does not match the actual owner of the bucket, the request fails with the HTTP status code
403 Forbidden
(access denied).
Request Body
The request does not have a request body.
Response Syntax
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration>
<CORSRule>
<AllowedHeader>string</AllowedHeader>
...
<AllowedMethod>string</AllowedMethod>
...
<AllowedOrigin>string</AllowedOrigin>
...
<ExposeHeader>string</ExposeHeader>
...
<ID>string</ID>
<MaxAgeSeconds>integer</MaxAgeSeconds>
</CORSRule>
...
</CORSConfiguration>
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
- CORSConfiguration
-
Root level tag for the CORSConfiguration parameters.
Required: Yes
- CORSRule
-
A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.
Type: Array of CORSRule data types
Examples
Configure CORS Sample Request
The following PUT request adds the cors
subresource to a bucket
(examplebucket)
.
PUT /?cors HTTP/1.1 Host: examplebucket.s3.<Region>.amazonaws.com x-amz-date: Tue, 21 Aug 2012 17:54:50 GMT Content-MD5: 8dYiLewFWZyGgV2Q5FNI4W== Authorization: authorization string Content-Length: 216 <CORSConfiguration> <CORSRule> <AllowedOrigin>http://www.example.com</AllowedOrigin> <AllowedMethod>PUT</AllowedMethod> <AllowedMethod>POST</AllowedMethod> <AllowedMethod>DELETE</AllowedMethod> <AllowedHeader>*</AllowedHeader> <MaxAgeSeconds>3000</MaxAgeSec> <ExposeHeader>x-amz-server-side-encryption</ExposeHeader> </CORSRule> <CORSRule> <AllowedOrigin>*</AllowedOrigin> <AllowedMethod>GET</AllowedMethod> <AllowedHeader>*</AllowedHeader> <MaxAgeSeconds>3000</MaxAgeSeconds> </CORSRule> </CORSConfiguration>
Example
This is the sample response to the preceding request.
HTTP/1.1 200 OK x-amz-id-2: CCshOvbOPfxzhwOADyC4qHj/Ck3F9Q0viXKw3rivZ+GcBoZSOOahvEJfPisZB7B x-amz-request-id: BDC4B83DF5096BBE Date: Tue, 21 Aug 2012 17:54:50 GMT Server: AmazonS3
Sample Request: Retrieve cors subresource
The following example gets the cors subresource of a bucket.
GET /?cors HTTP/1.1 Host: examplebucket.s3.<Region>.amazonaws.com Date: Tue, 13 Dec 2011 19:14:42 GMT Authorization: signatureValue
Example
Sample Response
HTTP/1.1 200 OK x-amz-id-2: 0FmFIWsh/PpBuzZ0JFRC55ZGVmQW4SHJ7xVDqKwhEdJmf3q63RtrvH8ZuxW1Bol5 x-amz-request-id: 0CF038E9BCF63097 Date: Tue, 13 Dec 2011 19:14:42 GMT Server: AmazonS3 Content-Length: 280 <CORSConfiguration> <CORSRule> <AllowedOrigin>http://www.example.com</AllowedOrigin> <AllowedMethod>GET</AllowedMethod> <MaxAgeSeconds>3000</MaxAgeSec> <ExposeHeader>x-amz-server-side-encryption</ExposeHeader> </CORSRule> </CORSConfiguration>
See Also
For more information about using this API in one of the language-specific Amazon SDKs, see the following: