AWS CloudFormation
User Guide (API Version 2010-05-15)

Amazon S3 Bucket CorsRule

Describes cross-origin access rules for the Amazon S3 Bucket CorsConfiguration property.



{ "AllowedHeaders" : [ String, ... ], "AllowedMethods" : [ String, ... ], "AllowedOrigins" : [ String, ... ], "ExposedHeaders" : [ String, ... ], "Id" : String, "MaxAge" : Integer }


AllowedHeaders: - String AllowedMethods: - String AllowedOrigins: - String ExposedHeaders: - String Id: String MaxAge: Integer



Headers that are specified in the Access-Control-Request-Headers header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed.

Required: No

Type: List of String values


An HTTP method that you allow the origin to execute. The valid values are GET, PUT, HEAD, POST, and DELETE.

Required: Yes

Type: List of String values


An origin that you allow to send cross-domain requests.

Required: Yes

Type: List of String values


One or more headers in the response that are accessible to client applications (for example, from a JavaScript XMLHttpRequest object).

Required: No

Type: List of String values


A unique identifier for this rule. The value cannot be more than 255 characters.

Required: No

Type: String


The time in seconds that your browser is to cache the preflight response for the specified resource.

Required: No

Type: Integer

On this page: