• Public
  • Public/Protected
  • All

Interface CORSRule

Specifies a cross-origin access rule for an Amazon S3 bucket.


  • CORSRule



Optional AllowedHeaders

AllowedHeaders: string[]

Headers that are specified in the Access-Control-Request-Headers header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed.


AllowedMethods: string[] | undefined

An HTTP method that you allow the origin to execute. Valid values are GET, PUT, HEAD, POST, and DELETE.


AllowedOrigins: string[] | undefined

One or more origins you want customers to be able to access the bucket from.

Optional ExposeHeaders

ExposeHeaders: string[]

One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).

Optional ID

ID: undefined | string

Unique identifier for the rule. The value cannot be longer than 255 characters.

Optional MaxAgeSeconds

MaxAgeSeconds: undefined | number

The time in seconds that your browser is to cache the preflight response for the specified resource.