API Reference

PREVIEW DOCUMENTATION - This is a preview of a new format for the AWS SDK for Go API Reference documentation. For the current AWS SDK for Go API Reference, see

We welcome your feedback on this new version of the documentation. Send your comments to


import ""

type CorsRule struct { AllowedHeaders []*string `type:"list" required:"true"` AllowedMethods []*string `min:"1" type:"list"` AllowedOrigins []*string `min:"1" type:"list" required:"true"` ExposeHeaders []*string `type:"list"` MaxAgeSeconds *int64 `type:"integer"` }

A rule for a CORS policy. You can add up to 100 rules to a CORS policy. If more than one rule applies, the service uses the first applicable rule listed.


Type: []*string

Specifies which headers are allowed in a preflight OPTIONS request through the Access-Control-Request-Headers header. Each header name that is specified in Access-Control-Request-Headers must have a corresponding entry in the rule. Only the headers that were requested are sent back.

This element can contain only one wildcard character (*).

AllowedHeaders is a required field


Type: []*string

Identifies an HTTP method that the origin that is specified in the rule is allowed to execute.

Each CORS rule must contain at least one AllowedMethods and one AllowedOrigins element.


Type: []*string

One or more response headers that you want users to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).

Each CORS rule must have at least one AllowedOrigins element. The string value can include only one wildcard character (*), for example, http://* Additionally, you can specify only one wildcard character to allow cross-origin access for all origins.

AllowedOrigins is a required field


Type: []*string

One or more headers in the response that you want users to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).

This element is optional for each rule.


Type: *int64

The time in seconds that your browser caches the preflight response for the specified resource.

A CORS rule can have only one MaxAgeSeconds element.



func (s CorsRule) GoString() string

GoString returns the string representation


func (s *CorsRule) SetAllowedHeaders(v []*string) *CorsRule

SetAllowedHeaders sets the AllowedHeaders field's value.


func (s *CorsRule) SetAllowedMethods(v []*string) *CorsRule

SetAllowedMethods sets the AllowedMethods field's value.


func (s *CorsRule) SetAllowedOrigins(v []*string) *CorsRule

SetAllowedOrigins sets the AllowedOrigins field's value.


func (s *CorsRule) SetExposeHeaders(v []*string) *CorsRule

SetExposeHeaders sets the ExposeHeaders field's value.


func (s *CorsRule) SetMaxAgeSeconds(v int64) *CorsRule

SetMaxAgeSeconds sets the MaxAgeSeconds field's value.


func (s CorsRule) String() string

String returns the string representation


func (s *CorsRule) Validate() error

Validate inspects the fields of the type to determine if they are valid.

On this page: