AWS SDK for Ruby
Developer Guide

Configuring an Amazon S3 Bucket for CORS

This example demonstrates how to use the AWS SDK for Ruby to:

  1. Configure Cross-Origin Resource Sharing (CORS) settings for an Amazon S3 bucket.

  2. Get the CORS settings for a bucket.

For more information about CORS support in Amazon S3, see Cross-Origin Resource Sharing (CORS) in the Amazon S3 Developer Guide.

For the complete code for this example, see Complete Example.

Prerequisites

To set up and run this example, you must first:

  1. Install the AWS SDK for Ruby. For more information, see Installing the AWS SDK for Ruby.

  2. Set the AWS access credentials that the AWS SDK for Ruby will use to verify your access to AWS services and resources. For more information, see Configuring the AWS SDK for Ruby.

  3. Create an Amazon S3 bucket or identify an existing bucket in your AWS account.

Be sure the AWS credentials map to an AWS Identity and Access Management (IAM) entity with access to the AWS actions and resources described in this example.

This example assumes:

  • You have set the credentials in the AWS credentials profile file and the profile is named david.

  • Your bucket is named doc-sample-bucket.

Configure the SDK

For this example, add a require statement so that you can use the classes and methods provided by the AWS SDK for Ruby for Amazon S3. Then create an Aws::S3::Client object in the AWS Region where you want to create the bucket and the specified AWS profile. This code creates the Aws::S3::Client object in the us-east-1 region. An additional variable is also declared for the bucket used in this example.

require 'aws-sdk-s3' # v2: require 'aws-sdk' profile_name = 'david' region = 'us-east-1' bucket = 'doc-sample-bucket' # S3 - Configuring an S3 Bucket # Create a S3 client s3 = Aws::S3::Client.new(profile: profile_name, region:region)

Configure CORS for a Bucket

Call the put_bucket_cors method, providing the name of the bucket and the CORS configuration settings.

s3.put_bucket_cors( bucket: bucket, cors_configuration: cors_configuration )

For the CORS configuration settings, declare an Aws::S3::Types::CORSConfiguration hash. Specify things such as the HTTP methods that the specified origins are allowed to execute (allowed_methods), the origins you want customers to be able to access the bucket from (allowed_origins), and the headers in the response you want customers to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object, shown here in expose_headers).

cors_configuration = { cors_rules: [ { allowed_methods: allowed_methods, allowed_origins: ["*"], expose_headers: ["ExposeHeader"], }, ] }

For the HTTP methods that the specified origins are allowed to execute, you could specify them inline or, as shown here, you could get them from the user at the command line.

allowed_methods = [] ARGV.each do |arg| case arg.upcase when "POST" allowed_methods << "POST" when "GET" allowed_methods << "GET" when "PUT" allowed_methods << "PUT" when "PATCH" allowed_methods << "PATCH" when "DELETE" allowed_methods << "DELETE" when "HEAD" allowed_methods << "HEAD" else puts "#{arg} is not a valid HTTP method" end end

For example, assuming the code file is named doc_sample_code_s3_bucket_cors.rb, and you want to allow the specified origins to execute only GET and POST methods, here is how the user could run the code from the command line.

ruby doc_sample_code_s3_bucket_cors.rb get post

Get the CORS Settings for a Bucket

Call the get_bucket_cors method, providing the name of the bucket. The get_bucket_cors method returns an Aws::S3::Types::GetBucketCorsOutput object. This object's cors_rules attribute returns an array of Aws::S3::Types::CORSRule objects, which represent the bucket's CORS settings.

resp = s3.get_bucket_cors(bucket: bucket) puts resp.cors_rules

Complete Example

Here is the complete code for this example.

require 'aws-sdk-s3' # v2: require 'aws-sdk' profile_name = 'david' region = 'us-east-1' bucket = 'doc-sample-bucket' # S3 - Configuring an S3 Bucket # Create a S3 client s3 = Aws::S3::Client.new(profile: profile_name, region:region) # Setting a Bucket CORS Configuration # Create array of allowed methods parameter based on command line parameters allowed_methods = [] ARGV.each do |arg| case arg.upcase when "POST" allowed_methods << "POST" when "GET" allowed_methods << "GET" when "PUT" allowed_methods << "PUT" when "PATCH" allowed_methods << "PATCH" when "DELETE" allowed_methods << "DELETE" when "HEAD" allowed_methods << "HEAD" else puts "#{arg} is not a valid HTTP method" end end # Create CORS configuration hash cors_configuration = { cors_rules: [ { allowed_methods: allowed_methods, allowed_origins: ["*"], expose_headers: ["ExposeHeader"], }, ] } # Set the new CORS configuration on the selected bucket s3.put_bucket_cors( bucket: bucket, cors_configuration: cors_configuration ) # Retrieving a Bucket CORS Configuration resp = s3.get_bucket_cors(bucket: bucket) puts resp.cors_rules # To run the example, type the following at the command line including one or more HTTP methods as shown # ruby doc_sample_code_s3_bucket_cors.rb get post