S3 CORS Configuration Generator

Generate CORS configurations for AWS S3 buckets

CORS Configuration Tips

• Use specific origins instead of "*" for production
• Only allow necessary HTTP methods
• Be careful with exposed headers

CORS Rule 1

Allowed Origins

Allowed Methods

Allowed Headers

Expose Headers (Optional)

Max Age (seconds)

JSON Configuration

{
  "CORSRules": [
    {
      "AllowedOrigins": [
        "*"
      ],
      "AllowedMethods": [
        "GET",
        "POST"
      ],
      "AllowedHeaders": [
        "*"
      ],
      "MaxAgeSeconds": 3000
    }
  ]
}

AWS CLI Command

# Save the CORS configuration to a file first
echo '{
  "CORSRules": [
    {
      "AllowedOrigins": [
        "*"
      ],
      "AllowedMethods": [
        "GET",
        "POST"
      ],
      "AllowedHeaders": [
        "*"
      ],
      "MaxAgeSeconds": 3000
    }
  ]
}' > cors-config.json

# Apply the CORS configuration to your S3 bucket
aws s3api put-bucket-cors --bucket YOUR_BUCKET_NAME --cors-configuration file://cors-config.json

Usage Instructions

Via AWS Console:

Go to S3 → Your Bucket → Permissions → Cross-origin resource sharing (CORS) → Edit → Paste the JSON configuration

Via AWS CLI:

Use the provided CLI command after saving the JSON to a file

Via Terraform:

Use the aws_s3_bucket_cors_configuration resource with the generated JSON