AWS::Lambda::Url Cors - AWS CloudFormation (original) (raw)

The Cross-Origin Resource Sharing (CORS) settings for your function URL. Use CORS to grant access to your function URL from any origin. You can also use CORS to control access for specific HTTP headers and methods in requests to your function URL.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{
  "AllowCredentials" : Boolean,
  "AllowHeaders" : [ String, ... ],
  "AllowMethods" : [ String, ... ],
  "AllowOrigins" : [ String, ... ],
  "ExposeHeaders" : [ String, ... ],
  "MaxAge" : Integer
}

YAML

  AllowCredentials: Boolean
  AllowHeaders: 
    - String
  AllowMethods: 
    - String
  AllowOrigins: 
    - String
  ExposeHeaders: 
    - String
  MaxAge: Integer

Properties

AllowCredentials

Whether you want to allow cookies or other credentials in requests to your function URL. The default is false.

Required: No

Type: Boolean

Update requires: No interruption

The HTTP headers that origins can include in requests to your function URL. For example: Date, Keep-Alive,X-Custom-Header.

Required: No

Type: Array of String

Minimum: 1 | 1

Maximum: 1024 | 100

Update requires: No interruption

AllowMethods

The HTTP methods that are allowed when calling your function URL. For example: GET, POST, DELETE, or the wildcard character (*).

Required: No

Type: Array of String

Allowed values: GET | PUT | HEAD | POST | PATCH | DELETE | *

Minimum: 1

Maximum: 6

Update requires: No interruption

AllowOrigins

The origins that can access your function URL. You can list any number of specific origins, separated by a comma. For example:https://www.example.com, http://localhost:60905.

Alternatively, you can grant access to all origins with the wildcard character (*).

Required: No

Type: Array of String

Minimum: 1 | 1

Maximum: 253 | 100

Update requires: No interruption

The HTTP headers in your function response that you want to expose to origins that call your function URL. For example:Date, Keep-Alive, X-Custom-Header.

Required: No

Type: Array of String

Minimum: 1 | 1

Maximum: 1024 | 100

Update requires: No interruption

MaxAge

The maximum amount of time, in seconds, that browsers can cache results of a preflight request. By default, this is set to 0, which means the browser will not cache results.

Required: No

Type: Integer

Minimum: 0

Maximum: 86400

Update requires: No interruption

AWS::Lambda::Url

AWS::Lambda::Version

Did this page help you? - Yes

Thanks for letting us know we're doing a good job!

If you've got a moment, please tell us what we did right so we can do more of it.

Did this page help you? - No

Thanks for letting us know this page needs work. We're sorry we let you down.

If you've got a moment, please tell us how we can make the documentation better.