S3 CORS Configuration Generator

Generate CORS configurations for AWS S3 buckets

CORS Configuration Tips

• Use specific origins instead of "*" for production
• Only allow necessary HTTP methods
• Be careful with exposed headers

CORS Rule 1

Allowed Origins

Allowed Methods

Allowed Headers

Expose Headers (Optional)

Max Age (seconds)

JSON Configuration

[
    {
        "AllowedHeaders": [
            "*"
        ],
        "AllowedMethods": [
            "POST",
            "GET",
            "PUT",
            "HEAD",
            "DELETE"
        ],
        "AllowedOrigins": [
            "https://cdn.sanjaysikdar.dev",
            "https://sanjaysikdar.dev"
        ],
        "ExposeHeaders": [
            "ETag"
        ]
    }
]

AWS CLI Command

# Save the CORS configuration to a file first
echo '[
    {
        "AllowedHeaders": [
            "*"
        ],
        "AllowedMethods": [
            "POST",
            "GET",
            "PUT",
            "HEAD",
            "DELETE"
        ],
        "AllowedOrigins": [
            "https://cdn.sanjaysikdar.dev",
            "https://sanjaysikdar.dev"
        ],
        "ExposeHeaders": [
            "ETag"
        ]
    }
]' > cors-config.json

# Apply the CORS configuration to your S3 bucket
aws s3api put-bucket-cors --bucket YOUR_BUCKET_NAME --cors-configuration file://cors-config.json

Usage Instructions

Via AWS Console:

Go to S3 → Your Bucket → Permissions → Cross-origin resource sharing (CORS) → Edit → Paste the JSON configuration

Via AWS CLI:

Use the provided CLI command after saving the JSON to a file

Via Terraform:

Use the aws_s3_bucket_cors_configuration resource with the generated JSON