AWScloud~15 mins

CORS configuration in AWS - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Configure CORS for an AWS S3 Bucket

📖 Scenario: You are setting up a static website hosted on an AWS S3 bucket. To allow your website to request resources from this bucket securely, you need to configure Cross-Origin Resource Sharing (CORS) rules.

🎯 Goal: Configure CORS rules on an AWS S3 bucket to allow GET requests from a specific origin.

📋 What You'll Learn

Create a CORS configuration JSON with one rule

Allow GET method only

Allow origin 'https://example.com'

Allow all headers

Set max age to 3000 seconds

💡 Why This Matters

🌍 Real World

Configuring CORS is essential when hosting static websites or APIs on AWS S3 to control which websites can access your resources.

💼 Career

Cloud engineers and DevOps professionals often configure CORS to secure web applications and enable cross-origin requests safely.

Progress0 / 4 steps

Create the initial CORS configuration structure

Create a variable called cors_configuration and assign it a dictionary with a key CORSRules that holds an empty list.

AWS

cors_configuration = {
    "CORSRules": []
}
# Your code here

Need a hint?

Start by creating a dictionary with the key 'CORSRules' set to an empty list.

Add a CORS rule dictionary

Add a dictionary inside the CORSRules list in cors_configuration. This dictionary should have keys AllowedMethods, AllowedOrigins, AllowedHeaders, and MaxAgeSeconds with empty or zero values.

AWS

cors_configuration = {
    "CORSRules": [
        {
            "AllowedMethods": [],
            "AllowedOrigins": [],
            "AllowedHeaders": [],
            "MaxAgeSeconds": 0
        }
    ]
}
# Your code here

Need a hint?

Add a dictionary with the required keys inside the 'CORSRules' list.

Configure the CORS rule with specific values

Set the AllowedMethods to a list containing "GET", AllowedOrigins to a list containing "https://example.com", AllowedHeaders to a list containing "*", and MaxAgeSeconds to 3000 inside the first dictionary in CORSRules.

AWS

cors_configuration = {
    "CORSRules": [
        {
            "AllowedMethods": ["GET"],
            "AllowedOrigins": ["https://example.com"],
            "AllowedHeaders": ["*"],
            "MaxAgeSeconds": 3000
        }
    ]
}
# Your code here

Need a hint?

Fill in the lists and number with the exact values to allow GET from the example.com origin.

Complete the AWS CLI command to apply the CORS configuration

Write the AWS CLI command string called apply_cors_command that uses aws s3api put-bucket-cors with the bucket name my-static-site-bucket and the CORS configuration file cors.json.

AWS

cors_configuration = {
    "CORSRules": [
        {
            "AllowedMethods": ["GET"],
            "AllowedOrigins": ["https://example.com"],
            "AllowedHeaders": ["*"],
            "MaxAgeSeconds": 3000
        }
    ]
}
apply_cors_command = "aws s3api put-bucket-cors --bucket my-static-site-bucket --cors-configuration file://cors.json"
# Your code here

Need a hint?

Write the exact AWS CLI command string to apply the CORS configuration from the file.