AWS - API Gateway
You want to allow a web app hosted on https://frontend.com to make GET and POST requests to your S3 bucket, but only allow the custom header 'X-Auth-Token'. Which CORS configuration is correct?
You want to allow a web app hosted on https://frontend.com to make GET and POST requests to your S3 bucket, but only allow the custom header 'X-Auth-Token'. Which CORS configuration is correct?
hard📝 Application Q8 of 15
Step-by-Step Solution
Solution:
Step 1: Match AllowedOrigins and Methods
AllowedOrigins must be https://frontend.com; AllowedMethods must include GET and POST.Step 2: Check AllowedHeaders
Only 'X-Auth-Token' header should be allowed, so it must be listed exactly.Final Answer:
Configuration with correct origin, methods, and allowed header 'X-Auth-Token' -> Option BQuick Check:
Specific origin, methods, and headers set correctly [OK]
Quick Trick: List exact origins, methods, and headers needed [OK]
Common Mistakes:
- Using wildcard '*' for origins or headers when not desired
- Missing POST method
- Allowing wrong headers like Authorization
Master "API Gateway" in AWS
Want More Practice?
15+ quiz questions · All difficulty levels · Free
Free Signup - Practice All QuestionsMore AWS Quizzes