Docs Home
AWS v6.80.0 published on Tuesday, May 6, 2025 by Pulumi
aws.s3.BucketCorsConfigurationV2
Explore with Pulumi AI
Provides an S3 bucket CORS configuration resource. For more information about CORS, go to Enabling Cross-Origin Resource Sharing in the Amazon S3 User Guide.
NOTE: S3 Buckets only support a single CORS configuration. Declaring multiple
aws.s3.BucketCorsConfigurationV2resources to the same S3 Bucket will cause a perpetual difference in configuration.
This resource cannot be used with S3 directory buckets.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.s3.BucketV2("example", {bucket: "mybucket"});
const exampleBucketCorsConfigurationV2 = new aws.s3.BucketCorsConfigurationV2("example", {
bucket: example.id,
corsRules: [
{
allowedHeaders: ["*"],
allowedMethods: [
"PUT",
"POST",
],
allowedOrigins: ["https://s3-website-test.domain.example"],
exposeHeaders: ["ETag"],
maxAgeSeconds: 3000,
},
{
allowedMethods: ["GET"],
allowedOrigins: ["*"],
},
],
});
import pulumi
import pulumi_aws as aws
example = aws.s3.BucketV2("example", bucket="mybucket")
example_bucket_cors_configuration_v2 = aws.s3.BucketCorsConfigurationV2("example",
bucket=example.id,
cors_rules=[
{
"allowed_headers": ["*"],
"allowed_methods": [
"PUT",
"POST",
],
"allowed_origins": ["https://s3-website-test.domain.example"],
"expose_headers": ["ETag"],
"max_age_seconds": 3000,
},
{
"allowed_methods": ["GET"],
"allowed_origins": ["*"],
},
])
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := s3.NewBucketV2(ctx, "example", &s3.BucketV2Args{
Bucket: pulumi.String("mybucket"),
})
if err != nil {
return err
}
_, err = s3.NewBucketCorsConfigurationV2(ctx, "example", &s3.BucketCorsConfigurationV2Args{
Bucket: example.ID(),
CorsRules: s3.BucketCorsConfigurationV2CorsRuleArray{
&s3.BucketCorsConfigurationV2CorsRuleArgs{
AllowedHeaders: pulumi.StringArray{
pulumi.String("*"),
},
AllowedMethods: pulumi.StringArray{
pulumi.String("PUT"),
pulumi.String("POST"),
},
AllowedOrigins: pulumi.StringArray{
pulumi.String("https://s3-website-test.domain.example"),
},
ExposeHeaders: pulumi.StringArray{
pulumi.String("ETag"),
},
MaxAgeSeconds: pulumi.Int(3000),
},
&s3.BucketCorsConfigurationV2CorsRuleArgs{
AllowedMethods: pulumi.StringArray{
pulumi.String("GET"),
},
AllowedOrigins: pulumi.StringArray{
pulumi.String("*"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.S3.BucketV2("example", new()
{
Bucket = "mybucket",
});
var exampleBucketCorsConfigurationV2 = new Aws.S3.BucketCorsConfigurationV2("example", new()
{
Bucket = example.Id,
CorsRules = new[]
{
new Aws.S3.Inputs.BucketCorsConfigurationV2CorsRuleArgs
{
AllowedHeaders = new[]
{
"*",
},
AllowedMethods = new[]
{
"PUT",
"POST",
},
AllowedOrigins = new[]
{
"https://s3-website-test.domain.example",
},
ExposeHeaders = new[]
{
"ETag",
},
MaxAgeSeconds = 3000,
},
new Aws.S3.Inputs.BucketCorsConfigurationV2CorsRuleArgs
{
AllowedMethods = new[]
{
"GET",
},
AllowedOrigins = new[]
{
"*",
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.BucketCorsConfigurationV2;
import com.pulumi.aws.s3.BucketCorsConfigurationV2Args;
import com.pulumi.aws.s3.inputs.BucketCorsConfigurationV2CorsRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new BucketV2("example", BucketV2Args.builder()
.bucket("mybucket")
.build());
var exampleBucketCorsConfigurationV2 = new BucketCorsConfigurationV2("exampleBucketCorsConfigurationV2", BucketCorsConfigurationV2Args.builder()
.bucket(example.id())
.corsRules(
BucketCorsConfigurationV2CorsRuleArgs.builder()
.allowedHeaders("*")
.allowedMethods(
"PUT",
"POST")
.allowedOrigins("https://s3-website-test.domain.example")
.exposeHeaders("ETag")
.maxAgeSeconds(3000)
.build(),
BucketCorsConfigurationV2CorsRuleArgs.builder()
.allowedMethods("GET")
.allowedOrigins("*")
.build())
.build());
}
}
resources:
example:
type: aws:s3:BucketV2
properties:
bucket: mybucket
exampleBucketCorsConfigurationV2:
type: aws:s3:BucketCorsConfigurationV2
name: example
properties:
bucket: ${example.id}
corsRules:
- allowedHeaders:
- '*'
allowedMethods:
- PUT
- POST
allowedOrigins:
- https://s3-website-test.domain.example
exposeHeaders:
- ETag
maxAgeSeconds: 3000
- allowedMethods:
- GET
allowedOrigins:
- '*'
Create BucketCorsConfigurationV2 Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new BucketCorsConfigurationV2(name: string, args: BucketCorsConfigurationV2Args, opts?: CustomResourceOptions);@overload
def BucketCorsConfigurationV2(resource_name: str,
args: BucketCorsConfigurationV2Args,
opts: Optional[ResourceOptions] = None)
@overload
def BucketCorsConfigurationV2(resource_name: str,
opts: Optional[ResourceOptions] = None,
bucket: Optional[str] = None,
cors_rules: Optional[Sequence[BucketCorsConfigurationV2CorsRuleArgs]] = None,
expected_bucket_owner: Optional[str] = None)func NewBucketCorsConfigurationV2(ctx *Context, name string, args BucketCorsConfigurationV2Args, opts ...ResourceOption) (*BucketCorsConfigurationV2, error)public BucketCorsConfigurationV2(string name, BucketCorsConfigurationV2Args args, CustomResourceOptions? opts = null)
public BucketCorsConfigurationV2(String name, BucketCorsConfigurationV2Args args)
public BucketCorsConfigurationV2(String name, BucketCorsConfigurationV2Args args, CustomResourceOptions options)
type: aws:s3:BucketCorsConfigurationV2
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args BucketCorsConfigurationV2Args
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args BucketCorsConfigurationV2Args
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args BucketCorsConfigurationV2Args
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args BucketCorsConfigurationV2Args
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args BucketCorsConfigurationV2Args
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var bucketCorsConfigurationV2Resource = new Aws.S3.BucketCorsConfigurationV2("bucketCorsConfigurationV2Resource", new()
{
Bucket = "string",
CorsRules = new[]
{
new Aws.S3.Inputs.BucketCorsConfigurationV2CorsRuleArgs
{
AllowedMethods = new[]
{
"string",
},
AllowedOrigins = new[]
{
"string",
},
AllowedHeaders = new[]
{
"string",
},
ExposeHeaders = new[]
{
"string",
},
Id = "string",
MaxAgeSeconds = 0,
},
},
ExpectedBucketOwner = "string",
});
example, err := s3.NewBucketCorsConfigurationV2(ctx, "bucketCorsConfigurationV2Resource", &s3.BucketCorsConfigurationV2Args{
Bucket: pulumi.String("string"),
CorsRules: s3.BucketCorsConfigurationV2CorsRuleArray{
&s3.BucketCorsConfigurationV2CorsRuleArgs{
AllowedMethods: pulumi.StringArray{
pulumi.String("string"),
},
AllowedOrigins: pulumi.StringArray{
pulumi.String("string"),
},
AllowedHeaders: pulumi.StringArray{
pulumi.String("string"),
},
ExposeHeaders: pulumi.StringArray{
pulumi.String("string"),
},
Id: pulumi.String("string"),
MaxAgeSeconds: pulumi.Int(0),
},
},
ExpectedBucketOwner: pulumi.String("string"),
})
var bucketCorsConfigurationV2Resource = new BucketCorsConfigurationV2("bucketCorsConfigurationV2Resource", BucketCorsConfigurationV2Args.builder()
.bucket("string")
.corsRules(BucketCorsConfigurationV2CorsRuleArgs.builder()
.allowedMethods("string")
.allowedOrigins("string")
.allowedHeaders("string")
.exposeHeaders("string")
.id("string")
.maxAgeSeconds(0)
.build())
.expectedBucketOwner("string")
.build());
bucket_cors_configuration_v2_resource = aws.s3.BucketCorsConfigurationV2("bucketCorsConfigurationV2Resource",
bucket="string",
cors_rules=[{
"allowed_methods": ["string"],
"allowed_origins": ["string"],
"allowed_headers": ["string"],
"expose_headers": ["string"],
"id": "string",
"max_age_seconds": 0,
}],
expected_bucket_owner="string")
const bucketCorsConfigurationV2Resource = new aws.s3.BucketCorsConfigurationV2("bucketCorsConfigurationV2Resource", {
bucket: "string",
corsRules: [{
allowedMethods: ["string"],
allowedOrigins: ["string"],
allowedHeaders: ["string"],
exposeHeaders: ["string"],
id: "string",
maxAgeSeconds: 0,
}],
expectedBucketOwner: "string",
});
type: aws:s3:BucketCorsConfigurationV2
properties:
bucket: string
corsRules:
- allowedHeaders:
- string
allowedMethods:
- string
allowedOrigins:
- string
exposeHeaders:
- string
id: string
maxAgeSeconds: 0
expectedBucketOwner: string
BucketCorsConfigurationV2 Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The BucketCorsConfigurationV2 resource accepts the following input properties:
- Bucket string
- Name of the bucket.
- Cors
Rules List<BucketCors Configuration V2Cors Rule> - Set of origins and methods (cross-origin access that you want to allow). See below. You can configure up to 100 rules.
- Expected
Bucket stringOwner - Account ID of the expected bucket owner.
- Bucket string
- Name of the bucket.
- Cors
Rules []BucketCors Configuration V2Cors Rule Args - Set of origins and methods (cross-origin access that you want to allow). See below. You can configure up to 100 rules.
- Expected
Bucket stringOwner - Account ID of the expected bucket owner.
- bucket String
- Name of the bucket.
- cors
Rules List<BucketCors Configuration V2Cors Rule> - Set of origins and methods (cross-origin access that you want to allow). See below. You can configure up to 100 rules.
- expected
Bucket StringOwner - Account ID of the expected bucket owner.
- bucket string
- Name of the bucket.
- cors
Rules BucketCors Configuration V2Cors Rule[] - Set of origins and methods (cross-origin access that you want to allow). See below. You can configure up to 100 rules.
- expected
Bucket stringOwner - Account ID of the expected bucket owner.
- bucket str
- Name of the bucket.
- cors_
rules Sequence[BucketCors Configuration V2Cors Rule Args] - Set of origins and methods (cross-origin access that you want to allow). See below. You can configure up to 100 rules.
- expected_
bucket_ strowner - Account ID of the expected bucket owner.
- bucket String
- Name of the bucket.
- cors
Rules List<Property Map> - Set of origins and methods (cross-origin access that you want to allow). See below. You can configure up to 100 rules.
- expected
Bucket StringOwner - Account ID of the expected bucket owner.
Outputs
All input properties are implicitly available as output properties. Additionally, the BucketCorsConfigurationV2 resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing BucketCorsConfigurationV2 Resource
Get an existing BucketCorsConfigurationV2 resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: BucketCorsConfigurationV2State, opts?: CustomResourceOptions): BucketCorsConfigurationV2@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
bucket: Optional[str] = None,
cors_rules: Optional[Sequence[BucketCorsConfigurationV2CorsRuleArgs]] = None,
expected_bucket_owner: Optional[str] = None) -> BucketCorsConfigurationV2func GetBucketCorsConfigurationV2(ctx *Context, name string, id IDInput, state *BucketCorsConfigurationV2State, opts ...ResourceOption) (*BucketCorsConfigurationV2, error)public static BucketCorsConfigurationV2 Get(string name, Input<string> id, BucketCorsConfigurationV2State? state, CustomResourceOptions? opts = null)public static BucketCorsConfigurationV2 get(String name, Output<String> id, BucketCorsConfigurationV2State state, CustomResourceOptions options)resources: _: type: aws:s3:BucketCorsConfigurationV2 get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Bucket string
- Name of the bucket.
- Cors
Rules List<BucketCors Configuration V2Cors Rule> - Set of origins and methods (cross-origin access that you want to allow). See below. You can configure up to 100 rules.
- Expected
Bucket stringOwner - Account ID of the expected bucket owner.
- Bucket string
- Name of the bucket.
- Cors
Rules []BucketCors Configuration V2Cors Rule Args - Set of origins and methods (cross-origin access that you want to allow). See below. You can configure up to 100 rules.
- Expected
Bucket stringOwner - Account ID of the expected bucket owner.
- bucket String
- Name of the bucket.
- cors
Rules List<BucketCors Configuration V2Cors Rule> - Set of origins and methods (cross-origin access that you want to allow). See below. You can configure up to 100 rules.
- expected
Bucket StringOwner - Account ID of the expected bucket owner.
- bucket string
- Name of the bucket.
- cors
Rules BucketCors Configuration V2Cors Rule[] - Set of origins and methods (cross-origin access that you want to allow). See below. You can configure up to 100 rules.
- expected
Bucket stringOwner - Account ID of the expected bucket owner.
- bucket str
- Name of the bucket.
- cors_
rules Sequence[BucketCors Configuration V2Cors Rule Args] - Set of origins and methods (cross-origin access that you want to allow). See below. You can configure up to 100 rules.
- expected_
bucket_ strowner - Account ID of the expected bucket owner.
- bucket String
- Name of the bucket.
- cors
Rules List<Property Map> - Set of origins and methods (cross-origin access that you want to allow). See below. You can configure up to 100 rules.
- expected
Bucket StringOwner - Account ID of the expected bucket owner.
Supporting Types
BucketCorsConfigurationV2CorsRule, BucketCorsConfigurationV2CorsRuleArgs
- Allowed
Methods List<string> - Set of HTTP methods that you allow the origin to execute. Valid values are
GET,PUT,HEAD,POST, andDELETE. - Allowed
Origins List<string> - Set of origins you want customers to be able to access the bucket from.
- Allowed
Headers List<string> - Set of Headers that are specified in the
Access-Control-Request-Headersheader. - Expose
Headers List<string> - Set of headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript
XMLHttpRequestobject). - Id string
- Unique identifier for the rule. The value cannot be longer than 255 characters.
- Max
Age intSeconds - Time in seconds that your browser is to cache the preflight response for the specified resource.
- Allowed
Methods []string - Set of HTTP methods that you allow the origin to execute. Valid values are
GET,PUT,HEAD,POST, andDELETE. - Allowed
Origins []string - Set of origins you want customers to be able to access the bucket from.
- Allowed
Headers []string - Set of Headers that are specified in the
Access-Control-Request-Headersheader. - Expose
Headers []string - Set of headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript
XMLHttpRequestobject). - Id string
- Unique identifier for the rule. The value cannot be longer than 255 characters.
- Max
Age intSeconds - Time in seconds that your browser is to cache the preflight response for the specified resource.
- allowed
Methods List<String> - Set of HTTP methods that you allow the origin to execute. Valid values are
GET,PUT,HEAD,POST, andDELETE. - allowed
Origins List<String> - Set of origins you want customers to be able to access the bucket from.
- allowed
Headers List<String> - Set of Headers that are specified in the
Access-Control-Request-Headersheader. - expose
Headers List<String> - Set of headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript
XMLHttpRequestobject). - id String
- Unique identifier for the rule. The value cannot be longer than 255 characters.
- max
Age IntegerSeconds - Time in seconds that your browser is to cache the preflight response for the specified resource.
- allowed
Methods string[] - Set of HTTP methods that you allow the origin to execute. Valid values are
GET,PUT,HEAD,POST, andDELETE. - allowed
Origins string[] - Set of origins you want customers to be able to access the bucket from.
- allowed
Headers string[] - Set of Headers that are specified in the
Access-Control-Request-Headersheader. - expose
Headers string[] - Set of headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript
XMLHttpRequestobject). - id string
- Unique identifier for the rule. The value cannot be longer than 255 characters.
- max
Age numberSeconds - Time in seconds that your browser is to cache the preflight response for the specified resource.
- allowed_
methods Sequence[str] - Set of HTTP methods that you allow the origin to execute. Valid values are
GET,PUT,HEAD,POST, andDELETE. - allowed_
origins Sequence[str] - Set of origins you want customers to be able to access the bucket from.
- allowed_
headers Sequence[str] - Set of Headers that are specified in the
Access-Control-Request-Headersheader. - expose_
headers Sequence[str] - Set of headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript
XMLHttpRequestobject). - id str
- Unique identifier for the rule. The value cannot be longer than 255 characters.
- max_
age_ intseconds - Time in seconds that your browser is to cache the preflight response for the specified resource.
- allowed
Methods List<String> - Set of HTTP methods that you allow the origin to execute. Valid values are
GET,PUT,HEAD,POST, andDELETE. - allowed
Origins List<String> - Set of origins you want customers to be able to access the bucket from.
- allowed
Headers List<String> - Set of Headers that are specified in the
Access-Control-Request-Headersheader. - expose
Headers List<String> - Set of headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript
XMLHttpRequestobject). - id String
- Unique identifier for the rule. The value cannot be longer than 255 characters.
- max
Age NumberSeconds - Time in seconds that your browser is to cache the preflight response for the specified resource.
Import
If the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the bucket and expected_bucket_owner separated by a comma (,):
Using pulumi import to import S3 bucket CORS configuration using the bucket or using the bucket and expected_bucket_owner separated by a comma (,). For example:
If the owner (account ID) of the source bucket is the same account used to configure the AWS Provider, import using the bucket:
$ pulumi import aws:s3/bucketCorsConfigurationV2:BucketCorsConfigurationV2 example bucket-name
If the owner (account ID) of the source bucket differs from the account used to configure the AWS Provider, import using the bucket and expected_bucket_owner separated by a comma (,):
$ pulumi import aws:s3/bucketCorsConfigurationV2:BucketCorsConfigurationV2 example bucket-name,123456789012
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.