Getting Information About the CORS Configuration of a Bucket

You can get information about the cross-origin ressource sharing (CORS) configuration applied to a bucket.

Getting Information About the CORS Configuration of a Bucket Using AWS CLI

To get information about the CORS configuration of a bucket, use the get-bucket-cors command following this syntax:

Request sample
$ aws s3api get-bucket-cors \
    --profile YOUR_PROFILE \
    --bucket BUCKET \

This command contains the following attributes that you need to specify:

  • (optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.

  • bucket: The name of the bucket whose CORS configuration you want to retrieve.

  • endpoint: The endpoint corresponding to the Region you want to send the request to.

The get-bucket-cors command returns the following elements:

  • AllowedHeaders: The headers specified in the Access-Control-Request-Headers header. These headers are allowed in preflight OPTIONS requests. In response to preflight OPTIONS requests, allowed requested headers are returned.

  • AllowedMethods: One or more HTTP methods (GET | PUT | HEAD | POST | DELETE) that you have allowed the origin to execute.

  • AllowedOrigins: One or more origins from which the bucket can be accessed.

  • ExposeHeaders: One or more headers that are accessible.

  • MaxAgeSeconds: The duration in seconds that the preflight response for the specified source can be cached.

    Result sample
      "CORSRules": [
          "AllowedHeaders": ["xxx","yyy"],
          "AllowedMethods": ["PUT", "POST", "DELETE"],
          "AllowedOrigins": ["", "https://www.foobar.example"],
          "ExposeHeader": ["Content-Type"],
          "MaxAgeSeconds": 3000
          "AllowedHeaders": ["Authorization"],
          "AllowedMethods": ["GET"],
          "AllowedOrigins": ["https://yourdomain.tld", ""],
          "MaxAgeSeconds": 3000

Related Pages

AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.