interface FunctionUrlCorsOptions
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.Lambda.FunctionUrlCorsOptions |
 Go | github.com/aws/aws-cdk-go/awscdk/v2/awslambda#FunctionUrlCorsOptions |
 Java | software.amazon.awscdk.services.lambda.FunctionUrlCorsOptions |
 Python | aws_cdk.aws_lambda.FunctionUrlCorsOptions |
 TypeScript (source) | aws-cdk-lib » aws_lambda » FunctionUrlCorsOptions |
Specifies a cross-origin access property for a function URL.
Example
declare const fn: lambda.Function;
fn.addFunctionUrl({
authType: lambda.FunctionUrlAuthType.NONE,
cors: {
// Allow this to be called from websites on https://example.com.
// Can also be ['*'] to allow all domain.
allowedOrigins: ['https://example.com'],
// More options are possible here, see the documentation for FunctionUrlCorsOptions
},
});
Properties
| Name | Type | Description |
|---|---|---|
| allow | boolean | Whether to allow cookies or other credentials in requests to your function URL. |
| allowed | string[] | Headers that are specified in the Access-Control-Request-Headers header. |
| allowed | Http[] | An HTTP method that you allow the origin to execute. |
| allowed | string[] | One or more origins you want customers to be able to access the bucket from. |
| exposed | string[] | One or more headers in the response that you want customers to be able to access from their applications. |
| max | Duration | The time in seconds that your browser is to cache the preflight response for the specified resource. |
allowCredentials?
Type:
boolean
(optional, default: false)
Whether to allow cookies or other credentials in requests to your function URL.
allowedHeaders?
Type:
string[]
(optional, default: No headers allowed.)
Headers that are specified in the Access-Control-Request-Headers header.
allowedMethods?
Type:
Http[]
(optional, default: [HttpMethod.ALL])
An HTTP method that you allow the origin to execute.
allowedOrigins?
Type:
string[]
(optional, default: No origins allowed.)
One or more origins you want customers to be able to access the bucket from.
exposedHeaders?
Type:
string[]
(optional, default: No headers exposed.)
One or more headers in the response that you want customers to be able to access from their applications.
maxAge?
Type:
Duration
(optional, default: Browser default of 5 seconds.)
The time in seconds that your browser is to cache the preflight response for the specified resource.