Package software.amazon.awscdk.services.lambda

Interface FunctionUrlCorsOptions

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:

FunctionUrlCorsOptions.Jsii$Proxy

@Generated(value="jsii-pacmak/1.116.0 (build 0eddcff)",
           date="2025-10-29T11:15:42.659Z")
@Stability(Stable)
public interface FunctionUrlCorsOptions
extends software.amazon.jsii.JsiiSerializable

Specifies a cross-origin access property for a function URL.

Example:

 Function fn;
 fn.addFunctionUrl(FunctionUrlOptions.builder()
         .authType(FunctionUrlAuthType.NONE)
         .cors(FunctionUrlCorsOptions.builder()
                 // Allow this to be called from websites on https://example.com.
                 // Can also be ['*'] to allow all domain.
                 .allowedOrigins(List.of("https://example.com"))
                 .build())
         .build());
 

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static final class	FunctionUrlCorsOptions.Builder	A builder for FunctionUrlCorsOptions
static final class	FunctionUrlCorsOptions.Jsii$Proxy	An implementation for FunctionUrlCorsOptions

Method Summary

Modifier and Type	Method	Description
static FunctionUrlCorsOptions.Builder	builder()
default Boolean	getAllowCredentials()	Whether to allow cookies or other credentials in requests to your function URL.
default List<String>	getAllowedHeaders()	Headers that are specified in the Access-Control-Request-Headers header.
default List<HttpMethod>	getAllowedMethods()	An HTTP method that you allow the origin to execute.
default List<String>	getAllowedOrigins()	One or more origins you want customers to be able to access the bucket from.
default List<String>	getExposedHeaders()	One or more headers in the response that you want customers to be able to access from their applications.
default Duration	getMaxAge()	The time in seconds that your browser is to cache the preflight response for the specified resource.

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Details

getAllowCredentials

@Stability(Stable)
@Nullable
default Boolean getAllowCredentials()

Whether to allow cookies or other credentials in requests to your function URL.

Default: false

getAllowedHeaders

@Stability(Stable)
@Nullable
default List<String> getAllowedHeaders()

Headers that are specified in the Access-Control-Request-Headers header.

Default: - No headers allowed.

getAllowedMethods

@Stability(Stable)
@Nullable
default List<HttpMethod> getAllowedMethods()

An HTTP method that you allow the origin to execute.

Default: - [HttpMethod.ALL]

getAllowedOrigins

@Stability(Stable)
@Nullable
default List<String> getAllowedOrigins()

One or more origins you want customers to be able to access the bucket from.

Default: - No origins allowed.

getExposedHeaders

@Stability(Stable)
@Nullable
default List<String> getExposedHeaders()

One or more headers in the response that you want customers to be able to access from their applications.

Default: - No headers exposed.

getMaxAge

@Stability(Stable)
@Nullable
default Duration getMaxAge()

The time in seconds that your browser is to cache the preflight response for the specified resource.

Default: - Browser default of 5 seconds.

builder

@Stability(Stable)
static FunctionUrlCorsOptions.Builder builder()

Returns:

a FunctionUrlCorsOptions.Builder of FunctionUrlCorsOptions