- Newest
- Most votes
- Most comments
CORS headers are configured in CloudFront with response header policies. There are several commonly applicable ones available by default, and you can create your own if you have specific requirements.
If you're configuring CloudFront via the console, you can select the response header policy for each behavior of your CloudFront distribution in the properties of the behavior:
The contents of the default response header policies are explained in detail in this documentation article: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-response-headers-policies.html
If you're using CloudFormation to configure your CloudFront distribution, the AWS::CloudFront::Distribution resource type has the property DistributionConfig containing the properties DefaultCacheBehavior and CacheBehaviors for configuring the behaviors: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html.
Both behavior elements have the property ResponseHeadersPolicyId which accepts the ID of the response header policy as input: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-cachebehavior.html#cfn-cloudfront-distribution-cachebehavior-responseheaderspolicyid.
The IDs of the default response header policies are in the response header policy document article above, and custom ones you can create with the CloudFormation resource type AWS::CloudFront::ResponseHeadersPolicy, which returns the GUID as its Ref return value:
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-responseheaderspolicy.html
Relevant content
- asked 3 years ago
- asked 3 years ago
- AWS OFFICIALUpdated 4 months ago
Thank you for the detailed response. I gave it a try and will see how it works out. The only part I'm not clear on is how to use my existing CloudFormation to configure CloudFront.