aws-cdk-lib.aws_lambda.FunctionUrlCorsOptions

interface FunctionUrlCorsOptions

LanguageType name
.NETAmazon.CDK.AWS.Lambda.FunctionUrlCorsOptions
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awslambda#FunctionUrlCorsOptions
Javasoftware.amazon.awscdk.services.lambda.FunctionUrlCorsOptions
Pythonaws_cdk.aws_lambda.FunctionUrlCorsOptions
TypeScript (source)aws-cdk-lib » aws_lambda » FunctionUrlCorsOptions

Specifies a cross-origin access property for a function URL.

Example

declare const fn: lambda.Function;

fn.addFunctionUrl({
  authType: lambda.FunctionUrlAuthType.NONE,
  cors: {
    // Allow this to be called from websites on https://example.com.
    // Can also be ['*'] to allow all domain.
    allowedOrigins: ['https://example.com'],

    // More options are possible here, see the documentation for FunctionUrlCorsOptions
  },
});

Properties

NameTypeDescription
allowCredentials?booleanWhether to allow cookies or other credentials in requests to your function URL.
allowedHeaders?string[]Headers that are specified in the Access-Control-Request-Headers header.
allowedMethods?HttpMethod[]An HTTP method that you allow the origin to execute.
allowedOrigins?string[]One or more origins you want customers to be able to access the bucket from.
exposedHeaders?string[]One or more headers in the response that you want customers to be able to access from their applications.
maxAge?DurationThe time in seconds that your browser is to cache the preflight response for the specified resource.

allowCredentials?

Type: boolean (optional, default: false)

Whether to allow cookies or other credentials in requests to your function URL.


allowedHeaders?

Type: string[] (optional, default: No headers allowed.)

Headers that are specified in the Access-Control-Request-Headers header.


allowedMethods?

Type: HttpMethod[] (optional, default: [HttpMethod.ALL])

An HTTP method that you allow the origin to execute.


allowedOrigins?

Type: string[] (optional, default: No origins allowed.)

One or more origins you want customers to be able to access the bucket from.


exposedHeaders?

Type: string[] (optional, default: No headers exposed.)

One or more headers in the response that you want customers to be able to access from their applications.


maxAge?

Type: Duration (optional, default: Browser default of 5 seconds.)

The time in seconds that your browser is to cache the preflight response for the specified resource.