Configuring Cross-Origin Resource Sharing (CORS)

You can configure Cross-Origin Resource Sharing (CORS) for an S3 bucket if you want that bucket and objects in that bucket to be accessible to web applications in other domains.

1. Use a text editor to create the XML required to enable CORS.
   Example

   This example shows the XML used to enable CORS for an S3 bucket. This XML allows any domain to send GET requests to the bucket, but it only allows the http://www.example.com domain to send POST and DELETE requests. All request headers are allowed.

   <CORSConfiguration
       xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
       <CORSRule>
           <AllowedOrigin>*</AllowedOrigin>
           <AllowedMethod>GET</AllowedMethod>
           <AllowedHeader>*</AllowedHeader>
       </CORSRule>
       <CORSRule>
           <AllowedOrigin>http://www.example.com</AllowedOrigin>
           <AllowedMethod>GET</AllowedMethod>
           <AllowedMethod>POST</AllowedMethod>
           <AllowedMethod>DELETE</AllowedMethod>
           <AllowedHeader>*</AllowedHeader>
       </CORSRule>   
   </CORSConfiguration>

   See Amazon Web Services (AWS) Documentation: Amazon Simple Storage Service Developer Guide for more information about the CORS configuration XML.
2. In the Tenant Manager, go to S3 > Buckets.
3. Select the bucket from the list, and click Configure CORS.
4. Paste the CORS configuration XML into the text box, and click Save.
   Example
   
   
   
5. To modify the CORS setting for the bucket, update the CORS configuration XML in the text box, and click Save.
6. To disable CORS for the bucket, delete the CORS configuration XML from the text box, and click Save.