Using CORS with AWS SAM

Question

I've created a few Lambda functions that get triggered by API-Gateway events.

Now I want to enable CORS for these endpoints, but it doesn't seem to work. In the last few versions of AWS SAM the CORS functionality was added or updated, but I still can't get it to work.

This is what I tried:

Gobals:
  Api:
    Cors: "'*'"

score 6 · Answer 1 · answered May 08 '18 at 09:09

6

You forgot to add the AllowOrigin property.

It needs to look like this:

Globals:
  Api:
    Cors:
      AllowOrigin: "'*'"

answered May 08 '18 at 09:09

MaiKaY

4,422
20
28

1

As per AWS Serverless Application Model (AWS SAM) [specifications/doc](https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#cors-configuration). – Andrew Sep 11 '19 at 19:51

score 4 · Accepted Answer · answered May 23 '20 at 08:59

You can also specify these in your lambda handlers (Python example):

return {
        'statusCode': status_code,
        'headers': {
            'Content-Type': 'application/json',
            'Access-Control-Allow-Origin': '*'
        },
        'body': status_message if status_code == 200 else 'Failure'
    }

Using CORS with AWS SAM

2 Answers2

Linked