Description
Is there an existing issue for this?
- I have searched the existing issues
Current Behavior
The CORS configuration is missing or not applied. Requests to the bucket do not reflect the expected CORS headers and PUT object requests are denied with 403 http status code.
Expected Behavior
Expected Behavior:
The CORS configuration should be present and match what is defined in the CloudFormation template.
How are you starting LocalStack?
With a docker-compose file
Steps To Reproduce
- Use the following CloudFormation template to create an S3 bucket with a CORS configuration:
Resources:
TempObjectsBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: 'test-bucket-name'
CorsConfiguration:
CorsRules:
- AllowedMethods:
- GET
- PUT
AllowedOrigins:
- '*'
AllowedHeaders:
- '*'-
Deploy the template to LocalStack using the AWS CLI or an automation tool (e.g., Ansible, as in our pipeline).
aws --endpoint-url=http://localhost:4566 s3api get-bucket-cors --bucket test-temp-objects -
Inspect the bucket’s CORS configuration via the AWS CLI or SDK:
Expected Behavior:
The CORS configuration should be present and match what is defined in the CloudFormation template.
Environment
- OS:
- LocalStack:
LocalStack version: 3.3.0
LocalStack Docker image sha:
LocalStack build date: 2024-03-28
LocalStack build git hash:5567b0b3cAnything else?
When deploying an S3 bucket with a CORS configuration using a CloudFormation template to LocalStack, the CORS policy is not applied as expected.
The same template works correctly on AWS, but in LocalStack, the CORS rules are missing or not enforced.
Workaround
Manually applying the CORS configuration using the AWS CLI after bucket creation works:
{
"CORSRules": [
{
"AllowedHeaders": [
"*"
],
"AllowedMethods": [
"GET",
"PUT",
"POST",
"DELETE",
"HEAD"
],
"AllowedOrigins": [
"*"
],
"ExposeHeaders": [],
"MaxAgeSeconds": 3000
}
]
}Command:
aws --endpoint-url=http://localhost:4566 s3api put-bucket-cors --bucket test-temp-objects --cors-configuration s3CorsPolicy.json