Enable CORS for API Gateway in Cloudformation template

Question

I'm creating AWS Cloudformation template for my environment and I can't find a way to enable CORS for API Gateway method.

I can configure it using AWS console (here is the official doc), but how can I do it in the Cloudformation template?

Answer 1

After some trial and error, I found that the following CloudFormation template snippet will produce an equivalent OPTIONS method when compared to the CORS console wizard:

OptionsMethod:   Type: AWS::ApiGateway::Method   Properties:     AuthorizationType: NONE     RestApiId:       Ref: MyApi     ResourceId:       Ref: MyResourceOnWhichToEnableCORS     HttpMethod: OPTIONS     Integration:       IntegrationResponses:       - StatusCode: 200         ResponseParameters:           method.response.header.Access-Control-Allow-Headers: "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token'"           method.response.header.Access-Control-Allow-Methods: "'POST,OPTIONS'"           method.response.header.Access-Control-Allow-Origin: "'*'"         ResponseTemplates:           application/json: ''       PassthroughBehavior: WHEN_NO_MATCH       RequestTemplates:         application/json: '{"statusCode": 200}'       Type: MOCK     MethodResponses:     - StatusCode: 200       ResponseModels:         application/json: 'Empty'       ResponseParameters:           method.response.header.Access-Control-Allow-Headers: false           method.response.header.Access-Control-Allow-Methods: false           method.response.header.Access-Control-Allow-Origin: false 

*Note 1: This is an example of taking the defaults for a POST. Obviously, you'll need to update Access-Control-Allow-Methods to include the values you need.

*Note 2: Kudos to the AWS CloudFormation team for recently introducing YAML support. If you need to convert to/from YAML/JSON, I have found this site handy: http://www.json2yaml.com/