You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
To set CORS configurations for your HTTP endpoints, simply modify your event configurations as follows:
75
+
76
+
```yml
77
+
custom:
78
+
apiGatewayServiceProxies:
79
+
- kinesis:
80
+
path: /kinesis
81
+
method: post
82
+
streamName: { Ref: 'YourStream' }
83
+
cors: true
84
+
```
85
+
86
+
Setting cors to true assumes a default configuration which is equivalent to:
87
+
88
+
```yml
89
+
custom:
90
+
apiGatewayServiceProxies:
91
+
- kinesis:
92
+
path: /kinesis
93
+
method: post
94
+
streamName: { Ref: 'YourStream' }
95
+
cors:
96
+
origin: '*'
97
+
headers:
98
+
- Content-Type
99
+
- X-Amz-Date
100
+
- Authorization
101
+
- X-Api-Key
102
+
- X-Amz-Security-Token
103
+
- X-Amz-User-Agent
104
+
allowCredentials: false
105
+
```
106
+
107
+
Configuring the cors property sets Access-Control-Allow-Origin, Access-Control-Allow-Headers, Access-Control-Allow-Methods,Access-Control-Allow-Credentials headers in the CORS preflight response.
108
+
To enable the Access-Control-Max-Age preflight response header, set the maxAge property in the cors object:
109
+
110
+
```yml
111
+
custom:
112
+
apiGatewayServiceProxies:
113
+
- kinesis:
114
+
path: /kinesis
115
+
method: post
116
+
streamName: { Ref: 'YourStream' }
117
+
cors:
118
+
origin: '*'
119
+
maxAge: 86400
120
+
```
121
+
122
+
If you are using CloudFront or another CDN for your API Gateway, you may want to setup a Cache-Control header to allow for OPTIONS request to be cached to avoid the additional hop.
123
+
124
+
To enable the Cache-Control header on preflight response, set the cacheControl property in the cors object:
125
+
126
+
```yml
127
+
custom:
128
+
apiGatewayServiceProxies:
129
+
- kinesis:
130
+
path: /kinesis
131
+
method: post
132
+
streamName: { Ref: 'YourStream' }
133
+
cors:
134
+
origin: '*'
135
+
headers:
136
+
- Content-Type
137
+
- X-Amz-Date
138
+
- Authorization
139
+
- X-Api-Key
140
+
- X-Amz-Security-Token
141
+
- X-Amz-User-Agent
142
+
allowCredentials: false
143
+
cacheControl: 'max-age=600, s-maxage=600, proxy-revalidate'# Caches on browser and proxy for 10 minutes and doesnt allow proxy to serve out of date content
144
+
```
145
+
146
+
### Customizing request body mapping templates
147
+
148
+
If you'd like to add content types or customize the default templates, you can do so by including your custom [API Gateway request mapping template](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-mapping-template-reference.html) in `serverless.yml` like so:
149
+
150
+
```yml
151
+
custom:
152
+
apiGatewayServiceProxies:
153
+
- kinesis:
154
+
path: /kinesis
155
+
method: post
156
+
streamName: { Ref: 'MyStream' }
157
+
request:
158
+
template:
159
+
text/plain:
160
+
Fn::Sub:
161
+
- |
162
+
#set($msgBody = $util.parseJson($input.body))
163
+
#set($msgId = $msgBody.MessageId)
164
+
{
165
+
"Data": "$util.base64Encode($input.body)",
166
+
"PartitionKey": "$msgId",
167
+
"StreamName": "#{MyStreamArn}"
168
+
}
169
+
- MyStreamArn:
170
+
Fn::GetAtt: [MyStream, Arn]
171
+
```
172
+
Source: [How to connect SNS to Kinesis for cross-account delivery via API Gateway](https://theburningmonk.com/2019/07/how-to-connect-sns-to-kinesis-for-cross-account-delivery-via-api-gateway/)
0 commit comments