MediaStore / Client / get_cors_policy



Returns the cross-origin resource sharing (CORS) configuration information that is set for the container.

To use this operation, you must have permission to perform the MediaStore:GetCorsPolicy action. By default, the container owner has this permission and can grant it to others.

See also: AWS API Documentation

Request Syntax

response = client.get_cors_policy(

ContainerName (string) –


The name of the container that the policy is assigned to.

Return type:



Response Syntax

    'CorsPolicy': [
            'AllowedOrigins': [
            'AllowedMethods': [
            'AllowedHeaders': [
            'MaxAgeSeconds': 123,
            'ExposeHeaders': [

Response Structure

  • (dict) –

    • CorsPolicy (list) –

      The CORS policy assigned to the container.

      • (dict) –

        A rule for a CORS policy. You can add up to 100 rules to a CORS policy. If more than one rule applies, the service uses the first applicable rule listed.

        • AllowedOrigins (list) –

          One or more response headers that you want users to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).

          Each CORS rule must have at least one AllowedOrigins element. The string value can include only one wildcard character (*), for example, http://* Additionally, you can specify only one wildcard character to allow cross-origin access for all origins.

          • (string) –

        • AllowedMethods (list) –

          Identifies an HTTP method that the origin that is specified in the rule is allowed to execute.

          Each CORS rule must contain at least one AllowedMethods and one AllowedOrigins element.

          • (string) –

        • AllowedHeaders (list) –

          Specifies which headers are allowed in a preflight OPTIONS request through the Access-Control-Request-Headers header. Each header name that is specified in Access-Control-Request-Headers must have a corresponding entry in the rule. Only the headers that were requested are sent back.

          This element can contain only one wildcard character (*).

          • (string) –

        • MaxAgeSeconds (integer) –

          The time in seconds that your browser caches the preflight response for the specified resource.

          A CORS rule can have only one MaxAgeSeconds element.

        • ExposeHeaders (list) –

          One or more headers in the response that you want users to be able to access from their applications (for example, from a JavaScript XMLHttpRequest object).

          This element is optional for each rule.

          • (string) –


  • MediaStore.Client.exceptions.ContainerInUseException

  • MediaStore.Client.exceptions.ContainerNotFoundException

  • MediaStore.Client.exceptions.CorsPolicyNotFoundException

  • MediaStore.Client.exceptions.InternalServerError