amazon web services - How to Enable CORS for an AWS API Gateway Resource

Question

I created REST API using AWS API Gateway & AWS Lambda and when I configured CORS I faced with such issue - I was able to configure CORS response headers for OPTIONS method, but didn't for GET method.

I made it according Amazon documentation, but when I called GET method I didn't see required headers (Access-Control-Allow-Methods, Access-Control-Allow-Headers, Access-Control-Allow-Origin) in response. Due to that I got errors on client side:

Failed to load #my_test_rest#: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin #my_test_rest_url# is therefore not allowed access.

As a temporary fix I hardcode required headers in code of Lambda function, but it looks not like right solution and I'd like to understand why it don't work for me. Any ideas what's I'd doing wrong?

Answer 1

Since you're using Lambda Proxy integration for your method, you'll need to:

(1) provide the Access-Control-Allow-Origin header as part of the Lambda response. For example:

callback(null, {
    statusCode: 200,
    headers: {"Content-Type": "application/json", "Access-Control-Allow-Origin": "*"},
    body: JSON.stringify({message: "Success"})
});

(2) and add the Access-Control-Allow-Origin as a 200 response header in your Method Response config.