Schema Request: S3 JSON CORS policies

[vasudhawaman]

Description of the JSON schema.

Issue: Implement/Update CORS Policy for API

Description: We need to implement or update the CORS (Cross-Origin Resource Sharing) policy for our API to improve security and ensure controlled access from trusted domains. The current configuration either doesn't exist or needs enhancements to handle modern web requirements and client requests.

Objectives:

• Define a clear list of allowed origins that can make cross-origin requests.
• Configure HTTP methods such as GET, POST, PUT, DELETE, OPTIONS, and PATCH for cross-origin access.
• Ensure necessary headers, like Content-Type and Authorization, are permitted in requests.
• Enable support for credentials (e.g., cookies and authorization headers) in cross-origin requests.
• Optimize preflight request handling by setting an appropriate maxAge value for caching.

Expected Outcome: Once implemented, the API will handle cross-origin requests securely, only allowing access from specified domains, supporting essential methods and headers, and improving efficiency with preflight request caching.

Supporting information.

https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS https://docs.aws.amazon.com/AmazonS3/latest/userguide/ManageCorsUsing.html

Are you making a PR for this?

Yes, I will create a PR.

[hyperupcall]

Thanks for raising this - A new configuration or an edit to an existing configuration would be welcome>