If you deploy a Serverless Framework Java Lambda to AWS and attempt to call it locally while developing your frontend, you’ll run into a CORS error like this:
Access to XMLHttpRequest at 'https://abc.execute-api.us-west-1.amazonaws.com/some/api' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Posts suggest to set a cors option under the event in your serverless.yaml like this:
events:
- http:
path: handlerPath
method: post
cors:
origin: '*'
… but in current versions of Serverless this results in an error like this:
Serverless: at 'functions['example'].events[0].httpApi': unrecognized property 'cors'
From this post, it mentions the cors options has moved up into the provider section:
provider:
name: aws
runtime: java8
lambdaHashingVersion: 20201221
httpApi:
cors: true
This is in the docs here.
This works great!
What does this option do? It looks like it sets these options in API Gateway:
