Cloudflare R2 - Static CDN CORS (allow GET and HEAD from any origin)

cloudflare-r2-cli-cors.md

Make sure AWS CLI is installed: https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html

1. Login to AWS CLI using Cloudflare R2 Token: https://developers.cloudflare.com/r2/examples/aws-cli/

$ aws configure
AWS Access Key ID [None]: <access_key_id>
AWS Secret Access Key [None]: <access_key_secret>
Default region name [None]: auto
Default output format [None]: json

2. Get current bucket CORS policy

$ aws s3api get-bucket-cors --bucket <BUCKET_NAME> --endpoint-url https://<ACCOUNT_ID>.r2.cloudflarestorage.com

3. Set bucket CORS policy according to s3-cors.json

$ aws s3api put-bucket-cors --bucket <BUCKET_NAME> --endpoint-url https://<ACCOUNT_ID>.r2.cloudflarestorage.com --cors-configuration "file:///<PATH_TO_s3-cors.json>"

s3-cors.json

{
    "CORSRules": [
        {
            "AllowedMethods": [
                "GET",
                "HEAD"
            ],
            "AllowedOrigins": [
                "*"
            ]
        }
    ]
}