[英]AWS cloudformation template.yml fails when I try to use method OPTIONS for CORS preflight (Lambda)
I tried to add a block for method OPTIONS to accept and forward to my lambda proxy also OPTIONS events.我尝试为方法 OPTIONS 添加一个块以接受并转发到我的 lambda 代理还有 OPTIONS 事件。 But cloudformation fails - but I can not find details why.
但是 cloudformation 失败了——但我找不到详细的原因。
This is the block I tried:这是我试过的块:
CorsPreflightEvent:
Type: Api
Properties:
Path: /
Method: options
Auth:
Authorizer: NONE
This is the full block:这是完整的块:
MyApp:
Type: AWS::Serverless::Function
Properties:
FunctionName: !Sub 'awscodestar-${ProjectId}-lambda-01'
Handler: index.handler
Runtime: python3.9
Timeout: 10
Role:
Fn::GetAtt:
- LambdaExecutionRole
- Arn
Events:
CorsPreflightEvent:
Type: Api
Properties:
Path: /
Method: options
Auth:
Authorizer: NONE
GetEventAll:
Type: Api
Properties:
Path: /
Method: get
GetEventSectionCat:
Type: Api
Properties:
Path: /{subject}/{category}
Method: get
PostEvent:
Type: Api
Properties:
Path: /
Method: post
In general I want to allow OPTIONS without CORS. So I added to my python a OPTIONS response.一般来说,我想允许没有 CORS 的选项。所以我在我的 python 中添加了一个选项响应。 I guess it should work.
我想它应该工作。 But it shall react on any path.
但它应在任何路径上作出反应。 Thats why I also tried this path before:
这就是为什么我之前也尝试过这条路:
/{proxy+}
I want to disable CORS for any requests, but chrome complains, that is why I try to send this header in my Python - which should be done for all kind of requests:我想为任何请求禁用 CORS,但 chrome 抱怨,这就是为什么我尝试在我的 Python 中发送这个 header - 这应该针对所有类型的请求完成:
headers = {
'Content-Type': 'application/json',
'Access-Control-Allow-Headers': 'Content-Type',
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': 'OPTIONS,POST,GET'
}
Does anyone see what is wrong with my template.yml and why the step "GenerateChangeSet" may fail?有没有人看到我的 template.yml 有什么问题以及为什么“GenerateChangeSet”步骤可能会失败?
Meanwhile I switched to an easier solution to disable cors. Not by code but in template.yml I added this block:与此同时,我切换到一个更简单的解决方案来禁用 cors。不是通过代码而是在 template.yml 中我添加了这个块:
Globals:
Api:
Cors:
AllowMethods: "'OPTIONS,POST,GET'"
AllowHeaders: "'*'"
AllowOrigin: "'*'"
This thread helped me to find the issue. 这个线程帮助我找到了问题。
There is a tool mentioned: cfn-lint , which was able to give me a useful error message:提到了一个工具: cfn-lint ,它能够给我一个有用的错误信息:
E0001 Error transforming template: Resource with id [MyApp] is invalid.
E0001 转换模板时出错:ID 为 [MyApp] 的资源无效。 Event with id [CorsPreflightEven t] is invalid.
ID 为 [CorsPreflightEvent t] 的事件无效。 Unable to set Authorizer on API method [options] for path [/] because 'NONE' is only a valid value when a DefaultAuthorizer on the API is specified.
无法在路径 [/] 的 API 方法 [选项] 上设置 Authorizer,因为在指定 API 上的 DefaultAuthorizer 时,“NONE”只是一个有效值。
So I removed the Auth
part.所以我删除了
Auth
部分。 Now it goes through pipeline process.现在它经历了流水线过程。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.