Cross-origin resource sharing (CORS) is a mechanism for client web applications loaded in one domain to interact with resources in a different domain. With CORS, you can selectively allow cross-origin access to your VMware Cloud Director Object Storage Extension resources.

Using the VMware Cloud Director Object Storage Extension tenant portal, you can define multiple CORS rules at the bucket level.

CORS rules at the bucket level only take effect on virtual hosted-style S3 API requests. If you access resources using path-style S3 API requests, the global CORS rules take effect.

Create a Cross-Origin Resource Sharing Rule

Within a cross-origin resource sharing (CORS) rule, you define the allowed request origins, methods, headers, the maximum age of the request, and the exposed headers.


To create CORS rules for a bucket, verify that you have the required set of rights.
If you are an ... You can ...
organization administrator can create CORS rules for the buckets that users in your organization own.
organization user can create CORS rules for the buckets that you own.


  1. Log in to the VMware Cloud Director tenant portal.
  2. From the More drop-down menu, select Object Storage.
  3. In the Buckets pane, click the name of the bucket that you want to edit.
  4. Click Properties.
  5. In the Cross-Origin Resource Sharing section, click the text.
  6. Enter the details of the rule.
    1. Enter an ID for the rule or select the Auto Generate check box.
    2. Enter the allowed request origins or select the All Origins check box.
    3. Select the allowed request methods.
    4. (Optional) Enter the allowed request headers.
    5. (Optional) Enter the exposed headers.
    6. (Optional) Enter the maximum age allowed for requests.
  7. Save the current rule or add another rule.
    • To save the rule, click Save.
    • To add another rule, click Add Rule and complete step Step 6.