Enabling CORS for Lambda proxy integration in AWS API Gateway (with AWS CDK)

I wanted to quickly document the process of enabling CORS when working with API Gateway’s Lambda proxy integration. Proxy integration allows you to call a Lambda function in the backend. Enabling the proxy integration removes the standard API Gateway integration response and places the responsibility of returning CORS headers in the hands of the backend service. Many questions online have emanating from this shift of responsibility. I’m hoping this article saves others time by presenting the configuration required to allow CORS requests to your APIs.

CORS Refresher

A common requirement when building APIs with AWS API Gateway (but not limited to API Gateway) is the enablement of Cross-Origin Resource Sharing(CORS). If your building a web application that happens to make requests to APIs on a different domain than enabling CORS will allow these requests succeed.

AWS CDK setup for API Gateway

The AWS CDK RestApi construct automatically deploys a resource which is accessible over a public endpoint. In this example I will modify this default behavior slightly and create a custom POST endpoint named webhook. This resource represents the actual request the browser will attempt to make.


It requires an investment of your time to get comfortable with AWS CDK. In the beginning it is arguably faster just to make some of these changes through the AWS Console. Once you get over the early learning curve however and realize the benefits of a fully automated stack then there is no turning back.

Tech Lead | AWS Community Builder | AWS Solutions Architect Pro | Passionate about learning | Languages include Java, Go, Typescript, and more recently Rust