AWS Javascript SDK issues - deleteObject working but deleteObjects doesn't

Question

So I'm getting myself familiar with the Javascript SDK for my S3 bucket, and I'm stuck on this CORS error which is rather perplexing.

My putObject and deleteObject function works just fine, I have my site use a public IAM user that has permissions to both delete and put objects in my bucket.

However, I am now moving onto the deleteObjects function (allowing me to delete multiple files with one request), and I'm getting this error:

Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin is therefore not allowed access. The response had HTTP status code 403.

I don't understand. If my IAM user has permission to delete and put, it shouldn't be giving me this CORS error, right?

Here's my deleteObjects function:

    AWS.config.update({ accessKeyId: $scope.creds.access_key, secretAccessKey: $scope.creds.secret_key });
    AWS.config.region = 'us-west-2';
    var bucket = new AWS.S3({ params: { Bucket: $scope.creds.bucket } });

    var params = {
        Bucket: $scope.creds.bucket,
        Delete: {
            Objects: [
                {
                    Key: "pic1"
                },
                {
                    Key: "pic2"
                }
            ]
        }
    }

    bucket.deleteObjects(params, function(err, data) {
        if (err) {
            console.log(err, err.stack);
        } else {
            console.log(data);
        }
    });

Answer 1

The deleteObject operation uses the DELETE http method, but deleteObjects uses the POST http method. You'll need to add: <AllowedMethod>POST</AllowedMethod> to your bucket's CORS configuration for deleteObjects to work.