Cloudformation API GW IntegrationResponse/response headers

Question

It is possible to use !Ref to a S3 bucket to use within a ResponseParameter. For example:

IntegrationResponses:
      - ResponseParameters:
          method.response.header.Access-Control-Allow-Headers: "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token'"
          method.response.header.Access-Control-Allow-Methods: "'POST,OPTIONS'"
          method.response.header.Access-Control-Allow-Origin: "'https://dynamicbucketname.s3-us-west-2.amazonaws.com'"
          method.response.header.Access-Control-Allow-Credentials: "'true'"

S3Bucket:
 Type: AWS::S3::Bucket
 Properties:
   PublicAccessBlockConfiguration:
     BlockPublicAcls: true
     IgnorePublicAcls: false
     BlockPublicPolicy: true
     RestrictPublicBuckets: true  
   WebsiteConfiguration:
     IndexDocument: index.html
     ErrorDocument: error.html

So essentially I'm using a resource AWS::S3::Bucket which allows the template to create the bucket. Hence the name will be dynamic. I want to be able to !Ref S3Bucket within the Origin. Is that even possible? I know it can be static like "'https://www.example.com'"

Answer 1

One way would be to this as follows using Sub function:

It is possible to use !Ref to a S3 bucket to use within a ResponseParameter. For example:

IntegrationResponses:
      - ResponseParameters:
          method.response.header.Access-Control-Allow-Headers: "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token'"
          method.response.header.Access-Control-Allow-Methods: "'POST,OPTIONS'"
          method.response.header.Access-Control-Allow-Origin: !Sub "'https://${S3Bucket.DomainName}'"
          method.response.header.Access-Control-Allow-Credentials: "'true'"

Other Bucket return values than DomainName are listed here: