Cloud

In addition to enabling public access to the buckets, CORS settings will need to be updated so that other web resources can directly read from the store.

Amazon S3

Resource for changing bucket CORS settings:

Using cross-origin resource sharing (CORS) - Amazon Simple Storage ServiceAmazon Simple Storage Service

Bucket Policy

{
    "Version": "2008-10-17",
    "Statement": [
        {
            "Sid": "AllowPublicRead",
            "Effect": "Allow",
            "Principal": {
                "AWS": "*"
            },
            "Action": [
                "s3:GetObject",
                "s3:GetObjectAcl"
            ],
            "Resource": "arn:aws:s3:::cires/*"
        },
        {
            "Sid": "AllowPublicList",
            "Effect": "Allow",
            "Principal": {
                "AWS": "*"
            },
            "Action": "s3:ListBucket",
            "Resource": "arn:aws:s3:::cires"
        }
    ]
}

Bucket --> Permissions --> CORS configuration

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
    <AllowedOrigin>*</AllowedOrigin>
    <AllowedMethod>GET</AllowedMethod>
    <AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>

Google Bucket

The CORS settings for Google bucket need to be set so the Zarr store will be accessible to the public as well as to other web resources.

Create a file called CORS.json with the following properties specified:

[
    {
      "origin": ["*"],
      "method": ["GET","HEAD"],
      "responseHeader": ["Content-Type"],
      "maxAgeSeconds": 86400
    }
]

To update CORS settings for a bucket named "cires" use the gsutil cors command as follows:

gsutil cors set CORS.json gs://cires