Configure CORS by using Azure Resource Manager template

What is your deployment client? If you are using Powershell to deploy ARM (w you probably are) why not use Set-AzureStorageCORSRule?

PS C:\>$CorsRules = (@{
AllowedHeaders=@("x-ms-blob-content-type","x-ms-blob-content-disposition");
AllowedOrigins=@("*");
MaxAgeInSeconds=30;
AllowedMethods=@("Get","Connect")},
@{
AllowedOrigins=@("http://www.fabrikam.com","http://www.contoso.com");
ExposedHeaders=@("x-ms-meta-data*","x-ms-meta-customheader");
AllowedHeaders=@("x-ms-meta-target*","x-ms-meta-customheader");
MaxAgeInSeconds=30;
AllowedMethods=@("Put")})

PS C:\> Set-AzureStorageCORSRule -ServiceType Blob -CorsRules $CorsRules


As @JBA pointed out this now works via ARM templates.

{
  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "resources": [
    {
      "type": "Microsoft.Storage/storageAccounts",
      "name": "storageAccountName",
      "apiVersion": "2018-02-01",
      "location": "northeurope",
      "kind": "StorageV2",
      "sku": {
        "name": "Standard_LRS",
        "tier": "Standard"
      },
      "tags": {},
      "dependsOn": [],
      "properties": {
        "accessTier": "Hot"
      },
      "resources": [
        {
          "name": "default",
          "type": "blobServices",
          "apiVersion": "2018-11-01",
          "dependsOn": [
            "storageAccountName"
          ],
          "properties": {
            "cors": {
              "corsRules": [
                {
                  "allowedOrigins": [
                    "https://mywebsite.com"
                  ],
                  "allowedMethods": [
                    "GET"
                  ],
                  "maxAgeInSeconds": 0,
                  "exposedHeaders": [
                    "*"
                  ],
                  "allowedHeaders": [
                    "*"
                  ]
                }
              ]
            }
          },
          "resources": []
        },
        {
          "type": "blobServices/containers",
          "apiVersion": "2018-03-01-preview",
          "name": "[concat('default/', 'myFilesToShare')]",
          "dependsOn": [
            "storageAccountName"
          ],
          "properties": {
            "publicAccess": "Blob"
          }
        }
      ]
    }
  ]
}

I'm trying to set CORS rule for my storage account

I create a similar ARM template to create a storage account resource, I find that it seems not recognize/accept cors and other properties (such as val that I define) except accountType property.

{
  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": { },
  "variables": { },
  "resources": [
    {
      "type": "Microsoft.Storage/storageAccounts",
      "apiVersion": "2015-06-15",
      "name": "[concat('storage', uniqueString(resourceGroup().id))]",
      "location": "[resourceGroup().location]",
      "properties": {
        "accountType": "Standard_LRS",
        "cors": {
          "allowedHeaders": [ "*" ],
          "allowedMethods": [ "get", "post", "put" ],
          "allowedOrigins": [ "*" ],
          "exposedHeaders": [ "*" ],
          "maximumAge": 5
        },
        "val": "123"
      }
    }
  ],
  "outputs": { }
}

Besides, as we know, we could configure Cors setting for azure storage services (blob, table, queue and file shares), it seems that it does not enable us to configure Cors setting at storage account level directly while deploying storage account template. enter image description here