Как установить политику для CORS:

To fix the Cross-Origin Request Blocked error we need to prepare special XML file rules.xml, where we are going to describe such parameters as AllowedOrigin, AllowedMethod, AllowedHeader. In the rules.xml file will be described CORS policy for our bucket. This particular policy is setting up for each bucket individually. To apply a set of rules for the bucket, we should use the s3cmd command line or the analog. Let’s create a file rules.xml with the following content:
 

IMPORTANT! This configuration cannot be considered safe. It is not recommended to use this configuration in production. It is possible to use it only as a demonstration.

Let’s apply this policy to our bucket using the s3cmd tool.

$ s3cmd -c s3test.cfg setcors rules.xml s3://corsexample

   In this case, “corsexample” is the name of our bucket, rules.xml is the file with cors policies, and s3test.cfg is the file of the configuration of s3cmd tool.

Тут подробнее: https://pilvio.com/en/2021/01/21/uploading-files-from-html-page-to-an-s3-bucket/