Docs Home
AWS v6.73.0 published on Wednesday, Mar 19, 2025 by Pulumi
aws.cloudfront.ResponseHeadersPolicy
Explore with Pulumi AI
Provides a CloudFront response headers policy resource. A response headers policy contains information about a set of HTTP response headers and their values. After you create a response headers policy, you can use its ID to attach it to one or more cache behaviors in a CloudFront distribution. When it’s attached to a cache behavior, CloudFront adds the headers in the policy to every response that it sends for requests that match the cache behavior.
Example Usage
The example below creates a CloudFront response headers policy.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.cloudfront.ResponseHeadersPolicy("example", {
name: "example-policy",
comment: "test comment",
corsConfig: {
accessControlAllowCredentials: true,
accessControlAllowHeaders: {
items: ["test"],
},
accessControlAllowMethods: {
items: ["GET"],
},
accessControlAllowOrigins: {
items: ["test.example.comtest"],
},
originOverride: true,
},
});
import pulumi
import pulumi_aws as aws
example = aws.cloudfront.ResponseHeadersPolicy("example",
name="example-policy",
comment="test comment",
cors_config={
"access_control_allow_credentials": True,
"access_control_allow_headers": {
"items": ["test"],
},
"access_control_allow_methods": {
"items": ["GET"],
},
"access_control_allow_origins": {
"items": ["test.example.comtest"],
},
"origin_override": True,
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudfront.NewResponseHeadersPolicy(ctx, "example", &cloudfront.ResponseHeadersPolicyArgs{
Name: pulumi.String("example-policy"),
Comment: pulumi.String("test comment"),
CorsConfig: &cloudfront.ResponseHeadersPolicyCorsConfigArgs{
AccessControlAllowCredentials: pulumi.Bool(true),
AccessControlAllowHeaders: &cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs{
Items: pulumi.StringArray{
pulumi.String("test"),
},
},
AccessControlAllowMethods: &cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs{
Items: pulumi.StringArray{
pulumi.String("GET"),
},
},
AccessControlAllowOrigins: &cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs{
Items: pulumi.StringArray{
pulumi.String("test.example.comtest"),
},
},
OriginOverride: pulumi.Bool(true),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.CloudFront.ResponseHeadersPolicy("example", new()
{
Name = "example-policy",
Comment = "test comment",
CorsConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigArgs
{
AccessControlAllowCredentials = true,
AccessControlAllowHeaders = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs
{
Items = new[]
{
"test",
},
},
AccessControlAllowMethods = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs
{
Items = new[]
{
"GET",
},
},
AccessControlAllowOrigins = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs
{
Items = new[]
{
"test.example.comtest",
},
},
OriginOverride = true,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.ResponseHeadersPolicy;
import com.pulumi.aws.cloudfront.ResponseHeadersPolicyArgs;
import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCorsConfigArgs;
import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs;
import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs;
import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResponseHeadersPolicy("example", ResponseHeadersPolicyArgs.builder()
.name("example-policy")
.comment("test comment")
.corsConfig(ResponseHeadersPolicyCorsConfigArgs.builder()
.accessControlAllowCredentials(true)
.accessControlAllowHeaders(ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs.builder()
.items("test")
.build())
.accessControlAllowMethods(ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs.builder()
.items("GET")
.build())
.accessControlAllowOrigins(ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs.builder()
.items("test.example.comtest")
.build())
.originOverride(true)
.build())
.build());
}
}
resources:
example:
type: aws:cloudfront:ResponseHeadersPolicy
properties:
name: example-policy
comment: test comment
corsConfig:
accessControlAllowCredentials: true
accessControlAllowHeaders:
items:
- test
accessControlAllowMethods:
items:
- GET
accessControlAllowOrigins:
items:
- test.example.comtest
originOverride: true
The example below creates a CloudFront response headers policy with a custom headers config.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.cloudfront.ResponseHeadersPolicy("example", {
name: "example-headers-policy",
customHeadersConfig: {
items: [
{
header: "X-Permitted-Cross-Domain-Policies",
override: true,
value: "none",
},
{
header: "X-Test",
override: true,
value: "none",
},
],
},
});
import pulumi
import pulumi_aws as aws
example = aws.cloudfront.ResponseHeadersPolicy("example",
name="example-headers-policy",
custom_headers_config={
"items": [
{
"header": "X-Permitted-Cross-Domain-Policies",
"override": True,
"value": "none",
},
{
"header": "X-Test",
"override": True,
"value": "none",
},
],
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudfront.NewResponseHeadersPolicy(ctx, "example", &cloudfront.ResponseHeadersPolicyArgs{
Name: pulumi.String("example-headers-policy"),
CustomHeadersConfig: &cloudfront.ResponseHeadersPolicyCustomHeadersConfigArgs{
Items: cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArray{
&cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArgs{
Header: pulumi.String("X-Permitted-Cross-Domain-Policies"),
Override: pulumi.Bool(true),
Value: pulumi.String("none"),
},
&cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArgs{
Header: pulumi.String("X-Test"),
Override: pulumi.Bool(true),
Value: pulumi.String("none"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.CloudFront.ResponseHeadersPolicy("example", new()
{
Name = "example-headers-policy",
CustomHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigArgs
{
Items = new[]
{
new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigItemArgs
{
Header = "X-Permitted-Cross-Domain-Policies",
Override = true,
Value = "none",
},
new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigItemArgs
{
Header = "X-Test",
Override = true,
Value = "none",
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.ResponseHeadersPolicy;
import com.pulumi.aws.cloudfront.ResponseHeadersPolicyArgs;
import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCustomHeadersConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResponseHeadersPolicy("example", ResponseHeadersPolicyArgs.builder()
.name("example-headers-policy")
.customHeadersConfig(ResponseHeadersPolicyCustomHeadersConfigArgs.builder()
.items(
ResponseHeadersPolicyCustomHeadersConfigItemArgs.builder()
.header("X-Permitted-Cross-Domain-Policies")
.override(true)
.value("none")
.build(),
ResponseHeadersPolicyCustomHeadersConfigItemArgs.builder()
.header("X-Test")
.override(true)
.value("none")
.build())
.build())
.build());
}
}
resources:
example:
type: aws:cloudfront:ResponseHeadersPolicy
properties:
name: example-headers-policy
customHeadersConfig:
items:
- header: X-Permitted-Cross-Domain-Policies
override: true
value: none
- header: X-Test
override: true
value: none
The example below creates a CloudFront response headers policy with a custom headers config, remove headers config and server timing headers config.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.cloudfront.ResponseHeadersPolicy("example", {
name: "example-headers-policy",
customHeadersConfig: {
items: [{
header: "X-Permitted-Cross-Domain-Policies",
override: true,
value: "none",
}],
},
removeHeadersConfig: {
items: [{
header: "Set-Cookie",
}],
},
serverTimingHeadersConfig: {
enabled: true,
samplingRate: 50,
},
});
import pulumi
import pulumi_aws as aws
example = aws.cloudfront.ResponseHeadersPolicy("example",
name="example-headers-policy",
custom_headers_config={
"items": [{
"header": "X-Permitted-Cross-Domain-Policies",
"override": True,
"value": "none",
}],
},
remove_headers_config={
"items": [{
"header": "Set-Cookie",
}],
},
server_timing_headers_config={
"enabled": True,
"sampling_rate": 50,
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudfront.NewResponseHeadersPolicy(ctx, "example", &cloudfront.ResponseHeadersPolicyArgs{
Name: pulumi.String("example-headers-policy"),
CustomHeadersConfig: &cloudfront.ResponseHeadersPolicyCustomHeadersConfigArgs{
Items: cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArray{
&cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArgs{
Header: pulumi.String("X-Permitted-Cross-Domain-Policies"),
Override: pulumi.Bool(true),
Value: pulumi.String("none"),
},
},
},
RemoveHeadersConfig: &cloudfront.ResponseHeadersPolicyRemoveHeadersConfigArgs{
Items: cloudfront.ResponseHeadersPolicyRemoveHeadersConfigItemArray{
&cloudfront.ResponseHeadersPolicyRemoveHeadersConfigItemArgs{
Header: pulumi.String("Set-Cookie"),
},
},
},
ServerTimingHeadersConfig: &cloudfront.ResponseHeadersPolicyServerTimingHeadersConfigArgs{
Enabled: pulumi.Bool(true),
SamplingRate: pulumi.Float64(50),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.CloudFront.ResponseHeadersPolicy("example", new()
{
Name = "example-headers-policy",
CustomHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigArgs
{
Items = new[]
{
new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigItemArgs
{
Header = "X-Permitted-Cross-Domain-Policies",
Override = true,
Value = "none",
},
},
},
RemoveHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyRemoveHeadersConfigArgs
{
Items = new[]
{
new Aws.CloudFront.Inputs.ResponseHeadersPolicyRemoveHeadersConfigItemArgs
{
Header = "Set-Cookie",
},
},
},
ServerTimingHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyServerTimingHeadersConfigArgs
{
Enabled = true,
SamplingRate = 50,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.ResponseHeadersPolicy;
import com.pulumi.aws.cloudfront.ResponseHeadersPolicyArgs;
import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCustomHeadersConfigArgs;
import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyRemoveHeadersConfigArgs;
import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyServerTimingHeadersConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResponseHeadersPolicy("example", ResponseHeadersPolicyArgs.builder()
.name("example-headers-policy")
.customHeadersConfig(ResponseHeadersPolicyCustomHeadersConfigArgs.builder()
.items(ResponseHeadersPolicyCustomHeadersConfigItemArgs.builder()
.header("X-Permitted-Cross-Domain-Policies")
.override(true)
.value("none")
.build())
.build())
.removeHeadersConfig(ResponseHeadersPolicyRemoveHeadersConfigArgs.builder()
.items(ResponseHeadersPolicyRemoveHeadersConfigItemArgs.builder()
.header("Set-Cookie")
.build())
.build())
.serverTimingHeadersConfig(ResponseHeadersPolicyServerTimingHeadersConfigArgs.builder()
.enabled(true)
.samplingRate(50)
.build())
.build());
}
}
resources:
example:
type: aws:cloudfront:ResponseHeadersPolicy
properties:
name: example-headers-policy
customHeadersConfig:
items:
- header: X-Permitted-Cross-Domain-Policies
override: true
value: none
removeHeadersConfig:
items:
- header: Set-Cookie
serverTimingHeadersConfig:
enabled: true
samplingRate: 50
Create ResponseHeadersPolicy Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ResponseHeadersPolicy(name: string, args?: ResponseHeadersPolicyArgs, opts?: CustomResourceOptions);@overload
def ResponseHeadersPolicy(resource_name: str,
args: Optional[ResponseHeadersPolicyArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def ResponseHeadersPolicy(resource_name: str,
opts: Optional[ResourceOptions] = None,
comment: Optional[str] = None,
cors_config: Optional[ResponseHeadersPolicyCorsConfigArgs] = None,
custom_headers_config: Optional[ResponseHeadersPolicyCustomHeadersConfigArgs] = None,
etag: Optional[str] = None,
name: Optional[str] = None,
remove_headers_config: Optional[ResponseHeadersPolicyRemoveHeadersConfigArgs] = None,
security_headers_config: Optional[ResponseHeadersPolicySecurityHeadersConfigArgs] = None,
server_timing_headers_config: Optional[ResponseHeadersPolicyServerTimingHeadersConfigArgs] = None)func NewResponseHeadersPolicy(ctx *Context, name string, args *ResponseHeadersPolicyArgs, opts ...ResourceOption) (*ResponseHeadersPolicy, error)public ResponseHeadersPolicy(string name, ResponseHeadersPolicyArgs? args = null, CustomResourceOptions? opts = null)
public ResponseHeadersPolicy(String name, ResponseHeadersPolicyArgs args)
public ResponseHeadersPolicy(String name, ResponseHeadersPolicyArgs args, CustomResourceOptions options)
type: aws:cloudfront:ResponseHeadersPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ResponseHeadersPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ResponseHeadersPolicyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ResponseHeadersPolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ResponseHeadersPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ResponseHeadersPolicyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var responseHeadersPolicyResource = new Aws.CloudFront.ResponseHeadersPolicy("responseHeadersPolicyResource", new()
{
Comment = "string",
CorsConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigArgs
{
AccessControlAllowCredentials = false,
AccessControlAllowHeaders = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs
{
Items = new[]
{
"string",
},
},
AccessControlAllowMethods = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs
{
Items = new[]
{
"string",
},
},
AccessControlAllowOrigins = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs
{
Items = new[]
{
"string",
},
},
OriginOverride = false,
AccessControlExposeHeaders = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlExposeHeadersArgs
{
Items = new[]
{
"string",
},
},
AccessControlMaxAgeSec = 0,
},
CustomHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigArgs
{
Items = new[]
{
new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigItemArgs
{
Header = "string",
Override = false,
Value = "string",
},
},
},
Etag = "string",
Name = "string",
RemoveHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyRemoveHeadersConfigArgs
{
Items = new[]
{
new Aws.CloudFront.Inputs.ResponseHeadersPolicyRemoveHeadersConfigItemArgs
{
Header = "string",
},
},
},
SecurityHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicySecurityHeadersConfigArgs
{
ContentSecurityPolicy = new Aws.CloudFront.Inputs.ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicyArgs
{
ContentSecurityPolicy = "string",
Override = false,
},
ContentTypeOptions = new Aws.CloudFront.Inputs.ResponseHeadersPolicySecurityHeadersConfigContentTypeOptionsArgs
{
Override = false,
},
FrameOptions = new Aws.CloudFront.Inputs.ResponseHeadersPolicySecurityHeadersConfigFrameOptionsArgs
{
FrameOption = "string",
Override = false,
},
ReferrerPolicy = new Aws.CloudFront.Inputs.ResponseHeadersPolicySecurityHeadersConfigReferrerPolicyArgs
{
Override = false,
ReferrerPolicy = "string",
},
StrictTransportSecurity = new Aws.CloudFront.Inputs.ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurityArgs
{
AccessControlMaxAgeSec = 0,
Override = false,
IncludeSubdomains = false,
Preload = false,
},
XssProtection = new Aws.CloudFront.Inputs.ResponseHeadersPolicySecurityHeadersConfigXssProtectionArgs
{
Override = false,
Protection = false,
ModeBlock = false,
ReportUri = "string",
},
},
ServerTimingHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyServerTimingHeadersConfigArgs
{
Enabled = false,
SamplingRate = 0,
},
});
example, err := cloudfront.NewResponseHeadersPolicy(ctx, "responseHeadersPolicyResource", &cloudfront.ResponseHeadersPolicyArgs{
Comment: pulumi.String("string"),
CorsConfig: &cloudfront.ResponseHeadersPolicyCorsConfigArgs{
AccessControlAllowCredentials: pulumi.Bool(false),
AccessControlAllowHeaders: &cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs{
Items: pulumi.StringArray{
pulumi.String("string"),
},
},
AccessControlAllowMethods: &cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs{
Items: pulumi.StringArray{
pulumi.String("string"),
},
},
AccessControlAllowOrigins: &cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs{
Items: pulumi.StringArray{
pulumi.String("string"),
},
},
OriginOverride: pulumi.Bool(false),
AccessControlExposeHeaders: &cloudfront.ResponseHeadersPolicyCorsConfigAccessControlExposeHeadersArgs{
Items: pulumi.StringArray{
pulumi.String("string"),
},
},
AccessControlMaxAgeSec: pulumi.Int(0),
},
CustomHeadersConfig: &cloudfront.ResponseHeadersPolicyCustomHeadersConfigArgs{
Items: cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArray{
&cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArgs{
Header: pulumi.String("string"),
Override: pulumi.Bool(false),
Value: pulumi.String("string"),
},
},
},
Etag: pulumi.String("string"),
Name: pulumi.String("string"),
RemoveHeadersConfig: &cloudfront.ResponseHeadersPolicyRemoveHeadersConfigArgs{
Items: cloudfront.ResponseHeadersPolicyRemoveHeadersConfigItemArray{
&cloudfront.ResponseHeadersPolicyRemoveHeadersConfigItemArgs{
Header: pulumi.String("string"),
},
},
},
SecurityHeadersConfig: &cloudfront.ResponseHeadersPolicySecurityHeadersConfigArgs{
ContentSecurityPolicy: &cloudfront.ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicyArgs{
ContentSecurityPolicy: pulumi.String("string"),
Override: pulumi.Bool(false),
},
ContentTypeOptions: &cloudfront.ResponseHeadersPolicySecurityHeadersConfigContentTypeOptionsArgs{
Override: pulumi.Bool(false),
},
FrameOptions: &cloudfront.ResponseHeadersPolicySecurityHeadersConfigFrameOptionsArgs{
FrameOption: pulumi.String("string"),
Override: pulumi.Bool(false),
},
ReferrerPolicy: &cloudfront.ResponseHeadersPolicySecurityHeadersConfigReferrerPolicyArgs{
Override: pulumi.Bool(false),
ReferrerPolicy: pulumi.String("string"),
},
StrictTransportSecurity: &cloudfront.ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurityArgs{
AccessControlMaxAgeSec: pulumi.Int(0),
Override: pulumi.Bool(false),
IncludeSubdomains: pulumi.Bool(false),
Preload: pulumi.Bool(false),
},
XssProtection: &cloudfront.ResponseHeadersPolicySecurityHeadersConfigXssProtectionArgs{
Override: pulumi.Bool(false),
Protection: pulumi.Bool(false),
ModeBlock: pulumi.Bool(false),
ReportUri: pulumi.String("string"),
},
},
ServerTimingHeadersConfig: &cloudfront.ResponseHeadersPolicyServerTimingHeadersConfigArgs{
Enabled: pulumi.Bool(false),
SamplingRate: pulumi.Float64(0),
},
})
var responseHeadersPolicyResource = new ResponseHeadersPolicy("responseHeadersPolicyResource", ResponseHeadersPolicyArgs.builder()
.comment("string")
.corsConfig(ResponseHeadersPolicyCorsConfigArgs.builder()
.accessControlAllowCredentials(false)
.accessControlAllowHeaders(ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs.builder()
.items("string")
.build())
.accessControlAllowMethods(ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs.builder()
.items("string")
.build())
.accessControlAllowOrigins(ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs.builder()
.items("string")
.build())
.originOverride(false)
.accessControlExposeHeaders(ResponseHeadersPolicyCorsConfigAccessControlExposeHeadersArgs.builder()
.items("string")
.build())
.accessControlMaxAgeSec(0)
.build())
.customHeadersConfig(ResponseHeadersPolicyCustomHeadersConfigArgs.builder()
.items(ResponseHeadersPolicyCustomHeadersConfigItemArgs.builder()
.header("string")
.override(false)
.value("string")
.build())
.build())
.etag("string")
.name("string")
.removeHeadersConfig(ResponseHeadersPolicyRemoveHeadersConfigArgs.builder()
.items(ResponseHeadersPolicyRemoveHeadersConfigItemArgs.builder()
.header("string")
.build())
.build())
.securityHeadersConfig(ResponseHeadersPolicySecurityHeadersConfigArgs.builder()
.contentSecurityPolicy(ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicyArgs.builder()
.contentSecurityPolicy("string")
.override(false)
.build())
.contentTypeOptions(ResponseHeadersPolicySecurityHeadersConfigContentTypeOptionsArgs.builder()
.override(false)
.build())
.frameOptions(ResponseHeadersPolicySecurityHeadersConfigFrameOptionsArgs.builder()
.frameOption("string")
.override(false)
.build())
.referrerPolicy(ResponseHeadersPolicySecurityHeadersConfigReferrerPolicyArgs.builder()
.override(false)
.referrerPolicy("string")
.build())
.strictTransportSecurity(ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurityArgs.builder()
.accessControlMaxAgeSec(0)
.override(false)
.includeSubdomains(false)
.preload(false)
.build())
.xssProtection(ResponseHeadersPolicySecurityHeadersConfigXssProtectionArgs.builder()
.override(false)
.protection(false)
.modeBlock(false)
.reportUri("string")
.build())
.build())
.serverTimingHeadersConfig(ResponseHeadersPolicyServerTimingHeadersConfigArgs.builder()
.enabled(false)
.samplingRate(0)
.build())
.build());
response_headers_policy_resource = aws.cloudfront.ResponseHeadersPolicy("responseHeadersPolicyResource",
comment="string",
cors_config={
"access_control_allow_credentials": False,
"access_control_allow_headers": {
"items": ["string"],
},
"access_control_allow_methods": {
"items": ["string"],
},
"access_control_allow_origins": {
"items": ["string"],
},
"origin_override": False,
"access_control_expose_headers": {
"items": ["string"],
},
"access_control_max_age_sec": 0,
},
custom_headers_config={
"items": [{
"header": "string",
"override": False,
"value": "string",
}],
},
etag="string",
name="string",
remove_headers_config={
"items": [{
"header": "string",
}],
},
security_headers_config={
"content_security_policy": {
"content_security_policy": "string",
"override": False,
},
"content_type_options": {
"override": False,
},
"frame_options": {
"frame_option": "string",
"override": False,
},
"referrer_policy": {
"override": False,
"referrer_policy": "string",
},
"strict_transport_security": {
"access_control_max_age_sec": 0,
"override": False,
"include_subdomains": False,
"preload": False,
},
"xss_protection": {
"override": False,
"protection": False,
"mode_block": False,
"report_uri": "string",
},
},
server_timing_headers_config={
"enabled": False,
"sampling_rate": 0,
})
const responseHeadersPolicyResource = new aws.cloudfront.ResponseHeadersPolicy("responseHeadersPolicyResource", {
comment: "string",
corsConfig: {
accessControlAllowCredentials: false,
accessControlAllowHeaders: {
items: ["string"],
},
accessControlAllowMethods: {
items: ["string"],
},
accessControlAllowOrigins: {
items: ["string"],
},
originOverride: false,
accessControlExposeHeaders: {
items: ["string"],
},
accessControlMaxAgeSec: 0,
},
customHeadersConfig: {
items: [{
header: "string",
override: false,
value: "string",
}],
},
etag: "string",
name: "string",
removeHeadersConfig: {
items: [{
header: "string",
}],
},
securityHeadersConfig: {
contentSecurityPolicy: {
contentSecurityPolicy: "string",
override: false,
},
contentTypeOptions: {
override: false,
},
frameOptions: {
frameOption: "string",
override: false,
},
referrerPolicy: {
override: false,
referrerPolicy: "string",
},
strictTransportSecurity: {
accessControlMaxAgeSec: 0,
override: false,
includeSubdomains: false,
preload: false,
},
xssProtection: {
override: false,
protection: false,
modeBlock: false,
reportUri: "string",
},
},
serverTimingHeadersConfig: {
enabled: false,
samplingRate: 0,
},
});
type: aws:cloudfront:ResponseHeadersPolicy
properties:
comment: string
corsConfig:
accessControlAllowCredentials: false
accessControlAllowHeaders:
items:
- string
accessControlAllowMethods:
items:
- string
accessControlAllowOrigins:
items:
- string
accessControlExposeHeaders:
items:
- string
accessControlMaxAgeSec: 0
originOverride: false
customHeadersConfig:
items:
- header: string
override: false
value: string
etag: string
name: string
removeHeadersConfig:
items:
- header: string
securityHeadersConfig:
contentSecurityPolicy:
contentSecurityPolicy: string
override: false
contentTypeOptions:
override: false
frameOptions:
frameOption: string
override: false
referrerPolicy:
override: false
referrerPolicy: string
strictTransportSecurity:
accessControlMaxAgeSec: 0
includeSubdomains: false
override: false
preload: false
xssProtection:
modeBlock: false
override: false
protection: false
reportUri: string
serverTimingHeadersConfig:
enabled: false
samplingRate: 0
ResponseHeadersPolicy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The ResponseHeadersPolicy resource accepts the following input properties:
- Comment string
- A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
- Cors
Config ResponseHeaders Policy Cors Config - A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
- Custom
Headers ResponseConfig Headers Policy Custom Headers Config - Object that contains an attribute
itemsthat contains a list of custom headers. See Custom Header for more information. - Etag string
- The current version of the response headers policy.
- Name string
- A unique name to identify the response headers policy.
- Remove
Headers ResponseConfig Headers Policy Remove Headers Config - A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute
itemsthat contains a list of headers. See Remove Header for more information. - Security
Headers ResponseConfig Headers Policy Security Headers Config - A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
- Server
Timing ResponseHeaders Config Headers Policy Server Timing Headers Config - A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
- Comment string
- A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
- Cors
Config ResponseHeaders Policy Cors Config Args - A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
- Custom
Headers ResponseConfig Headers Policy Custom Headers Config Args - Object that contains an attribute
itemsthat contains a list of custom headers. See Custom Header for more information. - Etag string
- The current version of the response headers policy.
- Name string
- A unique name to identify the response headers policy.
- Remove
Headers ResponseConfig Headers Policy Remove Headers Config Args - A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute
itemsthat contains a list of headers. See Remove Header for more information. - Security
Headers ResponseConfig Headers Policy Security Headers Config Args - A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
- Server
Timing ResponseHeaders Config Headers Policy Server Timing Headers Config Args - A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
- comment String
- A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
- cors
Config ResponseHeaders Policy Cors Config - A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
- custom
Headers ResponseConfig Headers Policy Custom Headers Config - Object that contains an attribute
itemsthat contains a list of custom headers. See Custom Header for more information. - etag String
- The current version of the response headers policy.
- name String
- A unique name to identify the response headers policy.
- remove
Headers ResponseConfig Headers Policy Remove Headers Config - A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute
itemsthat contains a list of headers. See Remove Header for more information. - security
Headers ResponseConfig Headers Policy Security Headers Config - A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
- server
Timing ResponseHeaders Config Headers Policy Server Timing Headers Config - A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
- comment string
- A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
- cors
Config ResponseHeaders Policy Cors Config - A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
- custom
Headers ResponseConfig Headers Policy Custom Headers Config - Object that contains an attribute
itemsthat contains a list of custom headers. See Custom Header for more information. - etag string
- The current version of the response headers policy.
- name string
- A unique name to identify the response headers policy.
- remove
Headers ResponseConfig Headers Policy Remove Headers Config - A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute
itemsthat contains a list of headers. See Remove Header for more information. - security
Headers ResponseConfig Headers Policy Security Headers Config - A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
- server
Timing ResponseHeaders Config Headers Policy Server Timing Headers Config - A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
- comment str
- A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
- cors_
config ResponseHeaders Policy Cors Config Args - A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
- custom_
headers_ Responseconfig Headers Policy Custom Headers Config Args - Object that contains an attribute
itemsthat contains a list of custom headers. See Custom Header for more information. - etag str
- The current version of the response headers policy.
- name str
- A unique name to identify the response headers policy.
- remove_
headers_ Responseconfig Headers Policy Remove Headers Config Args - A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute
itemsthat contains a list of headers. See Remove Header for more information. - security_
headers_ Responseconfig Headers Policy Security Headers Config Args - A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
- server_
timing_ Responseheaders_ config Headers Policy Server Timing Headers Config Args - A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
- comment String
- A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
- cors
Config Property Map - A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
- custom
Headers Property MapConfig - Object that contains an attribute
itemsthat contains a list of custom headers. See Custom Header for more information. - etag String
- The current version of the response headers policy.
- name String
- A unique name to identify the response headers policy.
- remove
Headers Property MapConfig - A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute
itemsthat contains a list of headers. See Remove Header for more information. - security
Headers Property MapConfig - A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
- server
Timing Property MapHeaders Config - A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
Outputs
All input properties are implicitly available as output properties. Additionally, the ResponseHeadersPolicy resource produces the following output properties:
Look up Existing ResponseHeadersPolicy Resource
Get an existing ResponseHeadersPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ResponseHeadersPolicyState, opts?: CustomResourceOptions): ResponseHeadersPolicy@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
arn: Optional[str] = None,
comment: Optional[str] = None,
cors_config: Optional[ResponseHeadersPolicyCorsConfigArgs] = None,
custom_headers_config: Optional[ResponseHeadersPolicyCustomHeadersConfigArgs] = None,
etag: Optional[str] = None,
name: Optional[str] = None,
remove_headers_config: Optional[ResponseHeadersPolicyRemoveHeadersConfigArgs] = None,
security_headers_config: Optional[ResponseHeadersPolicySecurityHeadersConfigArgs] = None,
server_timing_headers_config: Optional[ResponseHeadersPolicyServerTimingHeadersConfigArgs] = None) -> ResponseHeadersPolicyfunc GetResponseHeadersPolicy(ctx *Context, name string, id IDInput, state *ResponseHeadersPolicyState, opts ...ResourceOption) (*ResponseHeadersPolicy, error)public static ResponseHeadersPolicy Get(string name, Input<string> id, ResponseHeadersPolicyState? state, CustomResourceOptions? opts = null)public static ResponseHeadersPolicy get(String name, Output<String> id, ResponseHeadersPolicyState state, CustomResourceOptions options)resources: _: type: aws:cloudfront:ResponseHeadersPolicy get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Arn string
- The response headers policy ARN.
- Comment string
- A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
- Cors
Config ResponseHeaders Policy Cors Config - A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
- Custom
Headers ResponseConfig Headers Policy Custom Headers Config - Object that contains an attribute
itemsthat contains a list of custom headers. See Custom Header for more information. - Etag string
- The current version of the response headers policy.
- Name string
- A unique name to identify the response headers policy.
- Remove
Headers ResponseConfig Headers Policy Remove Headers Config - A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute
itemsthat contains a list of headers. See Remove Header for more information. - Security
Headers ResponseConfig Headers Policy Security Headers Config - A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
- Server
Timing ResponseHeaders Config Headers Policy Server Timing Headers Config - A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
- Arn string
- The response headers policy ARN.
- Comment string
- A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
- Cors
Config ResponseHeaders Policy Cors Config Args - A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
- Custom
Headers ResponseConfig Headers Policy Custom Headers Config Args - Object that contains an attribute
itemsthat contains a list of custom headers. See Custom Header for more information. - Etag string
- The current version of the response headers policy.
- Name string
- A unique name to identify the response headers policy.
- Remove
Headers ResponseConfig Headers Policy Remove Headers Config Args - A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute
itemsthat contains a list of headers. See Remove Header for more information. - Security
Headers ResponseConfig Headers Policy Security Headers Config Args - A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
- Server
Timing ResponseHeaders Config Headers Policy Server Timing Headers Config Args - A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
- arn String
- The response headers policy ARN.
- comment String
- A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
- cors
Config ResponseHeaders Policy Cors Config - A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
- custom
Headers ResponseConfig Headers Policy Custom Headers Config - Object that contains an attribute
itemsthat contains a list of custom headers. See Custom Header for more information. - etag String
- The current version of the response headers policy.
- name String
- A unique name to identify the response headers policy.
- remove
Headers ResponseConfig Headers Policy Remove Headers Config - A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute
itemsthat contains a list of headers. See Remove Header for more information. - security
Headers ResponseConfig Headers Policy Security Headers Config - A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
- server
Timing ResponseHeaders Config Headers Policy Server Timing Headers Config - A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
- arn string
- The response headers policy ARN.
- comment string
- A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
- cors
Config ResponseHeaders Policy Cors Config - A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
- custom
Headers ResponseConfig Headers Policy Custom Headers Config - Object that contains an attribute
itemsthat contains a list of custom headers. See Custom Header for more information. - etag string
- The current version of the response headers policy.
- name string
- A unique name to identify the response headers policy.
- remove
Headers ResponseConfig Headers Policy Remove Headers Config - A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute
itemsthat contains a list of headers. See Remove Header for more information. - security
Headers ResponseConfig Headers Policy Security Headers Config - A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
- server
Timing ResponseHeaders Config Headers Policy Server Timing Headers Config - A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
- arn str
- The response headers policy ARN.
- comment str
- A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
- cors_
config ResponseHeaders Policy Cors Config Args - A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
- custom_
headers_ Responseconfig Headers Policy Custom Headers Config Args - Object that contains an attribute
itemsthat contains a list of custom headers. See Custom Header for more information. - etag str
- The current version of the response headers policy.
- name str
- A unique name to identify the response headers policy.
- remove_
headers_ Responseconfig Headers Policy Remove Headers Config Args - A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute
itemsthat contains a list of headers. See Remove Header for more information. - security_
headers_ Responseconfig Headers Policy Security Headers Config Args - A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
- server_
timing_ Responseheaders_ config Headers Policy Server Timing Headers Config Args - A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
- arn String
- The response headers policy ARN.
- comment String
- A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
- cors
Config Property Map - A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
- custom
Headers Property MapConfig - Object that contains an attribute
itemsthat contains a list of custom headers. See Custom Header for more information. - etag String
- The current version of the response headers policy.
- name String
- A unique name to identify the response headers policy.
- remove
Headers Property MapConfig - A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute
itemsthat contains a list of headers. See Remove Header for more information. - security
Headers Property MapConfig - A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
- server
Timing Property MapHeaders Config - A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
Supporting Types
ResponseHeadersPolicyCorsConfig, ResponseHeadersPolicyCorsConfigArgs
- Access
Control boolAllow Credentials - A Boolean value that CloudFront uses as the value for the
Access-Control-Allow-CredentialsHTTP response header. - Access
Control ResponseAllow Headers Headers Policy Cors Config Access Control Allow Headers - Object that contains an attribute
itemsthat contains a list of HTTP header names that CloudFront includes as values for theAccess-Control-Allow-HeadersHTTP response header. - Access
Control ResponseAllow Methods Headers Policy Cors Config Access Control Allow Methods - Object that contains an attribute
itemsthat contains a list of HTTP methods that CloudFront includes as values for theAccess-Control-Allow-MethodsHTTP response header. Valid values:GET|POST|OPTIONS|PUT|DELETE|HEAD|ALL - Access
Control ResponseAllow Origins Headers Policy Cors Config Access Control Allow Origins - Object that contains an attribute
itemsthat contains a list of origins that CloudFront can use as the value for theAccess-Control-Allow-OriginHTTP response header. - Origin
Override bool - A Boolean value that determines how CloudFront behaves for the HTTP response header.
- Access
Control ResponseExpose Headers Headers Policy Cors Config Access Control Expose Headers - Object that contains an attribute
itemsthat contains a list of HTTP headers that CloudFront includes as values for theAccess-Control-Expose-HeadersHTTP response header. - Access
Control intMax Age Sec - A number that CloudFront uses as the value for the
Access-Control-Max-AgeHTTP response header.
- Access
Control boolAllow Credentials - A Boolean value that CloudFront uses as the value for the
Access-Control-Allow-CredentialsHTTP response header. - Access
Control ResponseAllow Headers Headers Policy Cors Config Access Control Allow Headers - Object that contains an attribute
itemsthat contains a list of HTTP header names that CloudFront includes as values for theAccess-Control-Allow-HeadersHTTP response header. - Access
Control ResponseAllow Methods Headers Policy Cors Config Access Control Allow Methods - Object that contains an attribute
itemsthat contains a list of HTTP methods that CloudFront includes as values for theAccess-Control-Allow-MethodsHTTP response header. Valid values:GET|POST|OPTIONS|PUT|DELETE|HEAD|ALL - Access
Control ResponseAllow Origins Headers Policy Cors Config Access Control Allow Origins - Object that contains an attribute
itemsthat contains a list of origins that CloudFront can use as the value for theAccess-Control-Allow-OriginHTTP response header. - Origin
Override bool - A Boolean value that determines how CloudFront behaves for the HTTP response header.
- Access
Control ResponseExpose Headers Headers Policy Cors Config Access Control Expose Headers - Object that contains an attribute
itemsthat contains a list of HTTP headers that CloudFront includes as values for theAccess-Control-Expose-HeadersHTTP response header. - Access
Control intMax Age Sec - A number that CloudFront uses as the value for the
Access-Control-Max-AgeHTTP response header.
- access
Control BooleanAllow Credentials - A Boolean value that CloudFront uses as the value for the
Access-Control-Allow-CredentialsHTTP response header. - access
Control ResponseAllow Headers Headers Policy Cors Config Access Control Allow Headers - Object that contains an attribute
itemsthat contains a list of HTTP header names that CloudFront includes as values for theAccess-Control-Allow-HeadersHTTP response header. - access
Control ResponseAllow Methods Headers Policy Cors Config Access Control Allow Methods - Object that contains an attribute
itemsthat contains a list of HTTP methods that CloudFront includes as values for theAccess-Control-Allow-MethodsHTTP response header. Valid values:GET|POST|OPTIONS|PUT|DELETE|HEAD|ALL - access
Control ResponseAllow Origins Headers Policy Cors Config Access Control Allow Origins - Object that contains an attribute
itemsthat contains a list of origins that CloudFront can use as the value for theAccess-Control-Allow-OriginHTTP response header. - origin
Override Boolean - A Boolean value that determines how CloudFront behaves for the HTTP response header.
- access
Control ResponseExpose Headers Headers Policy Cors Config Access Control Expose Headers - Object that contains an attribute
itemsthat contains a list of HTTP headers that CloudFront includes as values for theAccess-Control-Expose-HeadersHTTP response header. - access
Control IntegerMax Age Sec - A number that CloudFront uses as the value for the
Access-Control-Max-AgeHTTP response header.
- access
Control booleanAllow Credentials - A Boolean value that CloudFront uses as the value for the
Access-Control-Allow-CredentialsHTTP response header. - access
Control ResponseAllow Headers Headers Policy Cors Config Access Control Allow Headers - Object that contains an attribute
itemsthat contains a list of HTTP header names that CloudFront includes as values for theAccess-Control-Allow-HeadersHTTP response header. - access
Control ResponseAllow Methods Headers Policy Cors Config Access Control Allow Methods - Object that contains an attribute
itemsthat contains a list of HTTP methods that CloudFront includes as values for theAccess-Control-Allow-MethodsHTTP response header. Valid values:GET|POST|OPTIONS|PUT|DELETE|HEAD|ALL - access
Control ResponseAllow Origins Headers Policy Cors Config Access Control Allow Origins - Object that contains an attribute
itemsthat contains a list of origins that CloudFront can use as the value for theAccess-Control-Allow-OriginHTTP response header. - origin
Override boolean - A Boolean value that determines how CloudFront behaves for the HTTP response header.
- access
Control ResponseExpose Headers Headers Policy Cors Config Access Control Expose Headers - Object that contains an attribute
itemsthat contains a list of HTTP headers that CloudFront includes as values for theAccess-Control-Expose-HeadersHTTP response header. - access
Control numberMax Age Sec - A number that CloudFront uses as the value for the
Access-Control-Max-AgeHTTP response header.
- access_
control_ boolallow_ credentials - A Boolean value that CloudFront uses as the value for the
Access-Control-Allow-CredentialsHTTP response header. - access_
control_ Responseallow_ headers Headers Policy Cors Config Access Control Allow Headers - Object that contains an attribute
itemsthat contains a list of HTTP header names that CloudFront includes as values for theAccess-Control-Allow-HeadersHTTP response header. - access_
control_ Responseallow_ methods Headers Policy Cors Config Access Control Allow Methods - Object that contains an attribute
itemsthat contains a list of HTTP methods that CloudFront includes as values for theAccess-Control-Allow-MethodsHTTP response header. Valid values:GET|POST|OPTIONS|PUT|DELETE|HEAD|ALL - access_
control_ Responseallow_ origins Headers Policy Cors Config Access Control Allow Origins - Object that contains an attribute
itemsthat contains a list of origins that CloudFront can use as the value for theAccess-Control-Allow-OriginHTTP response header. - origin_
override bool - A Boolean value that determines how CloudFront behaves for the HTTP response header.
- access_
control_ Responseexpose_ headers Headers Policy Cors Config Access Control Expose Headers - Object that contains an attribute
itemsthat contains a list of HTTP headers that CloudFront includes as values for theAccess-Control-Expose-HeadersHTTP response header. - access_
control_ intmax_ age_ sec - A number that CloudFront uses as the value for the
Access-Control-Max-AgeHTTP response header.
- access
Control BooleanAllow Credentials - A Boolean value that CloudFront uses as the value for the
Access-Control-Allow-CredentialsHTTP response header. - access
Control Property MapAllow Headers - Object that contains an attribute
itemsthat contains a list of HTTP header names that CloudFront includes as values for theAccess-Control-Allow-HeadersHTTP response header. - access
Control Property MapAllow Methods - Object that contains an attribute
itemsthat contains a list of HTTP methods that CloudFront includes as values for theAccess-Control-Allow-MethodsHTTP response header. Valid values:GET|POST|OPTIONS|PUT|DELETE|HEAD|ALL - access
Control Property MapAllow Origins - Object that contains an attribute
itemsthat contains a list of origins that CloudFront can use as the value for theAccess-Control-Allow-OriginHTTP response header. - origin
Override Boolean - A Boolean value that determines how CloudFront behaves for the HTTP response header.
- access
Control Property MapExpose Headers - Object that contains an attribute
itemsthat contains a list of HTTP headers that CloudFront includes as values for theAccess-Control-Expose-HeadersHTTP response header. - access
Control NumberMax Age Sec - A number that CloudFront uses as the value for the
Access-Control-Max-AgeHTTP response header.
ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders, ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs
- Items List<string>
- Items []string
- items List<String>
- items string[]
- items Sequence[str]
- items List<String>
ResponseHeadersPolicyCorsConfigAccessControlAllowMethods, ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs
- Items List<string>
- Items []string
- items List<String>
- items string[]
- items Sequence[str]
- items List<String>
ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins, ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs
- Items List<string>
- Items []string
- items List<String>
- items string[]
- items Sequence[str]
- items List<String>
ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders, ResponseHeadersPolicyCorsConfigAccessControlExposeHeadersArgs
- Items List<string>
- Items []string
- items List<String>
- items string[]
- items Sequence[str]
- items List<String>
ResponseHeadersPolicyCustomHeadersConfig, ResponseHeadersPolicyCustomHeadersConfigArgs
ResponseHeadersPolicyCustomHeadersConfigItem, ResponseHeadersPolicyCustomHeadersConfigItemArgs
ResponseHeadersPolicyRemoveHeadersConfig, ResponseHeadersPolicyRemoveHeadersConfigArgs
ResponseHeadersPolicyRemoveHeadersConfigItem, ResponseHeadersPolicyRemoveHeadersConfigItemArgs
- Header string
- Header string
- header String
- header string
- header str
- header String
ResponseHeadersPolicySecurityHeadersConfig, ResponseHeadersPolicySecurityHeadersConfigArgs
- Content
Security ResponsePolicy Headers Policy Security Headers Config Content Security Policy - The policy directives and their values that CloudFront includes as values for the
Content-Security-PolicyHTTP response header. See Content Security Policy for more information. - Content
Type ResponseOptions Headers Policy Security Headers Config Content Type Options - Determines whether CloudFront includes the
X-Content-Type-OptionsHTTP response header with its value set tonosniff. See Content Type Options for more information. - Frame
Options ResponseHeaders Policy Security Headers Config Frame Options - Determines whether CloudFront includes the
X-Frame-OptionsHTTP response header and the header’s value. See Frame Options for more information. - Referrer
Policy ResponseHeaders Policy Security Headers Config Referrer Policy - Determines whether CloudFront includes the
Referrer-PolicyHTTP response header and the header’s value. See Referrer Policy for more information. - Strict
Transport ResponseSecurity Headers Policy Security Headers Config Strict Transport Security - Determines whether CloudFront includes the
Strict-Transport-SecurityHTTP response header and the header’s value. See Strict Transport Security for more information. - Xss
Protection ResponseHeaders Policy Security Headers Config Xss Protection - Determine whether CloudFront includes the
X-XSS-ProtectionHTTP response header and the header’s value. See XSS Protection for more information.
- Content
Security ResponsePolicy Headers Policy Security Headers Config Content Security Policy - The policy directives and their values that CloudFront includes as values for the
Content-Security-PolicyHTTP response header. See Content Security Policy for more information. - Content
Type ResponseOptions Headers Policy Security Headers Config Content Type Options - Determines whether CloudFront includes the
X-Content-Type-OptionsHTTP response header with its value set tonosniff. See Content Type Options for more information. - Frame
Options ResponseHeaders Policy Security Headers Config Frame Options - Determines whether CloudFront includes the
X-Frame-OptionsHTTP response header and the header’s value. See Frame Options for more information. - Referrer
Policy ResponseHeaders Policy Security Headers Config Referrer Policy - Determines whether CloudFront includes the
Referrer-PolicyHTTP response header and the header’s value. See Referrer Policy for more information. - Strict
Transport ResponseSecurity Headers Policy Security Headers Config Strict Transport Security - Determines whether CloudFront includes the
Strict-Transport-SecurityHTTP response header and the header’s value. See Strict Transport Security for more information. - Xss
Protection ResponseHeaders Policy Security Headers Config Xss Protection - Determine whether CloudFront includes the
X-XSS-ProtectionHTTP response header and the header’s value. See XSS Protection for more information.
- content
Security ResponsePolicy Headers Policy Security Headers Config Content Security Policy - The policy directives and their values that CloudFront includes as values for the
Content-Security-PolicyHTTP response header. See Content Security Policy for more information. - content
Type ResponseOptions Headers Policy Security Headers Config Content Type Options - Determines whether CloudFront includes the
X-Content-Type-OptionsHTTP response header with its value set tonosniff. See Content Type Options for more information. - frame
Options ResponseHeaders Policy Security Headers Config Frame Options - Determines whether CloudFront includes the
X-Frame-OptionsHTTP response header and the header’s value. See Frame Options for more information. - referrer
Policy ResponseHeaders Policy Security Headers Config Referrer Policy - Determines whether CloudFront includes the
Referrer-PolicyHTTP response header and the header’s value. See Referrer Policy for more information. - strict
Transport ResponseSecurity Headers Policy Security Headers Config Strict Transport Security - Determines whether CloudFront includes the
Strict-Transport-SecurityHTTP response header and the header’s value. See Strict Transport Security for more information. - xss
Protection ResponseHeaders Policy Security Headers Config Xss Protection - Determine whether CloudFront includes the
X-XSS-ProtectionHTTP response header and the header’s value. See XSS Protection for more information.
- content
Security ResponsePolicy Headers Policy Security Headers Config Content Security Policy - The policy directives and their values that CloudFront includes as values for the
Content-Security-PolicyHTTP response header. See Content Security Policy for more information. - content
Type ResponseOptions Headers Policy Security Headers Config Content Type Options - Determines whether CloudFront includes the
X-Content-Type-OptionsHTTP response header with its value set tonosniff. See Content Type Options for more information. - frame
Options ResponseHeaders Policy Security Headers Config Frame Options - Determines whether CloudFront includes the
X-Frame-OptionsHTTP response header and the header’s value. See Frame Options for more information. - referrer
Policy ResponseHeaders Policy Security Headers Config Referrer Policy - Determines whether CloudFront includes the
Referrer-PolicyHTTP response header and the header’s value. See Referrer Policy for more information. - strict
Transport ResponseSecurity Headers Policy Security Headers Config Strict Transport Security - Determines whether CloudFront includes the
Strict-Transport-SecurityHTTP response header and the header’s value. See Strict Transport Security for more information. - xss
Protection ResponseHeaders Policy Security Headers Config Xss Protection - Determine whether CloudFront includes the
X-XSS-ProtectionHTTP response header and the header’s value. See XSS Protection for more information.
- content_
security_ Responsepolicy Headers Policy Security Headers Config Content Security Policy - The policy directives and their values that CloudFront includes as values for the
Content-Security-PolicyHTTP response header. See Content Security Policy for more information. - content_
type_ Responseoptions Headers Policy Security Headers Config Content Type Options - Determines whether CloudFront includes the
X-Content-Type-OptionsHTTP response header with its value set tonosniff. See Content Type Options for more information. - frame_
options ResponseHeaders Policy Security Headers Config Frame Options - Determines whether CloudFront includes the
X-Frame-OptionsHTTP response header and the header’s value. See Frame Options for more information. - referrer_
policy ResponseHeaders Policy Security Headers Config Referrer Policy - Determines whether CloudFront includes the
Referrer-PolicyHTTP response header and the header’s value. See Referrer Policy for more information. - strict_
transport_ Responsesecurity Headers Policy Security Headers Config Strict Transport Security - Determines whether CloudFront includes the
Strict-Transport-SecurityHTTP response header and the header’s value. See Strict Transport Security for more information. - xss_
protection ResponseHeaders Policy Security Headers Config Xss Protection - Determine whether CloudFront includes the
X-XSS-ProtectionHTTP response header and the header’s value. See XSS Protection for more information.
- content
Security Property MapPolicy - The policy directives and their values that CloudFront includes as values for the
Content-Security-PolicyHTTP response header. See Content Security Policy for more information. - content
Type Property MapOptions - Determines whether CloudFront includes the
X-Content-Type-OptionsHTTP response header with its value set tonosniff. See Content Type Options for more information. - frame
Options Property Map - Determines whether CloudFront includes the
X-Frame-OptionsHTTP response header and the header’s value. See Frame Options for more information. - referrer
Policy Property Map - Determines whether CloudFront includes the
Referrer-PolicyHTTP response header and the header’s value. See Referrer Policy for more information. - strict
Transport Property MapSecurity - Determines whether CloudFront includes the
Strict-Transport-SecurityHTTP response header and the header’s value. See Strict Transport Security for more information. - xss
Protection Property Map - Determine whether CloudFront includes the
X-XSS-ProtectionHTTP response header and the header’s value. See XSS Protection for more information.
ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy, ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicyArgs
- Content
Security stringPolicy - The policy directives and their values that CloudFront includes as values for the
Content-Security-PolicyHTTP response header. - Override bool
- Whether CloudFront overrides the
Content-Security-PolicyHTTP response header received from the origin with the one specified in this response headers policy.
- Content
Security stringPolicy - The policy directives and their values that CloudFront includes as values for the
Content-Security-PolicyHTTP response header. - Override bool
- Whether CloudFront overrides the
Content-Security-PolicyHTTP response header received from the origin with the one specified in this response headers policy.
- content
Security StringPolicy - The policy directives and their values that CloudFront includes as values for the
Content-Security-PolicyHTTP response header. - override Boolean
- Whether CloudFront overrides the
Content-Security-PolicyHTTP response header received from the origin with the one specified in this response headers policy.
- content
Security stringPolicy - The policy directives and their values that CloudFront includes as values for the
Content-Security-PolicyHTTP response header. - override boolean
- Whether CloudFront overrides the
Content-Security-PolicyHTTP response header received from the origin with the one specified in this response headers policy.
- content_
security_ strpolicy - The policy directives and their values that CloudFront includes as values for the
Content-Security-PolicyHTTP response header. - override bool
- Whether CloudFront overrides the
Content-Security-PolicyHTTP response header received from the origin with the one specified in this response headers policy.
- content
Security StringPolicy - The policy directives and their values that CloudFront includes as values for the
Content-Security-PolicyHTTP response header. - override Boolean
- Whether CloudFront overrides the
Content-Security-PolicyHTTP response header received from the origin with the one specified in this response headers policy.
ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions, ResponseHeadersPolicySecurityHeadersConfigContentTypeOptionsArgs
- Override bool
- Whether CloudFront overrides the
X-Content-Type-OptionsHTTP response header received from the origin with the one specified in this response headers policy.
- Override bool
- Whether CloudFront overrides the
X-Content-Type-OptionsHTTP response header received from the origin with the one specified in this response headers policy.
- override Boolean
- Whether CloudFront overrides the
X-Content-Type-OptionsHTTP response header received from the origin with the one specified in this response headers policy.
- override boolean
- Whether CloudFront overrides the
X-Content-Type-OptionsHTTP response header received from the origin with the one specified in this response headers policy.
- override bool
- Whether CloudFront overrides the
X-Content-Type-OptionsHTTP response header received from the origin with the one specified in this response headers policy.
- override Boolean
- Whether CloudFront overrides the
X-Content-Type-OptionsHTTP response header received from the origin with the one specified in this response headers policy.
ResponseHeadersPolicySecurityHeadersConfigFrameOptions, ResponseHeadersPolicySecurityHeadersConfigFrameOptionsArgs
- Frame
Option string - The value of the
X-Frame-OptionsHTTP response header. Valid values:DENY|SAMEORIGIN - Override bool
- Whether CloudFront overrides the
X-Frame-OptionsHTTP response header received from the origin with the one specified in this response headers policy.
- Frame
Option string - The value of the
X-Frame-OptionsHTTP response header. Valid values:DENY|SAMEORIGIN - Override bool
- Whether CloudFront overrides the
X-Frame-OptionsHTTP response header received from the origin with the one specified in this response headers policy.
- frame
Option String - The value of the
X-Frame-OptionsHTTP response header. Valid values:DENY|SAMEORIGIN - override Boolean
- Whether CloudFront overrides the
X-Frame-OptionsHTTP response header received from the origin with the one specified in this response headers policy.
- frame
Option string - The value of the
X-Frame-OptionsHTTP response header. Valid values:DENY|SAMEORIGIN - override boolean
- Whether CloudFront overrides the
X-Frame-OptionsHTTP response header received from the origin with the one specified in this response headers policy.
- frame_
option str - The value of the
X-Frame-OptionsHTTP response header. Valid values:DENY|SAMEORIGIN - override bool
- Whether CloudFront overrides the
X-Frame-OptionsHTTP response header received from the origin with the one specified in this response headers policy.
- frame
Option String - The value of the
X-Frame-OptionsHTTP response header. Valid values:DENY|SAMEORIGIN - override Boolean
- Whether CloudFront overrides the
X-Frame-OptionsHTTP response header received from the origin with the one specified in this response headers policy.
ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy, ResponseHeadersPolicySecurityHeadersConfigReferrerPolicyArgs
- Override bool
- Whether CloudFront overrides the
Referrer-PolicyHTTP response header received from the origin with the one specified in this response headers policy. - Referrer
Policy string - The value of the
Referrer-PolicyHTTP response header. Valid Values:no-referrer|no-referrer-when-downgrade|origin|origin-when-cross-origin|same-origin|strict-origin|strict-origin-when-cross-origin|unsafe-url
- Override bool
- Whether CloudFront overrides the
Referrer-PolicyHTTP response header received from the origin with the one specified in this response headers policy. - Referrer
Policy string - The value of the
Referrer-PolicyHTTP response header. Valid Values:no-referrer|no-referrer-when-downgrade|origin|origin-when-cross-origin|same-origin|strict-origin|strict-origin-when-cross-origin|unsafe-url
- override Boolean
- Whether CloudFront overrides the
Referrer-PolicyHTTP response header received from the origin with the one specified in this response headers policy. - referrer
Policy String - The value of the
Referrer-PolicyHTTP response header. Valid Values:no-referrer|no-referrer-when-downgrade|origin|origin-when-cross-origin|same-origin|strict-origin|strict-origin-when-cross-origin|unsafe-url
- override boolean
- Whether CloudFront overrides the
Referrer-PolicyHTTP response header received from the origin with the one specified in this response headers policy. - referrer
Policy string - The value of the
Referrer-PolicyHTTP response header. Valid Values:no-referrer|no-referrer-when-downgrade|origin|origin-when-cross-origin|same-origin|strict-origin|strict-origin-when-cross-origin|unsafe-url
- override bool
- Whether CloudFront overrides the
Referrer-PolicyHTTP response header received from the origin with the one specified in this response headers policy. - referrer_
policy str - The value of the
Referrer-PolicyHTTP response header. Valid Values:no-referrer|no-referrer-when-downgrade|origin|origin-when-cross-origin|same-origin|strict-origin|strict-origin-when-cross-origin|unsafe-url
- override Boolean
- Whether CloudFront overrides the
Referrer-PolicyHTTP response header received from the origin with the one specified in this response headers policy. - referrer
Policy String - The value of the
Referrer-PolicyHTTP response header. Valid Values:no-referrer|no-referrer-when-downgrade|origin|origin-when-cross-origin|same-origin|strict-origin|strict-origin-when-cross-origin|unsafe-url
ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity, ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurityArgs
- Access
Control intMax Age Sec - A number that CloudFront uses as the value for the
max-agedirective in theStrict-Transport-SecurityHTTP response header. - Override bool
- Whether CloudFront overrides the
Strict-Transport-SecurityHTTP response header received from the origin with the one specified in this response headers policy. - Include
Subdomains bool - Whether CloudFront includes the
includeSubDomainsdirective in theStrict-Transport-SecurityHTTP response header. - Preload bool
- Whether CloudFront includes the
preloaddirective in theStrict-Transport-SecurityHTTP response header.
- Access
Control intMax Age Sec - A number that CloudFront uses as the value for the
max-agedirective in theStrict-Transport-SecurityHTTP response header. - Override bool
- Whether CloudFront overrides the
Strict-Transport-SecurityHTTP response header received from the origin with the one specified in this response headers policy. - Include
Subdomains bool - Whether CloudFront includes the
includeSubDomainsdirective in theStrict-Transport-SecurityHTTP response header. - Preload bool
- Whether CloudFront includes the
preloaddirective in theStrict-Transport-SecurityHTTP response header.
- access
Control IntegerMax Age Sec - A number that CloudFront uses as the value for the
max-agedirective in theStrict-Transport-SecurityHTTP response header. - override Boolean
- Whether CloudFront overrides the
Strict-Transport-SecurityHTTP response header received from the origin with the one specified in this response headers policy. - include
Subdomains Boolean - Whether CloudFront includes the
includeSubDomainsdirective in theStrict-Transport-SecurityHTTP response header. - preload Boolean
- Whether CloudFront includes the
preloaddirective in theStrict-Transport-SecurityHTTP response header.
- access
Control numberMax Age Sec - A number that CloudFront uses as the value for the
max-agedirective in theStrict-Transport-SecurityHTTP response header. - override boolean
- Whether CloudFront overrides the
Strict-Transport-SecurityHTTP response header received from the origin with the one specified in this response headers policy. - include
Subdomains boolean - Whether CloudFront includes the
includeSubDomainsdirective in theStrict-Transport-SecurityHTTP response header. - preload boolean
- Whether CloudFront includes the
preloaddirective in theStrict-Transport-SecurityHTTP response header.
- access_
control_ intmax_ age_ sec - A number that CloudFront uses as the value for the
max-agedirective in theStrict-Transport-SecurityHTTP response header. - override bool
- Whether CloudFront overrides the
Strict-Transport-SecurityHTTP response header received from the origin with the one specified in this response headers policy. - include_
subdomains bool - Whether CloudFront includes the
includeSubDomainsdirective in theStrict-Transport-SecurityHTTP response header. - preload bool
- Whether CloudFront includes the
preloaddirective in theStrict-Transport-SecurityHTTP response header.
- access
Control NumberMax Age Sec - A number that CloudFront uses as the value for the
max-agedirective in theStrict-Transport-SecurityHTTP response header. - override Boolean
- Whether CloudFront overrides the
Strict-Transport-SecurityHTTP response header received from the origin with the one specified in this response headers policy. - include
Subdomains Boolean - Whether CloudFront includes the
includeSubDomainsdirective in theStrict-Transport-SecurityHTTP response header. - preload Boolean
- Whether CloudFront includes the
preloaddirective in theStrict-Transport-SecurityHTTP response header.
ResponseHeadersPolicySecurityHeadersConfigXssProtection, ResponseHeadersPolicySecurityHeadersConfigXssProtectionArgs
- Override bool
- Whether CloudFront overrides the
X-XSS-ProtectionHTTP response header received from the origin with the one specified in this response headers policy. - Protection bool
- A Boolean value that determines the value of the
X-XSS-ProtectionHTTP response header. When this setting istrue, the value of theX-XSS-Protectionheader is1. When this setting isfalse, the value of theX-XSS-Protectionheader is0. - Mode
Block bool - Whether CloudFront includes the
mode=blockdirective in theX-XSS-Protectionheader. - Report
Uri string - A reporting URI, which CloudFront uses as the value of the report directive in the
X-XSS-Protectionheader. You cannot specify areport_uriwhenmode_blockistrue.
- Override bool
- Whether CloudFront overrides the
X-XSS-ProtectionHTTP response header received from the origin with the one specified in this response headers policy. - Protection bool
- A Boolean value that determines the value of the
X-XSS-ProtectionHTTP response header. When this setting istrue, the value of theX-XSS-Protectionheader is1. When this setting isfalse, the value of theX-XSS-Protectionheader is0. - Mode
Block bool - Whether CloudFront includes the
mode=blockdirective in theX-XSS-Protectionheader. - Report
Uri string - A reporting URI, which CloudFront uses as the value of the report directive in the
X-XSS-Protectionheader. You cannot specify areport_uriwhenmode_blockistrue.
- override Boolean
- Whether CloudFront overrides the
X-XSS-ProtectionHTTP response header received from the origin with the one specified in this response headers policy. - protection Boolean
- A Boolean value that determines the value of the
X-XSS-ProtectionHTTP response header. When this setting istrue, the value of theX-XSS-Protectionheader is1. When this setting isfalse, the value of theX-XSS-Protectionheader is0. - mode
Block Boolean - Whether CloudFront includes the
mode=blockdirective in theX-XSS-Protectionheader. - report
Uri String - A reporting URI, which CloudFront uses as the value of the report directive in the
X-XSS-Protectionheader. You cannot specify areport_uriwhenmode_blockistrue.
- override boolean
- Whether CloudFront overrides the
X-XSS-ProtectionHTTP response header received from the origin with the one specified in this response headers policy. - protection boolean
- A Boolean value that determines the value of the
X-XSS-ProtectionHTTP response header. When this setting istrue, the value of theX-XSS-Protectionheader is1. When this setting isfalse, the value of theX-XSS-Protectionheader is0. - mode
Block boolean - Whether CloudFront includes the
mode=blockdirective in theX-XSS-Protectionheader. - report
Uri string - A reporting URI, which CloudFront uses as the value of the report directive in the
X-XSS-Protectionheader. You cannot specify areport_uriwhenmode_blockistrue.
- override bool
- Whether CloudFront overrides the
X-XSS-ProtectionHTTP response header received from the origin with the one specified in this response headers policy. - protection bool
- A Boolean value that determines the value of the
X-XSS-ProtectionHTTP response header. When this setting istrue, the value of theX-XSS-Protectionheader is1. When this setting isfalse, the value of theX-XSS-Protectionheader is0. - mode_
block bool - Whether CloudFront includes the
mode=blockdirective in theX-XSS-Protectionheader. - report_
uri str - A reporting URI, which CloudFront uses as the value of the report directive in the
X-XSS-Protectionheader. You cannot specify areport_uriwhenmode_blockistrue.
- override Boolean
- Whether CloudFront overrides the
X-XSS-ProtectionHTTP response header received from the origin with the one specified in this response headers policy. - protection Boolean
- A Boolean value that determines the value of the
X-XSS-ProtectionHTTP response header. When this setting istrue, the value of theX-XSS-Protectionheader is1. When this setting isfalse, the value of theX-XSS-Protectionheader is0. - mode
Block Boolean - Whether CloudFront includes the
mode=blockdirective in theX-XSS-Protectionheader. - report
Uri String - A reporting URI, which CloudFront uses as the value of the report directive in the
X-XSS-Protectionheader. You cannot specify areport_uriwhenmode_blockistrue.
ResponseHeadersPolicyServerTimingHeadersConfig, ResponseHeadersPolicyServerTimingHeadersConfigArgs
- Enabled bool
- A Whether CloudFront adds the
Server-Timingheader to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy. - Sampling
Rate double - A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. Valid range: Minimum value of 0.0. Maximum value of 100.0.
- Enabled bool
- A Whether CloudFront adds the
Server-Timingheader to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy. - Sampling
Rate float64 - A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. Valid range: Minimum value of 0.0. Maximum value of 100.0.
- enabled Boolean
- A Whether CloudFront adds the
Server-Timingheader to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy. - sampling
Rate Double - A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. Valid range: Minimum value of 0.0. Maximum value of 100.0.
- enabled boolean
- A Whether CloudFront adds the
Server-Timingheader to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy. - sampling
Rate number - A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. Valid range: Minimum value of 0.0. Maximum value of 100.0.
- enabled bool
- A Whether CloudFront adds the
Server-Timingheader to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy. - sampling_
rate float - A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. Valid range: Minimum value of 0.0. Maximum value of 100.0.
- enabled Boolean
- A Whether CloudFront adds the
Server-Timingheader to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy. - sampling
Rate Number - A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. Valid range: Minimum value of 0.0. Maximum value of 100.0.
Import
Using pulumi import, import Cloudfront Response Headers Policies using the id. For example:
$ pulumi import aws:cloudfront/responseHeadersPolicy:ResponseHeadersPolicy policy 658327ea-f89d-4fab-a63d-7e88639e58f9
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.