1. Packages
  2. AWS Classic
  3. API Docs
  4. cloudfront
  5. getResponseHeadersPolicy

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.28.1 published on Thursday, Mar 28, 2024 by Pulumi

aws.cloudfront.getResponseHeadersPolicy

Explore with Pulumi AI

aws logo

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.28.1 published on Thursday, Mar 28, 2024 by Pulumi

    Use this data source to retrieve information about a CloudFront cache policy.

    Example Usage

    Basic Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = aws.cloudfront.getResponseHeadersPolicy({
        name: "example-policy",
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.cloudfront.get_response_headers_policy(name="example-policy")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := cloudfront.LookupResponseHeadersPolicy(ctx, &cloudfront.LookupResponseHeadersPolicyArgs{
    			Name: pulumi.StringRef("example-policy"),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = Aws.CloudFront.GetResponseHeadersPolicy.Invoke(new()
        {
            Name = "example-policy",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.cloudfront.CloudfrontFunctions;
    import com.pulumi.aws.cloudfront.inputs.GetResponseHeadersPolicyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var example = CloudfrontFunctions.getResponseHeadersPolicy(GetResponseHeadersPolicyArgs.builder()
                .name("example-policy")
                .build());
    
        }
    }
    
    variables:
      example:
        fn::invoke:
          Function: aws:cloudfront:getResponseHeadersPolicy
          Arguments:
            name: example-policy
    

    AWS-Managed Policies

    AWS managed response header policy names are prefixed with Managed-:

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = aws.cloudfront.getResponseHeadersPolicy({
        name: "Managed-SimpleCORS",
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.cloudfront.get_response_headers_policy(name="Managed-SimpleCORS")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := cloudfront.LookupResponseHeadersPolicy(ctx, &cloudfront.LookupResponseHeadersPolicyArgs{
    			Name: pulumi.StringRef("Managed-SimpleCORS"),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = Aws.CloudFront.GetResponseHeadersPolicy.Invoke(new()
        {
            Name = "Managed-SimpleCORS",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.cloudfront.CloudfrontFunctions;
    import com.pulumi.aws.cloudfront.inputs.GetResponseHeadersPolicyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var example = CloudfrontFunctions.getResponseHeadersPolicy(GetResponseHeadersPolicyArgs.builder()
                .name("Managed-SimpleCORS")
                .build());
    
        }
    }
    
    variables:
      example:
        fn::invoke:
          Function: aws:cloudfront:getResponseHeadersPolicy
          Arguments:
            name: Managed-SimpleCORS
    

    Using getResponseHeadersPolicy

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getResponseHeadersPolicy(args: GetResponseHeadersPolicyArgs, opts?: InvokeOptions): Promise<GetResponseHeadersPolicyResult>
    function getResponseHeadersPolicyOutput(args: GetResponseHeadersPolicyOutputArgs, opts?: InvokeOptions): Output<GetResponseHeadersPolicyResult>
    def get_response_headers_policy(id: Optional[str] = None,
                                    name: Optional[str] = None,
                                    opts: Optional[InvokeOptions] = None) -> GetResponseHeadersPolicyResult
    def get_response_headers_policy_output(id: Optional[pulumi.Input[str]] = None,
                                    name: Optional[pulumi.Input[str]] = None,
                                    opts: Optional[InvokeOptions] = None) -> Output[GetResponseHeadersPolicyResult]
    func LookupResponseHeadersPolicy(ctx *Context, args *LookupResponseHeadersPolicyArgs, opts ...InvokeOption) (*LookupResponseHeadersPolicyResult, error)
    func LookupResponseHeadersPolicyOutput(ctx *Context, args *LookupResponseHeadersPolicyOutputArgs, opts ...InvokeOption) LookupResponseHeadersPolicyResultOutput

    > Note: This function is named LookupResponseHeadersPolicy in the Go SDK.

    public static class GetResponseHeadersPolicy 
    {
        public static Task<GetResponseHeadersPolicyResult> InvokeAsync(GetResponseHeadersPolicyArgs args, InvokeOptions? opts = null)
        public static Output<GetResponseHeadersPolicyResult> Invoke(GetResponseHeadersPolicyInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetResponseHeadersPolicyResult> getResponseHeadersPolicy(GetResponseHeadersPolicyArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: aws:cloudfront/getResponseHeadersPolicy:getResponseHeadersPolicy
      arguments:
        # arguments dictionary

    The following arguments are supported:

    Id string
    Identifier for the response headers policy.
    Name string
    Unique name to identify the response headers policy.
    Id string
    Identifier for the response headers policy.
    Name string
    Unique name to identify the response headers policy.
    id String
    Identifier for the response headers policy.
    name String
    Unique name to identify the response headers policy.
    id string
    Identifier for the response headers policy.
    name string
    Unique name to identify the response headers policy.
    id str
    Identifier for the response headers policy.
    name str
    Unique name to identify the response headers policy.
    id String
    Identifier for the response headers policy.
    name String
    Unique name to identify the response headers policy.

    getResponseHeadersPolicy Result

    The following output properties are available:

    Comment string
    Comment to describe the response headers policy. The comment cannot be longer than 128 characters.
    CorsConfigs List<GetResponseHeadersPolicyCorsConfig>
    Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
    CustomHeadersConfigs List<GetResponseHeadersPolicyCustomHeadersConfig>
    Object that contains an attribute items that contains a list of Custom Headers. See Custom Header for more information.
    Etag string
    Current version of the response headers policy.
    Id string
    Name string
    RemoveHeadersConfigs List<GetResponseHeadersPolicyRemoveHeadersConfig>
    Object that contains an attribute items that contains a list of Remove Headers. See Remove Header for more information.
    SecurityHeadersConfigs List<GetResponseHeadersPolicySecurityHeadersConfig>
    A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
    ServerTimingHeadersConfigs List<GetResponseHeadersPolicyServerTimingHeadersConfig>
    (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
    Comment string
    Comment to describe the response headers policy. The comment cannot be longer than 128 characters.
    CorsConfigs []GetResponseHeadersPolicyCorsConfig
    Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
    CustomHeadersConfigs []GetResponseHeadersPolicyCustomHeadersConfig
    Object that contains an attribute items that contains a list of Custom Headers. See Custom Header for more information.
    Etag string
    Current version of the response headers policy.
    Id string
    Name string
    RemoveHeadersConfigs []GetResponseHeadersPolicyRemoveHeadersConfig
    Object that contains an attribute items that contains a list of Remove Headers. See Remove Header for more information.
    SecurityHeadersConfigs []GetResponseHeadersPolicySecurityHeadersConfig
    A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
    ServerTimingHeadersConfigs []GetResponseHeadersPolicyServerTimingHeadersConfig
    (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
    comment String
    Comment to describe the response headers policy. The comment cannot be longer than 128 characters.
    corsConfigs List<GetResponseHeadersPolicyCorsConfig>
    Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
    customHeadersConfigs List<GetResponseHeadersPolicyCustomHeadersConfig>
    Object that contains an attribute items that contains a list of Custom Headers. See Custom Header for more information.
    etag String
    Current version of the response headers policy.
    id String
    name String
    removeHeadersConfigs List<GetResponseHeadersPolicyRemoveHeadersConfig>
    Object that contains an attribute items that contains a list of Remove Headers. See Remove Header for more information.
    securityHeadersConfigs List<GetResponseHeadersPolicySecurityHeadersConfig>
    A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
    serverTimingHeadersConfigs List<GetResponseHeadersPolicyServerTimingHeadersConfig>
    (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
    comment string
    Comment to describe the response headers policy. The comment cannot be longer than 128 characters.
    corsConfigs GetResponseHeadersPolicyCorsConfig[]
    Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
    customHeadersConfigs GetResponseHeadersPolicyCustomHeadersConfig[]
    Object that contains an attribute items that contains a list of Custom Headers. See Custom Header for more information.
    etag string
    Current version of the response headers policy.
    id string
    name string
    removeHeadersConfigs GetResponseHeadersPolicyRemoveHeadersConfig[]
    Object that contains an attribute items that contains a list of Remove Headers. See Remove Header for more information.
    securityHeadersConfigs GetResponseHeadersPolicySecurityHeadersConfig[]
    A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
    serverTimingHeadersConfigs GetResponseHeadersPolicyServerTimingHeadersConfig[]
    (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
    comment str
    Comment to describe the response headers policy. The comment cannot be longer than 128 characters.
    cors_configs Sequence[GetResponseHeadersPolicyCorsConfig]
    Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
    custom_headers_configs Sequence[GetResponseHeadersPolicyCustomHeadersConfig]
    Object that contains an attribute items that contains a list of Custom Headers. See Custom Header for more information.
    etag str
    Current version of the response headers policy.
    id str
    name str
    remove_headers_configs Sequence[GetResponseHeadersPolicyRemoveHeadersConfig]
    Object that contains an attribute items that contains a list of Remove Headers. See Remove Header for more information.
    security_headers_configs Sequence[GetResponseHeadersPolicySecurityHeadersConfig]
    A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
    server_timing_headers_configs Sequence[GetResponseHeadersPolicyServerTimingHeadersConfig]
    (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
    comment String
    Comment to describe the response headers policy. The comment cannot be longer than 128 characters.
    corsConfigs List<Property Map>
    Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
    customHeadersConfigs List<Property Map>
    Object that contains an attribute items that contains a list of Custom Headers. See Custom Header for more information.
    etag String
    Current version of the response headers policy.
    id String
    name String
    removeHeadersConfigs List<Property Map>
    Object that contains an attribute items that contains a list of Remove Headers. See Remove Header for more information.
    securityHeadersConfigs List<Property Map>
    A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
    serverTimingHeadersConfigs List<Property Map>
    (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

    Supporting Types

    GetResponseHeadersPolicyCorsConfig

    AccessControlAllowCredentials bool
    A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
    AccessControlAllowHeaders List<GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader>
    Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
    AccessControlAllowMethods List<GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod>
    Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
    AccessControlAllowOrigins List<GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin>
    Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
    AccessControlExposeHeaders List<GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader>
    Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
    AccessControlMaxAgeSec int
    A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
    OriginOverride bool
    AccessControlAllowCredentials bool
    A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
    AccessControlAllowHeaders []GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader
    Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
    AccessControlAllowMethods []GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod
    Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
    AccessControlAllowOrigins []GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin
    Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
    AccessControlExposeHeaders []GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader
    Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
    AccessControlMaxAgeSec int
    A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
    OriginOverride bool
    accessControlAllowCredentials Boolean
    A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
    accessControlAllowHeaders List<GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader>
    Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
    accessControlAllowMethods List<GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod>
    Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
    accessControlAllowOrigins List<GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin>
    Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
    accessControlExposeHeaders List<GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader>
    Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
    accessControlMaxAgeSec Integer
    A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
    originOverride Boolean
    accessControlAllowCredentials boolean
    A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
    accessControlAllowHeaders GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader[]
    Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
    accessControlAllowMethods GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod[]
    Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
    accessControlAllowOrigins GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin[]
    Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
    accessControlExposeHeaders GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader[]
    Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
    accessControlMaxAgeSec number
    A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
    originOverride boolean
    access_control_allow_credentials bool
    A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
    access_control_allow_headers Sequence[GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader]
    Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
    access_control_allow_methods Sequence[GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod]
    Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
    access_control_allow_origins Sequence[GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin]
    Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
    access_control_expose_headers Sequence[GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader]
    Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
    access_control_max_age_sec int
    A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
    origin_override bool
    accessControlAllowCredentials Boolean
    A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
    accessControlAllowHeaders List<Property Map>
    Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
    accessControlAllowMethods List<Property Map>
    Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
    accessControlAllowOrigins List<Property Map>
    Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
    accessControlExposeHeaders List<Property Map>
    Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
    accessControlMaxAgeSec Number
    A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
    originOverride Boolean

    GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader

    Items List<string>
    Items []string
    items List<String>
    items string[]
    items Sequence[str]
    items List<String>

    GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod

    Items List<string>
    Items []string
    items List<String>
    items string[]
    items Sequence[str]
    items List<String>

    GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin

    Items List<string>
    Items []string
    items List<String>
    items string[]
    items Sequence[str]
    items List<String>

    GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader

    Items List<string>
    Items []string
    items List<String>
    items string[]
    items Sequence[str]
    items List<String>

    GetResponseHeadersPolicyCustomHeadersConfig

    GetResponseHeadersPolicyCustomHeadersConfigItem

    Header string
    The HTTP header name.
    Override bool
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    Value string
    Value for the HTTP response header.
    Header string
    The HTTP header name.
    Override bool
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    Value string
    Value for the HTTP response header.
    header String
    The HTTP header name.
    override Boolean
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    value String
    Value for the HTTP response header.
    header string
    The HTTP header name.
    override boolean
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    value string
    Value for the HTTP response header.
    header str
    The HTTP header name.
    override bool
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    value str
    Value for the HTTP response header.
    header String
    The HTTP header name.
    override Boolean
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    value String
    Value for the HTTP response header.

    GetResponseHeadersPolicyRemoveHeadersConfig

    GetResponseHeadersPolicyRemoveHeadersConfigItem

    Header string
    The HTTP header name.
    Header string
    The HTTP header name.
    header String
    The HTTP header name.
    header string
    The HTTP header name.
    header str
    The HTTP header name.
    header String
    The HTTP header name.

    GetResponseHeadersPolicySecurityHeadersConfig

    ContentSecurityPolicies List<GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy>
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
    ContentTypeOptions List<GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption>
    A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
    FrameOptions List<GetResponseHeadersPolicySecurityHeadersConfigFrameOption>
    Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
    ReferrerPolicies List<GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy>
    Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
    StrictTransportSecurities List<GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity>
    Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
    XssProtections List<GetResponseHeadersPolicySecurityHeadersConfigXssProtection>
    Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.
    ContentSecurityPolicies []GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
    ContentTypeOptions []GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption
    A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
    FrameOptions []GetResponseHeadersPolicySecurityHeadersConfigFrameOption
    Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
    ReferrerPolicies []GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy
    Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
    StrictTransportSecurities []GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity
    Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
    XssProtections []GetResponseHeadersPolicySecurityHeadersConfigXssProtection
    Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.
    contentSecurityPolicies List<GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy>
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
    contentTypeOptions List<GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption>
    A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
    frameOptions List<GetResponseHeadersPolicySecurityHeadersConfigFrameOption>
    Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
    referrerPolicies List<GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy>
    Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
    strictTransportSecurities List<GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity>
    Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
    xssProtections List<GetResponseHeadersPolicySecurityHeadersConfigXssProtection>
    Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.
    contentSecurityPolicies GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy[]
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
    contentTypeOptions GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption[]
    A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
    frameOptions GetResponseHeadersPolicySecurityHeadersConfigFrameOption[]
    Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
    referrerPolicies GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy[]
    Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
    strictTransportSecurities GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity[]
    Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
    xssProtections GetResponseHeadersPolicySecurityHeadersConfigXssProtection[]
    Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.
    content_security_policies Sequence[GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy]
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
    content_type_options Sequence[GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption]
    A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
    frame_options Sequence[GetResponseHeadersPolicySecurityHeadersConfigFrameOption]
    Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
    referrer_policies Sequence[GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy]
    Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
    strict_transport_securities Sequence[GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity]
    Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
    xss_protections Sequence[GetResponseHeadersPolicySecurityHeadersConfigXssProtection]
    Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.
    contentSecurityPolicies List<Property Map>
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
    contentTypeOptions List<Property Map>
    A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
    frameOptions List<Property Map>
    Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
    referrerPolicies List<Property Map>
    Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
    strictTransportSecurities List<Property Map>
    Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
    xssProtections List<Property Map>
    Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

    GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy

    ContentSecurityPolicy string
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
    Override bool
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    ContentSecurityPolicy string
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
    Override bool
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    contentSecurityPolicy String
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
    override Boolean
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    contentSecurityPolicy string
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
    override boolean
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    content_security_policy str
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
    override bool
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    contentSecurityPolicy String
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
    override Boolean
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

    GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption

    Override bool
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    Override bool
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    override Boolean
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    override boolean
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    override bool
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    override Boolean
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

    GetResponseHeadersPolicySecurityHeadersConfigFrameOption

    FrameOption string
    Value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
    Override bool
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    FrameOption string
    Value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
    Override bool
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    frameOption String
    Value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
    override Boolean
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    frameOption string
    Value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
    override boolean
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    frame_option str
    Value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
    override bool
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    frameOption String
    Value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
    override Boolean
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

    GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy

    Override bool
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    ReferrerPolicy string
    Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
    Override bool
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    ReferrerPolicy string
    Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
    override Boolean
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    referrerPolicy String
    Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
    override boolean
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    referrerPolicy string
    Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
    override bool
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    referrer_policy str
    Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
    override Boolean
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    referrerPolicy String
    Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

    GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity

    AccessControlMaxAgeSec int
    A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
    IncludeSubdomains bool
    Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
    Override bool
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    Preload bool
    Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
    AccessControlMaxAgeSec int
    A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
    IncludeSubdomains bool
    Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
    Override bool
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    Preload bool
    Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
    accessControlMaxAgeSec Integer
    A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
    includeSubdomains Boolean
    Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
    override Boolean
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    preload Boolean
    Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
    accessControlMaxAgeSec number
    A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
    includeSubdomains boolean
    Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
    override boolean
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    preload boolean
    Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
    access_control_max_age_sec int
    A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
    include_subdomains bool
    Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
    override bool
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    preload bool
    Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
    accessControlMaxAgeSec Number
    A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
    includeSubdomains Boolean
    Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
    override Boolean
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    preload Boolean
    Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

    GetResponseHeadersPolicySecurityHeadersConfigXssProtection

    ModeBlock bool
    Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
    Override bool
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    Protection bool
    Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
    ReportUri string
    Whether CloudFront sets a reporting URI in the X-XSS-Protection header.
    ModeBlock bool
    Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
    Override bool
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    Protection bool
    Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
    ReportUri string
    Whether CloudFront sets a reporting URI in the X-XSS-Protection header.
    modeBlock Boolean
    Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
    override Boolean
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    protection Boolean
    Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
    reportUri String
    Whether CloudFront sets a reporting URI in the X-XSS-Protection header.
    modeBlock boolean
    Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
    override boolean
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    protection boolean
    Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
    reportUri string
    Whether CloudFront sets a reporting URI in the X-XSS-Protection header.
    mode_block bool
    Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
    override bool
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    protection bool
    Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
    report_uri str
    Whether CloudFront sets a reporting URI in the X-XSS-Protection header.
    modeBlock Boolean
    Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
    override Boolean
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    protection Boolean
    Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
    reportUri String
    Whether CloudFront sets a reporting URI in the X-XSS-Protection header.

    GetResponseHeadersPolicyServerTimingHeadersConfig

    Enabled bool
    Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
    SamplingRate double
    Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.
    Enabled bool
    Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
    SamplingRate float64
    Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.
    enabled Boolean
    Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
    samplingRate Double
    Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.
    enabled boolean
    Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
    samplingRate number
    Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.
    enabled bool
    Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
    sampling_rate float
    Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.
    enabled Boolean
    Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
    samplingRate Number
    Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo

    Try AWS Native preview for resources not in the classic version.

    AWS Classic v6.28.1 published on Thursday, Mar 28, 2024 by Pulumi