aws logo
AWS Classic v5.28.0, Jan 23 23

aws.cloudfront.getResponseHeadersPolicy

Use this data source to retrieve information about a CloudFront cache policy.

Example Usage

Basic Usage

using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var example = Aws.CloudFront.GetResponseHeadersPolicy.Invoke(new()
    {
        Name = "example-policy",
    });

});
package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/cloudfront"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := cloudfront.LookupResponseHeadersPolicy(ctx, &cloudfront.LookupResponseHeadersPolicyArgs{
			Name: pulumi.StringRef("example-policy"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.CloudfrontFunctions;
import com.pulumi.aws.cloudfront.inputs.GetResponseHeadersPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var example = CloudfrontFunctions.getResponseHeadersPolicy(GetResponseHeadersPolicyArgs.builder()
            .name("example-policy")
            .build());

    }
}
import pulumi
import pulumi_aws as aws

example = aws.cloudfront.get_response_headers_policy(name="example-policy")
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = aws.cloudfront.getResponseHeadersPolicy({
    name: "example-policy",
});
variables:
  example:
    fn::invoke:
      Function: aws:cloudfront:getResponseHeadersPolicy
      Arguments:
        name: example-policy

AWS-Managed Policies

using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var example = Aws.CloudFront.GetResponseHeadersPolicy.Invoke(new()
    {
        Name = "Managed-SimpleCORS",
    });

});
package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/cloudfront"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := cloudfront.LookupResponseHeadersPolicy(ctx, &cloudfront.LookupResponseHeadersPolicyArgs{
			Name: pulumi.StringRef("Managed-SimpleCORS"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.CloudfrontFunctions;
import com.pulumi.aws.cloudfront.inputs.GetResponseHeadersPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var example = CloudfrontFunctions.getResponseHeadersPolicy(GetResponseHeadersPolicyArgs.builder()
            .name("Managed-SimpleCORS")
            .build());

    }
}
import pulumi
import pulumi_aws as aws

example = aws.cloudfront.get_response_headers_policy(name="Managed-SimpleCORS")
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = aws.cloudfront.getResponseHeadersPolicy({
    name: "Managed-SimpleCORS",
});
variables:
  example:
    fn::invoke:
      Function: aws:cloudfront:getResponseHeadersPolicy
      Arguments:
        name: Managed-SimpleCORS

Using getResponseHeadersPolicy

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getResponseHeadersPolicy(args: GetResponseHeadersPolicyArgs, opts?: InvokeOptions): Promise<GetResponseHeadersPolicyResult>
function getResponseHeadersPolicyOutput(args: GetResponseHeadersPolicyOutputArgs, opts?: InvokeOptions): Output<GetResponseHeadersPolicyResult>
def get_response_headers_policy(id: Optional[str] = None,
                                name: Optional[str] = None,
                                opts: Optional[InvokeOptions] = None) -> GetResponseHeadersPolicyResult
def get_response_headers_policy_output(id: Optional[pulumi.Input[str]] = None,
                                name: Optional[pulumi.Input[str]] = None,
                                opts: Optional[InvokeOptions] = None) -> Output[GetResponseHeadersPolicyResult]
func LookupResponseHeadersPolicy(ctx *Context, args *LookupResponseHeadersPolicyArgs, opts ...InvokeOption) (*LookupResponseHeadersPolicyResult, error)
func LookupResponseHeadersPolicyOutput(ctx *Context, args *LookupResponseHeadersPolicyOutputArgs, opts ...InvokeOption) LookupResponseHeadersPolicyResultOutput

> Note: This function is named LookupResponseHeadersPolicy in the Go SDK.

public static class GetResponseHeadersPolicy 
{
    public static Task<GetResponseHeadersPolicyResult> InvokeAsync(GetResponseHeadersPolicyArgs args, InvokeOptions? opts = null)
    public static Output<GetResponseHeadersPolicyResult> Invoke(GetResponseHeadersPolicyInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetResponseHeadersPolicyResult> getResponseHeadersPolicy(GetResponseHeadersPolicyArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
  function: aws:cloudfront/getResponseHeadersPolicy:getResponseHeadersPolicy
  arguments:
    # arguments dictionary

The following arguments are supported:

Id string

Identifier for the response headers policy.

Name string

Unique name to identify the response headers policy.

Id string

Identifier for the response headers policy.

Name string

Unique name to identify the response headers policy.

id String

Identifier for the response headers policy.

name String

Unique name to identify the response headers policy.

id string

Identifier for the response headers policy.

name string

Unique name to identify the response headers policy.

id str

Identifier for the response headers policy.

name str

Unique name to identify the response headers policy.

id String

Identifier for the response headers policy.

name String

Unique name to identify the response headers policy.

getResponseHeadersPolicy Result

The following output properties are available:

Comment string

Comment to describe the response headers policy. The comment cannot be longer than 128 characters.

CorsConfigs List<GetResponseHeadersPolicyCorsConfig>

Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.

CustomHeadersConfigs List<GetResponseHeadersPolicyCustomHeadersConfig>

Object that contains an attribute items that contains a list of Custom Headers See Custom Header for more information.

Etag string

Current version of the response headers policy.

Id string
Name string
SecurityHeadersConfigs List<GetResponseHeadersPolicySecurityHeadersConfig>

A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.

ServerTimingHeadersConfigs List<GetResponseHeadersPolicyServerTimingHeadersConfig>

(Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

Comment string

Comment to describe the response headers policy. The comment cannot be longer than 128 characters.

CorsConfigs []GetResponseHeadersPolicyCorsConfig

Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.

CustomHeadersConfigs []GetResponseHeadersPolicyCustomHeadersConfig

Object that contains an attribute items that contains a list of Custom Headers See Custom Header for more information.

Etag string

Current version of the response headers policy.

Id string
Name string
SecurityHeadersConfigs []GetResponseHeadersPolicySecurityHeadersConfig

A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.

ServerTimingHeadersConfigs []GetResponseHeadersPolicyServerTimingHeadersConfig

(Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

comment String

Comment to describe the response headers policy. The comment cannot be longer than 128 characters.

corsConfigs List<GetResponseHeadersPolicyCorsConfig>

Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.

customHeadersConfigs List<GetResponseHeadersPolicyCustomHeadersConfig>

Object that contains an attribute items that contains a list of Custom Headers See Custom Header for more information.

etag String

Current version of the response headers policy.

id String
name String
securityHeadersConfigs List<GetResponseHeadersPolicySecurityHeadersConfig>

A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.

serverTimingHeadersConfigs List<GetResponseHeadersPolicyServerTimingHeadersConfig>

(Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

comment string

Comment to describe the response headers policy. The comment cannot be longer than 128 characters.

corsConfigs GetResponseHeadersPolicyCorsConfig[]

Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.

customHeadersConfigs GetResponseHeadersPolicyCustomHeadersConfig[]

Object that contains an attribute items that contains a list of Custom Headers See Custom Header for more information.

etag string

Current version of the response headers policy.

id string
name string
securityHeadersConfigs GetResponseHeadersPolicySecurityHeadersConfig[]

A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.

serverTimingHeadersConfigs GetResponseHeadersPolicyServerTimingHeadersConfig[]

(Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

comment str

Comment to describe the response headers policy. The comment cannot be longer than 128 characters.

cors_configs Sequence[GetResponseHeadersPolicyCorsConfig]

Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.

custom_headers_configs Sequence[GetResponseHeadersPolicyCustomHeadersConfig]

Object that contains an attribute items that contains a list of Custom Headers See Custom Header for more information.

etag str

Current version of the response headers policy.

id str
name str
security_headers_configs Sequence[GetResponseHeadersPolicySecurityHeadersConfig]

A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.

server_timing_headers_configs Sequence[GetResponseHeadersPolicyServerTimingHeadersConfig]

(Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

comment String

Comment to describe the response headers policy. The comment cannot be longer than 128 characters.

corsConfigs List<Property Map>

Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.

customHeadersConfigs List<Property Map>

Object that contains an attribute items that contains a list of Custom Headers See Custom Header for more information.

etag String

Current version of the response headers policy.

id String
name String
securityHeadersConfigs List<Property Map>

A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.

serverTimingHeadersConfigs List<Property Map>

(Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

Supporting Types

GetResponseHeadersPolicyCorsConfig

AccessControlAllowCredentials bool

A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.

AccessControlAllowHeaders List<GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader>

Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.

AccessControlAllowMethods List<GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod>

Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL

AccessControlAllowOrigins List<GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin>

Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.

AccessControlExposeHeaders List<GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader>

Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.

AccessControlMaxAgeSec int

A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.

OriginOverride bool
AccessControlAllowCredentials bool

A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.

AccessControlAllowHeaders []GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader

Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.

AccessControlAllowMethods []GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod

Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL

AccessControlAllowOrigins []GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin

Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.

AccessControlExposeHeaders []GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader

Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.

AccessControlMaxAgeSec int

A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.

OriginOverride bool
accessControlAllowCredentials Boolean

A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.

accessControlAllowHeaders List<GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader>

Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.

accessControlAllowMethods List<GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod>

Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL

accessControlAllowOrigins List<GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin>

Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.

accessControlExposeHeaders List<GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader>

Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.

accessControlMaxAgeSec Integer

A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.

originOverride Boolean
accessControlAllowCredentials boolean

A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.

accessControlAllowHeaders GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader[]

Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.

accessControlAllowMethods GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod[]

Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL

accessControlAllowOrigins GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin[]

Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.

accessControlExposeHeaders GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader[]

Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.

accessControlMaxAgeSec number

A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.

originOverride boolean
access_control_allow_credentials bool

A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.

access_control_allow_headers Sequence[GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader]

Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.

access_control_allow_methods Sequence[GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod]

Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL

access_control_allow_origins Sequence[GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin]

Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.

access_control_expose_headers Sequence[GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader]

Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.

access_control_max_age_sec int

A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.

origin_override bool
accessControlAllowCredentials Boolean

A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.

accessControlAllowHeaders List<Property Map>

Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.

accessControlAllowMethods List<Property Map>

Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL

accessControlAllowOrigins List<Property Map>

Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.

accessControlExposeHeaders List<Property Map>

Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.

accessControlMaxAgeSec Number

A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.

originOverride Boolean

GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader

Items List<string>
Items []string
items List<String>
items string[]
items Sequence[str]
items List<String>

GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod

Items List<string>
Items []string
items List<String>
items string[]
items Sequence[str]
items List<String>

GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin

Items List<string>
Items []string
items List<String>
items string[]
items Sequence[str]
items List<String>

GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader

Items List<string>
Items []string
items List<String>
items string[]
items Sequence[str]
items List<String>

GetResponseHeadersPolicyCustomHeadersConfig

GetResponseHeadersPolicyCustomHeadersConfigItem

Header string

HTTP response header name.

Override bool

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

Value string

Value for the HTTP response header.

Header string

HTTP response header name.

Override bool

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

Value string

Value for the HTTP response header.

header String

HTTP response header name.

override Boolean

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

value String

Value for the HTTP response header.

header string

HTTP response header name.

override boolean

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

value string

Value for the HTTP response header.

header str

HTTP response header name.

override bool

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

value str

Value for the HTTP response header.

header String

HTTP response header name.

override Boolean

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

value String

Value for the HTTP response header.

GetResponseHeadersPolicySecurityHeadersConfig

ContentSecurityPolicies List<GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy>

The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

ContentTypeOptions List<GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption>

A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.

FrameOptions List<GetResponseHeadersPolicySecurityHeadersConfigFrameOption>

Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.

ReferrerPolicies List<GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy>

Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

StrictTransportSecurities List<GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity>

Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.

XssProtections List<GetResponseHeadersPolicySecurityHeadersConfigXssProtection>

Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

ContentSecurityPolicies []GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy

The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

ContentTypeOptions []GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption

A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.

FrameOptions []GetResponseHeadersPolicySecurityHeadersConfigFrameOption

Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.

ReferrerPolicies []GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy

Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

StrictTransportSecurities []GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity

Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.

XssProtections []GetResponseHeadersPolicySecurityHeadersConfigXssProtection

Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

contentSecurityPolicies List<GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy>

The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

contentTypeOptions List<GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption>

A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.

frameOptions List<GetResponseHeadersPolicySecurityHeadersConfigFrameOption>

Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.

referrerPolicies List<GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy>

Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

strictTransportSecurities List<GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity>

Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.

xssProtections List<GetResponseHeadersPolicySecurityHeadersConfigXssProtection>

Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

contentSecurityPolicies GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy[]

The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

contentTypeOptions GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption[]

A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.

frameOptions GetResponseHeadersPolicySecurityHeadersConfigFrameOption[]

Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.

referrerPolicies GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy[]

Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

strictTransportSecurities GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity[]

Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.

xssProtections GetResponseHeadersPolicySecurityHeadersConfigXssProtection[]

Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

content_security_policies Sequence[GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy]

The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

content_type_options Sequence[GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption]

A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.

frame_options Sequence[GetResponseHeadersPolicySecurityHeadersConfigFrameOption]

Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.

referrer_policies Sequence[GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy]

Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

strict_transport_securities Sequence[GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity]

Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.

xss_protections Sequence[GetResponseHeadersPolicySecurityHeadersConfigXssProtection]

Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

contentSecurityPolicies List<Property Map>

The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

contentTypeOptions List<Property Map>

A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.

frameOptions List<Property Map>

Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.

referrerPolicies List<Property Map>

Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

strictTransportSecurities List<Property Map>

Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.

xssProtections List<Property Map>

Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy

ContentSecurityPolicy string

The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

Override bool

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

ContentSecurityPolicy string

The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

Override bool

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

contentSecurityPolicy String

The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

override Boolean

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

contentSecurityPolicy string

The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

override boolean

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

content_security_policy str

The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

override bool

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

contentSecurityPolicy String

The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

override Boolean

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption

Override bool

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

Override bool

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

override Boolean

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

override boolean

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

override bool

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

override Boolean

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

GetResponseHeadersPolicySecurityHeadersConfigFrameOption

FrameOption string

Value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN

Override bool

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

FrameOption string

Value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN

Override bool

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

frameOption String

Value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN

override Boolean

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

frameOption string

Value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN

override boolean

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

frame_option str

Value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN

override bool

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

frameOption String

Value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN

override Boolean

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy

Override bool

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

ReferrerPolicy string

Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

Override bool

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

ReferrerPolicy string

Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

override Boolean

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

referrerPolicy String

Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

override boolean

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

referrerPolicy string

Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

override bool

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

referrer_policy str

Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

override Boolean

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

referrerPolicy String

Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity

AccessControlMaxAgeSec int

A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.

IncludeSubdomains bool

Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.

Override bool

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

Preload bool

Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

AccessControlMaxAgeSec int

A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.

IncludeSubdomains bool

Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.

Override bool

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

Preload bool

Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

accessControlMaxAgeSec Integer

A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.

includeSubdomains Boolean

Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.

override Boolean

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

preload Boolean

Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

accessControlMaxAgeSec number

A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.

includeSubdomains boolean

Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.

override boolean

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

preload boolean

Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

access_control_max_age_sec int

A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.

include_subdomains bool

Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.

override bool

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

preload bool

Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

accessControlMaxAgeSec Number

A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.

includeSubdomains Boolean

Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.

override Boolean

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

preload Boolean

Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

GetResponseHeadersPolicySecurityHeadersConfigXssProtection

ModeBlock bool

Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.

Override bool

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

Protection bool

Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.

ReportUri string

Whether CloudFront sets a reporting URI in the X-XSS-Protection header.

ModeBlock bool

Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.

Override bool

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

Protection bool

Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.

ReportUri string

Whether CloudFront sets a reporting URI in the X-XSS-Protection header.

modeBlock Boolean

Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.

override Boolean

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

protection Boolean

Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.

reportUri String

Whether CloudFront sets a reporting URI in the X-XSS-Protection header.

modeBlock boolean

Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.

override boolean

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

protection boolean

Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.

reportUri string

Whether CloudFront sets a reporting URI in the X-XSS-Protection header.

mode_block bool

Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.

override bool

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

protection bool

Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.

report_uri str

Whether CloudFront sets a reporting URI in the X-XSS-Protection header.

modeBlock Boolean

Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.

override Boolean

Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

protection Boolean

Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.

reportUri String

Whether CloudFront sets a reporting URI in the X-XSS-Protection header.

GetResponseHeadersPolicyServerTimingHeadersConfig

Enabled bool

Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.

SamplingRate double

Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.

Enabled bool

Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.

SamplingRate float64

Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.

enabled Boolean

Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.

samplingRate Double

Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.

enabled boolean

Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.

samplingRate number

Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.

enabled bool

Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.

sampling_rate float

Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.

enabled Boolean

Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.

samplingRate Number

Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.

Package Details

Repository
AWS Classic pulumi/pulumi-aws
License
Apache-2.0
Notes

This Pulumi package is based on the aws Terraform Provider.