ResponseHeadersPolicy

Provides a CloudFront response headers policy resource. A response headers policy contains information about a set of HTTP response headers and their values. After you create a response headers policy, you can use its ID to attach it to one or more cache behaviors in a CloudFront distribution. When it’s attached to a cache behavior, CloudFront adds the headers in the policy to every response that it sends for requests that match the cache behavior.

Example Usage

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
    public MyStack()
    {
        var example = new Aws.CloudFront.ResponseHeadersPolicy("example", new Aws.CloudFront.ResponseHeadersPolicyArgs
        {
            Comment = "test comment",
            CorsConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigArgs
            {
                AccessControlAllowCredentials = true,
                AccessControlAllowHeaders = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs
                {
                    Items = 
                    {
                        "test",
                    },
                },
                AccessControlAllowMethods = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs
                {
                    Items = 
                    {
                        "GET",
                    },
                },
                AccessControlAllowOrigins = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs
                {
                    Items = 
                    {
                        "test.example.comtest",
                    },
                },
                OriginOverride = true,
            },
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v4/go/aws/cloudfront"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := cloudfront.NewResponseHeadersPolicy(ctx, "example", &cloudfront.ResponseHeadersPolicyArgs{
			Comment: pulumi.String("test comment"),
			CorsConfig: &cloudfront.ResponseHeadersPolicyCorsConfigArgs{
				AccessControlAllowCredentials: pulumi.Bool(true),
				AccessControlAllowHeaders: &cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs{
					Items: pulumi.StringArray{
						pulumi.String("test"),
					},
				},
				AccessControlAllowMethods: &cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs{
					Items: pulumi.StringArray{
						pulumi.String("GET"),
					},
				},
				AccessControlAllowOrigins: &cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs{
					Items: pulumi.StringArray{
						pulumi.String("test.example.comtest"),
					},
				},
				OriginOverride: pulumi.Bool(true),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
import pulumi
import pulumi_aws as aws

example = aws.cloudfront.ResponseHeadersPolicy("example",
    comment="test comment",
    cors_config=aws.cloudfront.ResponseHeadersPolicyCorsConfigArgs(
        access_control_allow_credentials=True,
        access_control_allow_headers=aws.cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs(
            items=["test"],
        ),
        access_control_allow_methods=aws.cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs(
            items=["GET"],
        ),
        access_control_allow_origins=aws.cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs(
            items=["test.example.comtest"],
        ),
        origin_override=True,
    ))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.cloudfront.ResponseHeadersPolicy("example", {
    comment: "test comment",
    corsConfig: {
        accessControlAllowCredentials: true,
        accessControlAllowHeaders: {
            items: ["test"],
        },
        accessControlAllowMethods: {
            items: ["GET"],
        },
        accessControlAllowOrigins: {
            items: ["test.example.comtest"],
        },
        originOverride: true,
    },
});

Create a ResponseHeadersPolicy Resource

new ResponseHeadersPolicy(name: string, args?: ResponseHeadersPolicyArgs, opts?: CustomResourceOptions);
@overload
def ResponseHeadersPolicy(resource_name: str,
                          opts: Optional[ResourceOptions] = None,
                          comment: Optional[str] = None,
                          cors_config: Optional[ResponseHeadersPolicyCorsConfigArgs] = None,
                          custom_headers_config: Optional[ResponseHeadersPolicyCustomHeadersConfigArgs] = None,
                          etag: Optional[str] = None,
                          name: Optional[str] = None,
                          security_headers_config: Optional[ResponseHeadersPolicySecurityHeadersConfigArgs] = None)
@overload
def ResponseHeadersPolicy(resource_name: str,
                          args: Optional[ResponseHeadersPolicyArgs] = None,
                          opts: Optional[ResourceOptions] = None)
func NewResponseHeadersPolicy(ctx *Context, name string, args *ResponseHeadersPolicyArgs, opts ...ResourceOption) (*ResponseHeadersPolicy, error)
public ResponseHeadersPolicy(string name, ResponseHeadersPolicyArgs? args = null, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args ResponseHeadersPolicyArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args ResponseHeadersPolicyArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args ResponseHeadersPolicyArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args ResponseHeadersPolicyArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

ResponseHeadersPolicy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The ResponseHeadersPolicy resource accepts the following input properties:

Comment string
A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
CorsConfig ResponseHeadersPolicyCorsConfigArgs
A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
CustomHeadersConfig ResponseHeadersPolicyCustomHeadersConfigArgs
Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
Etag string
The current version of the response headers policy.
Name string
A unique name to identify the response headers policy.
SecurityHeadersConfig ResponseHeadersPolicySecurityHeadersConfigArgs
A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
Comment string
A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
CorsConfig ResponseHeadersPolicyCorsConfigArgs
A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
CustomHeadersConfig ResponseHeadersPolicyCustomHeadersConfigArgs
Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
Etag string
The current version of the response headers policy.
Name string
A unique name to identify the response headers policy.
SecurityHeadersConfig ResponseHeadersPolicySecurityHeadersConfigArgs
A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
comment string
A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
corsConfig ResponseHeadersPolicyCorsConfigArgs
A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
customHeadersConfig ResponseHeadersPolicyCustomHeadersConfigArgs
Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
etag string
The current version of the response headers policy.
name string
A unique name to identify the response headers policy.
securityHeadersConfig ResponseHeadersPolicySecurityHeadersConfigArgs
A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
comment str
A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
cors_config ResponseHeadersPolicyCorsConfigArgs
A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
custom_headers_config ResponseHeadersPolicyCustomHeadersConfigArgs
Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
etag str
The current version of the response headers policy.
name str
A unique name to identify the response headers policy.
security_headers_config ResponseHeadersPolicySecurityHeadersConfigArgs
A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.

Outputs

All input properties are implicitly available as output properties. Additionally, the ResponseHeadersPolicy resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.

Look up an Existing ResponseHeadersPolicy Resource

Get an existing ResponseHeadersPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ResponseHeadersPolicyState, opts?: CustomResourceOptions): ResponseHeadersPolicy
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        comment: Optional[str] = None,
        cors_config: Optional[ResponseHeadersPolicyCorsConfigArgs] = None,
        custom_headers_config: Optional[ResponseHeadersPolicyCustomHeadersConfigArgs] = None,
        etag: Optional[str] = None,
        name: Optional[str] = None,
        security_headers_config: Optional[ResponseHeadersPolicySecurityHeadersConfigArgs] = None) -> ResponseHeadersPolicy
func GetResponseHeadersPolicy(ctx *Context, name string, id IDInput, state *ResponseHeadersPolicyState, opts ...ResourceOption) (*ResponseHeadersPolicy, error)
public static ResponseHeadersPolicy Get(string name, Input<string> id, ResponseHeadersPolicyState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

Comment string
A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
CorsConfig ResponseHeadersPolicyCorsConfigArgs
A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
CustomHeadersConfig ResponseHeadersPolicyCustomHeadersConfigArgs
Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
Etag string
The current version of the response headers policy.
Name string
A unique name to identify the response headers policy.
SecurityHeadersConfig ResponseHeadersPolicySecurityHeadersConfigArgs
A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
Comment string
A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
CorsConfig ResponseHeadersPolicyCorsConfigArgs
A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
CustomHeadersConfig ResponseHeadersPolicyCustomHeadersConfigArgs
Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
Etag string
The current version of the response headers policy.
Name string
A unique name to identify the response headers policy.
SecurityHeadersConfig ResponseHeadersPolicySecurityHeadersConfigArgs
A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
comment string
A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
corsConfig ResponseHeadersPolicyCorsConfigArgs
A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
customHeadersConfig ResponseHeadersPolicyCustomHeadersConfigArgs
Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
etag string
The current version of the response headers policy.
name string
A unique name to identify the response headers policy.
securityHeadersConfig ResponseHeadersPolicySecurityHeadersConfigArgs
A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
comment str
A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
cors_config ResponseHeadersPolicyCorsConfigArgs
A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
custom_headers_config ResponseHeadersPolicyCustomHeadersConfigArgs
Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
etag str
The current version of the response headers policy.
name str
A unique name to identify the response headers policy.
security_headers_config ResponseHeadersPolicySecurityHeadersConfigArgs
A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.

Supporting Types

ResponseHeadersPolicyCorsConfig

AccessControlAllowCredentials bool
A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
AccessControlAllowHeaders ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders
Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
AccessControlAllowMethods ResponseHeadersPolicyCorsConfigAccessControlAllowMethods
Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
AccessControlAllowOrigins ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins
Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
OriginOverride bool
A Boolean value that determines how CloudFront behaves for the HTTP response header.
AccessControlExposeHeaders ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders
Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
AccessControlMaxAgeSec int
A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
AccessControlAllowCredentials bool
A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
AccessControlAllowHeaders ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders
Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
AccessControlAllowMethods ResponseHeadersPolicyCorsConfigAccessControlAllowMethods
Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
AccessControlAllowOrigins ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins
Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
OriginOverride bool
A Boolean value that determines how CloudFront behaves for the HTTP response header.
AccessControlExposeHeaders ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders
Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
AccessControlMaxAgeSec int
A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
accessControlAllowCredentials boolean
A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
accessControlAllowHeaders ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders
Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
accessControlAllowMethods ResponseHeadersPolicyCorsConfigAccessControlAllowMethods
Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
accessControlAllowOrigins ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins
Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
originOverride boolean
A Boolean value that determines how CloudFront behaves for the HTTP response header.
accessControlExposeHeaders ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders
Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
accessControlMaxAgeSec number
A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
access_control_allow_credentials bool
A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
access_control_allow_headers ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders
Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
access_control_allow_methods ResponseHeadersPolicyCorsConfigAccessControlAllowMethods
Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
access_control_allow_origins ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins
Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
origin_override bool
A Boolean value that determines how CloudFront behaves for the HTTP response header.
access_control_expose_headers ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders
Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
access_control_max_age_sec int
A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.

ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders

Items List<string>
Items []string
items string[]
items Sequence[str]

ResponseHeadersPolicyCorsConfigAccessControlAllowMethods

Items List<string>
Items []string
items string[]
items Sequence[str]

ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins

Items List<string>
Items []string
items string[]
items Sequence[str]

ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders

Items List<string>
Items []string
items string[]
items Sequence[str]

ResponseHeadersPolicyCustomHeadersConfig

ResponseHeadersPolicyCustomHeadersConfigItem

Header string
The HTTP response header name.
Override bool
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
Value string
The value for the HTTP response header.
Header string
The HTTP response header name.
Override bool
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
Value string
The value for the HTTP response header.
header string
The HTTP response header name.
override boolean
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
value string
The value for the HTTP response header.
header str
The HTTP response header name.
override bool
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
value str
The value for the HTTP response header.

ResponseHeadersPolicySecurityHeadersConfig

ContentSecurityPolicy ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy
The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
ContentTypeOptions ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions
Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
FrameOptions ResponseHeadersPolicySecurityHeadersConfigFrameOptions
Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
ReferrerPolicy ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy
The value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
StrictTransportSecurity ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity
Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
XssProtection ResponseHeadersPolicySecurityHeadersConfigXssProtection
Determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.
ContentSecurityPolicy ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy
The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
ContentTypeOptions ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions
Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
FrameOptions ResponseHeadersPolicySecurityHeadersConfigFrameOptions
Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
ReferrerPolicy ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy
The value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
StrictTransportSecurity ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity
Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
XssProtection ResponseHeadersPolicySecurityHeadersConfigXssProtection
Determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.
contentSecurityPolicy ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy
The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
contentTypeOptions ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions
Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
frameOptions ResponseHeadersPolicySecurityHeadersConfigFrameOptions
Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
referrerPolicy ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy
The value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
strictTransportSecurity ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity
Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
xssProtection ResponseHeadersPolicySecurityHeadersConfigXssProtection
Determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.
content_security_policy ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy
The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
content_type_options ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions
Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
frame_options ResponseHeadersPolicySecurityHeadersConfigFrameOptions
Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
referrer_policy ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy
The value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
strict_transport_security ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity
Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
xss_protection ResponseHeadersPolicySecurityHeadersConfigXssProtection
Determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy

ContentSecurityPolicy string
The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
Override bool
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
ContentSecurityPolicy string
The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
Override bool
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
contentSecurityPolicy string
The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
override boolean
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
content_security_policy str
The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
override bool
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions

Override bool
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
Override bool
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
override boolean
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
override bool
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

ResponseHeadersPolicySecurityHeadersConfigFrameOptions

FrameOption string
The value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
Override bool
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
FrameOption string
The value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
Override bool
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
frameOption string
The value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
override boolean
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
frame_option str
The value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
override bool
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy

Override bool
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
ReferrerPolicy string
The value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
Override bool
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
ReferrerPolicy string
The value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
override boolean
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
referrerPolicy string
The value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
override bool
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
referrer_policy str
The value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity

AccessControlMaxAgeSec int
A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
Override bool
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
IncludeSubdomains bool
A Boolean value that determines whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
Preload bool
A Boolean value that determines whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
AccessControlMaxAgeSec int
A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
Override bool
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
IncludeSubdomains bool
A Boolean value that determines whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
Preload bool
A Boolean value that determines whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
accessControlMaxAgeSec number
A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
override boolean
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
includeSubdomains boolean
A Boolean value that determines whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
preload boolean
A Boolean value that determines whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
access_control_max_age_sec int
A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
override bool
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
include_subdomains bool
A Boolean value that determines whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
preload bool
A Boolean value that determines whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

ResponseHeadersPolicySecurityHeadersConfigXssProtection

Override bool
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
Protection bool
A Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
ModeBlock bool
A Boolean value that determines whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
ReportUri string
A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header. You cannot specify a report_uri when mode_block is true.
Override bool
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
Protection bool
A Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
ModeBlock bool
A Boolean value that determines whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
ReportUri string
A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header. You cannot specify a report_uri when mode_block is true.
override boolean
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
protection boolean
A Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
modeBlock boolean
A Boolean value that determines whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
reportUri string
A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header. You cannot specify a report_uri when mode_block is true.
override bool
A Boolean value that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
protection bool
A Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
mode_block bool
A Boolean value that determines whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
report_uri str
A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header. You cannot specify a report_uri when mode_block is true.

Import

Cloudfront Response Headers Policies can be imported using the id, e.g.

 $ pulumi import aws:cloudfront/responseHeadersPolicy:ResponseHeadersPolicy policy 658327ea-f89d-4fab-a63d-7e88639e58f9

Package Details

Repository
https://github.com/pulumi/pulumi-aws
License
Apache-2.0
Notes
This Pulumi package is based on the aws Terraform Provider.