AWS v6.74.0, Mar 26 25

AWS v6.74.0 published on Wednesday, Mar 26, 2025 by Pulumi

aws.cloudfront.ResponseHeadersPolicy

Explore with Pulumi AI

AWS v6.74.0 published on Wednesday, Mar 26, 2025 by Pulumi

Provides a CloudFront response headers policy resource. A response headers policy contains information about a set of HTTP response headers and their values. After you create a response headers policy, you can use its ID to attach it to one or more cache behaviors in a CloudFront distribution. When it’s attached to a cache behavior, CloudFront adds the headers in the policy to every response that it sends for requests that match the cache behavior.

Example Usage

The example below creates a CloudFront response headers policy.

TypeScript
Python
Go
C#
Java
YAML

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.cloudfront.ResponseHeadersPolicy("example", {
    name: "example-policy",
    comment: "test comment",
    corsConfig: {
        accessControlAllowCredentials: true,
        accessControlAllowHeaders: {
            items: ["test"],
        },
        accessControlAllowMethods: {
            items: ["GET"],
        },
        accessControlAllowOrigins: {
            items: ["test.example.comtest"],
        },
        originOverride: true,
    },
});

import pulumi
import pulumi_aws as aws

example = aws.cloudfront.ResponseHeadersPolicy("example",
    name="example-policy",
    comment="test comment",
    cors_config={
        "access_control_allow_credentials": True,
        "access_control_allow_headers": {
            "items": ["test"],
        },
        "access_control_allow_methods": {
            "items": ["GET"],
        },
        "access_control_allow_origins": {
            "items": ["test.example.comtest"],
        },
        "origin_override": True,
    })

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := cloudfront.NewResponseHeadersPolicy(ctx, "example", &cloudfront.ResponseHeadersPolicyArgs{
			Name:    pulumi.String("example-policy"),
			Comment: pulumi.String("test comment"),
			CorsConfig: &cloudfront.ResponseHeadersPolicyCorsConfigArgs{
				AccessControlAllowCredentials: pulumi.Bool(true),
				AccessControlAllowHeaders: &cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs{
					Items: pulumi.StringArray{
						pulumi.String("test"),
					},
				},
				AccessControlAllowMethods: &cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs{
					Items: pulumi.StringArray{
						pulumi.String("GET"),
					},
				},
				AccessControlAllowOrigins: &cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs{
					Items: pulumi.StringArray{
						pulumi.String("test.example.comtest"),
					},
				},
				OriginOverride: pulumi.Bool(true),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var example = new Aws.CloudFront.ResponseHeadersPolicy("example", new()
    {
        Name = "example-policy",
        Comment = "test comment",
        CorsConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigArgs
        {
            AccessControlAllowCredentials = true,
            AccessControlAllowHeaders = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs
            {
                Items = new[]
                {
                    "test",
                },
            },
            AccessControlAllowMethods = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs
            {
                Items = new[]
                {
                    "GET",
                },
            },
            AccessControlAllowOrigins = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs
            {
                Items = new[]
                {
                    "test.example.comtest",
                },
            },
            OriginOverride = true,
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.ResponseHeadersPolicy;
import com.pulumi.aws.cloudfront.ResponseHeadersPolicyArgs;
import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCorsConfigArgs;
import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs;
import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs;
import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new ResponseHeadersPolicy("example", ResponseHeadersPolicyArgs.builder()
            .name("example-policy")
            .comment("test comment")
            .corsConfig(ResponseHeadersPolicyCorsConfigArgs.builder()
                .accessControlAllowCredentials(true)
                .accessControlAllowHeaders(ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs.builder()
                    .items("test")
                    .build())
                .accessControlAllowMethods(ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs.builder()
                    .items("GET")
                    .build())
                .accessControlAllowOrigins(ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs.builder()
                    .items("test.example.comtest")
                    .build())
                .originOverride(true)
                .build())
            .build());

    }
}

resources:
  example:
    type: aws:cloudfront:ResponseHeadersPolicy
    properties:
      name: example-policy
      comment: test comment
      corsConfig:
        accessControlAllowCredentials: true
        accessControlAllowHeaders:
          items:
            - test
        accessControlAllowMethods:
          items:
            - GET
        accessControlAllowOrigins:
          items:
            - test.example.comtest
        originOverride: true

The example below creates a CloudFront response headers policy with a custom headers config.

TypeScript
Python
Go
C#
Java
YAML

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.cloudfront.ResponseHeadersPolicy("example", {
    name: "example-headers-policy",
    customHeadersConfig: {
        items: [
            {
                header: "X-Permitted-Cross-Domain-Policies",
                override: true,
                value: "none",
            },
            {
                header: "X-Test",
                override: true,
                value: "none",
            },
        ],
    },
});

import pulumi
import pulumi_aws as aws

example = aws.cloudfront.ResponseHeadersPolicy("example",
    name="example-headers-policy",
    custom_headers_config={
        "items": [
            {
                "header": "X-Permitted-Cross-Domain-Policies",
                "override": True,
                "value": "none",
            },
            {
                "header": "X-Test",
                "override": True,
                "value": "none",
            },
        ],
    })

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := cloudfront.NewResponseHeadersPolicy(ctx, "example", &cloudfront.ResponseHeadersPolicyArgs{
			Name: pulumi.String("example-headers-policy"),
			CustomHeadersConfig: &cloudfront.ResponseHeadersPolicyCustomHeadersConfigArgs{
				Items: cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArray{
					&cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArgs{
						Header:   pulumi.String("X-Permitted-Cross-Domain-Policies"),
						Override: pulumi.Bool(true),
						Value:    pulumi.String("none"),
					},
					&cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArgs{
						Header:   pulumi.String("X-Test"),
						Override: pulumi.Bool(true),
						Value:    pulumi.String("none"),
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var example = new Aws.CloudFront.ResponseHeadersPolicy("example", new()
    {
        Name = "example-headers-policy",
        CustomHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigArgs
        {
            Items = new[]
            {
                new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigItemArgs
                {
                    Header = "X-Permitted-Cross-Domain-Policies",
                    Override = true,
                    Value = "none",
                },
                new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigItemArgs
                {
                    Header = "X-Test",
                    Override = true,
                    Value = "none",
                },
            },
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.ResponseHeadersPolicy;
import com.pulumi.aws.cloudfront.ResponseHeadersPolicyArgs;
import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCustomHeadersConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new ResponseHeadersPolicy("example", ResponseHeadersPolicyArgs.builder()
            .name("example-headers-policy")
            .customHeadersConfig(ResponseHeadersPolicyCustomHeadersConfigArgs.builder()
                .items(                
                    ResponseHeadersPolicyCustomHeadersConfigItemArgs.builder()
                        .header("X-Permitted-Cross-Domain-Policies")
                        .override(true)
                        .value("none")
                        .build(),
                    ResponseHeadersPolicyCustomHeadersConfigItemArgs.builder()
                        .header("X-Test")
                        .override(true)
                        .value("none")
                        .build())
                .build())
            .build());

    }
}

resources:
  example:
    type: aws:cloudfront:ResponseHeadersPolicy
    properties:
      name: example-headers-policy
      customHeadersConfig:
        items:
          - header: X-Permitted-Cross-Domain-Policies
            override: true
            value: none
          - header: X-Test
            override: true
            value: none

The example below creates a CloudFront response headers policy with a custom headers config, remove headers config and server timing headers config.

TypeScript
Python
Go
C#
Java
YAML

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.cloudfront.ResponseHeadersPolicy("example", {
    name: "example-headers-policy",
    customHeadersConfig: {
        items: [{
            header: "X-Permitted-Cross-Domain-Policies",
            override: true,
            value: "none",
        }],
    },
    removeHeadersConfig: {
        items: [{
            header: "Set-Cookie",
        }],
    },
    serverTimingHeadersConfig: {
        enabled: true,
        samplingRate: 50,
    },
});

import pulumi
import pulumi_aws as aws

example = aws.cloudfront.ResponseHeadersPolicy("example",
    name="example-headers-policy",
    custom_headers_config={
        "items": [{
            "header": "X-Permitted-Cross-Domain-Policies",
            "override": True,
            "value": "none",
        }],
    },
    remove_headers_config={
        "items": [{
            "header": "Set-Cookie",
        }],
    },
    server_timing_headers_config={
        "enabled": True,
        "sampling_rate": 50,
    })

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := cloudfront.NewResponseHeadersPolicy(ctx, "example", &cloudfront.ResponseHeadersPolicyArgs{
			Name: pulumi.String("example-headers-policy"),
			CustomHeadersConfig: &cloudfront.ResponseHeadersPolicyCustomHeadersConfigArgs{
				Items: cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArray{
					&cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArgs{
						Header:   pulumi.String("X-Permitted-Cross-Domain-Policies"),
						Override: pulumi.Bool(true),
						Value:    pulumi.String("none"),
					},
				},
			},
			RemoveHeadersConfig: &cloudfront.ResponseHeadersPolicyRemoveHeadersConfigArgs{
				Items: cloudfront.ResponseHeadersPolicyRemoveHeadersConfigItemArray{
					&cloudfront.ResponseHeadersPolicyRemoveHeadersConfigItemArgs{
						Header: pulumi.String("Set-Cookie"),
					},
				},
			},
			ServerTimingHeadersConfig: &cloudfront.ResponseHeadersPolicyServerTimingHeadersConfigArgs{
				Enabled:      pulumi.Bool(true),
				SamplingRate: pulumi.Float64(50),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var example = new Aws.CloudFront.ResponseHeadersPolicy("example", new()
    {
        Name = "example-headers-policy",
        CustomHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigArgs
        {
            Items = new[]
            {
                new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigItemArgs
                {
                    Header = "X-Permitted-Cross-Domain-Policies",
                    Override = true,
                    Value = "none",
                },
            },
        },
        RemoveHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyRemoveHeadersConfigArgs
        {
            Items = new[]
            {
                new Aws.CloudFront.Inputs.ResponseHeadersPolicyRemoveHeadersConfigItemArgs
                {
                    Header = "Set-Cookie",
                },
            },
        },
        ServerTimingHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyServerTimingHeadersConfigArgs
        {
            Enabled = true,
            SamplingRate = 50,
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.ResponseHeadersPolicy;
import com.pulumi.aws.cloudfront.ResponseHeadersPolicyArgs;
import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCustomHeadersConfigArgs;
import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyRemoveHeadersConfigArgs;
import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyServerTimingHeadersConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new ResponseHeadersPolicy("example", ResponseHeadersPolicyArgs.builder()
            .name("example-headers-policy")
            .customHeadersConfig(ResponseHeadersPolicyCustomHeadersConfigArgs.builder()
                .items(ResponseHeadersPolicyCustomHeadersConfigItemArgs.builder()
                    .header("X-Permitted-Cross-Domain-Policies")
                    .override(true)
                    .value("none")
                    .build())
                .build())
            .removeHeadersConfig(ResponseHeadersPolicyRemoveHeadersConfigArgs.builder()
                .items(ResponseHeadersPolicyRemoveHeadersConfigItemArgs.builder()
                    .header("Set-Cookie")
                    .build())
                .build())
            .serverTimingHeadersConfig(ResponseHeadersPolicyServerTimingHeadersConfigArgs.builder()
                .enabled(true)
                .samplingRate(50)
                .build())
            .build());

    }
}

resources:
  example:
    type: aws:cloudfront:ResponseHeadersPolicy
    properties:
      name: example-headers-policy
      customHeadersConfig:
        items:
          - header: X-Permitted-Cross-Domain-Policies
            override: true
            value: none
      removeHeadersConfig:
        items:
          - header: Set-Cookie
      serverTimingHeadersConfig:
        enabled: true
        samplingRate: 50

Create ResponseHeadersPolicy Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

new ResponseHeadersPolicy(name: string, args?: ResponseHeadersPolicyArgs, opts?: CustomResourceOptions);

@overload
def ResponseHeadersPolicy(resource_name: str,
                          args: Optional[ResponseHeadersPolicyArgs] = None,
                          opts: Optional[ResourceOptions] = None)

@overload
def ResponseHeadersPolicy(resource_name: str,
                          opts: Optional[ResourceOptions] = None,
                          comment: Optional[str] = None,
                          cors_config: Optional[ResponseHeadersPolicyCorsConfigArgs] = None,
                          custom_headers_config: Optional[ResponseHeadersPolicyCustomHeadersConfigArgs] = None,
                          etag: Optional[str] = None,
                          name: Optional[str] = None,
                          remove_headers_config: Optional[ResponseHeadersPolicyRemoveHeadersConfigArgs] = None,
                          security_headers_config: Optional[ResponseHeadersPolicySecurityHeadersConfigArgs] = None,
                          server_timing_headers_config: Optional[ResponseHeadersPolicyServerTimingHeadersConfigArgs] = None)

func NewResponseHeadersPolicy(ctx *Context, name string, args *ResponseHeadersPolicyArgs, opts ...ResourceOption) (*ResponseHeadersPolicy, error)

public ResponseHeadersPolicy(string name, ResponseHeadersPolicyArgs? args = null, CustomResourceOptions? opts = null)

public ResponseHeadersPolicy(String name, ResponseHeadersPolicyArgs args)
public ResponseHeadersPolicy(String name, ResponseHeadersPolicyArgs args, CustomResourceOptions options)

type: aws:cloudfront:ResponseHeadersPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args ResponseHeadersPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args ResponseHeadersPolicyArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ResponseHeadersPolicyArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ResponseHeadersPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args ResponseHeadersPolicyArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

TypeScript
Python
Go
C#
Java
YAML

var responseHeadersPolicyResource = new Aws.CloudFront.ResponseHeadersPolicy("responseHeadersPolicyResource", new()
{
    Comment = "string",
    CorsConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigArgs
    {
        AccessControlAllowCredentials = false,
        AccessControlAllowHeaders = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs
        {
            Items = new[]
            {
                "string",
            },
        },
        AccessControlAllowMethods = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs
        {
            Items = new[]
            {
                "string",
            },
        },
        AccessControlAllowOrigins = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs
        {
            Items = new[]
            {
                "string",
            },
        },
        OriginOverride = false,
        AccessControlExposeHeaders = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlExposeHeadersArgs
        {
            Items = new[]
            {
                "string",
            },
        },
        AccessControlMaxAgeSec = 0,
    },
    CustomHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigArgs
    {
        Items = new[]
        {
            new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigItemArgs
            {
                Header = "string",
                Override = false,
                Value = "string",
            },
        },
    },
    Etag = "string",
    Name = "string",
    RemoveHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyRemoveHeadersConfigArgs
    {
        Items = new[]
        {
            new Aws.CloudFront.Inputs.ResponseHeadersPolicyRemoveHeadersConfigItemArgs
            {
                Header = "string",
            },
        },
    },
    SecurityHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicySecurityHeadersConfigArgs
    {
        ContentSecurityPolicy = new Aws.CloudFront.Inputs.ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicyArgs
        {
            ContentSecurityPolicy = "string",
            Override = false,
        },
        ContentTypeOptions = new Aws.CloudFront.Inputs.ResponseHeadersPolicySecurityHeadersConfigContentTypeOptionsArgs
        {
            Override = false,
        },
        FrameOptions = new Aws.CloudFront.Inputs.ResponseHeadersPolicySecurityHeadersConfigFrameOptionsArgs
        {
            FrameOption = "string",
            Override = false,
        },
        ReferrerPolicy = new Aws.CloudFront.Inputs.ResponseHeadersPolicySecurityHeadersConfigReferrerPolicyArgs
        {
            Override = false,
            ReferrerPolicy = "string",
        },
        StrictTransportSecurity = new Aws.CloudFront.Inputs.ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurityArgs
        {
            AccessControlMaxAgeSec = 0,
            Override = false,
            IncludeSubdomains = false,
            Preload = false,
        },
        XssProtection = new Aws.CloudFront.Inputs.ResponseHeadersPolicySecurityHeadersConfigXssProtectionArgs
        {
            Override = false,
            Protection = false,
            ModeBlock = false,
            ReportUri = "string",
        },
    },
    ServerTimingHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyServerTimingHeadersConfigArgs
    {
        Enabled = false,
        SamplingRate = 0,
    },
});

example, err := cloudfront.NewResponseHeadersPolicy(ctx, "responseHeadersPolicyResource", &cloudfront.ResponseHeadersPolicyArgs{
	Comment: pulumi.String("string"),
	CorsConfig: &cloudfront.ResponseHeadersPolicyCorsConfigArgs{
		AccessControlAllowCredentials: pulumi.Bool(false),
		AccessControlAllowHeaders: &cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs{
			Items: pulumi.StringArray{
				pulumi.String("string"),
			},
		},
		AccessControlAllowMethods: &cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs{
			Items: pulumi.StringArray{
				pulumi.String("string"),
			},
		},
		AccessControlAllowOrigins: &cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs{
			Items: pulumi.StringArray{
				pulumi.String("string"),
			},
		},
		OriginOverride: pulumi.Bool(false),
		AccessControlExposeHeaders: &cloudfront.ResponseHeadersPolicyCorsConfigAccessControlExposeHeadersArgs{
			Items: pulumi.StringArray{
				pulumi.String("string"),
			},
		},
		AccessControlMaxAgeSec: pulumi.Int(0),
	},
	CustomHeadersConfig: &cloudfront.ResponseHeadersPolicyCustomHeadersConfigArgs{
		Items: cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArray{
			&cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArgs{
				Header:   pulumi.String("string"),
				Override: pulumi.Bool(false),
				Value:    pulumi.String("string"),
			},
		},
	},
	Etag: pulumi.String("string"),
	Name: pulumi.String("string"),
	RemoveHeadersConfig: &cloudfront.ResponseHeadersPolicyRemoveHeadersConfigArgs{
		Items: cloudfront.ResponseHeadersPolicyRemoveHeadersConfigItemArray{
			&cloudfront.ResponseHeadersPolicyRemoveHeadersConfigItemArgs{
				Header: pulumi.String("string"),
			},
		},
	},
	SecurityHeadersConfig: &cloudfront.ResponseHeadersPolicySecurityHeadersConfigArgs{
		ContentSecurityPolicy: &cloudfront.ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicyArgs{
			ContentSecurityPolicy: pulumi.String("string"),
			Override:              pulumi.Bool(false),
		},
		ContentTypeOptions: &cloudfront.ResponseHeadersPolicySecurityHeadersConfigContentTypeOptionsArgs{
			Override: pulumi.Bool(false),
		},
		FrameOptions: &cloudfront.ResponseHeadersPolicySecurityHeadersConfigFrameOptionsArgs{
			FrameOption: pulumi.String("string"),
			Override:    pulumi.Bool(false),
		},
		ReferrerPolicy: &cloudfront.ResponseHeadersPolicySecurityHeadersConfigReferrerPolicyArgs{
			Override:       pulumi.Bool(false),
			ReferrerPolicy: pulumi.String("string"),
		},
		StrictTransportSecurity: &cloudfront.ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurityArgs{
			AccessControlMaxAgeSec: pulumi.Int(0),
			Override:               pulumi.Bool(false),
			IncludeSubdomains:      pulumi.Bool(false),
			Preload:                pulumi.Bool(false),
		},
		XssProtection: &cloudfront.ResponseHeadersPolicySecurityHeadersConfigXssProtectionArgs{
			Override:   pulumi.Bool(false),
			Protection: pulumi.Bool(false),
			ModeBlock:  pulumi.Bool(false),
			ReportUri:  pulumi.String("string"),
		},
	},
	ServerTimingHeadersConfig: &cloudfront.ResponseHeadersPolicyServerTimingHeadersConfigArgs{
		Enabled:      pulumi.Bool(false),
		SamplingRate: pulumi.Float64(0),
	},
})

var responseHeadersPolicyResource = new ResponseHeadersPolicy("responseHeadersPolicyResource", ResponseHeadersPolicyArgs.builder()
    .comment("string")
    .corsConfig(ResponseHeadersPolicyCorsConfigArgs.builder()
        .accessControlAllowCredentials(false)
        .accessControlAllowHeaders(ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs.builder()
            .items("string")
            .build())
        .accessControlAllowMethods(ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs.builder()
            .items("string")
            .build())
        .accessControlAllowOrigins(ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs.builder()
            .items("string")
            .build())
        .originOverride(false)
        .accessControlExposeHeaders(ResponseHeadersPolicyCorsConfigAccessControlExposeHeadersArgs.builder()
            .items("string")
            .build())
        .accessControlMaxAgeSec(0)
        .build())
    .customHeadersConfig(ResponseHeadersPolicyCustomHeadersConfigArgs.builder()
        .items(ResponseHeadersPolicyCustomHeadersConfigItemArgs.builder()
            .header("string")
            .override(false)
            .value("string")
            .build())
        .build())
    .etag("string")
    .name("string")
    .removeHeadersConfig(ResponseHeadersPolicyRemoveHeadersConfigArgs.builder()
        .items(ResponseHeadersPolicyRemoveHeadersConfigItemArgs.builder()
            .header("string")
            .build())
        .build())
    .securityHeadersConfig(ResponseHeadersPolicySecurityHeadersConfigArgs.builder()
        .contentSecurityPolicy(ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicyArgs.builder()
            .contentSecurityPolicy("string")
            .override(false)
            .build())
        .contentTypeOptions(ResponseHeadersPolicySecurityHeadersConfigContentTypeOptionsArgs.builder()
            .override(false)
            .build())
        .frameOptions(ResponseHeadersPolicySecurityHeadersConfigFrameOptionsArgs.builder()
            .frameOption("string")
            .override(false)
            .build())
        .referrerPolicy(ResponseHeadersPolicySecurityHeadersConfigReferrerPolicyArgs.builder()
            .override(false)
            .referrerPolicy("string")
            .build())
        .strictTransportSecurity(ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurityArgs.builder()
            .accessControlMaxAgeSec(0)
            .override(false)
            .includeSubdomains(false)
            .preload(false)
            .build())
        .xssProtection(ResponseHeadersPolicySecurityHeadersConfigXssProtectionArgs.builder()
            .override(false)
            .protection(false)
            .modeBlock(false)
            .reportUri("string")
            .build())
        .build())
    .serverTimingHeadersConfig(ResponseHeadersPolicyServerTimingHeadersConfigArgs.builder()
        .enabled(false)
        .samplingRate(0)
        .build())
    .build());

response_headers_policy_resource = aws.cloudfront.ResponseHeadersPolicy("responseHeadersPolicyResource",
    comment="string",
    cors_config={
        "access_control_allow_credentials": False,
        "access_control_allow_headers": {
            "items": ["string"],
        },
        "access_control_allow_methods": {
            "items": ["string"],
        },
        "access_control_allow_origins": {
            "items": ["string"],
        },
        "origin_override": False,
        "access_control_expose_headers": {
            "items": ["string"],
        },
        "access_control_max_age_sec": 0,
    },
    custom_headers_config={
        "items": [{
            "header": "string",
            "override": False,
            "value": "string",
        }],
    },
    etag="string",
    name="string",
    remove_headers_config={
        "items": [{
            "header": "string",
        }],
    },
    security_headers_config={
        "content_security_policy": {
            "content_security_policy": "string",
            "override": False,
        },
        "content_type_options": {
            "override": False,
        },
        "frame_options": {
            "frame_option": "string",
            "override": False,
        },
        "referrer_policy": {
            "override": False,
            "referrer_policy": "string",
        },
        "strict_transport_security": {
            "access_control_max_age_sec": 0,
            "override": False,
            "include_subdomains": False,
            "preload": False,
        },
        "xss_protection": {
            "override": False,
            "protection": False,
            "mode_block": False,
            "report_uri": "string",
        },
    },
    server_timing_headers_config={
        "enabled": False,
        "sampling_rate": 0,
    })

const responseHeadersPolicyResource = new aws.cloudfront.ResponseHeadersPolicy("responseHeadersPolicyResource", {
    comment: "string",
    corsConfig: {
        accessControlAllowCredentials: false,
        accessControlAllowHeaders: {
            items: ["string"],
        },
        accessControlAllowMethods: {
            items: ["string"],
        },
        accessControlAllowOrigins: {
            items: ["string"],
        },
        originOverride: false,
        accessControlExposeHeaders: {
            items: ["string"],
        },
        accessControlMaxAgeSec: 0,
    },
    customHeadersConfig: {
        items: [{
            header: "string",
            override: false,
            value: "string",
        }],
    },
    etag: "string",
    name: "string",
    removeHeadersConfig: {
        items: [{
            header: "string",
        }],
    },
    securityHeadersConfig: {
        contentSecurityPolicy: {
            contentSecurityPolicy: "string",
            override: false,
        },
        contentTypeOptions: {
            override: false,
        },
        frameOptions: {
            frameOption: "string",
            override: false,
        },
        referrerPolicy: {
            override: false,
            referrerPolicy: "string",
        },
        strictTransportSecurity: {
            accessControlMaxAgeSec: 0,
            override: false,
            includeSubdomains: false,
            preload: false,
        },
        xssProtection: {
            override: false,
            protection: false,
            modeBlock: false,
            reportUri: "string",
        },
    },
    serverTimingHeadersConfig: {
        enabled: false,
        samplingRate: 0,
    },
});

type: aws:cloudfront:ResponseHeadersPolicy
properties:
    comment: string
    corsConfig:
        accessControlAllowCredentials: false
        accessControlAllowHeaders:
            items:
                - string
        accessControlAllowMethods:
            items:
                - string
        accessControlAllowOrigins:
            items:
                - string
        accessControlExposeHeaders:
            items:
                - string
        accessControlMaxAgeSec: 0
        originOverride: false
    customHeadersConfig:
        items:
            - header: string
              override: false
              value: string
    etag: string
    name: string
    removeHeadersConfig:
        items:
            - header: string
    securityHeadersConfig:
        contentSecurityPolicy:
            contentSecurityPolicy: string
            override: false
        contentTypeOptions:
            override: false
        frameOptions:
            frameOption: string
            override: false
        referrerPolicy:
            override: false
            referrerPolicy: string
        strictTransportSecurity:
            accessControlMaxAgeSec: 0
            includeSubdomains: false
            override: false
            preload: false
        xssProtection:
            modeBlock: false
            override: false
            protection: false
            reportUri: string
    serverTimingHeadersConfig:
        enabled: false
        samplingRate: 0

ResponseHeadersPolicy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The ResponseHeadersPolicy resource accepts the following input properties:

Comment string: A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
CorsConfig ResponseHeadersPolicyCorsConfig: A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
CustomHeadersConfig ResponseHeadersPolicyCustomHeadersConfig: Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
Etag string: The current version of the response headers policy.
Name string: A unique name to identify the response headers policy.
RemoveHeadersConfig ResponseHeadersPolicyRemoveHeadersConfig: A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute items that contains a list of headers. See Remove Header for more information.
SecurityHeadersConfig ResponseHeadersPolicySecurityHeadersConfig: A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
ServerTimingHeadersConfig ResponseHeadersPolicyServerTimingHeadersConfig: A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

Comment string: A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
CorsConfig ResponseHeadersPolicyCorsConfigArgs: A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
CustomHeadersConfig ResponseHeadersPolicyCustomHeadersConfigArgs: Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
Etag string: The current version of the response headers policy.
Name string: A unique name to identify the response headers policy.
RemoveHeadersConfig ResponseHeadersPolicyRemoveHeadersConfigArgs: A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute items that contains a list of headers. See Remove Header for more information.
SecurityHeadersConfig ResponseHeadersPolicySecurityHeadersConfigArgs: A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
ServerTimingHeadersConfig ResponseHeadersPolicyServerTimingHeadersConfigArgs: A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

comment String: A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
corsConfig ResponseHeadersPolicyCorsConfig: A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
customHeadersConfig ResponseHeadersPolicyCustomHeadersConfig: Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
etag String: The current version of the response headers policy.
name String: A unique name to identify the response headers policy.
removeHeadersConfig ResponseHeadersPolicyRemoveHeadersConfig: A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute items that contains a list of headers. See Remove Header for more information.
securityHeadersConfig ResponseHeadersPolicySecurityHeadersConfig: A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
serverTimingHeadersConfig ResponseHeadersPolicyServerTimingHeadersConfig: A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

comment string: A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
corsConfig ResponseHeadersPolicyCorsConfig: A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
customHeadersConfig ResponseHeadersPolicyCustomHeadersConfig: Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
etag string: The current version of the response headers policy.
name string: A unique name to identify the response headers policy.
removeHeadersConfig ResponseHeadersPolicyRemoveHeadersConfig: A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute items that contains a list of headers. See Remove Header for more information.
securityHeadersConfig ResponseHeadersPolicySecurityHeadersConfig: A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
serverTimingHeadersConfig ResponseHeadersPolicyServerTimingHeadersConfig: A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

comment str: A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
cors_config ResponseHeadersPolicyCorsConfigArgs: A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
custom_headers_config ResponseHeadersPolicyCustomHeadersConfigArgs: Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
etag str: The current version of the response headers policy.
name str: A unique name to identify the response headers policy.
remove_headers_config ResponseHeadersPolicyRemoveHeadersConfigArgs: A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute items that contains a list of headers. See Remove Header for more information.
security_headers_config ResponseHeadersPolicySecurityHeadersConfigArgs: A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
server_timing_headers_config ResponseHeadersPolicyServerTimingHeadersConfigArgs: A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

comment String: A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
corsConfig Property Map: A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
customHeadersConfig Property Map: Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
etag String: The current version of the response headers policy.
name String: A unique name to identify the response headers policy.
removeHeadersConfig Property Map: A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute items that contains a list of headers. See Remove Header for more information.
securityHeadersConfig Property Map: A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
serverTimingHeadersConfig Property Map: A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

Outputs

All input properties are implicitly available as output properties. Additionally, the ResponseHeadersPolicy resource produces the following output properties:

Arn string: The response headers policy ARN.
Id string: The provider-assigned unique ID for this managed resource.

Arn string: The response headers policy ARN.
Id string: The provider-assigned unique ID for this managed resource.

arn String: The response headers policy ARN.
id String: The provider-assigned unique ID for this managed resource.

arn string: The response headers policy ARN.
id string: The provider-assigned unique ID for this managed resource.

arn str: The response headers policy ARN.
id str: The provider-assigned unique ID for this managed resource.

arn String: The response headers policy ARN.
id String: The provider-assigned unique ID for this managed resource.

Look up Existing ResponseHeadersPolicy Resource

Get an existing ResponseHeadersPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

TypeScript
Python
Go
C#
Java
YAML

public static get(name: string, id: Input<ID>, state?: ResponseHeadersPolicyState, opts?: CustomResourceOptions): ResponseHeadersPolicy

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        arn: Optional[str] = None,
        comment: Optional[str] = None,
        cors_config: Optional[ResponseHeadersPolicyCorsConfigArgs] = None,
        custom_headers_config: Optional[ResponseHeadersPolicyCustomHeadersConfigArgs] = None,
        etag: Optional[str] = None,
        name: Optional[str] = None,
        remove_headers_config: Optional[ResponseHeadersPolicyRemoveHeadersConfigArgs] = None,
        security_headers_config: Optional[ResponseHeadersPolicySecurityHeadersConfigArgs] = None,
        server_timing_headers_config: Optional[ResponseHeadersPolicyServerTimingHeadersConfigArgs] = None) -> ResponseHeadersPolicy

func GetResponseHeadersPolicy(ctx *Context, name string, id IDInput, state *ResponseHeadersPolicyState, opts ...ResourceOption) (*ResponseHeadersPolicy, error)

public static ResponseHeadersPolicy Get(string name, Input<string> id, ResponseHeadersPolicyState? state, CustomResourceOptions? opts = null)

public static ResponseHeadersPolicy get(String name, Output<String> id, ResponseHeadersPolicyState state, CustomResourceOptions options)

resources:  _:    type: aws:cloudfront:ResponseHeadersPolicy    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Arn string: The response headers policy ARN.
Comment string: A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
CorsConfig ResponseHeadersPolicyCorsConfig: A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
CustomHeadersConfig ResponseHeadersPolicyCustomHeadersConfig: Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
Etag string: The current version of the response headers policy.
Name string: A unique name to identify the response headers policy.
RemoveHeadersConfig ResponseHeadersPolicyRemoveHeadersConfig: A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute items that contains a list of headers. See Remove Header for more information.
SecurityHeadersConfig ResponseHeadersPolicySecurityHeadersConfig: A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
ServerTimingHeadersConfig ResponseHeadersPolicyServerTimingHeadersConfig: A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

Arn string: The response headers policy ARN.
Comment string: A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
CorsConfig ResponseHeadersPolicyCorsConfigArgs: A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
CustomHeadersConfig ResponseHeadersPolicyCustomHeadersConfigArgs: Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
Etag string: The current version of the response headers policy.
Name string: A unique name to identify the response headers policy.
RemoveHeadersConfig ResponseHeadersPolicyRemoveHeadersConfigArgs: A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute items that contains a list of headers. See Remove Header for more information.
SecurityHeadersConfig ResponseHeadersPolicySecurityHeadersConfigArgs: A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
ServerTimingHeadersConfig ResponseHeadersPolicyServerTimingHeadersConfigArgs: A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

arn String: The response headers policy ARN.
comment String: A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
corsConfig ResponseHeadersPolicyCorsConfig: A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
customHeadersConfig ResponseHeadersPolicyCustomHeadersConfig: Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
etag String: The current version of the response headers policy.
name String: A unique name to identify the response headers policy.
removeHeadersConfig ResponseHeadersPolicyRemoveHeadersConfig: A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute items that contains a list of headers. See Remove Header for more information.
securityHeadersConfig ResponseHeadersPolicySecurityHeadersConfig: A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
serverTimingHeadersConfig ResponseHeadersPolicyServerTimingHeadersConfig: A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

arn string: The response headers policy ARN.
comment string: A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
corsConfig ResponseHeadersPolicyCorsConfig: A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
customHeadersConfig ResponseHeadersPolicyCustomHeadersConfig: Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
etag string: The current version of the response headers policy.
name string: A unique name to identify the response headers policy.
removeHeadersConfig ResponseHeadersPolicyRemoveHeadersConfig: A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute items that contains a list of headers. See Remove Header for more information.
securityHeadersConfig ResponseHeadersPolicySecurityHeadersConfig: A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
serverTimingHeadersConfig ResponseHeadersPolicyServerTimingHeadersConfig: A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

arn str: The response headers policy ARN.
comment str: A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
cors_config ResponseHeadersPolicyCorsConfigArgs: A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
custom_headers_config ResponseHeadersPolicyCustomHeadersConfigArgs: Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
etag str: The current version of the response headers policy.
name str: A unique name to identify the response headers policy.
remove_headers_config ResponseHeadersPolicyRemoveHeadersConfigArgs: A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute items that contains a list of headers. See Remove Header for more information.
security_headers_config ResponseHeadersPolicySecurityHeadersConfigArgs: A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
server_timing_headers_config ResponseHeadersPolicyServerTimingHeadersConfigArgs: A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

arn String: The response headers policy ARN.
comment String: A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
corsConfig Property Map: A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
customHeadersConfig Property Map: Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
etag String: The current version of the response headers policy.
name String: A unique name to identify the response headers policy.
removeHeadersConfig Property Map: A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute items that contains a list of headers. See Remove Header for more information.
securityHeadersConfig Property Map: A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
serverTimingHeadersConfig Property Map: A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

Supporting Types

ResponseHeadersPolicyCorsConfig
, ResponseHeadersPolicyCorsConfigArgs

AccessControlAllowCredentials bool: A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
AccessControlAllowHeaders ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders: Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
AccessControlAllowMethods ResponseHeadersPolicyCorsConfigAccessControlAllowMethods: Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
AccessControlAllowOrigins ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins: Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
OriginOverride bool: A Boolean value that determines how CloudFront behaves for the HTTP response header.
AccessControlExposeHeaders ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders: Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
AccessControlMaxAgeSec int: A number that CloudFront uses as the value for the Access-Control-Max-Age HTTP response header.

AccessControlAllowCredentials bool: A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
AccessControlAllowHeaders ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders: Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
AccessControlAllowMethods ResponseHeadersPolicyCorsConfigAccessControlAllowMethods: Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
AccessControlAllowOrigins ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins: Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
OriginOverride bool: A Boolean value that determines how CloudFront behaves for the HTTP response header.
AccessControlExposeHeaders ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders: Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
AccessControlMaxAgeSec int: A number that CloudFront uses as the value for the Access-Control-Max-Age HTTP response header.

accessControlAllowCredentials Boolean: A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
accessControlAllowHeaders ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders: Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
accessControlAllowMethods ResponseHeadersPolicyCorsConfigAccessControlAllowMethods: Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
accessControlAllowOrigins ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins: Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
originOverride Boolean: A Boolean value that determines how CloudFront behaves for the HTTP response header.
accessControlExposeHeaders ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders: Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
accessControlMaxAgeSec Integer: A number that CloudFront uses as the value for the Access-Control-Max-Age HTTP response header.

accessControlAllowCredentials boolean: A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
accessControlAllowHeaders ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders: Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
accessControlAllowMethods ResponseHeadersPolicyCorsConfigAccessControlAllowMethods: Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
accessControlAllowOrigins ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins: Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
originOverride boolean: A Boolean value that determines how CloudFront behaves for the HTTP response header.
accessControlExposeHeaders ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders: Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
accessControlMaxAgeSec number: A number that CloudFront uses as the value for the Access-Control-Max-Age HTTP response header.

access_control_allow_credentials bool: A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
access_control_allow_headers ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders: Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
access_control_allow_methods ResponseHeadersPolicyCorsConfigAccessControlAllowMethods: Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
access_control_allow_origins ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins: Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
origin_override bool: A Boolean value that determines how CloudFront behaves for the HTTP response header.
access_control_expose_headers ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders: Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
access_control_max_age_sec int: A number that CloudFront uses as the value for the Access-Control-Max-Age HTTP response header.

accessControlAllowCredentials Boolean: A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
accessControlAllowHeaders Property Map: Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
accessControlAllowMethods Property Map: Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
accessControlAllowOrigins Property Map: Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
originOverride Boolean: A Boolean value that determines how CloudFront behaves for the HTTP response header.
accessControlExposeHeaders Property Map: Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
accessControlMaxAgeSec Number: A number that CloudFront uses as the value for the Access-Control-Max-Age HTTP response header.

ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders
, ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs

Items List<string>

Items []string

items List<String>

items string[]

items Sequence[str]

items List<String>

ResponseHeadersPolicyCorsConfigAccessControlAllowMethods
, ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs

Items List<string>

Items []string

items List<String>

items string[]

items Sequence[str]

items List<String>

ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins
, ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs

Items List<string>

Items []string

items List<String>

items string[]

items Sequence[str]

items List<String>

ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders
, ResponseHeadersPolicyCorsConfigAccessControlExposeHeadersArgs

Items List<string>

Items []string

items List<String>

items string[]

items Sequence[str]

items List<String>

ResponseHeadersPolicyCustomHeadersConfig
, ResponseHeadersPolicyCustomHeadersConfigArgs

Items List<ResponseHeadersPolicyCustomHeadersConfigItem>

Items []ResponseHeadersPolicyCustomHeadersConfigItem

items List<ResponseHeadersPolicyCustomHeadersConfigItem>

items ResponseHeadersPolicyCustomHeadersConfigItem[]

items Sequence[ResponseHeadersPolicyCustomHeadersConfigItem]

items List<Property Map>

ResponseHeadersPolicyCustomHeadersConfigItem
, ResponseHeadersPolicyCustomHeadersConfigItemArgs

Header string
Override bool
Value string: The value for the HTTP response header.

Header string
Override bool
Value string: The value for the HTTP response header.

header String
override Boolean
value String: The value for the HTTP response header.

header string
override boolean
value string: The value for the HTTP response header.

header str
override bool
value str: The value for the HTTP response header.

header String
override Boolean
value String: The value for the HTTP response header.

ResponseHeadersPolicyRemoveHeadersConfig
, ResponseHeadersPolicyRemoveHeadersConfigArgs

Items List<ResponseHeadersPolicyRemoveHeadersConfigItem>

Items []ResponseHeadersPolicyRemoveHeadersConfigItem

items List<ResponseHeadersPolicyRemoveHeadersConfigItem>

items ResponseHeadersPolicyRemoveHeadersConfigItem[]

items Sequence[ResponseHeadersPolicyRemoveHeadersConfigItem]

items List<Property Map>

ResponseHeadersPolicyRemoveHeadersConfigItem
, ResponseHeadersPolicyRemoveHeadersConfigItemArgs

Header string

Header string

header String

header string

header str

header String

ResponseHeadersPolicySecurityHeadersConfig
, ResponseHeadersPolicySecurityHeadersConfigArgs

ContentSecurityPolicy ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header. See Content Security Policy for more information.
ContentTypeOptions ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions: Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
FrameOptions ResponseHeadersPolicySecurityHeadersConfigFrameOptions: Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
ReferrerPolicy ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy: Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header’s value. See Referrer Policy for more information.
StrictTransportSecurity ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity: Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
XssProtection ResponseHeadersPolicySecurityHeadersConfigXssProtection: Determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

ContentSecurityPolicy ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header. See Content Security Policy for more information.
ContentTypeOptions ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions: Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
FrameOptions ResponseHeadersPolicySecurityHeadersConfigFrameOptions: Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
ReferrerPolicy ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy: Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header’s value. See Referrer Policy for more information.
StrictTransportSecurity ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity: Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
XssProtection ResponseHeadersPolicySecurityHeadersConfigXssProtection: Determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

contentSecurityPolicy ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header. See Content Security Policy for more information.
contentTypeOptions ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions: Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
frameOptions ResponseHeadersPolicySecurityHeadersConfigFrameOptions: Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
referrerPolicy ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy: Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header’s value. See Referrer Policy for more information.
strictTransportSecurity ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity: Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
xssProtection ResponseHeadersPolicySecurityHeadersConfigXssProtection: Determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

contentSecurityPolicy ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header. See Content Security Policy for more information.
contentTypeOptions ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions: Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
frameOptions ResponseHeadersPolicySecurityHeadersConfigFrameOptions: Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
referrerPolicy ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy: Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header’s value. See Referrer Policy for more information.
strictTransportSecurity ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity: Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
xssProtection ResponseHeadersPolicySecurityHeadersConfigXssProtection: Determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

content_security_policy ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header. See Content Security Policy for more information.
content_type_options ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions: Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
frame_options ResponseHeadersPolicySecurityHeadersConfigFrameOptions: Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
referrer_policy ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy: Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header’s value. See Referrer Policy for more information.
strict_transport_security ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity: Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
xss_protection ResponseHeadersPolicySecurityHeadersConfigXssProtection: Determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

contentSecurityPolicy Property Map: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header. See Content Security Policy for more information.
contentTypeOptions Property Map: Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
frameOptions Property Map: Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
referrerPolicy Property Map: Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header’s value. See Referrer Policy for more information.
strictTransportSecurity Property Map: Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
xssProtection Property Map: Determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy
, ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicyArgs

ContentSecurityPolicy string: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
Override bool: Whether CloudFront overrides the Content-Security-Policy HTTP response header received from the origin with the one specified in this response headers policy.

ContentSecurityPolicy string: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
Override bool: Whether CloudFront overrides the Content-Security-Policy HTTP response header received from the origin with the one specified in this response headers policy.

contentSecurityPolicy String: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
override Boolean: Whether CloudFront overrides the Content-Security-Policy HTTP response header received from the origin with the one specified in this response headers policy.

contentSecurityPolicy string: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
override boolean: Whether CloudFront overrides the Content-Security-Policy HTTP response header received from the origin with the one specified in this response headers policy.

content_security_policy str: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
override bool: Whether CloudFront overrides the Content-Security-Policy HTTP response header received from the origin with the one specified in this response headers policy.

contentSecurityPolicy String: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
override Boolean: Whether CloudFront overrides the Content-Security-Policy HTTP response header received from the origin with the one specified in this response headers policy.

ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions
, ResponseHeadersPolicySecurityHeadersConfigContentTypeOptionsArgs

Override bool: Whether CloudFront overrides the X-Content-Type-Options HTTP response header received from the origin with the one specified in this response headers policy.

Override bool: Whether CloudFront overrides the X-Content-Type-Options HTTP response header received from the origin with the one specified in this response headers policy.

override Boolean: Whether CloudFront overrides the X-Content-Type-Options HTTP response header received from the origin with the one specified in this response headers policy.

override boolean: Whether CloudFront overrides the X-Content-Type-Options HTTP response header received from the origin with the one specified in this response headers policy.

override bool: Whether CloudFront overrides the X-Content-Type-Options HTTP response header received from the origin with the one specified in this response headers policy.

override Boolean: Whether CloudFront overrides the X-Content-Type-Options HTTP response header received from the origin with the one specified in this response headers policy.

ResponseHeadersPolicySecurityHeadersConfigFrameOptions
, ResponseHeadersPolicySecurityHeadersConfigFrameOptionsArgs

FrameOption string: The value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
Override bool: Whether CloudFront overrides the X-Frame-Options HTTP response header received from the origin with the one specified in this response headers policy.

FrameOption string: The value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
Override bool: Whether CloudFront overrides the X-Frame-Options HTTP response header received from the origin with the one specified in this response headers policy.

frameOption String: The value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
override Boolean: Whether CloudFront overrides the X-Frame-Options HTTP response header received from the origin with the one specified in this response headers policy.

frameOption string: The value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
override boolean: Whether CloudFront overrides the X-Frame-Options HTTP response header received from the origin with the one specified in this response headers policy.

frame_option str: The value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
override bool: Whether CloudFront overrides the X-Frame-Options HTTP response header received from the origin with the one specified in this response headers policy.

frameOption String: The value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
override Boolean: Whether CloudFront overrides the X-Frame-Options HTTP response header received from the origin with the one specified in this response headers policy.

ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy
, ResponseHeadersPolicySecurityHeadersConfigReferrerPolicyArgs

Override bool: Whether CloudFront overrides the Referrer-Policy HTTP response header received from the origin with the one specified in this response headers policy.
ReferrerPolicy string: The value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

Override bool: Whether CloudFront overrides the Referrer-Policy HTTP response header received from the origin with the one specified in this response headers policy.
ReferrerPolicy string: The value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

override Boolean: Whether CloudFront overrides the Referrer-Policy HTTP response header received from the origin with the one specified in this response headers policy.
referrerPolicy String: The value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

override boolean: Whether CloudFront overrides the Referrer-Policy HTTP response header received from the origin with the one specified in this response headers policy.
referrerPolicy string: The value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

override bool: Whether CloudFront overrides the Referrer-Policy HTTP response header received from the origin with the one specified in this response headers policy.
referrer_policy str: The value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

override Boolean: Whether CloudFront overrides the Referrer-Policy HTTP response header received from the origin with the one specified in this response headers policy.
referrerPolicy String: The value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity
, ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurityArgs

AccessControlMaxAgeSec int: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
Override bool: Whether CloudFront overrides the Strict-Transport-Security HTTP response header received from the origin with the one specified in this response headers policy.
IncludeSubdomains bool: Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
Preload bool: Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

AccessControlMaxAgeSec int: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
Override bool: Whether CloudFront overrides the Strict-Transport-Security HTTP response header received from the origin with the one specified in this response headers policy.
IncludeSubdomains bool: Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
Preload bool: Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

accessControlMaxAgeSec Integer: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
override Boolean: Whether CloudFront overrides the Strict-Transport-Security HTTP response header received from the origin with the one specified in this response headers policy.
includeSubdomains Boolean: Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
preload Boolean: Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

accessControlMaxAgeSec number: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
override boolean: Whether CloudFront overrides the Strict-Transport-Security HTTP response header received from the origin with the one specified in this response headers policy.
includeSubdomains boolean: Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
preload boolean: Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

access_control_max_age_sec int: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
override bool: Whether CloudFront overrides the Strict-Transport-Security HTTP response header received from the origin with the one specified in this response headers policy.
include_subdomains bool: Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
preload bool: Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

accessControlMaxAgeSec Number: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
override Boolean: Whether CloudFront overrides the Strict-Transport-Security HTTP response header received from the origin with the one specified in this response headers policy.
includeSubdomains Boolean: Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
preload Boolean: Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

ResponseHeadersPolicySecurityHeadersConfigXssProtection
, ResponseHeadersPolicySecurityHeadersConfigXssProtectionArgs

Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
Protection bool: A Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
ModeBlock bool: Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
ReportUri string: A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header. You cannot specify a report_uri when mode_block is true.

Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
Protection bool: A Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
ModeBlock bool: Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
ReportUri string: A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header. You cannot specify a report_uri when mode_block is true.

override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
protection Boolean: A Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
modeBlock Boolean: Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
reportUri String: A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header. You cannot specify a report_uri when mode_block is true.

override boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
protection boolean: A Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
modeBlock boolean: Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
reportUri string: A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header. You cannot specify a report_uri when mode_block is true.

override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
protection bool: A Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
mode_block bool: Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
report_uri str: A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header. You cannot specify a report_uri when mode_block is true.

override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
protection Boolean: A Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
modeBlock Boolean: Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
reportUri String: A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header. You cannot specify a report_uri when mode_block is true.

ResponseHeadersPolicyServerTimingHeadersConfig
, ResponseHeadersPolicyServerTimingHeadersConfigArgs

Enabled bool: A Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
SamplingRate double: A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. Valid range: Minimum value of 0.0. Maximum value of 100.0.

Enabled bool: A Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
SamplingRate float64: A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. Valid range: Minimum value of 0.0. Maximum value of 100.0.

enabled Boolean: A Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
samplingRate Double: A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. Valid range: Minimum value of 0.0. Maximum value of 100.0.

enabled boolean: A Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
samplingRate number: A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. Valid range: Minimum value of 0.0. Maximum value of 100.0.

enabled bool: A Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
sampling_rate float: A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. Valid range: Minimum value of 0.0. Maximum value of 100.0.

enabled Boolean: A Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
samplingRate Number: A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. Valid range: Minimum value of 0.0. Maximum value of 100.0.

Import

Using pulumi import, import Cloudfront Response Headers Policies using the id. For example:

$ pulumi import aws:cloudfront/responseHeadersPolicy:ResponseHeadersPolicy policy 658327ea-f89d-4fab-a63d-7e88639e58f9

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: AWS Classic pulumi/pulumi-aws
License: Apache-2.0
Notes: This Pulumi package is based on the aws Terraform Provider.

AWS v6.74.0 published on Wednesday, Mar 26, 2025 by Pulumi

pulumi/pulumi-aws

aws.cloudfront.ResponseHeadersPolicy

On this page

On this page

Example Usage

Create ResponseHeadersPolicy Resource

Constructor syntax

Parameters

Constructor example

ResponseHeadersPolicy Resource Properties

Inputs

Outputs

Look up Existing ResponseHeadersPolicy Resource

Supporting Types

ResponseHeadersPolicyCorsConfig
, ResponseHeadersPolicyCorsConfigArgs

ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders
, ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs

ResponseHeadersPolicyCorsConfigAccessControlAllowMethods
, ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs

ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins
, ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs

ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders
, ResponseHeadersPolicyCorsConfigAccessControlExposeHeadersArgs

ResponseHeadersPolicyCustomHeadersConfig
, ResponseHeadersPolicyCustomHeadersConfigArgs

ResponseHeadersPolicyCustomHeadersConfigItem
, ResponseHeadersPolicyCustomHeadersConfigItemArgs

ResponseHeadersPolicyRemoveHeadersConfig
, ResponseHeadersPolicyRemoveHeadersConfigArgs

ResponseHeadersPolicyRemoveHeadersConfigItem
, ResponseHeadersPolicyRemoveHeadersConfigItemArgs

ResponseHeadersPolicySecurityHeadersConfig
, ResponseHeadersPolicySecurityHeadersConfigArgs

ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy
, ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicyArgs

ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions
, ResponseHeadersPolicySecurityHeadersConfigContentTypeOptionsArgs

ResponseHeadersPolicySecurityHeadersConfigFrameOptions
, ResponseHeadersPolicySecurityHeadersConfigFrameOptionsArgs

ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy
, ResponseHeadersPolicySecurityHeadersConfigReferrerPolicyArgs

ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity
, ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurityArgs

ResponseHeadersPolicySecurityHeadersConfigXssProtection
, ResponseHeadersPolicySecurityHeadersConfigXssProtectionArgs

ResponseHeadersPolicyServerTimingHeadersConfig
, ResponseHeadersPolicyServerTimingHeadersConfigArgs

Import

Package Details

On this page

On this page

aws.cloudfront.ResponseHeadersPolicy

On this page

On this page

Example Usage

Create ResponseHeadersPolicy Resource

Constructor syntax

Parameters

Constructor example

ResponseHeadersPolicy Resource Properties

Inputs

Outputs

Look up Existing ResponseHeadersPolicy Resource

Supporting Types

ResponseHeadersPolicyCorsConfig, ResponseHeadersPolicyCorsConfigArgs

ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders, ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs

ResponseHeadersPolicyCorsConfigAccessControlAllowMethods, ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs

ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins, ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs

ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders, ResponseHeadersPolicyCorsConfigAccessControlExposeHeadersArgs

ResponseHeadersPolicyCustomHeadersConfig, ResponseHeadersPolicyCustomHeadersConfigArgs

ResponseHeadersPolicyCustomHeadersConfigItem, ResponseHeadersPolicyCustomHeadersConfigItemArgs

ResponseHeadersPolicyRemoveHeadersConfig, ResponseHeadersPolicyRemoveHeadersConfigArgs

ResponseHeadersPolicyRemoveHeadersConfigItem, ResponseHeadersPolicyRemoveHeadersConfigItemArgs

ResponseHeadersPolicySecurityHeadersConfig, ResponseHeadersPolicySecurityHeadersConfigArgs

ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy, ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicyArgs

ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions, ResponseHeadersPolicySecurityHeadersConfigContentTypeOptionsArgs

ResponseHeadersPolicySecurityHeadersConfigFrameOptions, ResponseHeadersPolicySecurityHeadersConfigFrameOptionsArgs

ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy, ResponseHeadersPolicySecurityHeadersConfigReferrerPolicyArgs

ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity, ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurityArgs

ResponseHeadersPolicySecurityHeadersConfigXssProtection, ResponseHeadersPolicySecurityHeadersConfigXssProtectionArgs

ResponseHeadersPolicyServerTimingHeadersConfig, ResponseHeadersPolicyServerTimingHeadersConfigArgs

Import

Package Details

On this page

On this page

ResponseHeadersPolicyCorsConfig
, ResponseHeadersPolicyCorsConfigArgs

ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders
, ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs

ResponseHeadersPolicyCorsConfigAccessControlAllowMethods
, ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs

ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins
, ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs

ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders
, ResponseHeadersPolicyCorsConfigAccessControlExposeHeadersArgs

ResponseHeadersPolicyCustomHeadersConfig
, ResponseHeadersPolicyCustomHeadersConfigArgs

ResponseHeadersPolicyCustomHeadersConfigItem
, ResponseHeadersPolicyCustomHeadersConfigItemArgs

ResponseHeadersPolicyRemoveHeadersConfig
, ResponseHeadersPolicyRemoveHeadersConfigArgs

ResponseHeadersPolicyRemoveHeadersConfigItem
, ResponseHeadersPolicyRemoveHeadersConfigItemArgs

ResponseHeadersPolicySecurityHeadersConfig
, ResponseHeadersPolicySecurityHeadersConfigArgs

ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy
, ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicyArgs

ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions
, ResponseHeadersPolicySecurityHeadersConfigContentTypeOptionsArgs

ResponseHeadersPolicySecurityHeadersConfigFrameOptions
, ResponseHeadersPolicySecurityHeadersConfigFrameOptionsArgs

ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy
, ResponseHeadersPolicySecurityHeadersConfigReferrerPolicyArgs

ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity
, ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurityArgs

ResponseHeadersPolicySecurityHeadersConfigXssProtection
, ResponseHeadersPolicySecurityHeadersConfigXssProtectionArgs

ResponseHeadersPolicyServerTimingHeadersConfig
, ResponseHeadersPolicyServerTimingHeadersConfigArgs