Docs Packages
  1. Packages
  2. AWS Native
  3. API Docs
  4. cloudfront
  5. ResponseHeadersPolicy

AWS Native is in preview. AWS Classic is fully supported.

AWS Native v0.109.0 published on Wednesday, Jun 26, 2024 by Pulumi
pulumi/pulumi-aws-native

aws-native.cloudfront.ResponseHeadersPolicy

Explore with Pulumi AI

aws-native logo

AWS Native is in preview. AWS Classic is fully supported.

AWS Native v0.109.0 published on Wednesday, Jun 26, 2024 by Pulumi
pulumi/pulumi-aws-native

    Resource Type definition for AWS::CloudFront::ResponseHeadersPolicy

    Create ResponseHeadersPolicy Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new ResponseHeadersPolicy(name: string, args: ResponseHeadersPolicyArgs, opts?: CustomResourceOptions);
    @overload
def ResponseHeadersPolicy(resource_name: str,
                          args: ResponseHeadersPolicyArgs,
                          opts: Optional[ResourceOptions] = None)

@overload
def ResponseHeadersPolicy(resource_name: str,
                          opts: Optional[ResourceOptions] = None,
                          response_headers_policy_config: Optional[ResponseHeadersPolicyConfigArgs] = None)
    func NewResponseHeadersPolicy(ctx *Context, name string, args ResponseHeadersPolicyArgs, opts ...ResourceOption) (*ResponseHeadersPolicy, error)
    public ResponseHeadersPolicy(string name, ResponseHeadersPolicyArgs args, CustomResourceOptions? opts = null)
    public ResponseHeadersPolicy(String name, ResponseHeadersPolicyArgs args)
public ResponseHeadersPolicy(String name, ResponseHeadersPolicyArgs args, CustomResourceOptions options)

    type: aws-native:cloudfront:ResponseHeadersPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

    Parameters

    name string
    The unique name of the resource.
    args ResponseHeadersPolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args ResponseHeadersPolicyArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args ResponseHeadersPolicyArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args ResponseHeadersPolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args ResponseHeadersPolicyArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    ResponseHeadersPolicy Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The ResponseHeadersPolicy resource accepts the following input properties:

    ResponseHeadersPolicyConfig ResponseHeadersPolicyConfigArgs
    A response headers policy configuration.
    responseHeadersPolicyConfig ResponseHeadersPolicyConfig
    A response headers policy configuration.
    responseHeadersPolicyConfig ResponseHeadersPolicyConfig
    A response headers policy configuration.
    response_headers_policy_config ResponseHeadersPolicyConfigArgs
    A response headers policy configuration.
    responseHeadersPolicyConfig Property Map
    A response headers policy configuration.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the ResponseHeadersPolicy resource produces the following output properties:

    AwsId string
    The unique identifier for the response headers policy. For example: 57f99797-3b20-4e1b-a728-27972a74082a .
    Id string
    The provider-assigned unique ID for this managed resource.
    LastModifiedTime string
    The date and time when the response headers policy was last modified.
    AwsId string
    The unique identifier for the response headers policy. For example: 57f99797-3b20-4e1b-a728-27972a74082a .
    Id string
    The provider-assigned unique ID for this managed resource.
    LastModifiedTime string
    The date and time when the response headers policy was last modified.
    awsId String
    The unique identifier for the response headers policy. For example: 57f99797-3b20-4e1b-a728-27972a74082a .
    id String
    The provider-assigned unique ID for this managed resource.
    lastModifiedTime String
    The date and time when the response headers policy was last modified.
    awsId string
    The unique identifier for the response headers policy. For example: 57f99797-3b20-4e1b-a728-27972a74082a .
    id string
    The provider-assigned unique ID for this managed resource.
    lastModifiedTime string
    The date and time when the response headers policy was last modified.
    aws_id str
    The unique identifier for the response headers policy. For example: 57f99797-3b20-4e1b-a728-27972a74082a .
    id str
    The provider-assigned unique ID for this managed resource.
    last_modified_time str
    The date and time when the response headers policy was last modified.
    awsId String
    The unique identifier for the response headers policy. For example: 57f99797-3b20-4e1b-a728-27972a74082a .
    id String
    The provider-assigned unique ID for this managed resource.
    lastModifiedTime String
    The date and time when the response headers policy was last modified.

    Supporting Types

    ResponseHeadersPolicyAccessControlAllowHeaders, ResponseHeadersPolicyAccessControlAllowHeadersArgs

    Items List<string>
    The list of HTTP header names. You can specify * to allow all headers.
    Items []string
    The list of HTTP header names. You can specify * to allow all headers.
    items List<String>
    The list of HTTP header names. You can specify * to allow all headers.
    items string[]
    The list of HTTP header names. You can specify * to allow all headers.
    items Sequence[str]
    The list of HTTP header names. You can specify * to allow all headers.
    items List<String>
    The list of HTTP header names. You can specify * to allow all headers.

    ResponseHeadersPolicyAccessControlAllowMethods, ResponseHeadersPolicyAccessControlAllowMethodsArgs

    Items List<string>

    The list of HTTP methods. Valid values are:

    • GET
    • DELETE
    • HEAD
    • OPTIONS
    • PATCH
    • POST
    • PUT
    • ALL

    ALL is a special value that includes all of the listed HTTP methods.

    Items []string

    The list of HTTP methods. Valid values are:

    • GET
    • DELETE
    • HEAD
    • OPTIONS
    • PATCH
    • POST
    • PUT
    • ALL

    ALL is a special value that includes all of the listed HTTP methods.

    items List<String>

    The list of HTTP methods. Valid values are:

    • GET
    • DELETE
    • HEAD
    • OPTIONS
    • PATCH
    • POST
    • PUT
    • ALL

    ALL is a special value that includes all of the listed HTTP methods.

    items string[]

    The list of HTTP methods. Valid values are:

    • GET
    • DELETE
    • HEAD
    • OPTIONS
    • PATCH
    • POST
    • PUT
    • ALL

    ALL is a special value that includes all of the listed HTTP methods.

    items Sequence[str]

    The list of HTTP methods. Valid values are:

    • GET
    • DELETE
    • HEAD
    • OPTIONS
    • PATCH
    • POST
    • PUT
    • ALL

    ALL is a special value that includes all of the listed HTTP methods.

    items List<String>

    The list of HTTP methods. Valid values are:

    • GET
    • DELETE
    • HEAD
    • OPTIONS
    • PATCH
    • POST
    • PUT
    • ALL

    ALL is a special value that includes all of the listed HTTP methods.

    ResponseHeadersPolicyAccessControlAllowOrigins, ResponseHeadersPolicyAccessControlAllowOriginsArgs

    Items List<string>
    The list of origins (domain names). You can specify * to allow all origins.
    Items []string
    The list of origins (domain names). You can specify * to allow all origins.
    items List<String>
    The list of origins (domain names). You can specify * to allow all origins.
    items string[]
    The list of origins (domain names). You can specify * to allow all origins.
    items Sequence[str]
    The list of origins (domain names). You can specify * to allow all origins.
    items List<String>
    The list of origins (domain names). You can specify * to allow all origins.

    ResponseHeadersPolicyAccessControlExposeHeaders, ResponseHeadersPolicyAccessControlExposeHeadersArgs

    Items List<string>
    The list of HTTP headers. You can specify * to expose all headers.
    Items []string
    The list of HTTP headers. You can specify * to expose all headers.
    items List<String>
    The list of HTTP headers. You can specify * to expose all headers.
    items string[]
    The list of HTTP headers. You can specify * to expose all headers.
    items Sequence[str]
    The list of HTTP headers. You can specify * to expose all headers.
    items List<String>
    The list of HTTP headers. You can specify * to expose all headers.

    ResponseHeadersPolicyConfig, ResponseHeadersPolicyConfigArgs

    Name string

    A name to identify the response headers policy.

    The name must be unique for response headers policies in this AWS account .

    Comment string

    A comment to describe the response headers policy.

    The comment cannot be longer than 128 characters.

    CorsConfig Pulumi.AwsNative.CloudFront.Inputs.ResponseHeadersPolicyCorsConfig
    A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS).
    CustomHeadersConfig Pulumi.AwsNative.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfig
    A configuration for a set of custom HTTP response headers.
    RemoveHeadersConfig Pulumi.AwsNative.CloudFront.Inputs.ResponseHeadersPolicyRemoveHeadersConfig
    A configuration for a set of HTTP headers to remove from the HTTP response.
    SecurityHeadersConfig Pulumi.AwsNative.CloudFront.Inputs.ResponseHeadersPolicySecurityHeadersConfig
    A configuration for a set of security-related HTTP response headers.
    ServerTimingHeadersConfig Pulumi.AwsNative.CloudFront.Inputs.ResponseHeadersPolicyServerTimingHeadersConfig
    A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront.
    Name string

    A name to identify the response headers policy.

    The name must be unique for response headers policies in this AWS account .

    Comment string

    A comment to describe the response headers policy.

    The comment cannot be longer than 128 characters.

    CorsConfig ResponseHeadersPolicyCorsConfig
    A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS).
    CustomHeadersConfig ResponseHeadersPolicyCustomHeadersConfig
    A configuration for a set of custom HTTP response headers.
    RemoveHeadersConfig ResponseHeadersPolicyRemoveHeadersConfig
    A configuration for a set of HTTP headers to remove from the HTTP response.
    SecurityHeadersConfig ResponseHeadersPolicySecurityHeadersConfig
    A configuration for a set of security-related HTTP response headers.
    ServerTimingHeadersConfig ResponseHeadersPolicyServerTimingHeadersConfig
    A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront.
    name String

    A name to identify the response headers policy.

    The name must be unique for response headers policies in this AWS account .

    comment String

    A comment to describe the response headers policy.

    The comment cannot be longer than 128 characters.

    corsConfig ResponseHeadersPolicyCorsConfig
    A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS).
    customHeadersConfig ResponseHeadersPolicyCustomHeadersConfig
    A configuration for a set of custom HTTP response headers.
    removeHeadersConfig ResponseHeadersPolicyRemoveHeadersConfig
    A configuration for a set of HTTP headers to remove from the HTTP response.
    securityHeadersConfig ResponseHeadersPolicySecurityHeadersConfig
    A configuration for a set of security-related HTTP response headers.
    serverTimingHeadersConfig ResponseHeadersPolicyServerTimingHeadersConfig
    A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront.
    name string

    A name to identify the response headers policy.

    The name must be unique for response headers policies in this AWS account .

    comment string

    A comment to describe the response headers policy.

    The comment cannot be longer than 128 characters.

    corsConfig ResponseHeadersPolicyCorsConfig
    A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS).
    customHeadersConfig ResponseHeadersPolicyCustomHeadersConfig
    A configuration for a set of custom HTTP response headers.
    removeHeadersConfig ResponseHeadersPolicyRemoveHeadersConfig
    A configuration for a set of HTTP headers to remove from the HTTP response.
    securityHeadersConfig ResponseHeadersPolicySecurityHeadersConfig
    A configuration for a set of security-related HTTP response headers.
    serverTimingHeadersConfig ResponseHeadersPolicyServerTimingHeadersConfig
    A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront.
    name str

    A name to identify the response headers policy.

    The name must be unique for response headers policies in this AWS account .

    comment str

    A comment to describe the response headers policy.

    The comment cannot be longer than 128 characters.

    cors_config ResponseHeadersPolicyCorsConfig
    A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS).
    custom_headers_config ResponseHeadersPolicyCustomHeadersConfig
    A configuration for a set of custom HTTP response headers.
    remove_headers_config ResponseHeadersPolicyRemoveHeadersConfig
    A configuration for a set of HTTP headers to remove from the HTTP response.
    security_headers_config ResponseHeadersPolicySecurityHeadersConfig
    A configuration for a set of security-related HTTP response headers.
    server_timing_headers_config ResponseHeadersPolicyServerTimingHeadersConfig
    A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront.
    name String

    A name to identify the response headers policy.

    The name must be unique for response headers policies in this AWS account .

    comment String

    A comment to describe the response headers policy.

    The comment cannot be longer than 128 characters.

    corsConfig Property Map
    A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS).
    customHeadersConfig Property Map
    A configuration for a set of custom HTTP response headers.
    removeHeadersConfig Property Map
    A configuration for a set of HTTP headers to remove from the HTTP response.
    securityHeadersConfig Property Map
    A configuration for a set of security-related HTTP response headers.
    serverTimingHeadersConfig Property Map
    A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront.

    ResponseHeadersPolicyContentSecurityPolicy, ResponseHeadersPolicyContentSecurityPolicyArgs

    ContentSecurityPolicy string
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
    Override bool
    A Boolean that determines whether CloudFront overrides the Content-Security-Policy HTTP response header received from the origin with the one specified in this response headers policy.
    ContentSecurityPolicy string
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
    Override bool
    A Boolean that determines whether CloudFront overrides the Content-Security-Policy HTTP response header received from the origin with the one specified in this response headers policy.
    contentSecurityPolicy String
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
    override Boolean
    A Boolean that determines whether CloudFront overrides the Content-Security-Policy HTTP response header received from the origin with the one specified in this response headers policy.
    contentSecurityPolicy string
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
    override boolean
    A Boolean that determines whether CloudFront overrides the Content-Security-Policy HTTP response header received from the origin with the one specified in this response headers policy.
    content_security_policy str
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
    override bool
    A Boolean that determines whether CloudFront overrides the Content-Security-Policy HTTP response header received from the origin with the one specified in this response headers policy.
    contentSecurityPolicy String
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
    override Boolean
    A Boolean that determines whether CloudFront overrides the Content-Security-Policy HTTP response header received from the origin with the one specified in this response headers policy.

    ResponseHeadersPolicyContentTypeOptions, ResponseHeadersPolicyContentTypeOptionsArgs

    Override bool
    A Boolean that determines whether CloudFront overrides the X-Content-Type-Options HTTP response header received from the origin with the one specified in this response headers policy.
    Override bool
    A Boolean that determines whether CloudFront overrides the X-Content-Type-Options HTTP response header received from the origin with the one specified in this response headers policy.
    override Boolean
    A Boolean that determines whether CloudFront overrides the X-Content-Type-Options HTTP response header received from the origin with the one specified in this response headers policy.
    override boolean
    A Boolean that determines whether CloudFront overrides the X-Content-Type-Options HTTP response header received from the origin with the one specified in this response headers policy.
    override bool
    A Boolean that determines whether CloudFront overrides the X-Content-Type-Options HTTP response header received from the origin with the one specified in this response headers policy.
    override Boolean
    A Boolean that determines whether CloudFront overrides the X-Content-Type-Options HTTP response header received from the origin with the one specified in this response headers policy.

    ResponseHeadersPolicyCorsConfig, ResponseHeadersPolicyCorsConfigArgs

    AccessControlAllowCredentials bool

    A Boolean that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.

    For more information about the Access-Control-Allow-Credentials HTTP response header, see Access-Control-Allow-Credentials in the MDN Web Docs.

    AccessControlAllowHeaders Pulumi.AwsNative.CloudFront.Inputs.ResponseHeadersPolicyAccessControlAllowHeaders

    A list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.

    For more information about the Access-Control-Allow-Headers HTTP response header, see Access-Control-Allow-Headers in the MDN Web Docs.

    AccessControlAllowMethods Pulumi.AwsNative.CloudFront.Inputs.ResponseHeadersPolicyAccessControlAllowMethods

    A list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header.

    For more information about the Access-Control-Allow-Methods HTTP response header, see Access-Control-Allow-Methods in the MDN Web Docs.

    AccessControlAllowOrigins Pulumi.AwsNative.CloudFront.Inputs.ResponseHeadersPolicyAccessControlAllowOrigins

    A list of origins (domain names) that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.

    For more information about the Access-Control-Allow-Origin HTTP response header, see Access-Control-Allow-Origin in the MDN Web Docs.

    OriginOverride bool
    A Boolean that determines whether CloudFront overrides HTTP response headers received from the origin with the ones specified in this response headers policy.
    AccessControlExposeHeaders Pulumi.AwsNative.CloudFront.Inputs.ResponseHeadersPolicyAccessControlExposeHeaders

    A list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.

    For more information about the Access-Control-Expose-Headers HTTP response header, see Access-Control-Expose-Headers in the MDN Web Docs.

    AccessControlMaxAgeSec int

    A number that CloudFront uses as the value for the Access-Control-Max-Age HTTP response header.

    For more information about the Access-Control-Max-Age HTTP response header, see Access-Control-Max-Age in the MDN Web Docs.

    AccessControlAllowCredentials bool

    A Boolean that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.

    For more information about the Access-Control-Allow-Credentials HTTP response header, see Access-Control-Allow-Credentials in the MDN Web Docs.

    AccessControlAllowHeaders ResponseHeadersPolicyAccessControlAllowHeaders

    A list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.

    For more information about the Access-Control-Allow-Headers HTTP response header, see Access-Control-Allow-Headers in the MDN Web Docs.

    AccessControlAllowMethods ResponseHeadersPolicyAccessControlAllowMethods

    A list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header.

    For more information about the Access-Control-Allow-Methods HTTP response header, see Access-Control-Allow-Methods in the MDN Web Docs.

    AccessControlAllowOrigins ResponseHeadersPolicyAccessControlAllowOrigins

    A list of origins (domain names) that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.

    For more information about the Access-Control-Allow-Origin HTTP response header, see Access-Control-Allow-Origin in the MDN Web Docs.

    OriginOverride bool
    A Boolean that determines whether CloudFront overrides HTTP response headers received from the origin with the ones specified in this response headers policy.
    AccessControlExposeHeaders ResponseHeadersPolicyAccessControlExposeHeaders

    A list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.

    For more information about the Access-Control-Expose-Headers HTTP response header, see Access-Control-Expose-Headers in the MDN Web Docs.

    AccessControlMaxAgeSec int

    A number that CloudFront uses as the value for the Access-Control-Max-Age HTTP response header.

    For more information about the Access-Control-Max-Age HTTP response header, see Access-Control-Max-Age in the MDN Web Docs.

    accessControlAllowCredentials Boolean

    A Boolean that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.

    For more information about the Access-Control-Allow-Credentials HTTP response header, see Access-Control-Allow-Credentials in the MDN Web Docs.

    accessControlAllowHeaders ResponseHeadersPolicyAccessControlAllowHeaders

    A list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.

    For more information about the Access-Control-Allow-Headers HTTP response header, see Access-Control-Allow-Headers in the MDN Web Docs.

    accessControlAllowMethods ResponseHeadersPolicyAccessControlAllowMethods

    A list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header.

    For more information about the Access-Control-Allow-Methods HTTP response header, see Access-Control-Allow-Methods in the MDN Web Docs.

    accessControlAllowOrigins ResponseHeadersPolicyAccessControlAllowOrigins

    A list of origins (domain names) that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.

    For more information about the Access-Control-Allow-Origin HTTP response header, see Access-Control-Allow-Origin in the MDN Web Docs.

    originOverride Boolean
    A Boolean that determines whether CloudFront overrides HTTP response headers received from the origin with the ones specified in this response headers policy.
    accessControlExposeHeaders ResponseHeadersPolicyAccessControlExposeHeaders

    A list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.

    For more information about the Access-Control-Expose-Headers HTTP response header, see Access-Control-Expose-Headers in the MDN Web Docs.

    accessControlMaxAgeSec Integer

    A number that CloudFront uses as the value for the Access-Control-Max-Age HTTP response header.

    For more information about the Access-Control-Max-Age HTTP response header, see Access-Control-Max-Age in the MDN Web Docs.

    accessControlAllowCredentials boolean

    A Boolean that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.

    For more information about the Access-Control-Allow-Credentials HTTP response header, see Access-Control-Allow-Credentials in the MDN Web Docs.

    accessControlAllowHeaders ResponseHeadersPolicyAccessControlAllowHeaders

    A list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.

    For more information about the Access-Control-Allow-Headers HTTP response header, see Access-Control-Allow-Headers in the MDN Web Docs.

    accessControlAllowMethods ResponseHeadersPolicyAccessControlAllowMethods

    A list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header.

    For more information about the Access-Control-Allow-Methods HTTP response header, see Access-Control-Allow-Methods in the MDN Web Docs.

    accessControlAllowOrigins ResponseHeadersPolicyAccessControlAllowOrigins

    A list of origins (domain names) that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.

    For more information about the Access-Control-Allow-Origin HTTP response header, see Access-Control-Allow-Origin in the MDN Web Docs.

    originOverride boolean
    A Boolean that determines whether CloudFront overrides HTTP response headers received from the origin with the ones specified in this response headers policy.
    accessControlExposeHeaders ResponseHeadersPolicyAccessControlExposeHeaders

    A list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.

    For more information about the Access-Control-Expose-Headers HTTP response header, see Access-Control-Expose-Headers in the MDN Web Docs.

    accessControlMaxAgeSec number

    A number that CloudFront uses as the value for the Access-Control-Max-Age HTTP response header.

    For more information about the Access-Control-Max-Age HTTP response header, see Access-Control-Max-Age in the MDN Web Docs.

    access_control_allow_credentials bool

    A Boolean that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.

    For more information about the Access-Control-Allow-Credentials HTTP response header, see Access-Control-Allow-Credentials in the MDN Web Docs.

    access_control_allow_headers ResponseHeadersPolicyAccessControlAllowHeaders

    A list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.

    For more information about the Access-Control-Allow-Headers HTTP response header, see Access-Control-Allow-Headers in the MDN Web Docs.

    access_control_allow_methods ResponseHeadersPolicyAccessControlAllowMethods

    A list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header.

    For more information about the Access-Control-Allow-Methods HTTP response header, see Access-Control-Allow-Methods in the MDN Web Docs.

    access_control_allow_origins ResponseHeadersPolicyAccessControlAllowOrigins

    A list of origins (domain names) that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.

    For more information about the Access-Control-Allow-Origin HTTP response header, see Access-Control-Allow-Origin in the MDN Web Docs.

    origin_override bool
    A Boolean that determines whether CloudFront overrides HTTP response headers received from the origin with the ones specified in this response headers policy.
    access_control_expose_headers ResponseHeadersPolicyAccessControlExposeHeaders

    A list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.

    For more information about the Access-Control-Expose-Headers HTTP response header, see Access-Control-Expose-Headers in the MDN Web Docs.

    access_control_max_age_sec int

    A number that CloudFront uses as the value for the Access-Control-Max-Age HTTP response header.

    For more information about the Access-Control-Max-Age HTTP response header, see Access-Control-Max-Age in the MDN Web Docs.

    accessControlAllowCredentials Boolean

    A Boolean that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.

    For more information about the Access-Control-Allow-Credentials HTTP response header, see Access-Control-Allow-Credentials in the MDN Web Docs.

    accessControlAllowHeaders Property Map

    A list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.

    For more information about the Access-Control-Allow-Headers HTTP response header, see Access-Control-Allow-Headers in the MDN Web Docs.

    accessControlAllowMethods Property Map

    A list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header.

    For more information about the Access-Control-Allow-Methods HTTP response header, see Access-Control-Allow-Methods in the MDN Web Docs.

    accessControlAllowOrigins Property Map

    A list of origins (domain names) that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.

    For more information about the Access-Control-Allow-Origin HTTP response header, see Access-Control-Allow-Origin in the MDN Web Docs.

    originOverride Boolean
    A Boolean that determines whether CloudFront overrides HTTP response headers received from the origin with the ones specified in this response headers policy.
    accessControlExposeHeaders Property Map

    A list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.

    For more information about the Access-Control-Expose-Headers HTTP response header, see Access-Control-Expose-Headers in the MDN Web Docs.

    accessControlMaxAgeSec Number

    A number that CloudFront uses as the value for the Access-Control-Max-Age HTTP response header.

    For more information about the Access-Control-Max-Age HTTP response header, see Access-Control-Max-Age in the MDN Web Docs.

    ResponseHeadersPolicyCustomHeader, ResponseHeadersPolicyCustomHeaderArgs

    Header string
    The HTTP response header name.
    Override bool
    A Boolean that determines whether CloudFront overrides a response header with the same name received from the origin with the header specified here.
    Value string
    The value for the HTTP response header.
    Header string
    The HTTP response header name.
    Override bool
    A Boolean that determines whether CloudFront overrides a response header with the same name received from the origin with the header specified here.
    Value string
    The value for the HTTP response header.
    header String
    The HTTP response header name.
    override Boolean
    A Boolean that determines whether CloudFront overrides a response header with the same name received from the origin with the header specified here.
    value String
    The value for the HTTP response header.
    header string
    The HTTP response header name.
    override boolean
    A Boolean that determines whether CloudFront overrides a response header with the same name received from the origin with the header specified here.
    value string
    The value for the HTTP response header.
    header str
    The HTTP response header name.
    override bool
    A Boolean that determines whether CloudFront overrides a response header with the same name received from the origin with the header specified here.
    value str
    The value for the HTTP response header.
    header String
    The HTTP response header name.
    override Boolean
    A Boolean that determines whether CloudFront overrides a response header with the same name received from the origin with the header specified here.
    value String
    The value for the HTTP response header.

    ResponseHeadersPolicyCustomHeadersConfig, ResponseHeadersPolicyCustomHeadersConfigArgs

    Items []ResponseHeadersPolicyCustomHeader
    The list of HTTP response headers and their values.
    items List<ResponseHeadersPolicyCustomHeader>
    The list of HTTP response headers and their values.
    items ResponseHeadersPolicyCustomHeader[]
    The list of HTTP response headers and their values.
    items Sequence[ResponseHeadersPolicyCustomHeader]
    The list of HTTP response headers and their values.
    items List<Property Map>
    The list of HTTP response headers and their values.

    ResponseHeadersPolicyFrameOptions, ResponseHeadersPolicyFrameOptionsArgs

    FrameOption string

    The value of the X-Frame-Options HTTP response header. Valid values are DENY and SAMEORIGIN .

    For more information about these values, see X-Frame-Options in the MDN Web Docs.

    Override bool
    A Boolean that determines whether CloudFront overrides the X-Frame-Options HTTP response header received from the origin with the one specified in this response headers policy.
    FrameOption string

    The value of the X-Frame-Options HTTP response header. Valid values are DENY and SAMEORIGIN .

    For more information about these values, see X-Frame-Options in the MDN Web Docs.

    Override bool
    A Boolean that determines whether CloudFront overrides the X-Frame-Options HTTP response header received from the origin with the one specified in this response headers policy.
    frameOption String

    The value of the X-Frame-Options HTTP response header. Valid values are DENY and SAMEORIGIN .

    For more information about these values, see X-Frame-Options in the MDN Web Docs.

    override Boolean
    A Boolean that determines whether CloudFront overrides the X-Frame-Options HTTP response header received from the origin with the one specified in this response headers policy.
    frameOption string

    The value of the X-Frame-Options HTTP response header. Valid values are DENY and SAMEORIGIN .

    For more information about these values, see X-Frame-Options in the MDN Web Docs.

    override boolean
    A Boolean that determines whether CloudFront overrides the X-Frame-Options HTTP response header received from the origin with the one specified in this response headers policy.
    frame_option str

    The value of the X-Frame-Options HTTP response header. Valid values are DENY and SAMEORIGIN .

    For more information about these values, see X-Frame-Options in the MDN Web Docs.

    override bool
    A Boolean that determines whether CloudFront overrides the X-Frame-Options HTTP response header received from the origin with the one specified in this response headers policy.
    frameOption String

    The value of the X-Frame-Options HTTP response header. Valid values are DENY and SAMEORIGIN .

    For more information about these values, see X-Frame-Options in the MDN Web Docs.

    override Boolean
    A Boolean that determines whether CloudFront overrides the X-Frame-Options HTTP response header received from the origin with the one specified in this response headers policy.

    ResponseHeadersPolicyReferrerPolicy, ResponseHeadersPolicyReferrerPolicyArgs

    Override bool
    A Boolean that determines whether CloudFront overrides the Referrer-Policy HTTP response header received from the origin with the one specified in this response headers policy.
    ReferrerPolicy string

    The value of the Referrer-Policy HTTP response header. Valid values are:

    • no-referrer
    • no-referrer-when-downgrade
    • origin
    • origin-when-cross-origin
    • same-origin
    • strict-origin
    • strict-origin-when-cross-origin
    • unsafe-url

    For more information about these values, see Referrer-Policy in the MDN Web Docs.

    Override bool
    A Boolean that determines whether CloudFront overrides the Referrer-Policy HTTP response header received from the origin with the one specified in this response headers policy.
    ReferrerPolicy string

    The value of the Referrer-Policy HTTP response header. Valid values are:

    • no-referrer
    • no-referrer-when-downgrade
    • origin
    • origin-when-cross-origin
    • same-origin
    • strict-origin
    • strict-origin-when-cross-origin
    • unsafe-url

    For more information about these values, see Referrer-Policy in the MDN Web Docs.

    override Boolean
    A Boolean that determines whether CloudFront overrides the Referrer-Policy HTTP response header received from the origin with the one specified in this response headers policy.
    referrerPolicy String

    The value of the Referrer-Policy HTTP response header. Valid values are:

    • no-referrer
    • no-referrer-when-downgrade
    • origin
    • origin-when-cross-origin
    • same-origin
    • strict-origin
    • strict-origin-when-cross-origin
    • unsafe-url

    For more information about these values, see Referrer-Policy in the MDN Web Docs.

    override boolean
    A Boolean that determines whether CloudFront overrides the Referrer-Policy HTTP response header received from the origin with the one specified in this response headers policy.
    referrerPolicy string

    The value of the Referrer-Policy HTTP response header. Valid values are:

    • no-referrer
    • no-referrer-when-downgrade
    • origin
    • origin-when-cross-origin
    • same-origin
    • strict-origin
    • strict-origin-when-cross-origin
    • unsafe-url

    For more information about these values, see Referrer-Policy in the MDN Web Docs.

    override bool
    A Boolean that determines whether CloudFront overrides the Referrer-Policy HTTP response header received from the origin with the one specified in this response headers policy.
    referrer_policy str

    The value of the Referrer-Policy HTTP response header. Valid values are:

    • no-referrer
    • no-referrer-when-downgrade
    • origin
    • origin-when-cross-origin
    • same-origin
    • strict-origin
    • strict-origin-when-cross-origin
    • unsafe-url

    For more information about these values, see Referrer-Policy in the MDN Web Docs.

    override Boolean
    A Boolean that determines whether CloudFront overrides the Referrer-Policy HTTP response header received from the origin with the one specified in this response headers policy.
    referrerPolicy String

    The value of the Referrer-Policy HTTP response header. Valid values are:

    • no-referrer
    • no-referrer-when-downgrade
    • origin
    • origin-when-cross-origin
    • same-origin
    • strict-origin
    • strict-origin-when-cross-origin
    • unsafe-url

    For more information about these values, see Referrer-Policy in the MDN Web Docs.

    ResponseHeadersPolicyRemoveHeader, ResponseHeadersPolicyRemoveHeaderArgs

    Header string
    The HTTP header name.
    Header string
    The HTTP header name.
    header String
    The HTTP header name.
    header string
    The HTTP header name.
    header str
    The HTTP header name.
    header String
    The HTTP header name.

    ResponseHeadersPolicyRemoveHeadersConfig, ResponseHeadersPolicyRemoveHeadersConfigArgs

    Items []ResponseHeadersPolicyRemoveHeader
    The list of HTTP header names.
    items List<ResponseHeadersPolicyRemoveHeader>
    The list of HTTP header names.
    items ResponseHeadersPolicyRemoveHeader[]
    The list of HTTP header names.
    items List<Property Map>
    The list of HTTP header names.

    ResponseHeadersPolicySecurityHeadersConfig, ResponseHeadersPolicySecurityHeadersConfigArgs

    ContentSecurityPolicy Pulumi.AwsNative.CloudFront.Inputs.ResponseHeadersPolicyContentSecurityPolicy

    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

    For more information about the Content-Security-Policy HTTP response header, see Content-Security-Policy in the MDN Web Docs.

    ContentTypeOptions Pulumi.AwsNative.CloudFront.Inputs.ResponseHeadersPolicyContentTypeOptions

    Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff .

    For more information about the X-Content-Type-Options HTTP response header, see X-Content-Type-Options in the MDN Web Docs.

    FrameOptions Pulumi.AwsNative.CloudFront.Inputs.ResponseHeadersPolicyFrameOptions

    Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header's value.

    For more information about the X-Frame-Options HTTP response header, see X-Frame-Options in the MDN Web Docs.

    ReferrerPolicy Pulumi.AwsNative.CloudFront.Inputs.ResponseHeadersPolicyReferrerPolicy

    Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header's value.

    For more information about the Referrer-Policy HTTP response header, see Referrer-Policy in the MDN Web Docs.

    StrictTransportSecurity Pulumi.AwsNative.CloudFront.Inputs.ResponseHeadersPolicyStrictTransportSecurity

    Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header's value.

    For more information about the Strict-Transport-Security HTTP response header, see Security headers in the Amazon CloudFront Developer Guide and Strict-Transport-Security in the MDN Web Docs.

    XssProtection Pulumi.AwsNative.CloudFront.Inputs.ResponseHeadersPolicyXssProtection

    Determines whether CloudFront includes the X-XSS-Protection HTTP response header and the header's value.

    For more information about the X-XSS-Protection HTTP response header, see X-XSS-Protection in the MDN Web Docs.

    ContentSecurityPolicy ResponseHeadersPolicyContentSecurityPolicy

    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

    For more information about the Content-Security-Policy HTTP response header, see Content-Security-Policy in the MDN Web Docs.

    ContentTypeOptions ResponseHeadersPolicyContentTypeOptions

    Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff .

    For more information about the X-Content-Type-Options HTTP response header, see X-Content-Type-Options in the MDN Web Docs.

    FrameOptions ResponseHeadersPolicyFrameOptions

    Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header's value.

    For more information about the X-Frame-Options HTTP response header, see X-Frame-Options in the MDN Web Docs.

    ReferrerPolicy ResponseHeadersPolicyReferrerPolicy

    Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header's value.

    For more information about the Referrer-Policy HTTP response header, see Referrer-Policy in the MDN Web Docs.

    StrictTransportSecurity ResponseHeadersPolicyStrictTransportSecurity

    Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header's value.

    For more information about the Strict-Transport-Security HTTP response header, see Security headers in the Amazon CloudFront Developer Guide and Strict-Transport-Security in the MDN Web Docs.

    XssProtection ResponseHeadersPolicyXssProtection

    Determines whether CloudFront includes the X-XSS-Protection HTTP response header and the header's value.

    For more information about the X-XSS-Protection HTTP response header, see X-XSS-Protection in the MDN Web Docs.

    contentSecurityPolicy ResponseHeadersPolicyContentSecurityPolicy

    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

    For more information about the Content-Security-Policy HTTP response header, see Content-Security-Policy in the MDN Web Docs.

    contentTypeOptions ResponseHeadersPolicyContentTypeOptions

    Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff .

    For more information about the X-Content-Type-Options HTTP response header, see X-Content-Type-Options in the MDN Web Docs.

    frameOptions ResponseHeadersPolicyFrameOptions

    Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header's value.

    For more information about the X-Frame-Options HTTP response header, see X-Frame-Options in the MDN Web Docs.

    referrerPolicy ResponseHeadersPolicyReferrerPolicy

    Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header's value.

    For more information about the Referrer-Policy HTTP response header, see Referrer-Policy in the MDN Web Docs.

    strictTransportSecurity ResponseHeadersPolicyStrictTransportSecurity

    Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header's value.

    For more information about the Strict-Transport-Security HTTP response header, see Security headers in the Amazon CloudFront Developer Guide and Strict-Transport-Security in the MDN Web Docs.

    xssProtection ResponseHeadersPolicyXssProtection

    Determines whether CloudFront includes the X-XSS-Protection HTTP response header and the header's value.

    For more information about the X-XSS-Protection HTTP response header, see X-XSS-Protection in the MDN Web Docs.

    contentSecurityPolicy ResponseHeadersPolicyContentSecurityPolicy

    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

    For more information about the Content-Security-Policy HTTP response header, see Content-Security-Policy in the MDN Web Docs.

    contentTypeOptions ResponseHeadersPolicyContentTypeOptions

    Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff .

    For more information about the X-Content-Type-Options HTTP response header, see X-Content-Type-Options in the MDN Web Docs.

    frameOptions ResponseHeadersPolicyFrameOptions

    Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header's value.

    For more information about the X-Frame-Options HTTP response header, see X-Frame-Options in the MDN Web Docs.

    referrerPolicy ResponseHeadersPolicyReferrerPolicy

    Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header's value.

    For more information about the Referrer-Policy HTTP response header, see Referrer-Policy in the MDN Web Docs.

    strictTransportSecurity ResponseHeadersPolicyStrictTransportSecurity

    Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header's value.

    For more information about the Strict-Transport-Security HTTP response header, see Security headers in the Amazon CloudFront Developer Guide and Strict-Transport-Security in the MDN Web Docs.

    xssProtection ResponseHeadersPolicyXssProtection

    Determines whether CloudFront includes the X-XSS-Protection HTTP response header and the header's value.

    For more information about the X-XSS-Protection HTTP response header, see X-XSS-Protection in the MDN Web Docs.

    content_security_policy ResponseHeadersPolicyContentSecurityPolicy

    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

    For more information about the Content-Security-Policy HTTP response header, see Content-Security-Policy in the MDN Web Docs.

    content_type_options ResponseHeadersPolicyContentTypeOptions

    Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff .

    For more information about the X-Content-Type-Options HTTP response header, see X-Content-Type-Options in the MDN Web Docs.

    frame_options ResponseHeadersPolicyFrameOptions

    Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header's value.

    For more information about the X-Frame-Options HTTP response header, see X-Frame-Options in the MDN Web Docs.

    referrer_policy ResponseHeadersPolicyReferrerPolicy

    Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header's value.

    For more information about the Referrer-Policy HTTP response header, see Referrer-Policy in the MDN Web Docs.

    strict_transport_security ResponseHeadersPolicyStrictTransportSecurity

    Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header's value.

    For more information about the Strict-Transport-Security HTTP response header, see Security headers in the Amazon CloudFront Developer Guide and Strict-Transport-Security in the MDN Web Docs.

    xss_protection ResponseHeadersPolicyXssProtection

    Determines whether CloudFront includes the X-XSS-Protection HTTP response header and the header's value.

    For more information about the X-XSS-Protection HTTP response header, see X-XSS-Protection in the MDN Web Docs.

    contentSecurityPolicy Property Map

    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

    For more information about the Content-Security-Policy HTTP response header, see Content-Security-Policy in the MDN Web Docs.

    contentTypeOptions Property Map

    Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff .

    For more information about the X-Content-Type-Options HTTP response header, see X-Content-Type-Options in the MDN Web Docs.

    frameOptions Property Map

    Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header's value.

    For more information about the X-Frame-Options HTTP response header, see X-Frame-Options in the MDN Web Docs.

    referrerPolicy Property Map

    Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header's value.

    For more information about the Referrer-Policy HTTP response header, see Referrer-Policy in the MDN Web Docs.

    strictTransportSecurity Property Map

    Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header's value.

    For more information about the Strict-Transport-Security HTTP response header, see Security headers in the Amazon CloudFront Developer Guide and Strict-Transport-Security in the MDN Web Docs.

    xssProtection Property Map

    Determines whether CloudFront includes the X-XSS-Protection HTTP response header and the header's value.

    For more information about the X-XSS-Protection HTTP response header, see X-XSS-Protection in the MDN Web Docs.

    ResponseHeadersPolicyServerTimingHeadersConfig, ResponseHeadersPolicyServerTimingHeadersConfigArgs

    Enabled bool
    A Boolean that determines whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
    SamplingRate double
    A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. When you set the sampling rate to 100, CloudFront adds the Server-Timing header to the HTTP response for every request that matches the cache behavior that this response headers policy is attached to. When you set it to 50, CloudFront adds the header to 50% of the responses for requests that match the cache behavior. You can set the sampling rate to any number 0–100 with up to four decimal places.
    Enabled bool
    A Boolean that determines whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
    SamplingRate float64
    A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. When you set the sampling rate to 100, CloudFront adds the Server-Timing header to the HTTP response for every request that matches the cache behavior that this response headers policy is attached to. When you set it to 50, CloudFront adds the header to 50% of the responses for requests that match the cache behavior. You can set the sampling rate to any number 0–100 with up to four decimal places.
    enabled Boolean
    A Boolean that determines whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
    samplingRate Double
    A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. When you set the sampling rate to 100, CloudFront adds the Server-Timing header to the HTTP response for every request that matches the cache behavior that this response headers policy is attached to. When you set it to 50, CloudFront adds the header to 50% of the responses for requests that match the cache behavior. You can set the sampling rate to any number 0–100 with up to four decimal places.
    enabled boolean
    A Boolean that determines whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
    samplingRate number
    A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. When you set the sampling rate to 100, CloudFront adds the Server-Timing header to the HTTP response for every request that matches the cache behavior that this response headers policy is attached to. When you set it to 50, CloudFront adds the header to 50% of the responses for requests that match the cache behavior. You can set the sampling rate to any number 0–100 with up to four decimal places.
    enabled bool
    A Boolean that determines whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
    sampling_rate float
    A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. When you set the sampling rate to 100, CloudFront adds the Server-Timing header to the HTTP response for every request that matches the cache behavior that this response headers policy is attached to. When you set it to 50, CloudFront adds the header to 50% of the responses for requests that match the cache behavior. You can set the sampling rate to any number 0–100 with up to four decimal places.
    enabled Boolean
    A Boolean that determines whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
    samplingRate Number
    A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. When you set the sampling rate to 100, CloudFront adds the Server-Timing header to the HTTP response for every request that matches the cache behavior that this response headers policy is attached to. When you set it to 50, CloudFront adds the header to 50% of the responses for requests that match the cache behavior. You can set the sampling rate to any number 0–100 with up to four decimal places.

    ResponseHeadersPolicyStrictTransportSecurity, ResponseHeadersPolicyStrictTransportSecurityArgs

    AccessControlMaxAgeSec int
    A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
    Override bool
    A Boolean that determines whether CloudFront overrides the Strict-Transport-Security HTTP response header received from the origin with the one specified in this response headers policy.
    IncludeSubdomains bool
    A Boolean that determines whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
    Preload bool
    A Boolean that determines whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
    AccessControlMaxAgeSec int
    A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
    Override bool
    A Boolean that determines whether CloudFront overrides the Strict-Transport-Security HTTP response header received from the origin with the one specified in this response headers policy.
    IncludeSubdomains bool
    A Boolean that determines whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
    Preload bool
    A Boolean that determines whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
    accessControlMaxAgeSec Integer
    A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
    override Boolean
    A Boolean that determines whether CloudFront overrides the Strict-Transport-Security HTTP response header received from the origin with the one specified in this response headers policy.
    includeSubdomains Boolean
    A Boolean that determines whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
    preload Boolean
    A Boolean that determines whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
    accessControlMaxAgeSec number
    A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
    override boolean
    A Boolean that determines whether CloudFront overrides the Strict-Transport-Security HTTP response header received from the origin with the one specified in this response headers policy.
    includeSubdomains boolean
    A Boolean that determines whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
    preload boolean
    A Boolean that determines whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
    access_control_max_age_sec int
    A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
    override bool
    A Boolean that determines whether CloudFront overrides the Strict-Transport-Security HTTP response header received from the origin with the one specified in this response headers policy.
    include_subdomains bool
    A Boolean that determines whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
    preload bool
    A Boolean that determines whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
    accessControlMaxAgeSec Number
    A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
    override Boolean
    A Boolean that determines whether CloudFront overrides the Strict-Transport-Security HTTP response header received from the origin with the one specified in this response headers policy.
    includeSubdomains Boolean
    A Boolean that determines whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
    preload Boolean
    A Boolean that determines whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

    ResponseHeadersPolicyXssProtection, ResponseHeadersPolicyXssProtectionArgs

    Override bool
    A Boolean that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    Protection bool

    A Boolean that determines the value of the X-XSS-Protection HTTP response header. When this setting is true , the value of the X-XSS-Protection header is 1 . When this setting is false , the value of the X-XSS-Protection header is 0 .

    For more information about these settings, see X-XSS-Protection in the MDN Web Docs.

    ModeBlock bool

    A Boolean that determines whether CloudFront includes the mode=block directive in the X-XSS-Protection header.

    For more information about this directive, see X-XSS-Protection in the MDN Web Docs.

    ReportUri string

    A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header.

    You cannot specify a ReportUri when ModeBlock is true .

    For more information about using a reporting URL, see X-XSS-Protection in the MDN Web Docs.

    Override bool
    A Boolean that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    Protection bool

    A Boolean that determines the value of the X-XSS-Protection HTTP response header. When this setting is true , the value of the X-XSS-Protection header is 1 . When this setting is false , the value of the X-XSS-Protection header is 0 .

    For more information about these settings, see X-XSS-Protection in the MDN Web Docs.

    ModeBlock bool

    A Boolean that determines whether CloudFront includes the mode=block directive in the X-XSS-Protection header.

    For more information about this directive, see X-XSS-Protection in the MDN Web Docs.

    ReportUri string

    A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header.

    You cannot specify a ReportUri when ModeBlock is true .

    For more information about using a reporting URL, see X-XSS-Protection in the MDN Web Docs.

    override Boolean
    A Boolean that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    protection Boolean

    A Boolean that determines the value of the X-XSS-Protection HTTP response header. When this setting is true , the value of the X-XSS-Protection header is 1 . When this setting is false , the value of the X-XSS-Protection header is 0 .

    For more information about these settings, see X-XSS-Protection in the MDN Web Docs.

    modeBlock Boolean

    A Boolean that determines whether CloudFront includes the mode=block directive in the X-XSS-Protection header.

    For more information about this directive, see X-XSS-Protection in the MDN Web Docs.

    reportUri String

    A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header.

    You cannot specify a ReportUri when ModeBlock is true .

    For more information about using a reporting URL, see X-XSS-Protection in the MDN Web Docs.

    override boolean
    A Boolean that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    protection boolean

    A Boolean that determines the value of the X-XSS-Protection HTTP response header. When this setting is true , the value of the X-XSS-Protection header is 1 . When this setting is false , the value of the X-XSS-Protection header is 0 .

    For more information about these settings, see X-XSS-Protection in the MDN Web Docs.

    modeBlock boolean

    A Boolean that determines whether CloudFront includes the mode=block directive in the X-XSS-Protection header.

    For more information about this directive, see X-XSS-Protection in the MDN Web Docs.

    reportUri string

    A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header.

    You cannot specify a ReportUri when ModeBlock is true .

    For more information about using a reporting URL, see X-XSS-Protection in the MDN Web Docs.

    override bool
    A Boolean that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    protection bool

    A Boolean that determines the value of the X-XSS-Protection HTTP response header. When this setting is true , the value of the X-XSS-Protection header is 1 . When this setting is false , the value of the X-XSS-Protection header is 0 .

    For more information about these settings, see X-XSS-Protection in the MDN Web Docs.

    mode_block bool

    A Boolean that determines whether CloudFront includes the mode=block directive in the X-XSS-Protection header.

    For more information about this directive, see X-XSS-Protection in the MDN Web Docs.

    report_uri str

    A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header.

    You cannot specify a ReportUri when ModeBlock is true .

    For more information about using a reporting URL, see X-XSS-Protection in the MDN Web Docs.

    override Boolean
    A Boolean that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    protection Boolean

    A Boolean that determines the value of the X-XSS-Protection HTTP response header. When this setting is true , the value of the X-XSS-Protection header is 1 . When this setting is false , the value of the X-XSS-Protection header is 0 .

    For more information about these settings, see X-XSS-Protection in the MDN Web Docs.

    modeBlock Boolean

    A Boolean that determines whether CloudFront includes the mode=block directive in the X-XSS-Protection header.

    For more information about this directive, see X-XSS-Protection in the MDN Web Docs.

    reportUri String

    A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header.

    You cannot specify a ReportUri when ModeBlock is true .

    For more information about using a reporting URL, see X-XSS-Protection in the MDN Web Docs.

    Package Details

    Repository
    AWS Native pulumi/pulumi-aws-native
    License
    Apache-2.0
    aws-native logo

    AWS Native is in preview. AWS Classic is fully supported.

    AWS Native v0.109.0 published on Wednesday, Jun 26, 2024 by Pulumi
    pulumi/pulumi-aws-native