AWS v6.60.0 published on Tuesday, Nov 19, 2024 by Pulumi
aws.cloudfront.getResponseHeadersPolicy
Explore with Pulumi AI
Use this data source to retrieve information about a CloudFront cache policy.
Example Usage
Basic Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = aws.cloudfront.getResponseHeadersPolicy({
name: "example-policy",
});
import pulumi
import pulumi_aws as aws
example = aws.cloudfront.get_response_headers_policy(name="example-policy")
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudfront.LookupResponseHeadersPolicy(ctx, &cloudfront.LookupResponseHeadersPolicyArgs{
Name: pulumi.StringRef("example-policy"),
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = Aws.CloudFront.GetResponseHeadersPolicy.Invoke(new()
{
Name = "example-policy",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.CloudfrontFunctions;
import com.pulumi.aws.cloudfront.inputs.GetResponseHeadersPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = CloudfrontFunctions.getResponseHeadersPolicy(GetResponseHeadersPolicyArgs.builder()
.name("example-policy")
.build());
}
}
variables:
example:
fn::invoke:
Function: aws:cloudfront:getResponseHeadersPolicy
Arguments:
name: example-policy
AWS-Managed Policies
AWS managed response header policy names are prefixed with Managed-
:
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = aws.cloudfront.getResponseHeadersPolicy({
name: "Managed-SimpleCORS",
});
import pulumi
import pulumi_aws as aws
example = aws.cloudfront.get_response_headers_policy(name="Managed-SimpleCORS")
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudfront.LookupResponseHeadersPolicy(ctx, &cloudfront.LookupResponseHeadersPolicyArgs{
Name: pulumi.StringRef("Managed-SimpleCORS"),
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = Aws.CloudFront.GetResponseHeadersPolicy.Invoke(new()
{
Name = "Managed-SimpleCORS",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.CloudfrontFunctions;
import com.pulumi.aws.cloudfront.inputs.GetResponseHeadersPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = CloudfrontFunctions.getResponseHeadersPolicy(GetResponseHeadersPolicyArgs.builder()
.name("Managed-SimpleCORS")
.build());
}
}
variables:
example:
fn::invoke:
Function: aws:cloudfront:getResponseHeadersPolicy
Arguments:
name: Managed-SimpleCORS
Using getResponseHeadersPolicy
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getResponseHeadersPolicy(args: GetResponseHeadersPolicyArgs, opts?: InvokeOptions): Promise<GetResponseHeadersPolicyResult>
function getResponseHeadersPolicyOutput(args: GetResponseHeadersPolicyOutputArgs, opts?: InvokeOptions): Output<GetResponseHeadersPolicyResult>
def get_response_headers_policy(id: Optional[str] = None,
name: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetResponseHeadersPolicyResult
def get_response_headers_policy_output(id: Optional[pulumi.Input[str]] = None,
name: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetResponseHeadersPolicyResult]
func LookupResponseHeadersPolicy(ctx *Context, args *LookupResponseHeadersPolicyArgs, opts ...InvokeOption) (*LookupResponseHeadersPolicyResult, error)
func LookupResponseHeadersPolicyOutput(ctx *Context, args *LookupResponseHeadersPolicyOutputArgs, opts ...InvokeOption) LookupResponseHeadersPolicyResultOutput
> Note: This function is named LookupResponseHeadersPolicy
in the Go SDK.
public static class GetResponseHeadersPolicy
{
public static Task<GetResponseHeadersPolicyResult> InvokeAsync(GetResponseHeadersPolicyArgs args, InvokeOptions? opts = null)
public static Output<GetResponseHeadersPolicyResult> Invoke(GetResponseHeadersPolicyInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetResponseHeadersPolicyResult> getResponseHeadersPolicy(GetResponseHeadersPolicyArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: aws:cloudfront/getResponseHeadersPolicy:getResponseHeadersPolicy
arguments:
# arguments dictionary
The following arguments are supported:
getResponseHeadersPolicy Result
The following output properties are available:
- Comment string
- Comment to describe the response headers policy. The comment cannot be longer than 128 characters.
- Cors
Configs List<GetResponse Headers Policy Cors Config> - Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
- Custom
Headers List<GetConfigs Response Headers Policy Custom Headers Config> - Object that contains an attribute
items
that contains a list of Custom Headers. See Custom Header for more information. - Etag string
- Current version of the response headers policy.
- Id string
- Name string
- Remove
Headers List<GetConfigs Response Headers Policy Remove Headers Config> - Object that contains an attribute
items
that contains a list of Remove Headers. See Remove Header for more information. - Security
Headers List<GetConfigs Response Headers Policy Security Headers Config> - A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
- Server
Timing List<GetHeaders Configs Response Headers Policy Server Timing Headers Config> - (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
- Comment string
- Comment to describe the response headers policy. The comment cannot be longer than 128 characters.
- Cors
Configs []GetResponse Headers Policy Cors Config - Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
- Custom
Headers []GetConfigs Response Headers Policy Custom Headers Config - Object that contains an attribute
items
that contains a list of Custom Headers. See Custom Header for more information. - Etag string
- Current version of the response headers policy.
- Id string
- Name string
- Remove
Headers []GetConfigs Response Headers Policy Remove Headers Config - Object that contains an attribute
items
that contains a list of Remove Headers. See Remove Header for more information. - Security
Headers []GetConfigs Response Headers Policy Security Headers Config - A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
- Server
Timing []GetHeaders Configs Response Headers Policy Server Timing Headers Config - (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
- comment String
- Comment to describe the response headers policy. The comment cannot be longer than 128 characters.
- cors
Configs List<GetResponse Headers Policy Cors Config> - Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
- custom
Headers List<GetConfigs Response Headers Policy Custom Headers Config> - Object that contains an attribute
items
that contains a list of Custom Headers. See Custom Header for more information. - etag String
- Current version of the response headers policy.
- id String
- name String
- remove
Headers List<GetConfigs Response Headers Policy Remove Headers Config> - Object that contains an attribute
items
that contains a list of Remove Headers. See Remove Header for more information. - security
Headers List<GetConfigs Response Headers Policy Security Headers Config> - A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
- server
Timing List<GetHeaders Configs Response Headers Policy Server Timing Headers Config> - (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
- comment string
- Comment to describe the response headers policy. The comment cannot be longer than 128 characters.
- cors
Configs GetResponse Headers Policy Cors Config[] - Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
- custom
Headers GetConfigs Response Headers Policy Custom Headers Config[] - Object that contains an attribute
items
that contains a list of Custom Headers. See Custom Header for more information. - etag string
- Current version of the response headers policy.
- id string
- name string
- remove
Headers GetConfigs Response Headers Policy Remove Headers Config[] - Object that contains an attribute
items
that contains a list of Remove Headers. See Remove Header for more information. - security
Headers GetConfigs Response Headers Policy Security Headers Config[] - A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
- server
Timing GetHeaders Configs Response Headers Policy Server Timing Headers Config[] - (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
- comment str
- Comment to describe the response headers policy. The comment cannot be longer than 128 characters.
- cors_
configs Sequence[GetResponse Headers Policy Cors Config] - Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
- custom_
headers_ Sequence[Getconfigs Response Headers Policy Custom Headers Config] - Object that contains an attribute
items
that contains a list of Custom Headers. See Custom Header for more information. - etag str
- Current version of the response headers policy.
- id str
- name str
- remove_
headers_ Sequence[Getconfigs Response Headers Policy Remove Headers Config] - Object that contains an attribute
items
that contains a list of Remove Headers. See Remove Header for more information. - security_
headers_ Sequence[Getconfigs Response Headers Policy Security Headers Config] - A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
- server_
timing_ Sequence[Getheaders_ configs Response Headers Policy Server Timing Headers Config] - (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
- comment String
- Comment to describe the response headers policy. The comment cannot be longer than 128 characters.
- cors
Configs List<Property Map> - Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
- custom
Headers List<Property Map>Configs - Object that contains an attribute
items
that contains a list of Custom Headers. See Custom Header for more information. - etag String
- Current version of the response headers policy.
- id String
- name String
- remove
Headers List<Property Map>Configs - Object that contains an attribute
items
that contains a list of Remove Headers. See Remove Header for more information. - security
Headers List<Property Map>Configs - A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
- server
Timing List<Property Map>Headers Configs - (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
Supporting Types
GetResponseHeadersPolicyCorsConfig
- Access
Control boolAllow Credentials - A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
- Access
Control List<GetAllow Headers Response Headers Policy Cors Config Access Control Allow Header> - Object that contains an attribute
items
that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header. - Access
Control List<GetAllow Methods Response Headers Policy Cors Config Access Control Allow Method> - Object that contains an attribute
items
that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values:GET
|POST
|OPTIONS
|PUT
|DELETE
|HEAD
|ALL
- Access
Control List<GetAllow Origins Response Headers Policy Cors Config Access Control Allow Origin> - Object that contains an attribute
items
that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header. - Access
Control List<GetExpose Headers Response Headers Policy Cors Config Access Control Expose Header> - Object that contains an attribute
items
that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header. - Access
Control intMax Age Sec - A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
- Origin
Override bool
- Access
Control boolAllow Credentials - A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
- Access
Control []GetAllow Headers Response Headers Policy Cors Config Access Control Allow Header - Object that contains an attribute
items
that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header. - Access
Control []GetAllow Methods Response Headers Policy Cors Config Access Control Allow Method - Object that contains an attribute
items
that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values:GET
|POST
|OPTIONS
|PUT
|DELETE
|HEAD
|ALL
- Access
Control []GetAllow Origins Response Headers Policy Cors Config Access Control Allow Origin - Object that contains an attribute
items
that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header. - Access
Control []GetExpose Headers Response Headers Policy Cors Config Access Control Expose Header - Object that contains an attribute
items
that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header. - Access
Control intMax Age Sec - A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
- Origin
Override bool
- access
Control BooleanAllow Credentials - A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
- access
Control List<GetAllow Headers Response Headers Policy Cors Config Access Control Allow Header> - Object that contains an attribute
items
that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header. - access
Control List<GetAllow Methods Response Headers Policy Cors Config Access Control Allow Method> - Object that contains an attribute
items
that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values:GET
|POST
|OPTIONS
|PUT
|DELETE
|HEAD
|ALL
- access
Control List<GetAllow Origins Response Headers Policy Cors Config Access Control Allow Origin> - Object that contains an attribute
items
that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header. - access
Control List<GetExpose Headers Response Headers Policy Cors Config Access Control Expose Header> - Object that contains an attribute
items
that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header. - access
Control IntegerMax Age Sec - A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
- origin
Override Boolean
- access
Control booleanAllow Credentials - A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
- access
Control GetAllow Headers Response Headers Policy Cors Config Access Control Allow Header[] - Object that contains an attribute
items
that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header. - access
Control GetAllow Methods Response Headers Policy Cors Config Access Control Allow Method[] - Object that contains an attribute
items
that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values:GET
|POST
|OPTIONS
|PUT
|DELETE
|HEAD
|ALL
- access
Control GetAllow Origins Response Headers Policy Cors Config Access Control Allow Origin[] - Object that contains an attribute
items
that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header. - access
Control GetExpose Headers Response Headers Policy Cors Config Access Control Expose Header[] - Object that contains an attribute
items
that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header. - access
Control numberMax Age Sec - A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
- origin
Override boolean
- access_
control_ boolallow_ credentials - A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
- access_
control_ Sequence[Getallow_ headers Response Headers Policy Cors Config Access Control Allow Header] - Object that contains an attribute
items
that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header. - access_
control_ Sequence[Getallow_ methods Response Headers Policy Cors Config Access Control Allow Method] - Object that contains an attribute
items
that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values:GET
|POST
|OPTIONS
|PUT
|DELETE
|HEAD
|ALL
- access_
control_ Sequence[Getallow_ origins Response Headers Policy Cors Config Access Control Allow Origin] - Object that contains an attribute
items
that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header. - access_
control_ Sequence[Getexpose_ headers Response Headers Policy Cors Config Access Control Expose Header] - Object that contains an attribute
items
that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header. - access_
control_ intmax_ age_ sec - A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
- origin_
override bool
- access
Control BooleanAllow Credentials - A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
- access
Control List<Property Map>Allow Headers - Object that contains an attribute
items
that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header. - access
Control List<Property Map>Allow Methods - Object that contains an attribute
items
that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values:GET
|POST
|OPTIONS
|PUT
|DELETE
|HEAD
|ALL
- access
Control List<Property Map>Allow Origins - Object that contains an attribute
items
that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header. - access
Control List<Property Map>Expose Headers - Object that contains an attribute
items
that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header. - access
Control NumberMax Age Sec - A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
- origin
Override Boolean
GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader
- Items List<string>
- Items []string
- items List<String>
- items string[]
- items Sequence[str]
- items List<String>
GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod
- Items List<string>
- Items []string
- items List<String>
- items string[]
- items Sequence[str]
- items List<String>
GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin
- Items List<string>
- Items []string
- items List<String>
- items string[]
- items Sequence[str]
- items List<String>
GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader
- Items List<string>
- Items []string
- items List<String>
- items string[]
- items Sequence[str]
- items List<String>
GetResponseHeadersPolicyCustomHeadersConfig
GetResponseHeadersPolicyCustomHeadersConfigItem
GetResponseHeadersPolicyRemoveHeadersConfig
GetResponseHeadersPolicyRemoveHeadersConfigItem
- Header string
- The HTTP header name.
- Header string
- The HTTP header name.
- header String
- The HTTP header name.
- header string
- The HTTP header name.
- header str
- The HTTP header name.
- header String
- The HTTP header name.
GetResponseHeadersPolicySecurityHeadersConfig
- Content
Security List<GetPolicies Response Headers Policy Security Headers Config Content Security Policy> - The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
- Content
Type List<GetOptions Response Headers Policy Security Headers Config Content Type Option> - A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
- Frame
Options List<GetResponse Headers Policy Security Headers Config Frame Option> - Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
- Referrer
Policies List<GetResponse Headers Policy Security Headers Config Referrer Policy> - Value of the Referrer-Policy HTTP response header. Valid Values:
no-referrer
|no-referrer-when-downgrade
|origin
|origin-when-cross-origin
|same-origin
|strict-origin
|strict-origin-when-cross-origin
|unsafe-url
- Strict
Transport List<GetSecurities Response Headers Policy Security Headers Config Strict Transport Security> - Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
- Xss
Protections List<GetResponse Headers Policy Security Headers Config Xss Protection> - Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.
- Content
Security []GetPolicies Response Headers Policy Security Headers Config Content Security Policy - The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
- Content
Type []GetOptions Response Headers Policy Security Headers Config Content Type Option - A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
- Frame
Options []GetResponse Headers Policy Security Headers Config Frame Option - Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
- Referrer
Policies []GetResponse Headers Policy Security Headers Config Referrer Policy - Value of the Referrer-Policy HTTP response header. Valid Values:
no-referrer
|no-referrer-when-downgrade
|origin
|origin-when-cross-origin
|same-origin
|strict-origin
|strict-origin-when-cross-origin
|unsafe-url
- Strict
Transport []GetSecurities Response Headers Policy Security Headers Config Strict Transport Security - Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
- Xss
Protections []GetResponse Headers Policy Security Headers Config Xss Protection - Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.
- content
Security List<GetPolicies Response Headers Policy Security Headers Config Content Security Policy> - The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
- content
Type List<GetOptions Response Headers Policy Security Headers Config Content Type Option> - A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
- frame
Options List<GetResponse Headers Policy Security Headers Config Frame Option> - Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
- referrer
Policies List<GetResponse Headers Policy Security Headers Config Referrer Policy> - Value of the Referrer-Policy HTTP response header. Valid Values:
no-referrer
|no-referrer-when-downgrade
|origin
|origin-when-cross-origin
|same-origin
|strict-origin
|strict-origin-when-cross-origin
|unsafe-url
- strict
Transport List<GetSecurities Response Headers Policy Security Headers Config Strict Transport Security> - Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
- xss
Protections List<GetResponse Headers Policy Security Headers Config Xss Protection> - Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.
- content
Security GetPolicies Response Headers Policy Security Headers Config Content Security Policy[] - The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
- content
Type GetOptions Response Headers Policy Security Headers Config Content Type Option[] - A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
- frame
Options GetResponse Headers Policy Security Headers Config Frame Option[] - Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
- referrer
Policies GetResponse Headers Policy Security Headers Config Referrer Policy[] - Value of the Referrer-Policy HTTP response header. Valid Values:
no-referrer
|no-referrer-when-downgrade
|origin
|origin-when-cross-origin
|same-origin
|strict-origin
|strict-origin-when-cross-origin
|unsafe-url
- strict
Transport GetSecurities Response Headers Policy Security Headers Config Strict Transport Security[] - Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
- xss
Protections GetResponse Headers Policy Security Headers Config Xss Protection[] - Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.
- content_
security_ Sequence[Getpolicies Response Headers Policy Security Headers Config Content Security Policy] - The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
- content_
type_ Sequence[Getoptions Response Headers Policy Security Headers Config Content Type Option] - A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
- frame_
options Sequence[GetResponse Headers Policy Security Headers Config Frame Option] - Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
- referrer_
policies Sequence[GetResponse Headers Policy Security Headers Config Referrer Policy] - Value of the Referrer-Policy HTTP response header. Valid Values:
no-referrer
|no-referrer-when-downgrade
|origin
|origin-when-cross-origin
|same-origin
|strict-origin
|strict-origin-when-cross-origin
|unsafe-url
- strict_
transport_ Sequence[Getsecurities Response Headers Policy Security Headers Config Strict Transport Security] - Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
- xss_
protections Sequence[GetResponse Headers Policy Security Headers Config Xss Protection] - Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.
- content
Security List<Property Map>Policies - The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
- content
Type List<Property Map>Options - A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
- frame
Options List<Property Map> - Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
- referrer
Policies List<Property Map> - Value of the Referrer-Policy HTTP response header. Valid Values:
no-referrer
|no-referrer-when-downgrade
|origin
|origin-when-cross-origin
|same-origin
|strict-origin
|strict-origin-when-cross-origin
|unsafe-url
- strict
Transport List<Property Map>Securities - Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
- xss
Protections List<Property Map> - Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.
GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy
- Content
Security stringPolicy - The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
- Override bool
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- Content
Security stringPolicy - The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
- Override bool
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- content
Security StringPolicy - The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
- override Boolean
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- content
Security stringPolicy - The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
- override boolean
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- content_
security_ strpolicy - The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
- override bool
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- content
Security StringPolicy - The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
- override Boolean
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption
- Override bool
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- Override bool
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- override Boolean
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- override boolean
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- override bool
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- override Boolean
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
GetResponseHeadersPolicySecurityHeadersConfigFrameOption
- Frame
Option string - Value of the X-Frame-Options HTTP response header. Valid values:
DENY
|SAMEORIGIN
- Override bool
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- Frame
Option string - Value of the X-Frame-Options HTTP response header. Valid values:
DENY
|SAMEORIGIN
- Override bool
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- frame
Option String - Value of the X-Frame-Options HTTP response header. Valid values:
DENY
|SAMEORIGIN
- override Boolean
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- frame
Option string - Value of the X-Frame-Options HTTP response header. Valid values:
DENY
|SAMEORIGIN
- override boolean
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- frame_
option str - Value of the X-Frame-Options HTTP response header. Valid values:
DENY
|SAMEORIGIN
- override bool
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- frame
Option String - Value of the X-Frame-Options HTTP response header. Valid values:
DENY
|SAMEORIGIN
- override Boolean
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy
- Override bool
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- Referrer
Policy string - Value of the Referrer-Policy HTTP response header. Valid Values:
no-referrer
|no-referrer-when-downgrade
|origin
|origin-when-cross-origin
|same-origin
|strict-origin
|strict-origin-when-cross-origin
|unsafe-url
- Override bool
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- Referrer
Policy string - Value of the Referrer-Policy HTTP response header. Valid Values:
no-referrer
|no-referrer-when-downgrade
|origin
|origin-when-cross-origin
|same-origin
|strict-origin
|strict-origin-when-cross-origin
|unsafe-url
- override Boolean
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- referrer
Policy String - Value of the Referrer-Policy HTTP response header. Valid Values:
no-referrer
|no-referrer-when-downgrade
|origin
|origin-when-cross-origin
|same-origin
|strict-origin
|strict-origin-when-cross-origin
|unsafe-url
- override boolean
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- referrer
Policy string - Value of the Referrer-Policy HTTP response header. Valid Values:
no-referrer
|no-referrer-when-downgrade
|origin
|origin-when-cross-origin
|same-origin
|strict-origin
|strict-origin-when-cross-origin
|unsafe-url
- override bool
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- referrer_
policy str - Value of the Referrer-Policy HTTP response header. Valid Values:
no-referrer
|no-referrer-when-downgrade
|origin
|origin-when-cross-origin
|same-origin
|strict-origin
|strict-origin-when-cross-origin
|unsafe-url
- override Boolean
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- referrer
Policy String - Value of the Referrer-Policy HTTP response header. Valid Values:
no-referrer
|no-referrer-when-downgrade
|origin
|origin-when-cross-origin
|same-origin
|strict-origin
|strict-origin-when-cross-origin
|unsafe-url
GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity
- Access
Control intMax Age Sec - A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
- Include
Subdomains bool - Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
- Override bool
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- Preload bool
- Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
- Access
Control intMax Age Sec - A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
- Include
Subdomains bool - Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
- Override bool
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- Preload bool
- Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
- access
Control IntegerMax Age Sec - A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
- include
Subdomains Boolean - Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
- override Boolean
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- preload Boolean
- Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
- access
Control numberMax Age Sec - A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
- include
Subdomains boolean - Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
- override boolean
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- preload boolean
- Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
- access_
control_ intmax_ age_ sec - A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
- include_
subdomains bool - Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
- override bool
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- preload bool
- Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
- access
Control NumberMax Age Sec - A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
- include
Subdomains Boolean - Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
- override Boolean
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- preload Boolean
- Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
GetResponseHeadersPolicySecurityHeadersConfigXssProtection
- Mode
Block bool - Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
- Override bool
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- Protection bool
- Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
- Report
Uri string - Whether CloudFront sets a reporting URI in the X-XSS-Protection header.
- Mode
Block bool - Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
- Override bool
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- Protection bool
- Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
- Report
Uri string - Whether CloudFront sets a reporting URI in the X-XSS-Protection header.
- mode
Block Boolean - Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
- override Boolean
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- protection Boolean
- Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
- report
Uri String - Whether CloudFront sets a reporting URI in the X-XSS-Protection header.
- mode
Block boolean - Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
- override boolean
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- protection boolean
- Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
- report
Uri string - Whether CloudFront sets a reporting URI in the X-XSS-Protection header.
- mode_
block bool - Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
- override bool
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- protection bool
- Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
- report_
uri str - Whether CloudFront sets a reporting URI in the X-XSS-Protection header.
- mode
Block Boolean - Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
- override Boolean
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
- protection Boolean
- Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
- report
Uri String - Whether CloudFront sets a reporting URI in the X-XSS-Protection header.
GetResponseHeadersPolicyServerTimingHeadersConfig
- Enabled bool
- Whether CloudFront adds the
Server-Timing
header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy. - Sampling
Rate double - Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.
- Enabled bool
- Whether CloudFront adds the
Server-Timing
header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy. - Sampling
Rate float64 - Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.
- enabled Boolean
- Whether CloudFront adds the
Server-Timing
header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy. - sampling
Rate Double - Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.
- enabled boolean
- Whether CloudFront adds the
Server-Timing
header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy. - sampling
Rate number - Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.
- enabled bool
- Whether CloudFront adds the
Server-Timing
header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy. - sampling_
rate float - Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.
- enabled Boolean
- Whether CloudFront adds the
Server-Timing
header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy. - sampling
Rate Number - Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
aws
Terraform Provider.