1. Packages
  2. AWS
  3. API Docs
  4. cloudfront
  5. ResponseHeadersPolicy
AWS v6.60.0 published on Tuesday, Nov 19, 2024 by Pulumi

aws.cloudfront.ResponseHeadersPolicy

Explore with Pulumi AI

aws logo
AWS v6.60.0 published on Tuesday, Nov 19, 2024 by Pulumi

    Provides a CloudFront response headers policy resource. A response headers policy contains information about a set of HTTP response headers and their values. After you create a response headers policy, you can use its ID to attach it to one or more cache behaviors in a CloudFront distribution. When it’s attached to a cache behavior, CloudFront adds the headers in the policy to every response that it sends for requests that match the cache behavior.

    Example Usage

    The example below creates a CloudFront response headers policy.

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = new aws.cloudfront.ResponseHeadersPolicy("example", {
        name: "example-policy",
        comment: "test comment",
        corsConfig: {
            accessControlAllowCredentials: true,
            accessControlAllowHeaders: {
                items: ["test"],
            },
            accessControlAllowMethods: {
                items: ["GET"],
            },
            accessControlAllowOrigins: {
                items: ["test.example.comtest"],
            },
            originOverride: true,
        },
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.cloudfront.ResponseHeadersPolicy("example",
        name="example-policy",
        comment="test comment",
        cors_config={
            "access_control_allow_credentials": True,
            "access_control_allow_headers": {
                "items": ["test"],
            },
            "access_control_allow_methods": {
                "items": ["GET"],
            },
            "access_control_allow_origins": {
                "items": ["test.example.comtest"],
            },
            "origin_override": True,
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := cloudfront.NewResponseHeadersPolicy(ctx, "example", &cloudfront.ResponseHeadersPolicyArgs{
    			Name:    pulumi.String("example-policy"),
    			Comment: pulumi.String("test comment"),
    			CorsConfig: &cloudfront.ResponseHeadersPolicyCorsConfigArgs{
    				AccessControlAllowCredentials: pulumi.Bool(true),
    				AccessControlAllowHeaders: &cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs{
    					Items: pulumi.StringArray{
    						pulumi.String("test"),
    					},
    				},
    				AccessControlAllowMethods: &cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs{
    					Items: pulumi.StringArray{
    						pulumi.String("GET"),
    					},
    				},
    				AccessControlAllowOrigins: &cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs{
    					Items: pulumi.StringArray{
    						pulumi.String("test.example.comtest"),
    					},
    				},
    				OriginOverride: pulumi.Bool(true),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Aws.CloudFront.ResponseHeadersPolicy("example", new()
        {
            Name = "example-policy",
            Comment = "test comment",
            CorsConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigArgs
            {
                AccessControlAllowCredentials = true,
                AccessControlAllowHeaders = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs
                {
                    Items = new[]
                    {
                        "test",
                    },
                },
                AccessControlAllowMethods = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs
                {
                    Items = new[]
                    {
                        "GET",
                    },
                },
                AccessControlAllowOrigins = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs
                {
                    Items = new[]
                    {
                        "test.example.comtest",
                    },
                },
                OriginOverride = true,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.cloudfront.ResponseHeadersPolicy;
    import com.pulumi.aws.cloudfront.ResponseHeadersPolicyArgs;
    import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCorsConfigArgs;
    import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs;
    import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs;
    import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new ResponseHeadersPolicy("example", ResponseHeadersPolicyArgs.builder()
                .name("example-policy")
                .comment("test comment")
                .corsConfig(ResponseHeadersPolicyCorsConfigArgs.builder()
                    .accessControlAllowCredentials(true)
                    .accessControlAllowHeaders(ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs.builder()
                        .items("test")
                        .build())
                    .accessControlAllowMethods(ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs.builder()
                        .items("GET")
                        .build())
                    .accessControlAllowOrigins(ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs.builder()
                        .items("test.example.comtest")
                        .build())
                    .originOverride(true)
                    .build())
                .build());
    
        }
    }
    
    resources:
      example:
        type: aws:cloudfront:ResponseHeadersPolicy
        properties:
          name: example-policy
          comment: test comment
          corsConfig:
            accessControlAllowCredentials: true
            accessControlAllowHeaders:
              items:
                - test
            accessControlAllowMethods:
              items:
                - GET
            accessControlAllowOrigins:
              items:
                - test.example.comtest
            originOverride: true
    

    The example below creates a CloudFront response headers policy with a custom headers config.

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = new aws.cloudfront.ResponseHeadersPolicy("example", {
        name: "example-headers-policy",
        customHeadersConfig: {
            items: [
                {
                    header: "X-Permitted-Cross-Domain-Policies",
                    override: true,
                    value: "none",
                },
                {
                    header: "X-Test",
                    override: true,
                    value: "none",
                },
            ],
        },
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.cloudfront.ResponseHeadersPolicy("example",
        name="example-headers-policy",
        custom_headers_config={
            "items": [
                {
                    "header": "X-Permitted-Cross-Domain-Policies",
                    "override": True,
                    "value": "none",
                },
                {
                    "header": "X-Test",
                    "override": True,
                    "value": "none",
                },
            ],
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := cloudfront.NewResponseHeadersPolicy(ctx, "example", &cloudfront.ResponseHeadersPolicyArgs{
    			Name: pulumi.String("example-headers-policy"),
    			CustomHeadersConfig: &cloudfront.ResponseHeadersPolicyCustomHeadersConfigArgs{
    				Items: cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArray{
    					&cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArgs{
    						Header:   pulumi.String("X-Permitted-Cross-Domain-Policies"),
    						Override: pulumi.Bool(true),
    						Value:    pulumi.String("none"),
    					},
    					&cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArgs{
    						Header:   pulumi.String("X-Test"),
    						Override: pulumi.Bool(true),
    						Value:    pulumi.String("none"),
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Aws.CloudFront.ResponseHeadersPolicy("example", new()
        {
            Name = "example-headers-policy",
            CustomHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigArgs
            {
                Items = new[]
                {
                    new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigItemArgs
                    {
                        Header = "X-Permitted-Cross-Domain-Policies",
                        Override = true,
                        Value = "none",
                    },
                    new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigItemArgs
                    {
                        Header = "X-Test",
                        Override = true,
                        Value = "none",
                    },
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.cloudfront.ResponseHeadersPolicy;
    import com.pulumi.aws.cloudfront.ResponseHeadersPolicyArgs;
    import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCustomHeadersConfigArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new ResponseHeadersPolicy("example", ResponseHeadersPolicyArgs.builder()
                .name("example-headers-policy")
                .customHeadersConfig(ResponseHeadersPolicyCustomHeadersConfigArgs.builder()
                    .items(                
                        ResponseHeadersPolicyCustomHeadersConfigItemArgs.builder()
                            .header("X-Permitted-Cross-Domain-Policies")
                            .override(true)
                            .value("none")
                            .build(),
                        ResponseHeadersPolicyCustomHeadersConfigItemArgs.builder()
                            .header("X-Test")
                            .override(true)
                            .value("none")
                            .build())
                    .build())
                .build());
    
        }
    }
    
    resources:
      example:
        type: aws:cloudfront:ResponseHeadersPolicy
        properties:
          name: example-headers-policy
          customHeadersConfig:
            items:
              - header: X-Permitted-Cross-Domain-Policies
                override: true
                value: none
              - header: X-Test
                override: true
                value: none
    

    The example below creates a CloudFront response headers policy with a custom headers config, remove headers config and server timing headers config.

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = new aws.cloudfront.ResponseHeadersPolicy("example", {
        name: "example-headers-policy",
        customHeadersConfig: {
            items: [{
                header: "X-Permitted-Cross-Domain-Policies",
                override: true,
                value: "none",
            }],
        },
        removeHeadersConfig: {
            items: [{
                header: "Set-Cookie",
            }],
        },
        serverTimingHeadersConfig: {
            enabled: true,
            samplingRate: 50,
        },
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.cloudfront.ResponseHeadersPolicy("example",
        name="example-headers-policy",
        custom_headers_config={
            "items": [{
                "header": "X-Permitted-Cross-Domain-Policies",
                "override": True,
                "value": "none",
            }],
        },
        remove_headers_config={
            "items": [{
                "header": "Set-Cookie",
            }],
        },
        server_timing_headers_config={
            "enabled": True,
            "sampling_rate": 50,
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := cloudfront.NewResponseHeadersPolicy(ctx, "example", &cloudfront.ResponseHeadersPolicyArgs{
    			Name: pulumi.String("example-headers-policy"),
    			CustomHeadersConfig: &cloudfront.ResponseHeadersPolicyCustomHeadersConfigArgs{
    				Items: cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArray{
    					&cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArgs{
    						Header:   pulumi.String("X-Permitted-Cross-Domain-Policies"),
    						Override: pulumi.Bool(true),
    						Value:    pulumi.String("none"),
    					},
    				},
    			},
    			RemoveHeadersConfig: &cloudfront.ResponseHeadersPolicyRemoveHeadersConfigArgs{
    				Items: cloudfront.ResponseHeadersPolicyRemoveHeadersConfigItemArray{
    					&cloudfront.ResponseHeadersPolicyRemoveHeadersConfigItemArgs{
    						Header: pulumi.String("Set-Cookie"),
    					},
    				},
    			},
    			ServerTimingHeadersConfig: &cloudfront.ResponseHeadersPolicyServerTimingHeadersConfigArgs{
    				Enabled:      pulumi.Bool(true),
    				SamplingRate: pulumi.Float64(50),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Aws.CloudFront.ResponseHeadersPolicy("example", new()
        {
            Name = "example-headers-policy",
            CustomHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigArgs
            {
                Items = new[]
                {
                    new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigItemArgs
                    {
                        Header = "X-Permitted-Cross-Domain-Policies",
                        Override = true,
                        Value = "none",
                    },
                },
            },
            RemoveHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyRemoveHeadersConfigArgs
            {
                Items = new[]
                {
                    new Aws.CloudFront.Inputs.ResponseHeadersPolicyRemoveHeadersConfigItemArgs
                    {
                        Header = "Set-Cookie",
                    },
                },
            },
            ServerTimingHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyServerTimingHeadersConfigArgs
            {
                Enabled = true,
                SamplingRate = 50,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.cloudfront.ResponseHeadersPolicy;
    import com.pulumi.aws.cloudfront.ResponseHeadersPolicyArgs;
    import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCustomHeadersConfigArgs;
    import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyRemoveHeadersConfigArgs;
    import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyServerTimingHeadersConfigArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new ResponseHeadersPolicy("example", ResponseHeadersPolicyArgs.builder()
                .name("example-headers-policy")
                .customHeadersConfig(ResponseHeadersPolicyCustomHeadersConfigArgs.builder()
                    .items(ResponseHeadersPolicyCustomHeadersConfigItemArgs.builder()
                        .header("X-Permitted-Cross-Domain-Policies")
                        .override(true)
                        .value("none")
                        .build())
                    .build())
                .removeHeadersConfig(ResponseHeadersPolicyRemoveHeadersConfigArgs.builder()
                    .items(ResponseHeadersPolicyRemoveHeadersConfigItemArgs.builder()
                        .header("Set-Cookie")
                        .build())
                    .build())
                .serverTimingHeadersConfig(ResponseHeadersPolicyServerTimingHeadersConfigArgs.builder()
                    .enabled(true)
                    .samplingRate(50)
                    .build())
                .build());
    
        }
    }
    
    resources:
      example:
        type: aws:cloudfront:ResponseHeadersPolicy
        properties:
          name: example-headers-policy
          customHeadersConfig:
            items:
              - header: X-Permitted-Cross-Domain-Policies
                override: true
                value: none
          removeHeadersConfig:
            items:
              - header: Set-Cookie
          serverTimingHeadersConfig:
            enabled: true
            samplingRate: 50
    

    Create ResponseHeadersPolicy Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new ResponseHeadersPolicy(name: string, args?: ResponseHeadersPolicyArgs, opts?: CustomResourceOptions);
    @overload
    def ResponseHeadersPolicy(resource_name: str,
                              args: Optional[ResponseHeadersPolicyArgs] = None,
                              opts: Optional[ResourceOptions] = None)
    
    @overload
    def ResponseHeadersPolicy(resource_name: str,
                              opts: Optional[ResourceOptions] = None,
                              comment: Optional[str] = None,
                              cors_config: Optional[ResponseHeadersPolicyCorsConfigArgs] = None,
                              custom_headers_config: Optional[ResponseHeadersPolicyCustomHeadersConfigArgs] = None,
                              etag: Optional[str] = None,
                              name: Optional[str] = None,
                              remove_headers_config: Optional[ResponseHeadersPolicyRemoveHeadersConfigArgs] = None,
                              security_headers_config: Optional[ResponseHeadersPolicySecurityHeadersConfigArgs] = None,
                              server_timing_headers_config: Optional[ResponseHeadersPolicyServerTimingHeadersConfigArgs] = None)
    func NewResponseHeadersPolicy(ctx *Context, name string, args *ResponseHeadersPolicyArgs, opts ...ResourceOption) (*ResponseHeadersPolicy, error)
    public ResponseHeadersPolicy(string name, ResponseHeadersPolicyArgs? args = null, CustomResourceOptions? opts = null)
    public ResponseHeadersPolicy(String name, ResponseHeadersPolicyArgs args)
    public ResponseHeadersPolicy(String name, ResponseHeadersPolicyArgs args, CustomResourceOptions options)
    
    type: aws:cloudfront:ResponseHeadersPolicy
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args ResponseHeadersPolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args ResponseHeadersPolicyArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args ResponseHeadersPolicyArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args ResponseHeadersPolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args ResponseHeadersPolicyArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var responseHeadersPolicyResource = new Aws.CloudFront.ResponseHeadersPolicy("responseHeadersPolicyResource", new()
    {
        Comment = "string",
        CorsConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigArgs
        {
            AccessControlAllowCredentials = false,
            AccessControlAllowHeaders = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs
            {
                Items = new[]
                {
                    "string",
                },
            },
            AccessControlAllowMethods = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs
            {
                Items = new[]
                {
                    "string",
                },
            },
            AccessControlAllowOrigins = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs
            {
                Items = new[]
                {
                    "string",
                },
            },
            OriginOverride = false,
            AccessControlExposeHeaders = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCorsConfigAccessControlExposeHeadersArgs
            {
                Items = new[]
                {
                    "string",
                },
            },
            AccessControlMaxAgeSec = 0,
        },
        CustomHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigArgs
        {
            Items = new[]
            {
                new Aws.CloudFront.Inputs.ResponseHeadersPolicyCustomHeadersConfigItemArgs
                {
                    Header = "string",
                    Override = false,
                    Value = "string",
                },
            },
        },
        Etag = "string",
        Name = "string",
        RemoveHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyRemoveHeadersConfigArgs
        {
            Items = new[]
            {
                new Aws.CloudFront.Inputs.ResponseHeadersPolicyRemoveHeadersConfigItemArgs
                {
                    Header = "string",
                },
            },
        },
        SecurityHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicySecurityHeadersConfigArgs
        {
            ContentSecurityPolicy = new Aws.CloudFront.Inputs.ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicyArgs
            {
                ContentSecurityPolicy = "string",
                Override = false,
            },
            ContentTypeOptions = new Aws.CloudFront.Inputs.ResponseHeadersPolicySecurityHeadersConfigContentTypeOptionsArgs
            {
                Override = false,
            },
            FrameOptions = new Aws.CloudFront.Inputs.ResponseHeadersPolicySecurityHeadersConfigFrameOptionsArgs
            {
                FrameOption = "string",
                Override = false,
            },
            ReferrerPolicy = new Aws.CloudFront.Inputs.ResponseHeadersPolicySecurityHeadersConfigReferrerPolicyArgs
            {
                Override = false,
                ReferrerPolicy = "string",
            },
            StrictTransportSecurity = new Aws.CloudFront.Inputs.ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurityArgs
            {
                AccessControlMaxAgeSec = 0,
                Override = false,
                IncludeSubdomains = false,
                Preload = false,
            },
            XssProtection = new Aws.CloudFront.Inputs.ResponseHeadersPolicySecurityHeadersConfigXssProtectionArgs
            {
                Override = false,
                Protection = false,
                ModeBlock = false,
                ReportUri = "string",
            },
        },
        ServerTimingHeadersConfig = new Aws.CloudFront.Inputs.ResponseHeadersPolicyServerTimingHeadersConfigArgs
        {
            Enabled = false,
            SamplingRate = 0,
        },
    });
    
    example, err := cloudfront.NewResponseHeadersPolicy(ctx, "responseHeadersPolicyResource", &cloudfront.ResponseHeadersPolicyArgs{
    	Comment: pulumi.String("string"),
    	CorsConfig: &cloudfront.ResponseHeadersPolicyCorsConfigArgs{
    		AccessControlAllowCredentials: pulumi.Bool(false),
    		AccessControlAllowHeaders: &cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs{
    			Items: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    		},
    		AccessControlAllowMethods: &cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs{
    			Items: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    		},
    		AccessControlAllowOrigins: &cloudfront.ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs{
    			Items: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    		},
    		OriginOverride: pulumi.Bool(false),
    		AccessControlExposeHeaders: &cloudfront.ResponseHeadersPolicyCorsConfigAccessControlExposeHeadersArgs{
    			Items: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    		},
    		AccessControlMaxAgeSec: pulumi.Int(0),
    	},
    	CustomHeadersConfig: &cloudfront.ResponseHeadersPolicyCustomHeadersConfigArgs{
    		Items: cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArray{
    			&cloudfront.ResponseHeadersPolicyCustomHeadersConfigItemArgs{
    				Header:   pulumi.String("string"),
    				Override: pulumi.Bool(false),
    				Value:    pulumi.String("string"),
    			},
    		},
    	},
    	Etag: pulumi.String("string"),
    	Name: pulumi.String("string"),
    	RemoveHeadersConfig: &cloudfront.ResponseHeadersPolicyRemoveHeadersConfigArgs{
    		Items: cloudfront.ResponseHeadersPolicyRemoveHeadersConfigItemArray{
    			&cloudfront.ResponseHeadersPolicyRemoveHeadersConfigItemArgs{
    				Header: pulumi.String("string"),
    			},
    		},
    	},
    	SecurityHeadersConfig: &cloudfront.ResponseHeadersPolicySecurityHeadersConfigArgs{
    		ContentSecurityPolicy: &cloudfront.ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicyArgs{
    			ContentSecurityPolicy: pulumi.String("string"),
    			Override:              pulumi.Bool(false),
    		},
    		ContentTypeOptions: &cloudfront.ResponseHeadersPolicySecurityHeadersConfigContentTypeOptionsArgs{
    			Override: pulumi.Bool(false),
    		},
    		FrameOptions: &cloudfront.ResponseHeadersPolicySecurityHeadersConfigFrameOptionsArgs{
    			FrameOption: pulumi.String("string"),
    			Override:    pulumi.Bool(false),
    		},
    		ReferrerPolicy: &cloudfront.ResponseHeadersPolicySecurityHeadersConfigReferrerPolicyArgs{
    			Override:       pulumi.Bool(false),
    			ReferrerPolicy: pulumi.String("string"),
    		},
    		StrictTransportSecurity: &cloudfront.ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurityArgs{
    			AccessControlMaxAgeSec: pulumi.Int(0),
    			Override:               pulumi.Bool(false),
    			IncludeSubdomains:      pulumi.Bool(false),
    			Preload:                pulumi.Bool(false),
    		},
    		XssProtection: &cloudfront.ResponseHeadersPolicySecurityHeadersConfigXssProtectionArgs{
    			Override:   pulumi.Bool(false),
    			Protection: pulumi.Bool(false),
    			ModeBlock:  pulumi.Bool(false),
    			ReportUri:  pulumi.String("string"),
    		},
    	},
    	ServerTimingHeadersConfig: &cloudfront.ResponseHeadersPolicyServerTimingHeadersConfigArgs{
    		Enabled:      pulumi.Bool(false),
    		SamplingRate: pulumi.Float64(0),
    	},
    })
    
    var responseHeadersPolicyResource = new ResponseHeadersPolicy("responseHeadersPolicyResource", ResponseHeadersPolicyArgs.builder()
        .comment("string")
        .corsConfig(ResponseHeadersPolicyCorsConfigArgs.builder()
            .accessControlAllowCredentials(false)
            .accessControlAllowHeaders(ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs.builder()
                .items("string")
                .build())
            .accessControlAllowMethods(ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs.builder()
                .items("string")
                .build())
            .accessControlAllowOrigins(ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs.builder()
                .items("string")
                .build())
            .originOverride(false)
            .accessControlExposeHeaders(ResponseHeadersPolicyCorsConfigAccessControlExposeHeadersArgs.builder()
                .items("string")
                .build())
            .accessControlMaxAgeSec(0)
            .build())
        .customHeadersConfig(ResponseHeadersPolicyCustomHeadersConfigArgs.builder()
            .items(ResponseHeadersPolicyCustomHeadersConfigItemArgs.builder()
                .header("string")
                .override(false)
                .value("string")
                .build())
            .build())
        .etag("string")
        .name("string")
        .removeHeadersConfig(ResponseHeadersPolicyRemoveHeadersConfigArgs.builder()
            .items(ResponseHeadersPolicyRemoveHeadersConfigItemArgs.builder()
                .header("string")
                .build())
            .build())
        .securityHeadersConfig(ResponseHeadersPolicySecurityHeadersConfigArgs.builder()
            .contentSecurityPolicy(ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicyArgs.builder()
                .contentSecurityPolicy("string")
                .override(false)
                .build())
            .contentTypeOptions(ResponseHeadersPolicySecurityHeadersConfigContentTypeOptionsArgs.builder()
                .override(false)
                .build())
            .frameOptions(ResponseHeadersPolicySecurityHeadersConfigFrameOptionsArgs.builder()
                .frameOption("string")
                .override(false)
                .build())
            .referrerPolicy(ResponseHeadersPolicySecurityHeadersConfigReferrerPolicyArgs.builder()
                .override(false)
                .referrerPolicy("string")
                .build())
            .strictTransportSecurity(ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurityArgs.builder()
                .accessControlMaxAgeSec(0)
                .override(false)
                .includeSubdomains(false)
                .preload(false)
                .build())
            .xssProtection(ResponseHeadersPolicySecurityHeadersConfigXssProtectionArgs.builder()
                .override(false)
                .protection(false)
                .modeBlock(false)
                .reportUri("string")
                .build())
            .build())
        .serverTimingHeadersConfig(ResponseHeadersPolicyServerTimingHeadersConfigArgs.builder()
            .enabled(false)
            .samplingRate(0)
            .build())
        .build());
    
    response_headers_policy_resource = aws.cloudfront.ResponseHeadersPolicy("responseHeadersPolicyResource",
        comment="string",
        cors_config={
            "access_control_allow_credentials": False,
            "access_control_allow_headers": {
                "items": ["string"],
            },
            "access_control_allow_methods": {
                "items": ["string"],
            },
            "access_control_allow_origins": {
                "items": ["string"],
            },
            "origin_override": False,
            "access_control_expose_headers": {
                "items": ["string"],
            },
            "access_control_max_age_sec": 0,
        },
        custom_headers_config={
            "items": [{
                "header": "string",
                "override": False,
                "value": "string",
            }],
        },
        etag="string",
        name="string",
        remove_headers_config={
            "items": [{
                "header": "string",
            }],
        },
        security_headers_config={
            "content_security_policy": {
                "content_security_policy": "string",
                "override": False,
            },
            "content_type_options": {
                "override": False,
            },
            "frame_options": {
                "frame_option": "string",
                "override": False,
            },
            "referrer_policy": {
                "override": False,
                "referrer_policy": "string",
            },
            "strict_transport_security": {
                "access_control_max_age_sec": 0,
                "override": False,
                "include_subdomains": False,
                "preload": False,
            },
            "xss_protection": {
                "override": False,
                "protection": False,
                "mode_block": False,
                "report_uri": "string",
            },
        },
        server_timing_headers_config={
            "enabled": False,
            "sampling_rate": 0,
        })
    
    const responseHeadersPolicyResource = new aws.cloudfront.ResponseHeadersPolicy("responseHeadersPolicyResource", {
        comment: "string",
        corsConfig: {
            accessControlAllowCredentials: false,
            accessControlAllowHeaders: {
                items: ["string"],
            },
            accessControlAllowMethods: {
                items: ["string"],
            },
            accessControlAllowOrigins: {
                items: ["string"],
            },
            originOverride: false,
            accessControlExposeHeaders: {
                items: ["string"],
            },
            accessControlMaxAgeSec: 0,
        },
        customHeadersConfig: {
            items: [{
                header: "string",
                override: false,
                value: "string",
            }],
        },
        etag: "string",
        name: "string",
        removeHeadersConfig: {
            items: [{
                header: "string",
            }],
        },
        securityHeadersConfig: {
            contentSecurityPolicy: {
                contentSecurityPolicy: "string",
                override: false,
            },
            contentTypeOptions: {
                override: false,
            },
            frameOptions: {
                frameOption: "string",
                override: false,
            },
            referrerPolicy: {
                override: false,
                referrerPolicy: "string",
            },
            strictTransportSecurity: {
                accessControlMaxAgeSec: 0,
                override: false,
                includeSubdomains: false,
                preload: false,
            },
            xssProtection: {
                override: false,
                protection: false,
                modeBlock: false,
                reportUri: "string",
            },
        },
        serverTimingHeadersConfig: {
            enabled: false,
            samplingRate: 0,
        },
    });
    
    type: aws:cloudfront:ResponseHeadersPolicy
    properties:
        comment: string
        corsConfig:
            accessControlAllowCredentials: false
            accessControlAllowHeaders:
                items:
                    - string
            accessControlAllowMethods:
                items:
                    - string
            accessControlAllowOrigins:
                items:
                    - string
            accessControlExposeHeaders:
                items:
                    - string
            accessControlMaxAgeSec: 0
            originOverride: false
        customHeadersConfig:
            items:
                - header: string
                  override: false
                  value: string
        etag: string
        name: string
        removeHeadersConfig:
            items:
                - header: string
        securityHeadersConfig:
            contentSecurityPolicy:
                contentSecurityPolicy: string
                override: false
            contentTypeOptions:
                override: false
            frameOptions:
                frameOption: string
                override: false
            referrerPolicy:
                override: false
                referrerPolicy: string
            strictTransportSecurity:
                accessControlMaxAgeSec: 0
                includeSubdomains: false
                override: false
                preload: false
            xssProtection:
                modeBlock: false
                override: false
                protection: false
                reportUri: string
        serverTimingHeadersConfig:
            enabled: false
            samplingRate: 0
    

    ResponseHeadersPolicy Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The ResponseHeadersPolicy resource accepts the following input properties:

    Comment string
    A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
    CorsConfig ResponseHeadersPolicyCorsConfig
    A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
    CustomHeadersConfig ResponseHeadersPolicyCustomHeadersConfig
    Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
    Etag string
    The current version of the response headers policy.
    Name string
    A unique name to identify the response headers policy.
    RemoveHeadersConfig ResponseHeadersPolicyRemoveHeadersConfig
    A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute items that contains a list of headers. See Remove Header for more information.
    SecurityHeadersConfig ResponseHeadersPolicySecurityHeadersConfig
    A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
    ServerTimingHeadersConfig ResponseHeadersPolicyServerTimingHeadersConfig
    A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
    Comment string
    A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
    CorsConfig ResponseHeadersPolicyCorsConfigArgs
    A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
    CustomHeadersConfig ResponseHeadersPolicyCustomHeadersConfigArgs
    Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
    Etag string
    The current version of the response headers policy.
    Name string
    A unique name to identify the response headers policy.
    RemoveHeadersConfig ResponseHeadersPolicyRemoveHeadersConfigArgs
    A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute items that contains a list of headers. See Remove Header for more information.
    SecurityHeadersConfig ResponseHeadersPolicySecurityHeadersConfigArgs
    A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
    ServerTimingHeadersConfig ResponseHeadersPolicyServerTimingHeadersConfigArgs
    A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
    comment String
    A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
    corsConfig ResponseHeadersPolicyCorsConfig
    A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
    customHeadersConfig ResponseHeadersPolicyCustomHeadersConfig
    Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
    etag String
    The current version of the response headers policy.
    name String
    A unique name to identify the response headers policy.
    removeHeadersConfig ResponseHeadersPolicyRemoveHeadersConfig
    A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute items that contains a list of headers. See Remove Header for more information.
    securityHeadersConfig ResponseHeadersPolicySecurityHeadersConfig
    A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
    serverTimingHeadersConfig ResponseHeadersPolicyServerTimingHeadersConfig
    A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
    comment string
    A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
    corsConfig ResponseHeadersPolicyCorsConfig
    A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
    customHeadersConfig ResponseHeadersPolicyCustomHeadersConfig
    Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
    etag string
    The current version of the response headers policy.
    name string
    A unique name to identify the response headers policy.
    removeHeadersConfig ResponseHeadersPolicyRemoveHeadersConfig
    A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute items that contains a list of headers. See Remove Header for more information.
    securityHeadersConfig ResponseHeadersPolicySecurityHeadersConfig
    A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
    serverTimingHeadersConfig ResponseHeadersPolicyServerTimingHeadersConfig
    A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
    comment str
    A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
    cors_config ResponseHeadersPolicyCorsConfigArgs
    A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
    custom_headers_config ResponseHeadersPolicyCustomHeadersConfigArgs
    Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
    etag str
    The current version of the response headers policy.
    name str
    A unique name to identify the response headers policy.
    remove_headers_config ResponseHeadersPolicyRemoveHeadersConfigArgs
    A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute items that contains a list of headers. See Remove Header for more information.
    security_headers_config ResponseHeadersPolicySecurityHeadersConfigArgs
    A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
    server_timing_headers_config ResponseHeadersPolicyServerTimingHeadersConfigArgs
    A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
    comment String
    A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
    corsConfig Property Map
    A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
    customHeadersConfig Property Map
    Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
    etag String
    The current version of the response headers policy.
    name String
    A unique name to identify the response headers policy.
    removeHeadersConfig Property Map
    A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute items that contains a list of headers. See Remove Header for more information.
    securityHeadersConfig Property Map
    A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
    serverTimingHeadersConfig Property Map
    A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the ResponseHeadersPolicy resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing ResponseHeadersPolicy Resource

    Get an existing ResponseHeadersPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: ResponseHeadersPolicyState, opts?: CustomResourceOptions): ResponseHeadersPolicy
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            comment: Optional[str] = None,
            cors_config: Optional[ResponseHeadersPolicyCorsConfigArgs] = None,
            custom_headers_config: Optional[ResponseHeadersPolicyCustomHeadersConfigArgs] = None,
            etag: Optional[str] = None,
            name: Optional[str] = None,
            remove_headers_config: Optional[ResponseHeadersPolicyRemoveHeadersConfigArgs] = None,
            security_headers_config: Optional[ResponseHeadersPolicySecurityHeadersConfigArgs] = None,
            server_timing_headers_config: Optional[ResponseHeadersPolicyServerTimingHeadersConfigArgs] = None) -> ResponseHeadersPolicy
    func GetResponseHeadersPolicy(ctx *Context, name string, id IDInput, state *ResponseHeadersPolicyState, opts ...ResourceOption) (*ResponseHeadersPolicy, error)
    public static ResponseHeadersPolicy Get(string name, Input<string> id, ResponseHeadersPolicyState? state, CustomResourceOptions? opts = null)
    public static ResponseHeadersPolicy get(String name, Output<String> id, ResponseHeadersPolicyState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Comment string
    A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
    CorsConfig ResponseHeadersPolicyCorsConfig
    A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
    CustomHeadersConfig ResponseHeadersPolicyCustomHeadersConfig
    Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
    Etag string
    The current version of the response headers policy.
    Name string
    A unique name to identify the response headers policy.
    RemoveHeadersConfig ResponseHeadersPolicyRemoveHeadersConfig
    A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute items that contains a list of headers. See Remove Header for more information.
    SecurityHeadersConfig ResponseHeadersPolicySecurityHeadersConfig
    A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
    ServerTimingHeadersConfig ResponseHeadersPolicyServerTimingHeadersConfig
    A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
    Comment string
    A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
    CorsConfig ResponseHeadersPolicyCorsConfigArgs
    A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
    CustomHeadersConfig ResponseHeadersPolicyCustomHeadersConfigArgs
    Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
    Etag string
    The current version of the response headers policy.
    Name string
    A unique name to identify the response headers policy.
    RemoveHeadersConfig ResponseHeadersPolicyRemoveHeadersConfigArgs
    A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute items that contains a list of headers. See Remove Header for more information.
    SecurityHeadersConfig ResponseHeadersPolicySecurityHeadersConfigArgs
    A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
    ServerTimingHeadersConfig ResponseHeadersPolicyServerTimingHeadersConfigArgs
    A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
    comment String
    A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
    corsConfig ResponseHeadersPolicyCorsConfig
    A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
    customHeadersConfig ResponseHeadersPolicyCustomHeadersConfig
    Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
    etag String
    The current version of the response headers policy.
    name String
    A unique name to identify the response headers policy.
    removeHeadersConfig ResponseHeadersPolicyRemoveHeadersConfig
    A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute items that contains a list of headers. See Remove Header for more information.
    securityHeadersConfig ResponseHeadersPolicySecurityHeadersConfig
    A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
    serverTimingHeadersConfig ResponseHeadersPolicyServerTimingHeadersConfig
    A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
    comment string
    A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
    corsConfig ResponseHeadersPolicyCorsConfig
    A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
    customHeadersConfig ResponseHeadersPolicyCustomHeadersConfig
    Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
    etag string
    The current version of the response headers policy.
    name string
    A unique name to identify the response headers policy.
    removeHeadersConfig ResponseHeadersPolicyRemoveHeadersConfig
    A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute items that contains a list of headers. See Remove Header for more information.
    securityHeadersConfig ResponseHeadersPolicySecurityHeadersConfig
    A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
    serverTimingHeadersConfig ResponseHeadersPolicyServerTimingHeadersConfig
    A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
    comment str
    A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
    cors_config ResponseHeadersPolicyCorsConfigArgs
    A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
    custom_headers_config ResponseHeadersPolicyCustomHeadersConfigArgs
    Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
    etag str
    The current version of the response headers policy.
    name str
    A unique name to identify the response headers policy.
    remove_headers_config ResponseHeadersPolicyRemoveHeadersConfigArgs
    A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute items that contains a list of headers. See Remove Header for more information.
    security_headers_config ResponseHeadersPolicySecurityHeadersConfigArgs
    A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
    server_timing_headers_config ResponseHeadersPolicyServerTimingHeadersConfigArgs
    A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
    comment String
    A comment to describe the response headers policy. The comment cannot be longer than 128 characters.
    corsConfig Property Map
    A configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
    customHeadersConfig Property Map
    Object that contains an attribute items that contains a list of custom headers. See Custom Header for more information.
    etag String
    The current version of the response headers policy.
    name String
    A unique name to identify the response headers policy.
    removeHeadersConfig Property Map
    A configuration for a set of HTTP headers to remove from the HTTP response. Object that contains an attribute items that contains a list of headers. See Remove Header for more information.
    securityHeadersConfig Property Map
    A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
    serverTimingHeadersConfig Property Map
    A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

    Supporting Types

    ResponseHeadersPolicyCorsConfig, ResponseHeadersPolicyCorsConfigArgs

    AccessControlAllowCredentials bool
    A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
    AccessControlAllowHeaders ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders
    Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
    AccessControlAllowMethods ResponseHeadersPolicyCorsConfigAccessControlAllowMethods
    Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
    AccessControlAllowOrigins ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins
    Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
    OriginOverride bool
    A Boolean value that determines how CloudFront behaves for the HTTP response header.
    AccessControlExposeHeaders ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders
    Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
    AccessControlMaxAgeSec int
    A number that CloudFront uses as the value for the Access-Control-Max-Age HTTP response header.
    AccessControlAllowCredentials bool
    A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
    AccessControlAllowHeaders ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders
    Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
    AccessControlAllowMethods ResponseHeadersPolicyCorsConfigAccessControlAllowMethods
    Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
    AccessControlAllowOrigins ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins
    Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
    OriginOverride bool
    A Boolean value that determines how CloudFront behaves for the HTTP response header.
    AccessControlExposeHeaders ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders
    Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
    AccessControlMaxAgeSec int
    A number that CloudFront uses as the value for the Access-Control-Max-Age HTTP response header.
    accessControlAllowCredentials Boolean
    A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
    accessControlAllowHeaders ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders
    Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
    accessControlAllowMethods ResponseHeadersPolicyCorsConfigAccessControlAllowMethods
    Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
    accessControlAllowOrigins ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins
    Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
    originOverride Boolean
    A Boolean value that determines how CloudFront behaves for the HTTP response header.
    accessControlExposeHeaders ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders
    Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
    accessControlMaxAgeSec Integer
    A number that CloudFront uses as the value for the Access-Control-Max-Age HTTP response header.
    accessControlAllowCredentials boolean
    A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
    accessControlAllowHeaders ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders
    Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
    accessControlAllowMethods ResponseHeadersPolicyCorsConfigAccessControlAllowMethods
    Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
    accessControlAllowOrigins ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins
    Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
    originOverride boolean
    A Boolean value that determines how CloudFront behaves for the HTTP response header.
    accessControlExposeHeaders ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders
    Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
    accessControlMaxAgeSec number
    A number that CloudFront uses as the value for the Access-Control-Max-Age HTTP response header.
    access_control_allow_credentials bool
    A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
    access_control_allow_headers ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders
    Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
    access_control_allow_methods ResponseHeadersPolicyCorsConfigAccessControlAllowMethods
    Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
    access_control_allow_origins ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins
    Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
    origin_override bool
    A Boolean value that determines how CloudFront behaves for the HTTP response header.
    access_control_expose_headers ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders
    Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
    access_control_max_age_sec int
    A number that CloudFront uses as the value for the Access-Control-Max-Age HTTP response header.
    accessControlAllowCredentials Boolean
    A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
    accessControlAllowHeaders Property Map
    Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
    accessControlAllowMethods Property Map
    Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
    accessControlAllowOrigins Property Map
    Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
    originOverride Boolean
    A Boolean value that determines how CloudFront behaves for the HTTP response header.
    accessControlExposeHeaders Property Map
    Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
    accessControlMaxAgeSec Number
    A number that CloudFront uses as the value for the Access-Control-Max-Age HTTP response header.

    ResponseHeadersPolicyCorsConfigAccessControlAllowHeaders, ResponseHeadersPolicyCorsConfigAccessControlAllowHeadersArgs

    Items List<string>
    Items []string
    items List<String>
    items string[]
    items Sequence[str]
    items List<String>

    ResponseHeadersPolicyCorsConfigAccessControlAllowMethods, ResponseHeadersPolicyCorsConfigAccessControlAllowMethodsArgs

    Items List<string>
    Items []string
    items List<String>
    items string[]
    items Sequence[str]
    items List<String>

    ResponseHeadersPolicyCorsConfigAccessControlAllowOrigins, ResponseHeadersPolicyCorsConfigAccessControlAllowOriginsArgs

    Items List<string>
    Items []string
    items List<String>
    items string[]
    items Sequence[str]
    items List<String>

    ResponseHeadersPolicyCorsConfigAccessControlExposeHeaders, ResponseHeadersPolicyCorsConfigAccessControlExposeHeadersArgs

    Items List<string>
    Items []string
    items List<String>
    items string[]
    items Sequence[str]
    items List<String>

    ResponseHeadersPolicyCustomHeadersConfig, ResponseHeadersPolicyCustomHeadersConfigArgs

    ResponseHeadersPolicyCustomHeadersConfigItem, ResponseHeadersPolicyCustomHeadersConfigItemArgs

    Header string
    Override bool
    Value string
    The value for the HTTP response header.
    Header string
    Override bool
    Value string
    The value for the HTTP response header.
    header String
    override Boolean
    value String
    The value for the HTTP response header.
    header string
    override boolean
    value string
    The value for the HTTP response header.
    header str
    override bool
    value str
    The value for the HTTP response header.
    header String
    override Boolean
    value String
    The value for the HTTP response header.

    ResponseHeadersPolicyRemoveHeadersConfig, ResponseHeadersPolicyRemoveHeadersConfigArgs

    ResponseHeadersPolicyRemoveHeadersConfigItem, ResponseHeadersPolicyRemoveHeadersConfigItemArgs

    Header string
    Header string
    header String
    header string
    header str
    header String

    ResponseHeadersPolicySecurityHeadersConfig, ResponseHeadersPolicySecurityHeadersConfigArgs

    ContentSecurityPolicy ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header. See Content Security Policy for more information.
    ContentTypeOptions ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions
    Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
    FrameOptions ResponseHeadersPolicySecurityHeadersConfigFrameOptions
    Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
    ReferrerPolicy ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy
    Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header’s value. See Referrer Policy for more information.
    StrictTransportSecurity ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity
    Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
    XssProtection ResponseHeadersPolicySecurityHeadersConfigXssProtection
    Determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.
    ContentSecurityPolicy ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header. See Content Security Policy for more information.
    ContentTypeOptions ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions
    Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
    FrameOptions ResponseHeadersPolicySecurityHeadersConfigFrameOptions
    Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
    ReferrerPolicy ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy
    Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header’s value. See Referrer Policy for more information.
    StrictTransportSecurity ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity
    Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
    XssProtection ResponseHeadersPolicySecurityHeadersConfigXssProtection
    Determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.
    contentSecurityPolicy ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header. See Content Security Policy for more information.
    contentTypeOptions ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions
    Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
    frameOptions ResponseHeadersPolicySecurityHeadersConfigFrameOptions
    Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
    referrerPolicy ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy
    Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header’s value. See Referrer Policy for more information.
    strictTransportSecurity ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity
    Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
    xssProtection ResponseHeadersPolicySecurityHeadersConfigXssProtection
    Determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.
    contentSecurityPolicy ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header. See Content Security Policy for more information.
    contentTypeOptions ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions
    Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
    frameOptions ResponseHeadersPolicySecurityHeadersConfigFrameOptions
    Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
    referrerPolicy ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy
    Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header’s value. See Referrer Policy for more information.
    strictTransportSecurity ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity
    Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
    xssProtection ResponseHeadersPolicySecurityHeadersConfigXssProtection
    Determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.
    content_security_policy ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header. See Content Security Policy for more information.
    content_type_options ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions
    Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
    frame_options ResponseHeadersPolicySecurityHeadersConfigFrameOptions
    Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
    referrer_policy ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy
    Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header’s value. See Referrer Policy for more information.
    strict_transport_security ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity
    Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
    xss_protection ResponseHeadersPolicySecurityHeadersConfigXssProtection
    Determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.
    contentSecurityPolicy Property Map
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header. See Content Security Policy for more information.
    contentTypeOptions Property Map
    Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
    frameOptions Property Map
    Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
    referrerPolicy Property Map
    Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header’s value. See Referrer Policy for more information.
    strictTransportSecurity Property Map
    Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
    xssProtection Property Map
    Determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

    ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy, ResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicyArgs

    ContentSecurityPolicy string
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
    Override bool
    Whether CloudFront overrides the Content-Security-Policy HTTP response header received from the origin with the one specified in this response headers policy.
    ContentSecurityPolicy string
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
    Override bool
    Whether CloudFront overrides the Content-Security-Policy HTTP response header received from the origin with the one specified in this response headers policy.
    contentSecurityPolicy String
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
    override Boolean
    Whether CloudFront overrides the Content-Security-Policy HTTP response header received from the origin with the one specified in this response headers policy.
    contentSecurityPolicy string
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
    override boolean
    Whether CloudFront overrides the Content-Security-Policy HTTP response header received from the origin with the one specified in this response headers policy.
    content_security_policy str
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
    override bool
    Whether CloudFront overrides the Content-Security-Policy HTTP response header received from the origin with the one specified in this response headers policy.
    contentSecurityPolicy String
    The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
    override Boolean
    Whether CloudFront overrides the Content-Security-Policy HTTP response header received from the origin with the one specified in this response headers policy.

    ResponseHeadersPolicySecurityHeadersConfigContentTypeOptions, ResponseHeadersPolicySecurityHeadersConfigContentTypeOptionsArgs

    Override bool
    Whether CloudFront overrides the X-Content-Type-Options HTTP response header received from the origin with the one specified in this response headers policy.
    Override bool
    Whether CloudFront overrides the X-Content-Type-Options HTTP response header received from the origin with the one specified in this response headers policy.
    override Boolean
    Whether CloudFront overrides the X-Content-Type-Options HTTP response header received from the origin with the one specified in this response headers policy.
    override boolean
    Whether CloudFront overrides the X-Content-Type-Options HTTP response header received from the origin with the one specified in this response headers policy.
    override bool
    Whether CloudFront overrides the X-Content-Type-Options HTTP response header received from the origin with the one specified in this response headers policy.
    override Boolean
    Whether CloudFront overrides the X-Content-Type-Options HTTP response header received from the origin with the one specified in this response headers policy.

    ResponseHeadersPolicySecurityHeadersConfigFrameOptions, ResponseHeadersPolicySecurityHeadersConfigFrameOptionsArgs

    FrameOption string
    The value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
    Override bool
    Whether CloudFront overrides the X-Frame-Options HTTP response header received from the origin with the one specified in this response headers policy.
    FrameOption string
    The value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
    Override bool
    Whether CloudFront overrides the X-Frame-Options HTTP response header received from the origin with the one specified in this response headers policy.
    frameOption String
    The value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
    override Boolean
    Whether CloudFront overrides the X-Frame-Options HTTP response header received from the origin with the one specified in this response headers policy.
    frameOption string
    The value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
    override boolean
    Whether CloudFront overrides the X-Frame-Options HTTP response header received from the origin with the one specified in this response headers policy.
    frame_option str
    The value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
    override bool
    Whether CloudFront overrides the X-Frame-Options HTTP response header received from the origin with the one specified in this response headers policy.
    frameOption String
    The value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
    override Boolean
    Whether CloudFront overrides the X-Frame-Options HTTP response header received from the origin with the one specified in this response headers policy.

    ResponseHeadersPolicySecurityHeadersConfigReferrerPolicy, ResponseHeadersPolicySecurityHeadersConfigReferrerPolicyArgs

    Override bool
    Whether CloudFront overrides the Referrer-Policy HTTP response header received from the origin with the one specified in this response headers policy.
    ReferrerPolicy string
    The value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
    Override bool
    Whether CloudFront overrides the Referrer-Policy HTTP response header received from the origin with the one specified in this response headers policy.
    ReferrerPolicy string
    The value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
    override Boolean
    Whether CloudFront overrides the Referrer-Policy HTTP response header received from the origin with the one specified in this response headers policy.
    referrerPolicy String
    The value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
    override boolean
    Whether CloudFront overrides the Referrer-Policy HTTP response header received from the origin with the one specified in this response headers policy.
    referrerPolicy string
    The value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
    override bool
    Whether CloudFront overrides the Referrer-Policy HTTP response header received from the origin with the one specified in this response headers policy.
    referrer_policy str
    The value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
    override Boolean
    Whether CloudFront overrides the Referrer-Policy HTTP response header received from the origin with the one specified in this response headers policy.
    referrerPolicy String
    The value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

    ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity, ResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurityArgs

    AccessControlMaxAgeSec int
    A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
    Override bool
    Whether CloudFront overrides the Strict-Transport-Security HTTP response header received from the origin with the one specified in this response headers policy.
    IncludeSubdomains bool
    Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
    Preload bool
    Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
    AccessControlMaxAgeSec int
    A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
    Override bool
    Whether CloudFront overrides the Strict-Transport-Security HTTP response header received from the origin with the one specified in this response headers policy.
    IncludeSubdomains bool
    Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
    Preload bool
    Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
    accessControlMaxAgeSec Integer
    A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
    override Boolean
    Whether CloudFront overrides the Strict-Transport-Security HTTP response header received from the origin with the one specified in this response headers policy.
    includeSubdomains Boolean
    Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
    preload Boolean
    Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
    accessControlMaxAgeSec number
    A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
    override boolean
    Whether CloudFront overrides the Strict-Transport-Security HTTP response header received from the origin with the one specified in this response headers policy.
    includeSubdomains boolean
    Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
    preload boolean
    Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
    access_control_max_age_sec int
    A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
    override bool
    Whether CloudFront overrides the Strict-Transport-Security HTTP response header received from the origin with the one specified in this response headers policy.
    include_subdomains bool
    Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
    preload bool
    Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
    accessControlMaxAgeSec Number
    A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
    override Boolean
    Whether CloudFront overrides the Strict-Transport-Security HTTP response header received from the origin with the one specified in this response headers policy.
    includeSubdomains Boolean
    Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
    preload Boolean
    Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

    ResponseHeadersPolicySecurityHeadersConfigXssProtection, ResponseHeadersPolicySecurityHeadersConfigXssProtectionArgs

    Override bool
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    Protection bool
    A Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
    ModeBlock bool
    Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
    ReportUri string
    A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header. You cannot specify a report_uri when mode_block is true.
    Override bool
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    Protection bool
    A Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
    ModeBlock bool
    Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
    ReportUri string
    A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header. You cannot specify a report_uri when mode_block is true.
    override Boolean
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    protection Boolean
    A Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
    modeBlock Boolean
    Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
    reportUri String
    A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header. You cannot specify a report_uri when mode_block is true.
    override boolean
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    protection boolean
    A Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
    modeBlock boolean
    Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
    reportUri string
    A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header. You cannot specify a report_uri when mode_block is true.
    override bool
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    protection bool
    A Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
    mode_block bool
    Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
    report_uri str
    A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header. You cannot specify a report_uri when mode_block is true.
    override Boolean
    Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
    protection Boolean
    A Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
    modeBlock Boolean
    Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
    reportUri String
    A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header. You cannot specify a report_uri when mode_block is true.

    ResponseHeadersPolicyServerTimingHeadersConfig, ResponseHeadersPolicyServerTimingHeadersConfigArgs

    Enabled bool
    A Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
    SamplingRate double
    A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. Valid range: Minimum value of 0.0. Maximum value of 100.0.
    Enabled bool
    A Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
    SamplingRate float64
    A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. Valid range: Minimum value of 0.0. Maximum value of 100.0.
    enabled Boolean
    A Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
    samplingRate Double
    A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. Valid range: Minimum value of 0.0. Maximum value of 100.0.
    enabled boolean
    A Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
    samplingRate number
    A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. Valid range: Minimum value of 0.0. Maximum value of 100.0.
    enabled bool
    A Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
    sampling_rate float
    A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. Valid range: Minimum value of 0.0. Maximum value of 100.0.
    enabled Boolean
    A Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
    samplingRate Number
    A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to. Valid range: Minimum value of 0.0. Maximum value of 100.0.

    Import

    Using pulumi import, import Cloudfront Response Headers Policies using the id. For example:

    $ pulumi import aws:cloudfront/responseHeadersPolicy:ResponseHeadersPolicy policy 658327ea-f89d-4fab-a63d-7e88639e58f9
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo
    AWS v6.60.0 published on Tuesday, Nov 19, 2024 by Pulumi