AWS v6.76.0, Apr 8 25

AWS v6.76.0 published on Tuesday, Apr 8, 2025 by Pulumi

aws.cloudfront.getResponseHeadersPolicy

Explore with Pulumi AI

AWS v6.76.0 published on Tuesday, Apr 8, 2025 by Pulumi

Example Usage

Basic Usage

TypeScript
Python
Go
C#
Java
YAML

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = aws.cloudfront.getResponseHeadersPolicy({
    name: "example-policy",
});

import pulumi
import pulumi_aws as aws

example = aws.cloudfront.get_response_headers_policy(name="example-policy")

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := cloudfront.LookupResponseHeadersPolicy(ctx, &cloudfront.LookupResponseHeadersPolicyArgs{
			Name: pulumi.StringRef("example-policy"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var example = Aws.CloudFront.GetResponseHeadersPolicy.Invoke(new()
    {
        Name = "example-policy",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.CloudfrontFunctions;
import com.pulumi.aws.cloudfront.inputs.GetResponseHeadersPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var example = CloudfrontFunctions.getResponseHeadersPolicy(GetResponseHeadersPolicyArgs.builder()
            .name("example-policy")
            .build());

    }
}

variables:
  example:
    fn::invoke:
      function: aws:cloudfront:getResponseHeadersPolicy
      arguments:
        name: example-policy

AWS-Managed Policies

AWS managed response header policy names are prefixed with Managed-:

TypeScript
Python
Go
C#
Java
YAML

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = aws.cloudfront.getResponseHeadersPolicy({
    name: "Managed-SimpleCORS",
});

import pulumi
import pulumi_aws as aws

example = aws.cloudfront.get_response_headers_policy(name="Managed-SimpleCORS")

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := cloudfront.LookupResponseHeadersPolicy(ctx, &cloudfront.LookupResponseHeadersPolicyArgs{
			Name: pulumi.StringRef("Managed-SimpleCORS"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var example = Aws.CloudFront.GetResponseHeadersPolicy.Invoke(new()
    {
        Name = "Managed-SimpleCORS",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.CloudfrontFunctions;
import com.pulumi.aws.cloudfront.inputs.GetResponseHeadersPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var example = CloudfrontFunctions.getResponseHeadersPolicy(GetResponseHeadersPolicyArgs.builder()
            .name("Managed-SimpleCORS")
            .build());

    }
}

variables:
  example:
    fn::invoke:
      function: aws:cloudfront:getResponseHeadersPolicy
      arguments:
        name: Managed-SimpleCORS

Using getResponseHeadersPolicy

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

TypeScript
Python
Go
C#
Java
YAML

function getResponseHeadersPolicy(args: GetResponseHeadersPolicyArgs, opts?: InvokeOptions): Promise<GetResponseHeadersPolicyResult>
function getResponseHeadersPolicyOutput(args: GetResponseHeadersPolicyOutputArgs, opts?: InvokeOptions): Output<GetResponseHeadersPolicyResult>

def get_response_headers_policy(id: Optional[str] = None,
                                name: Optional[str] = None,
                                opts: Optional[InvokeOptions] = None) -> GetResponseHeadersPolicyResult
def get_response_headers_policy_output(id: Optional[pulumi.Input[str]] = None,
                                name: Optional[pulumi.Input[str]] = None,
                                opts: Optional[InvokeOptions] = None) -> Output[GetResponseHeadersPolicyResult]

func LookupResponseHeadersPolicy(ctx *Context, args *LookupResponseHeadersPolicyArgs, opts ...InvokeOption) (*LookupResponseHeadersPolicyResult, error)
func LookupResponseHeadersPolicyOutput(ctx *Context, args *LookupResponseHeadersPolicyOutputArgs, opts ...InvokeOption) LookupResponseHeadersPolicyResultOutput

> Note: This function is named LookupResponseHeadersPolicy in the Go SDK.

public static class GetResponseHeadersPolicy 
{
    public static Task<GetResponseHeadersPolicyResult> InvokeAsync(GetResponseHeadersPolicyArgs args, InvokeOptions? opts = null)
    public static Output<GetResponseHeadersPolicyResult> Invoke(GetResponseHeadersPolicyInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetResponseHeadersPolicyResult> getResponseHeadersPolicy(GetResponseHeadersPolicyArgs args, InvokeOptions options)
public static Output<GetResponseHeadersPolicyResult> getResponseHeadersPolicy(GetResponseHeadersPolicyArgs args, InvokeOptions options)

fn::invoke:
  function: aws:cloudfront/getResponseHeadersPolicy:getResponseHeadersPolicy
  arguments:
    # arguments dictionary

The following arguments are supported:

Id string: Identifier for the response headers policy.
Name string: Unique name to identify the response headers policy.

Id string: Identifier for the response headers policy.
Name string: Unique name to identify the response headers policy.

id String: Identifier for the response headers policy.
name String: Unique name to identify the response headers policy.

id string: Identifier for the response headers policy.
name string: Unique name to identify the response headers policy.

id str: Identifier for the response headers policy.
name str: Unique name to identify the response headers policy.

id String: Identifier for the response headers policy.
name String: Unique name to identify the response headers policy.

getResponseHeadersPolicy Result

The following output properties are available:

Arn string: The response headers policy ARN.
Comment string: Comment to describe the response headers policy. The comment cannot be longer than 128 characters.
CorsConfigs List<GetResponseHeadersPolicyCorsConfig>: Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
CustomHeadersConfigs List<GetResponseHeadersPolicyCustomHeadersConfig>: Object that contains an attribute items that contains a list of Custom Headers. See Custom Header for more information.
Etag string: Current version of the response headers policy.
Id string
Name string
RemoveHeadersConfigs List<GetResponseHeadersPolicyRemoveHeadersConfig>: Object that contains an attribute items that contains a list of Remove Headers. See Remove Header for more information.
SecurityHeadersConfigs List<GetResponseHeadersPolicySecurityHeadersConfig>: A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
ServerTimingHeadersConfigs List<GetResponseHeadersPolicyServerTimingHeadersConfig>: (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

Arn string: The response headers policy ARN.
Comment string: Comment to describe the response headers policy. The comment cannot be longer than 128 characters.
CorsConfigs []GetResponseHeadersPolicyCorsConfig: Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
CustomHeadersConfigs []GetResponseHeadersPolicyCustomHeadersConfig: Object that contains an attribute items that contains a list of Custom Headers. See Custom Header for more information.
Etag string: Current version of the response headers policy.
Id string
Name string
RemoveHeadersConfigs []GetResponseHeadersPolicyRemoveHeadersConfig: Object that contains an attribute items that contains a list of Remove Headers. See Remove Header for more information.
SecurityHeadersConfigs []GetResponseHeadersPolicySecurityHeadersConfig: A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
ServerTimingHeadersConfigs []GetResponseHeadersPolicyServerTimingHeadersConfig: (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

arn String: The response headers policy ARN.
comment String: Comment to describe the response headers policy. The comment cannot be longer than 128 characters.
corsConfigs List<GetResponseHeadersPolicyCorsConfig>: Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
customHeadersConfigs List<GetResponseHeadersPolicyCustomHeadersConfig>: Object that contains an attribute items that contains a list of Custom Headers. See Custom Header for more information.
etag String: Current version of the response headers policy.
id String
name String
removeHeadersConfigs List<GetResponseHeadersPolicyRemoveHeadersConfig>: Object that contains an attribute items that contains a list of Remove Headers. See Remove Header for more information.
securityHeadersConfigs List<GetResponseHeadersPolicySecurityHeadersConfig>: A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
serverTimingHeadersConfigs List<GetResponseHeadersPolicyServerTimingHeadersConfig>: (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

arn string: The response headers policy ARN.
comment string: Comment to describe the response headers policy. The comment cannot be longer than 128 characters.
corsConfigs GetResponseHeadersPolicyCorsConfig[]: Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
customHeadersConfigs GetResponseHeadersPolicyCustomHeadersConfig[]: Object that contains an attribute items that contains a list of Custom Headers. See Custom Header for more information.
etag string: Current version of the response headers policy.
id string
name string
removeHeadersConfigs GetResponseHeadersPolicyRemoveHeadersConfig[]: Object that contains an attribute items that contains a list of Remove Headers. See Remove Header for more information.
securityHeadersConfigs GetResponseHeadersPolicySecurityHeadersConfig[]: A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
serverTimingHeadersConfigs GetResponseHeadersPolicyServerTimingHeadersConfig[]: (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

arn str: The response headers policy ARN.
comment str: Comment to describe the response headers policy. The comment cannot be longer than 128 characters.
cors_configs Sequence[GetResponseHeadersPolicyCorsConfig]: Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
custom_headers_configs Sequence[GetResponseHeadersPolicyCustomHeadersConfig]: Object that contains an attribute items that contains a list of Custom Headers. See Custom Header for more information.
etag str: Current version of the response headers policy.
id str
name str
remove_headers_configs Sequence[GetResponseHeadersPolicyRemoveHeadersConfig]: Object that contains an attribute items that contains a list of Remove Headers. See Remove Header for more information.
security_headers_configs Sequence[GetResponseHeadersPolicySecurityHeadersConfig]: A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
server_timing_headers_configs Sequence[GetResponseHeadersPolicyServerTimingHeadersConfig]: (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

arn String: The response headers policy ARN.
comment String: Comment to describe the response headers policy. The comment cannot be longer than 128 characters.
corsConfigs List<Property Map>: Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
customHeadersConfigs List<Property Map>: Object that contains an attribute items that contains a list of Custom Headers. See Custom Header for more information.
etag String: Current version of the response headers policy.
id String
name String
removeHeadersConfigs List<Property Map>: Object that contains an attribute items that contains a list of Remove Headers. See Remove Header for more information.
securityHeadersConfigs List<Property Map>: A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
serverTimingHeadersConfigs List<Property Map>: (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

Supporting Types

GetResponseHeadersPolicyCorsConfig

AccessControlAllowCredentials bool: A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
AccessControlAllowHeaders List<GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader>: Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
AccessControlAllowMethods List<GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod>: Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
AccessControlAllowOrigins List<GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin>: Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
AccessControlExposeHeaders List<GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader>: Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
AccessControlMaxAgeSec int: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
OriginOverride bool

AccessControlAllowCredentials bool: A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
AccessControlAllowHeaders []GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader: Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
AccessControlAllowMethods []GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod: Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
AccessControlAllowOrigins []GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin: Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
AccessControlExposeHeaders []GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader: Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
AccessControlMaxAgeSec int: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
OriginOverride bool

accessControlAllowCredentials Boolean: A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
accessControlAllowHeaders List<GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader>: Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
accessControlAllowMethods List<GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod>: Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
accessControlAllowOrigins List<GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin>: Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
accessControlExposeHeaders List<GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader>: Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
accessControlMaxAgeSec Integer: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
originOverride Boolean

accessControlAllowCredentials boolean: A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
accessControlAllowHeaders GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader[]: Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
accessControlAllowMethods GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod[]: Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
accessControlAllowOrigins GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin[]: Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
accessControlExposeHeaders GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader[]: Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
accessControlMaxAgeSec number: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
originOverride boolean

access_control_allow_credentials bool: A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
access_control_allow_headers Sequence[GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader]: Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
access_control_allow_methods Sequence[GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod]: Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
access_control_allow_origins Sequence[GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin]: Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
access_control_expose_headers Sequence[GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader]: Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
access_control_max_age_sec int: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
origin_override bool

accessControlAllowCredentials Boolean: A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
accessControlAllowHeaders List<Property Map>: Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
accessControlAllowMethods List<Property Map>: Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
accessControlAllowOrigins List<Property Map>: Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
accessControlExposeHeaders List<Property Map>: Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
accessControlMaxAgeSec Number: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
originOverride Boolean

GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader

Items List<string>

Items []string

items List<String>

items string[]

items Sequence[str]

items List<String>

GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod

Items List<string>

Items []string

items List<String>

items string[]

items Sequence[str]

items List<String>

GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin

Items List<string>

Items []string

items List<String>

items string[]

items Sequence[str]

items List<String>

GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader

Items List<string>

Items []string

items List<String>

items string[]

items Sequence[str]

items List<String>

GetResponseHeadersPolicyCustomHeadersConfig

Items List<GetResponseHeadersPolicyCustomHeadersConfigItem>

Items []GetResponseHeadersPolicyCustomHeadersConfigItem

items List<GetResponseHeadersPolicyCustomHeadersConfigItem>

items GetResponseHeadersPolicyCustomHeadersConfigItem[]

items Sequence[GetResponseHeadersPolicyCustomHeadersConfigItem]

items List<Property Map>

GetResponseHeadersPolicyCustomHeadersConfigItem

Header string: The HTTP header name.
Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
Value string: Value for the HTTP response header.

Header string: The HTTP header name.
Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
Value string: Value for the HTTP response header.

header String: The HTTP header name.
override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
value String: Value for the HTTP response header.

header string: The HTTP header name.
override boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
value string: Value for the HTTP response header.

header str: The HTTP header name.
override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
value str: Value for the HTTP response header.

header String: The HTTP header name.
override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
value String: Value for the HTTP response header.

GetResponseHeadersPolicyRemoveHeadersConfig

Items List<GetResponseHeadersPolicyRemoveHeadersConfigItem>

Items []GetResponseHeadersPolicyRemoveHeadersConfigItem

items List<GetResponseHeadersPolicyRemoveHeadersConfigItem>

items GetResponseHeadersPolicyRemoveHeadersConfigItem[]

items Sequence[GetResponseHeadersPolicyRemoveHeadersConfigItem]

items List<Property Map>

GetResponseHeadersPolicyRemoveHeadersConfigItem

Header string: The HTTP header name.

Header string: The HTTP header name.

header String: The HTTP header name.

header string: The HTTP header name.

header str: The HTTP header name.

header String: The HTTP header name.

GetResponseHeadersPolicySecurityHeadersConfig

ContentSecurityPolicies List<GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy>: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
ContentTypeOptions List<GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption>: A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
FrameOptions List<GetResponseHeadersPolicySecurityHeadersConfigFrameOption>: Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
ReferrerPolicies List<GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy>: Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
StrictTransportSecurities List<GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity>: Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
XssProtections List<GetResponseHeadersPolicySecurityHeadersConfigXssProtection>: Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

ContentSecurityPolicies []GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
ContentTypeOptions []GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption: A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
FrameOptions []GetResponseHeadersPolicySecurityHeadersConfigFrameOption: Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
ReferrerPolicies []GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy: Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
StrictTransportSecurities []GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity: Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
XssProtections []GetResponseHeadersPolicySecurityHeadersConfigXssProtection: Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

contentSecurityPolicies List<GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy>: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
contentTypeOptions List<GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption>: A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
frameOptions List<GetResponseHeadersPolicySecurityHeadersConfigFrameOption>: Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
referrerPolicies List<GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy>: Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
strictTransportSecurities List<GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity>: Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
xssProtections List<GetResponseHeadersPolicySecurityHeadersConfigXssProtection>: Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

contentSecurityPolicies GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy[]: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
contentTypeOptions GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption[]: A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
frameOptions GetResponseHeadersPolicySecurityHeadersConfigFrameOption[]: Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
referrerPolicies GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy[]: Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
strictTransportSecurities GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity[]: Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
xssProtections GetResponseHeadersPolicySecurityHeadersConfigXssProtection[]: Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

content_security_policies Sequence[GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy]: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
content_type_options Sequence[GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption]: A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
frame_options Sequence[GetResponseHeadersPolicySecurityHeadersConfigFrameOption]: Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
referrer_policies Sequence[GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy]: Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
strict_transport_securities Sequence[GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity]: Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
xss_protections Sequence[GetResponseHeadersPolicySecurityHeadersConfigXssProtection]: Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

contentSecurityPolicies List<Property Map>: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
contentTypeOptions List<Property Map>: A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
frameOptions List<Property Map>: Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
referrerPolicies List<Property Map>: Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
strictTransportSecurities List<Property Map>: Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
xssProtections List<Property Map>: Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy

ContentSecurityPolicy string: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

ContentSecurityPolicy string: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

contentSecurityPolicy String: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

contentSecurityPolicy string: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
override boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

content_security_policy str: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

contentSecurityPolicy String: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption

Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

override boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

GetResponseHeadersPolicySecurityHeadersConfigFrameOption

FrameOption string: Value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

FrameOption string: Value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

frameOption String: Value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

frameOption string: Value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
override boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

frame_option str: Value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

frameOption String: Value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy

Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
ReferrerPolicy string: Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
ReferrerPolicy string: Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
referrerPolicy String: Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

override boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
referrerPolicy string: Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
referrer_policy str: Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
referrerPolicy String: Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity

AccessControlMaxAgeSec int: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
IncludeSubdomains bool: Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
Preload bool: Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

AccessControlMaxAgeSec int: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
IncludeSubdomains bool: Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
Preload bool: Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

accessControlMaxAgeSec Integer: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
includeSubdomains Boolean: Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
preload Boolean: Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

accessControlMaxAgeSec number: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
includeSubdomains boolean: Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
override boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
preload boolean: Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

access_control_max_age_sec int: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
include_subdomains bool: Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
preload bool: Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

accessControlMaxAgeSec Number: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
includeSubdomains Boolean: Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
preload Boolean: Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

GetResponseHeadersPolicySecurityHeadersConfigXssProtection

ModeBlock bool: Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
Protection bool: Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
ReportUri string: Whether CloudFront sets a reporting URI in the X-XSS-Protection header.

ModeBlock bool: Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
Protection bool: Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
ReportUri string: Whether CloudFront sets a reporting URI in the X-XSS-Protection header.

modeBlock Boolean: Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
protection Boolean: Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
reportUri String: Whether CloudFront sets a reporting URI in the X-XSS-Protection header.

modeBlock boolean: Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
override boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
protection boolean: Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
reportUri string: Whether CloudFront sets a reporting URI in the X-XSS-Protection header.

mode_block bool: Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
protection bool: Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
report_uri str: Whether CloudFront sets a reporting URI in the X-XSS-Protection header.

modeBlock Boolean: Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
protection Boolean: Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
reportUri String: Whether CloudFront sets a reporting URI in the X-XSS-Protection header.

GetResponseHeadersPolicyServerTimingHeadersConfig

Enabled bool: Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
SamplingRate double: Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.

Enabled bool: Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
SamplingRate float64: Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.

enabled Boolean: Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
samplingRate Double: Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.

enabled boolean: Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
samplingRate number: Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.

enabled bool: Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
sampling_rate float: Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.

enabled Boolean: Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
samplingRate Number: Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.

Package Details

Repository: AWS Classic pulumi/pulumi-aws
License: Apache-2.0
Notes: This Pulumi package is based on the aws Terraform Provider.

AWS v6.76.0 published on Tuesday, Apr 8, 2025 by Pulumi

pulumi/pulumi-aws

aws.cloudfront.getResponseHeadersPolicy

On this page

On this page

Example Usage

Basic Usage

AWS-Managed Policies

Using getResponseHeadersPolicy

getResponseHeadersPolicy Result

Supporting Types

GetResponseHeadersPolicyCorsConfig

GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader

GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod

GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin

GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader

GetResponseHeadersPolicyCustomHeadersConfig

GetResponseHeadersPolicyCustomHeadersConfigItem

GetResponseHeadersPolicyRemoveHeadersConfig

GetResponseHeadersPolicyRemoveHeadersConfigItem

GetResponseHeadersPolicySecurityHeadersConfig

GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy

GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption

GetResponseHeadersPolicySecurityHeadersConfigFrameOption

GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy

GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity

GetResponseHeadersPolicySecurityHeadersConfigXssProtection

GetResponseHeadersPolicyServerTimingHeadersConfig

Package Details

On this page

On this page