AWS v6.71.0, Mar 7 25

AWS v6.71.0 published on Friday, Mar 7, 2025 by Pulumi

aws.cloudfront.getResponseHeadersPolicy

Explore with Pulumi AI

AWS v6.71.0 published on Friday, Mar 7, 2025 by Pulumi

pulumi/pulumi-aws

Example Usage

Basic Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = aws.cloudfront.getResponseHeadersPolicy({
    name: "example-policy",
});

import pulumi
import pulumi_aws as aws

example = aws.cloudfront.get_response_headers_policy(name="example-policy")

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := cloudfront.LookupResponseHeadersPolicy(ctx, &cloudfront.LookupResponseHeadersPolicyArgs{
			Name: pulumi.StringRef("example-policy"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var example = Aws.CloudFront.GetResponseHeadersPolicy.Invoke(new()
    {
        Name = "example-policy",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.CloudfrontFunctions;
import com.pulumi.aws.cloudfront.inputs.GetResponseHeadersPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var example = CloudfrontFunctions.getResponseHeadersPolicy(GetResponseHeadersPolicyArgs.builder()
            .name("example-policy")
            .build());

    }
}

variables:
  example:
    fn::invoke:
      function: aws:cloudfront:getResponseHeadersPolicy
      arguments:
        name: example-policy

AWS-Managed Policies

AWS managed response header policy names are prefixed with Managed-:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = aws.cloudfront.getResponseHeadersPolicy({
    name: "Managed-SimpleCORS",
});

import pulumi
import pulumi_aws as aws

example = aws.cloudfront.get_response_headers_policy(name="Managed-SimpleCORS")

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := cloudfront.LookupResponseHeadersPolicy(ctx, &cloudfront.LookupResponseHeadersPolicyArgs{
			Name: pulumi.StringRef("Managed-SimpleCORS"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var example = Aws.CloudFront.GetResponseHeadersPolicy.Invoke(new()
    {
        Name = "Managed-SimpleCORS",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.CloudfrontFunctions;
import com.pulumi.aws.cloudfront.inputs.GetResponseHeadersPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var example = CloudfrontFunctions.getResponseHeadersPolicy(GetResponseHeadersPolicyArgs.builder()
            .name("Managed-SimpleCORS")
            .build());

    }
}

variables:
  example:
    fn::invoke:
      function: aws:cloudfront:getResponseHeadersPolicy
      arguments:
        name: Managed-SimpleCORS

Using getResponseHeadersPolicy

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getResponseHeadersPolicy(args: GetResponseHeadersPolicyArgs, opts?: InvokeOptions): Promise<GetResponseHeadersPolicyResult>
function getResponseHeadersPolicyOutput(args: GetResponseHeadersPolicyOutputArgs, opts?: InvokeOptions): Output<GetResponseHeadersPolicyResult>

def get_response_headers_policy(id: Optional[str] = None,
                                name: Optional[str] = None,
                                opts: Optional[InvokeOptions] = None) -> GetResponseHeadersPolicyResult
def get_response_headers_policy_output(id: Optional[pulumi.Input[str]] = None,
                                name: Optional[pulumi.Input[str]] = None,
                                opts: Optional[InvokeOptions] = None) -> Output[GetResponseHeadersPolicyResult]

func LookupResponseHeadersPolicy(ctx *Context, args *LookupResponseHeadersPolicyArgs, opts ...InvokeOption) (*LookupResponseHeadersPolicyResult, error)
func LookupResponseHeadersPolicyOutput(ctx *Context, args *LookupResponseHeadersPolicyOutputArgs, opts ...InvokeOption) LookupResponseHeadersPolicyResultOutput

> Note: This function is named LookupResponseHeadersPolicy in the Go SDK.

public static class GetResponseHeadersPolicy 
{
    public static Task<GetResponseHeadersPolicyResult> InvokeAsync(GetResponseHeadersPolicyArgs args, InvokeOptions? opts = null)
    public static Output<GetResponseHeadersPolicyResult> Invoke(GetResponseHeadersPolicyInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetResponseHeadersPolicyResult> getResponseHeadersPolicy(GetResponseHeadersPolicyArgs args, InvokeOptions options)
public static Output<GetResponseHeadersPolicyResult> getResponseHeadersPolicy(GetResponseHeadersPolicyArgs args, InvokeOptions options)

fn::invoke:
  function: aws:cloudfront/getResponseHeadersPolicy:getResponseHeadersPolicy
  arguments:
    # arguments dictionary

The following arguments are supported:

Id string: Identifier for the response headers policy.
Name string: Unique name to identify the response headers policy.

Id string: Identifier for the response headers policy.
Name string: Unique name to identify the response headers policy.

id String: Identifier for the response headers policy.
name String: Unique name to identify the response headers policy.

id string: Identifier for the response headers policy.
name string: Unique name to identify the response headers policy.

id str: Identifier for the response headers policy.
name str: Unique name to identify the response headers policy.

id String: Identifier for the response headers policy.
name String: Unique name to identify the response headers policy.

getResponseHeadersPolicy Result

The following output properties are available:

Comment string: Comment to describe the response headers policy. The comment cannot be longer than 128 characters.
CorsConfigs List<GetResponseHeadersPolicyCorsConfig>: Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
CustomHeadersConfigs List<GetResponseHeadersPolicyCustomHeadersConfig>: Object that contains an attribute items that contains a list of Custom Headers. See Custom Header for more information.
Etag string: Current version of the response headers policy.
Id string
Name string
RemoveHeadersConfigs List<GetResponseHeadersPolicyRemoveHeadersConfig>: Object that contains an attribute items that contains a list of Remove Headers. See Remove Header for more information.
SecurityHeadersConfigs List<GetResponseHeadersPolicySecurityHeadersConfig>: A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
ServerTimingHeadersConfigs List<GetResponseHeadersPolicyServerTimingHeadersConfig>: (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

Comment string: Comment to describe the response headers policy. The comment cannot be longer than 128 characters.
CorsConfigs []GetResponseHeadersPolicyCorsConfig: Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
CustomHeadersConfigs []GetResponseHeadersPolicyCustomHeadersConfig: Object that contains an attribute items that contains a list of Custom Headers. See Custom Header for more information.
Etag string: Current version of the response headers policy.
Id string
Name string
RemoveHeadersConfigs []GetResponseHeadersPolicyRemoveHeadersConfig: Object that contains an attribute items that contains a list of Remove Headers. See Remove Header for more information.
SecurityHeadersConfigs []GetResponseHeadersPolicySecurityHeadersConfig: A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
ServerTimingHeadersConfigs []GetResponseHeadersPolicyServerTimingHeadersConfig: (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

comment String: Comment to describe the response headers policy. The comment cannot be longer than 128 characters.
corsConfigs List<GetResponseHeadersPolicyCorsConfig>: Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
customHeadersConfigs List<GetResponseHeadersPolicyCustomHeadersConfig>: Object that contains an attribute items that contains a list of Custom Headers. See Custom Header for more information.
etag String: Current version of the response headers policy.
id String
name String
removeHeadersConfigs List<GetResponseHeadersPolicyRemoveHeadersConfig>: Object that contains an attribute items that contains a list of Remove Headers. See Remove Header for more information.
securityHeadersConfigs List<GetResponseHeadersPolicySecurityHeadersConfig>: A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
serverTimingHeadersConfigs List<GetResponseHeadersPolicyServerTimingHeadersConfig>: (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

comment string: Comment to describe the response headers policy. The comment cannot be longer than 128 characters.
corsConfigs GetResponseHeadersPolicyCorsConfig[]: Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
customHeadersConfigs GetResponseHeadersPolicyCustomHeadersConfig[]: Object that contains an attribute items that contains a list of Custom Headers. See Custom Header for more information.
etag string: Current version of the response headers policy.
id string
name string
removeHeadersConfigs GetResponseHeadersPolicyRemoveHeadersConfig[]: Object that contains an attribute items that contains a list of Remove Headers. See Remove Header for more information.
securityHeadersConfigs GetResponseHeadersPolicySecurityHeadersConfig[]: A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
serverTimingHeadersConfigs GetResponseHeadersPolicyServerTimingHeadersConfig[]: (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

comment str: Comment to describe the response headers policy. The comment cannot be longer than 128 characters.
cors_configs Sequence[GetResponseHeadersPolicyCorsConfig]: Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
custom_headers_configs Sequence[GetResponseHeadersPolicyCustomHeadersConfig]: Object that contains an attribute items that contains a list of Custom Headers. See Custom Header for more information.
etag str: Current version of the response headers policy.
id str
name str
remove_headers_configs Sequence[GetResponseHeadersPolicyRemoveHeadersConfig]: Object that contains an attribute items that contains a list of Remove Headers. See Remove Header for more information.
security_headers_configs Sequence[GetResponseHeadersPolicySecurityHeadersConfig]: A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
server_timing_headers_configs Sequence[GetResponseHeadersPolicyServerTimingHeadersConfig]: (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

comment String: Comment to describe the response headers policy. The comment cannot be longer than 128 characters.
corsConfigs List<Property Map>: Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.
customHeadersConfigs List<Property Map>: Object that contains an attribute items that contains a list of Custom Headers. See Custom Header for more information.
etag String: Current version of the response headers policy.
id String
name String
removeHeadersConfigs List<Property Map>: Object that contains an attribute items that contains a list of Remove Headers. See Remove Header for more information.
securityHeadersConfigs List<Property Map>: A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.
serverTimingHeadersConfigs List<Property Map>: (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.

Supporting Types

GetResponseHeadersPolicyCorsConfig

AccessControlAllowCredentials bool: A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
AccessControlAllowHeaders List<GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader>: Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
AccessControlAllowMethods List<GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod>: Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
AccessControlAllowOrigins List<GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin>: Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
AccessControlExposeHeaders List<GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader>: Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
AccessControlMaxAgeSec int: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
OriginOverride bool

AccessControlAllowCredentials bool: A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
AccessControlAllowHeaders []GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader: Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
AccessControlAllowMethods []GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod: Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
AccessControlAllowOrigins []GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin: Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
AccessControlExposeHeaders []GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader: Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
AccessControlMaxAgeSec int: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
OriginOverride bool

accessControlAllowCredentials Boolean: A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
accessControlAllowHeaders List<GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader>: Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
accessControlAllowMethods List<GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod>: Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
accessControlAllowOrigins List<GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin>: Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
accessControlExposeHeaders List<GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader>: Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
accessControlMaxAgeSec Integer: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
originOverride Boolean

accessControlAllowCredentials boolean: A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
accessControlAllowHeaders GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader[]: Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
accessControlAllowMethods GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod[]: Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
accessControlAllowOrigins GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin[]: Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
accessControlExposeHeaders GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader[]: Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
accessControlMaxAgeSec number: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
originOverride boolean

access_control_allow_credentials bool: A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
access_control_allow_headers Sequence[GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader]: Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
access_control_allow_methods Sequence[GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod]: Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
access_control_allow_origins Sequence[GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin]: Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
access_control_expose_headers Sequence[GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader]: Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
access_control_max_age_sec int: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
origin_override bool

accessControlAllowCredentials Boolean: A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.
accessControlAllowHeaders List<Property Map>: Object that contains an attribute items that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
accessControlAllowMethods List<Property Map>: Object that contains an attribute items that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values: GET | POST | OPTIONS | PUT | DELETE | HEAD | ALL
accessControlAllowOrigins List<Property Map>: Object that contains an attribute items that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
accessControlExposeHeaders List<Property Map>: Object that contains an attribute items that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
accessControlMaxAgeSec Number: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
originOverride Boolean

GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader

Items List<string>

Items []string

items List<String>

items string[]

items Sequence[str]

items List<String>

GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod

Items List<string>

Items []string

items List<String>

items string[]

items Sequence[str]

items List<String>

GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin

Items List<string>

Items []string

items List<String>

items string[]

items Sequence[str]

items List<String>

GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader

Items List<string>

Items []string

items List<String>

items string[]

items Sequence[str]

items List<String>

GetResponseHeadersPolicyCustomHeadersConfig

Items List<GetResponseHeadersPolicyCustomHeadersConfigItem>

Items []GetResponseHeadersPolicyCustomHeadersConfigItem

items List<GetResponseHeadersPolicyCustomHeadersConfigItem>

items GetResponseHeadersPolicyCustomHeadersConfigItem[]

items Sequence[GetResponseHeadersPolicyCustomHeadersConfigItem]

items List<Property Map>

GetResponseHeadersPolicyCustomHeadersConfigItem

Header string: The HTTP header name.
Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
Value string: Value for the HTTP response header.

Header string: The HTTP header name.
Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
Value string: Value for the HTTP response header.

header String: The HTTP header name.
override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
value String: Value for the HTTP response header.

header string: The HTTP header name.
override boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
value string: Value for the HTTP response header.

header str: The HTTP header name.
override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
value str: Value for the HTTP response header.

header String: The HTTP header name.
override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
value String: Value for the HTTP response header.

GetResponseHeadersPolicyRemoveHeadersConfig

Items List<GetResponseHeadersPolicyRemoveHeadersConfigItem>

Items []GetResponseHeadersPolicyRemoveHeadersConfigItem

items List<GetResponseHeadersPolicyRemoveHeadersConfigItem>

items GetResponseHeadersPolicyRemoveHeadersConfigItem[]

items Sequence[GetResponseHeadersPolicyRemoveHeadersConfigItem]

items List<Property Map>

GetResponseHeadersPolicyRemoveHeadersConfigItem

Header string: The HTTP header name.

Header string: The HTTP header name.

header String: The HTTP header name.

header string: The HTTP header name.

header str: The HTTP header name.

header String: The HTTP header name.

GetResponseHeadersPolicySecurityHeadersConfig

ContentSecurityPolicies List<GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy>: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
ContentTypeOptions List<GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption>: A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
FrameOptions List<GetResponseHeadersPolicySecurityHeadersConfigFrameOption>: Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
ReferrerPolicies List<GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy>: Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
StrictTransportSecurities List<GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity>: Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
XssProtections List<GetResponseHeadersPolicySecurityHeadersConfigXssProtection>: Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

ContentSecurityPolicies []GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
ContentTypeOptions []GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption: A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
FrameOptions []GetResponseHeadersPolicySecurityHeadersConfigFrameOption: Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
ReferrerPolicies []GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy: Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
StrictTransportSecurities []GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity: Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
XssProtections []GetResponseHeadersPolicySecurityHeadersConfigXssProtection: Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

contentSecurityPolicies List<GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy>: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
contentTypeOptions List<GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption>: A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
frameOptions List<GetResponseHeadersPolicySecurityHeadersConfigFrameOption>: Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
referrerPolicies List<GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy>: Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
strictTransportSecurities List<GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity>: Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
xssProtections List<GetResponseHeadersPolicySecurityHeadersConfigXssProtection>: Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

contentSecurityPolicies GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy[]: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
contentTypeOptions GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption[]: A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
frameOptions GetResponseHeadersPolicySecurityHeadersConfigFrameOption[]: Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
referrerPolicies GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy[]: Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
strictTransportSecurities GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity[]: Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
xssProtections GetResponseHeadersPolicySecurityHeadersConfigXssProtection[]: Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

content_security_policies Sequence[GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy]: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
content_type_options Sequence[GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption]: A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
frame_options Sequence[GetResponseHeadersPolicySecurityHeadersConfigFrameOption]: Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
referrer_policies Sequence[GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy]: Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
strict_transport_securities Sequence[GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity]: Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
xss_protections Sequence[GetResponseHeadersPolicySecurityHeadersConfigXssProtection]: Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

contentSecurityPolicies List<Property Map>: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
contentTypeOptions List<Property Map>: A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.
frameOptions List<Property Map>: Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.
referrerPolicies List<Property Map>: Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url
strictTransportSecurities List<Property Map>: Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.
xssProtections List<Property Map>: Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.

GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy

ContentSecurityPolicy string: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

ContentSecurityPolicy string: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

contentSecurityPolicy String: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

contentSecurityPolicy string: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
override boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

content_security_policy str: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

contentSecurityPolicy String: The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption

Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

override boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

GetResponseHeadersPolicySecurityHeadersConfigFrameOption

FrameOption string: Value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

FrameOption string: Value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

frameOption String: Value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

frameOption string: Value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
override boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

frame_option str: Value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

frameOption String: Value of the X-Frame-Options HTTP response header. Valid values: DENY | SAMEORIGIN
override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy

Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
ReferrerPolicy string: Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
ReferrerPolicy string: Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
referrerPolicy String: Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

override boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
referrerPolicy string: Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
referrer_policy str: Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
referrerPolicy String: Value of the Referrer-Policy HTTP response header. Valid Values: no-referrer | no-referrer-when-downgrade | origin | origin-when-cross-origin | same-origin | strict-origin | strict-origin-when-cross-origin | unsafe-url

GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity

AccessControlMaxAgeSec int: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
IncludeSubdomains bool: Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
Preload bool: Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

AccessControlMaxAgeSec int: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
IncludeSubdomains bool: Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
Preload bool: Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

accessControlMaxAgeSec Integer: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
includeSubdomains Boolean: Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
preload Boolean: Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

accessControlMaxAgeSec number: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
includeSubdomains boolean: Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
override boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
preload boolean: Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

access_control_max_age_sec int: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
include_subdomains bool: Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
preload bool: Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

accessControlMaxAgeSec Number: A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.
includeSubdomains Boolean: Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.
override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
preload Boolean: Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

GetResponseHeadersPolicySecurityHeadersConfigXssProtection

ModeBlock bool: Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
Protection bool: Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
ReportUri string: Whether CloudFront sets a reporting URI in the X-XSS-Protection header.

ModeBlock bool: Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
Override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
Protection bool: Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
ReportUri string: Whether CloudFront sets a reporting URI in the X-XSS-Protection header.

modeBlock Boolean: Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
protection Boolean: Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
reportUri String: Whether CloudFront sets a reporting URI in the X-XSS-Protection header.

modeBlock boolean: Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
override boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
protection boolean: Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
reportUri string: Whether CloudFront sets a reporting URI in the X-XSS-Protection header.

mode_block bool: Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
override bool: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
protection bool: Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
report_uri str: Whether CloudFront sets a reporting URI in the X-XSS-Protection header.

modeBlock Boolean: Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.
override Boolean: Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.
protection Boolean: Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.
reportUri String: Whether CloudFront sets a reporting URI in the X-XSS-Protection header.

GetResponseHeadersPolicyServerTimingHeadersConfig

Enabled bool: Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
SamplingRate double: Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.

Enabled bool: Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
SamplingRate float64: Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.

enabled Boolean: Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
samplingRate Double: Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.

enabled boolean: Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
samplingRate number: Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.

enabled bool: Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
sampling_rate float: Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.

enabled Boolean: Whether CloudFront adds the Server-Timing header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
samplingRate Number: Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.

Package Details

Repository: AWS Classic pulumi/pulumi-aws
License: Apache-2.0
Notes: This Pulumi package is based on the aws Terraform Provider.

AWS v6.71.0 published on Friday, Mar 7, 2025 by Pulumi

pulumi/pulumi-aws

aws.cloudfront.getResponseHeadersPolicy

On this page

On this page

Example Usage

Basic Usage

AWS-Managed Policies

Using getResponseHeadersPolicy

getResponseHeadersPolicy Result

Supporting Types

GetResponseHeadersPolicyCorsConfig

GetResponseHeadersPolicyCorsConfigAccessControlAllowHeader

GetResponseHeadersPolicyCorsConfigAccessControlAllowMethod

GetResponseHeadersPolicyCorsConfigAccessControlAllowOrigin

GetResponseHeadersPolicyCorsConfigAccessControlExposeHeader

GetResponseHeadersPolicyCustomHeadersConfig

GetResponseHeadersPolicyCustomHeadersConfigItem

GetResponseHeadersPolicyRemoveHeadersConfig

GetResponseHeadersPolicyRemoveHeadersConfigItem

GetResponseHeadersPolicySecurityHeadersConfig

GetResponseHeadersPolicySecurityHeadersConfigContentSecurityPolicy

GetResponseHeadersPolicySecurityHeadersConfigContentTypeOption

GetResponseHeadersPolicySecurityHeadersConfigFrameOption

GetResponseHeadersPolicySecurityHeadersConfigReferrerPolicy

GetResponseHeadersPolicySecurityHeadersConfigStrictTransportSecurity

GetResponseHeadersPolicySecurityHeadersConfigXssProtection

GetResponseHeadersPolicyServerTimingHeadersConfig

Package Details

On this page

On this page