Data source: awsCloudfrontResponseHeadersPolicy
Use this data source to retrieve information about a CloudFront cache policy.
Example Usage
Basic Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.dataAwsCloudfrontResponseHeadersPolicy.DataAwsCloudfrontResponseHeadersPolicy(
this,
"example",
{
name: "example-policy",
}
);
AWS-Managed Policies
AWS managed response header policy names are prefixed with managed
:
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.dataAwsCloudfrontResponseHeadersPolicy.DataAwsCloudfrontResponseHeadersPolicy(
this,
"example",
{
name: "Managed-SimpleCORS",
}
);
Argument Reference
The following arguments are supported:
name
- (Optional) Unique name to identify the response headers policy.id
- (Optional) Identifier for the response headers policy.
Attributes Reference
In addition to all arguments above, the following attributes are exported:
comment
- Comment to describe the response headers policy. The comment cannot be longer than 128 characters.etag
- Current version of the response headers policy.corsConfig
- Configuration for a set of HTTP response headers that are used for Cross-Origin Resource Sharing (CORS). See Cors Config for more information.customHeadersConfig
- Object that contains an attributeitems
that contains a list of Custom Headers See Custom Header for more information.securityHeadersConfig
- A configuration for a set of security-related HTTP response headers. See Security Headers Config for more information.serverTimingHeadersConfig
- (Optional) Configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. See Server Timing Headers Config for more information.
Cors Config
accessControlAllowCredentials
- A Boolean value that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.accessControlAllowHeaders
- Object that contains an attributeitems
that contains a list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.accessControlAllowMethods
- Object that contains an attributeitems
that contains a list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header. Valid values:get
|post
|options
|put
|delete
|head
|all
accessControlAllowOrigins
- Object that contains an attributeitems
that contains a list of origins that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.accessControlExposeHeaders
- Object that contains an attributeitems
that contains a list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.accessControlMaxAgeSec
- A number that CloudFront uses as the value for the Access-Control-Max-Age HTTP response header.
Custom Header
header
- HTTP response header name.override
- Whether CloudFront overrides a response header with the same name received from the origin with the header specifies here.value
- Value for the HTTP response header.
Security Headers Config
contentSecurityPolicy
- The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header. See Content Security Policy for more information.contentTypeOptions
- A setting that determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff. See Content Type Options for more information.frameOptions
- Setting that determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value. See Frame Options for more information.referrerPolicy
- Setting that determines whether CloudFront includes the Referrer-Policy HTTP response header and the header’s value. See Referrer Policy for more information.strictTransportSecurity
- Settings that determine whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value. See Strict Transport Security for more information.xssProtection
- Settings that determine whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value. See XSS Protection for more information.
Content Security Policy
contentSecurityPolicy
- The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.override
- Whether CloudFront overrides the Content-Security-Policy HTTP response header received from the origin with the one specified in this response headers policy.
Content Type Options
override
- Whether CloudFront overrides the X-Content-Type-Options HTTP response header received from the origin with the one specified in this response headers policy.
Frame Options
frameOption
- Value of the X-Frame-Options HTTP response header. Valid values:deny
|sameorigin
override
- Whether CloudFront overrides the X-Frame-Options HTTP response header received from the origin with the one specified in this response headers policy.
Referrer Policy
referrerPolicy
- Value of the Referrer-Policy HTTP response header. Valid Values:noReferrer
|noReferrerWhenDowngrade
|origin
|originWhenCrossOrigin
|sameOrigin
|strictOrigin
|strictOriginWhenCrossOrigin
|unsafeUrl
override
- Whether CloudFront overrides the Referrer-Policy HTTP response header received from the origin with the one specified in this response headers policy.
Strict Transport Security
accessControlMaxAgeSec
- A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.includeSubdomains
- Whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.override
- Whether CloudFront overrides the Strict-Transport-Security HTTP response header received from the origin with the one specified in this response headers policy.preload
- Whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.
XSS Protection
modeBlock
- Whether CloudFront includes the mode=block directive in the X-XSS-Protection header.override
- Whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.protection
- Boolean value that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.reportUri
- Whether CloudFront sets a reporting URI in the X-XSS-Protection header.
Server Timing Headers Config
enabled
- Whether CloudFront adds theserverTiming
header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.samplingRate
- Number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the Server-Timing header to.