Class ResponseHeadersPolicy
A Response Headers Policy configuration.
Inherited Members
Namespace: Amazon.CDK.AWS.CloudFront
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class ResponseHeadersPolicy : Resource, IResource, IResponseHeadersPolicy
Syntax (vb)
Public Class ResponseHeadersPolicy
Inherits Resource
Implements IResource, IResponseHeadersPolicy
Remarks
Resource: AWS::CloudFront::ResponseHeadersPolicy
ExampleMetadata: infused
Examples
// Using an existing managed response headers policy
S3Origin bucketOrigin;
new Distribution(this, "myDistManagedPolicy", new DistributionProps {
DefaultBehavior = new BehaviorOptions {
Origin = bucketOrigin,
ResponseHeadersPolicy = ResponseHeadersPolicy.CORS_ALLOW_ALL_ORIGINS
}
});
// Creating a custom response headers policy -- all parameters optional
var myResponseHeadersPolicy = new ResponseHeadersPolicy(this, "ResponseHeadersPolicy", new ResponseHeadersPolicyProps {
ResponseHeadersPolicyName = "MyPolicy",
Comment = "A default policy",
CorsBehavior = new ResponseHeadersCorsBehavior {
AccessControlAllowCredentials = false,
AccessControlAllowHeaders = new [] { "X-Custom-Header-1", "X-Custom-Header-2" },
AccessControlAllowMethods = new [] { "GET", "POST" },
AccessControlAllowOrigins = new [] { "*" },
AccessControlExposeHeaders = new [] { "X-Custom-Header-1", "X-Custom-Header-2" },
AccessControlMaxAge = Duration.Seconds(600),
OriginOverride = true
},
CustomHeadersBehavior = new ResponseCustomHeadersBehavior {
CustomHeaders = new [] { new ResponseCustomHeader { Header = "X-Amz-Date", Value = "some-value", Override = true }, new ResponseCustomHeader { Header = "X-Amz-Security-Token", Value = "some-value", Override = false } }
},
SecurityHeadersBehavior = new ResponseSecurityHeadersBehavior {
ContentSecurityPolicy = new ResponseHeadersContentSecurityPolicy { ContentSecurityPolicy = "default-src https:;", Override = true },
ContentTypeOptions = new ResponseHeadersContentTypeOptions { Override = true },
FrameOptions = new ResponseHeadersFrameOptions { FrameOption = HeadersFrameOption.DENY, Override = true },
ReferrerPolicy = new ResponseHeadersReferrerPolicy { ReferrerPolicy = HeadersReferrerPolicy.NO_REFERRER, Override = true },
StrictTransportSecurity = new ResponseHeadersStrictTransportSecurity { AccessControlMaxAge = Duration.Seconds(600), IncludeSubdomains = true, Override = true },
XssProtection = new ResponseHeadersXSSProtection { Protection = true, ModeBlock = false, ReportUri = "https://example.com/csp-report", Override = true }
},
RemoveHeaders = new [] { "Server" },
ServerTimingSamplingRate = 50
});
new Distribution(this, "myDistCustomPolicy", new DistributionProps {
DefaultBehavior = new BehaviorOptions {
Origin = bucketOrigin,
ResponseHeadersPolicy = myResponseHeadersPolicy
}
});
Synopsis
Constructors
ResponseHeadersPolicy(ByRefValue) | Used by jsii to construct an instance of this class from a Javascript-owned object reference |
ResponseHeadersPolicy(DeputyBase.DeputyProps) | Used by jsii to construct an instance of this class from DeputyProps |
ResponseHeadersPolicy(Construct, String, IResponseHeadersPolicyProps) |
Properties
CORS_ALLOW_ALL_ORIGINS | Use this managed policy to allow simple CORS requests from any origin. |
CORS_ALLOW_ALL_ORIGINS_AND_SECURITY_HEADERS | Use this managed policy to allow simple CORS requests from any origin and add a set of security headers to all responses that CloudFront sends to viewers. |
CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT | Use this managed policy to allow CORS requests from any origin, including preflight requests. |
CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT_AND_SECURITY_HEADERS | Use this managed policy to allow CORS requests from any origin, including preflight requests, and add a set of security headers to all responses that CloudFront sends to viewers. |
ResponseHeadersPolicyId | The ID of the response headers policy. |
SECURITY_HEADERS | Use this managed policy to add a set of security headers to all responses that CloudFront sends to viewers. |
Methods
FromResponseHeadersPolicyId(Construct, String, String) | Import an existing Response Headers Policy from its ID. |
Constructors
ResponseHeadersPolicy(ByRefValue)
Used by jsii to construct an instance of this class from a Javascript-owned object reference
protected ResponseHeadersPolicy(ByRefValue reference)
Parameters
- reference Amazon.JSII.Runtime.Deputy.ByRefValue
The Javascript-owned object reference
ResponseHeadersPolicy(DeputyBase.DeputyProps)
Used by jsii to construct an instance of this class from DeputyProps
protected ResponseHeadersPolicy(DeputyBase.DeputyProps props)
Parameters
- props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps
The deputy props
ResponseHeadersPolicy(Construct, String, IResponseHeadersPolicyProps)
public ResponseHeadersPolicy(Construct scope, string id, IResponseHeadersPolicyProps props = null)
Parameters
- scope Constructs.Construct
- id System.String
- props IResponseHeadersPolicyProps
Properties
CORS_ALLOW_ALL_ORIGINS
Use this managed policy to allow simple CORS requests from any origin.
public static IResponseHeadersPolicy CORS_ALLOW_ALL_ORIGINS { get; }
Property Value
CORS_ALLOW_ALL_ORIGINS_AND_SECURITY_HEADERS
Use this managed policy to allow simple CORS requests from any origin and add a set of security headers to all responses that CloudFront sends to viewers.
public static IResponseHeadersPolicy CORS_ALLOW_ALL_ORIGINS_AND_SECURITY_HEADERS { get; }
Property Value
CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT
Use this managed policy to allow CORS requests from any origin, including preflight requests.
public static IResponseHeadersPolicy CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT { get; }
Property Value
CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT_AND_SECURITY_HEADERS
Use this managed policy to allow CORS requests from any origin, including preflight requests, and add a set of security headers to all responses that CloudFront sends to viewers.
public static IResponseHeadersPolicy CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT_AND_SECURITY_HEADERS { get; }
Property Value
ResponseHeadersPolicyId
The ID of the response headers policy.
public virtual string ResponseHeadersPolicyId { get; }
Property Value
System.String
SECURITY_HEADERS
Use this managed policy to add a set of security headers to all responses that CloudFront sends to viewers.
public static IResponseHeadersPolicy SECURITY_HEADERS { get; }
Property Value
Methods
FromResponseHeadersPolicyId(Construct, String, String)
Import an existing Response Headers Policy from its ID.
public static IResponseHeadersPolicy FromResponseHeadersPolicyId(Construct scope, string id, string responseHeadersPolicyId)
Parameters
- scope Constructs.Construct
- id System.String
- responseHeadersPolicyId System.String
Returns