Package software.amazon.awscdk.services.cloudfront

Interface CfnResponseHeadersPolicy.SecurityHeadersConfigProperty

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:

CfnResponseHeadersPolicy.SecurityHeadersConfigProperty.Jsii$Proxy

Enclosing class:

CfnResponseHeadersPolicy

@Stability(Stable)
public static interface CfnResponseHeadersPolicy.SecurityHeadersConfigProperty
extends software.amazon.jsii.JsiiSerializable

A configuration for a set of security-related HTTP response headers.

CloudFront adds these headers to HTTP responses that it sends for requests that match a cache behavior associated with this response headers policy.

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.cloudfront.*;
 SecurityHeadersConfigProperty securityHeadersConfigProperty = SecurityHeadersConfigProperty.builder()
         .contentSecurityPolicy(ContentSecurityPolicyProperty.builder()
                 .contentSecurityPolicy("contentSecurityPolicy")
                 .override(false)
                 .build())
         .contentTypeOptions(ContentTypeOptionsProperty.builder()
                 .override(false)
                 .build())
         .frameOptions(FrameOptionsProperty.builder()
                 .frameOption("frameOption")
                 .override(false)
                 .build())
         .referrerPolicy(ReferrerPolicyProperty.builder()
                 .override(false)
                 .referrerPolicy("referrerPolicy")
                 .build())
         .strictTransportSecurity(StrictTransportSecurityProperty.builder()
                 .accessControlMaxAgeSec(123)
                 .override(false)
                 // the properties below are optional
                 .includeSubdomains(false)
                 .preload(false)
                 .build())
         .xssProtection(XSSProtectionProperty.builder()
                 .override(false)
                 .protection(false)
                 // the properties below are optional
                 .modeBlock(false)
                 .reportUri("reportUri")
                 .build())
         .build();
 

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-responseheaderspolicy-securityheadersconfig.html

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static final class	CfnResponseHeadersPolicy.SecurityHeadersConfigProperty.Builder	A builder for CfnResponseHeadersPolicy.SecurityHeadersConfigProperty
static final class	CfnResponseHeadersPolicy.SecurityHeadersConfigProperty.Jsii$Proxy	An implementation for CfnResponseHeadersPolicy.SecurityHeadersConfigProperty

Method Summary

Modifier and Type	Method	Description
static CfnResponseHeadersPolicy.SecurityHeadersConfigProperty.Builder	builder()
default Object	getContentSecurityPolicy()	The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
default Object	getContentTypeOptions()	Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff .
default Object	getFrameOptions()	Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header's value.
default Object	getReferrerPolicy()	Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header's value.
default Object	getStrictTransportSecurity()	Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header's value.
default Object	getXssProtection()	Determines whether CloudFront includes the X-XSS-Protection HTTP response header and the header's value.

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Details

getContentSecurityPolicy

@Stability(Stable)
@Nullable
default Object getContentSecurityPolicy()

The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

For more information about the Content-Security-Policy HTTP response header, see Content-Security-Policy in the MDN Web Docs.

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-responseheaderspolicy-securityheadersconfig.html#cfn-cloudfront-responseheaderspolicy-securityheadersconfig-contentsecuritypolicy

getContentTypeOptions

@Stability(Stable)
@Nullable
default Object getContentTypeOptions()

Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff .

For more information about the X-Content-Type-Options HTTP response header, see X-Content-Type-Options in the MDN Web Docs.

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-responseheaderspolicy-securityheadersconfig.html#cfn-cloudfront-responseheaderspolicy-securityheadersconfig-contenttypeoptions

getFrameOptions

@Stability(Stable)
@Nullable
default Object getFrameOptions()

Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header's value.

For more information about the X-Frame-Options HTTP response header, see X-Frame-Options in the MDN Web Docs.

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-responseheaderspolicy-securityheadersconfig.html#cfn-cloudfront-responseheaderspolicy-securityheadersconfig-frameoptions

getReferrerPolicy

@Stability(Stable)
@Nullable
default Object getReferrerPolicy()

Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header's value.

For more information about the Referrer-Policy HTTP response header, see Referrer-Policy in the MDN Web Docs.

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-responseheaderspolicy-securityheadersconfig.html#cfn-cloudfront-responseheaderspolicy-securityheadersconfig-referrerpolicy

getStrictTransportSecurity

@Stability(Stable)
@Nullable
default Object getStrictTransportSecurity()

Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header's value.

For more information about the Strict-Transport-Security HTTP response header, see Security headers in the Amazon CloudFront Developer Guide and Strict-Transport-Security in the MDN Web Docs.

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-responseheaderspolicy-securityheadersconfig.html#cfn-cloudfront-responseheaderspolicy-securityheadersconfig-stricttransportsecurity

getXssProtection

@Stability(Stable)
@Nullable
default Object getXssProtection()

Determines whether CloudFront includes the X-XSS-Protection HTTP response header and the header's value.

For more information about the X-XSS-Protection HTTP response header, see X-XSS-Protection in the MDN Web Docs.

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-responseheaderspolicy-securityheadersconfig.html#cfn-cloudfront-responseheaderspolicy-securityheadersconfig-xssprotection

builder

@Stability(Stable)
static CfnResponseHeadersPolicy.SecurityHeadersConfigProperty.Builder builder()

Returns:

a CfnResponseHeadersPolicy.SecurityHeadersConfigProperty.Builder of CfnResponseHeadersPolicy.SecurityHeadersConfigProperty