AWS::CloudFront::ResponseHeadersPolicy CorsConfig - AWS CloudFormation

AWS::CloudFront::ResponseHeadersPolicy CorsConfig

A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS). CloudFront adds these headers to HTTP responses that it sends for CORS requests that match a cache behavior associated with this response headers policy.

For more information about CORS, see Cross-Origin Resource Sharing (CORS) in the MDN Web Docs.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

Properties

AccessControlAllowCredentials

A Boolean that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.

For more information about the Access-Control-Allow-Credentials HTTP response header, see Access-Control-Allow-Credentials in the MDN Web Docs.

Required: Yes

Type: Boolean

Update requires: No interruption

AccessControlAllowHeaders

A list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.

For more information about the Access-Control-Allow-Headers HTTP response header, see Access-Control-Allow-Headers in the MDN Web Docs.

Required: Yes

Type: AccessControlAllowHeaders

Update requires: No interruption

AccessControlAllowMethods

A list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header.

For more information about the Access-Control-Allow-Methods HTTP response header, see Access-Control-Allow-Methods in the MDN Web Docs.

Required: Yes

Type: AccessControlAllowMethods

Update requires: No interruption

AccessControlAllowOrigins

A list of origins (domain names) that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.

For more information about the Access-Control-Allow-Origin HTTP response header, see Access-Control-Allow-Origin in the MDN Web Docs.

Required: Yes

Type: AccessControlAllowOrigins

Update requires: No interruption

AccessControlExposeHeaders

A list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.

For more information about the Access-Control-Expose-Headers HTTP response header, see Access-Control-Expose-Headers in the MDN Web Docs.

Required: No

Type: AccessControlExposeHeaders

Update requires: No interruption

AccessControlMaxAgeSec

A number that CloudFront uses as the value for the Access-Control-Max-Age HTTP response header.

For more information about the Access-Control-Max-Age HTTP response header, see Access-Control-Max-Age in the MDN Web Docs.

Required: No

Type: Integer

Update requires: No interruption

OriginOverride

A Boolean that determines whether CloudFront overrides HTTP response headers received from the origin with the ones specified in this response headers policy.

Required: Yes

Type: Boolean

Update requires: No interruption