Package software.amazon.awscdk.services.cloudfront

Class ResponseHeadersPolicy

java.lang.Object

software.amazon.jsii.JsiiObject

software.constructs.Construct

software.amazon.awscdk.core.Construct

software.amazon.awscdk.core.Resource

software.amazon.awscdk.services.cloudfront.ResponseHeadersPolicy

All Implemented Interfaces:

IConstruct, IDependable, IResource, IResponseHeadersPolicy, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct

@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)",
           date="2023-06-19T16:30:43.756Z")
@Stability(Stable)
public class ResponseHeadersPolicy
extends Resource
implements IResponseHeadersPolicy

A Response Headers Policy configuration.

Example:

 // Using an existing managed response headers policy
 S3Origin bucketOrigin;
 Distribution.Builder.create(this, "myDistManagedPolicy")
         .defaultBehavior(BehaviorOptions.builder()
                 .origin(bucketOrigin)
                 .responseHeadersPolicy(ResponseHeadersPolicy.CORS_ALLOW_ALL_ORIGINS)
                 .build())
         .build();
 // Creating a custom response headers policy -- all parameters optional
 ResponseHeadersPolicy myResponseHeadersPolicy = ResponseHeadersPolicy.Builder.create(this, "ResponseHeadersPolicy")
         .responseHeadersPolicyName("MyPolicy")
         .comment("A default policy")
         .corsBehavior(ResponseHeadersCorsBehavior.builder()
                 .accessControlAllowCredentials(false)
                 .accessControlAllowHeaders(List.of("X-Custom-Header-1", "X-Custom-Header-2"))
                 .accessControlAllowMethods(List.of("GET", "POST"))
                 .accessControlAllowOrigins(List.of("*"))
                 .accessControlExposeHeaders(List.of("X-Custom-Header-1", "X-Custom-Header-2"))
                 .accessControlMaxAge(Duration.seconds(600))
                 .originOverride(true)
                 .build())
         .customHeadersBehavior(ResponseCustomHeadersBehavior.builder()
                 .customHeaders(List.of(ResponseCustomHeader.builder().header("X-Amz-Date").value("some-value").override(true).build(), ResponseCustomHeader.builder().header("X-Amz-Security-Token").value("some-value").override(false).build()))
                 .build())
         .securityHeadersBehavior(ResponseSecurityHeadersBehavior.builder()
                 .contentSecurityPolicy(ResponseHeadersContentSecurityPolicy.builder().contentSecurityPolicy("default-src https:;").override(true).build())
                 .contentTypeOptions(ResponseHeadersContentTypeOptions.builder().override(true).build())
                 .frameOptions(ResponseHeadersFrameOptions.builder().frameOption(HeadersFrameOption.DENY).override(true).build())
                 .referrerPolicy(ResponseHeadersReferrerPolicy.builder().referrerPolicy(HeadersReferrerPolicy.NO_REFERRER).override(true).build())
                 .strictTransportSecurity(ResponseHeadersStrictTransportSecurity.builder().accessControlMaxAge(Duration.seconds(600)).includeSubdomains(true).override(true).build())
                 .xssProtection(ResponseHeadersXSSProtection.builder().protection(true).modeBlock(true).reportUri("https://example.com/csp-report").override(true).build())
                 .build())
         .build();
 Distribution.Builder.create(this, "myDistCustomPolicy")
         .defaultBehavior(BehaviorOptions.builder()
                 .origin(bucketOrigin)
                 .responseHeadersPolicy(myResponseHeadersPolicy)
                 .build())
         .build();
 

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static final class	ResponseHeadersPolicy.Builder	A fluent builder for ResponseHeadersPolicy.

Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject

software.amazon.jsii.JsiiObject.InitializationMode

Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IConstruct

IConstruct.Jsii$Default

Nested classes/interfaces inherited from interface software.constructs.IConstruct

software.constructs.IConstruct.Jsii$Default

Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IResource

IResource.Jsii$Default

Nested classes/interfaces inherited from interface software.amazon.awscdk.services.cloudfront.IResponseHeadersPolicy

IResponseHeadersPolicy.Jsii$Default, IResponseHeadersPolicy.Jsii$Proxy

Field Summary

Fields

Modifier and Type	Field	Description
static final IResponseHeadersPolicy	CORS_ALLOW_ALL_ORIGINS	Use this managed policy to allow simple CORS requests from any origin.
static final IResponseHeadersPolicy	CORS_ALLOW_ALL_ORIGINS_AND_SECURITY_HEADERS	Use this managed policy to allow simple CORS requests from any origin and add a set of security headers to all responses that CloudFront sends to viewers.
static final IResponseHeadersPolicy	CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT	Use this managed policy to allow CORS requests from any origin, including preflight requests.
static final IResponseHeadersPolicy	CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT_AND_SECURITY_HEADERS	Use this managed policy to allow CORS requests from any origin, including preflight requests, and add a set of security headers to all responses that CloudFront sends to viewers.
static final IResponseHeadersPolicy	SECURITY_HEADERS	Use this managed policy to add a set of security headers to all responses that CloudFront sends to viewers.

Constructor Summary

Constructors

Modifier	Constructor	Description
protected	ResponseHeadersPolicy(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
protected	ResponseHeadersPolicy(software.amazon.jsii.JsiiObjectRef objRef)
	ResponseHeadersPolicy(software.constructs.Construct scope, String id)
	ResponseHeadersPolicy(software.constructs.Construct scope, String id, ResponseHeadersPolicyProps props)

Method Summary

Modifier and Type	Method	Description
static IResponseHeadersPolicy	fromResponseHeadersPolicyId(software.constructs.Construct scope, String id, String responseHeadersPolicyId)	Import an existing Response Headers Policy from its ID.
String	getResponseHeadersPolicyId()	The ID of the response headers policy.

Methods inherited from class software.amazon.awscdk.core.Resource

applyRemovalPolicy, generatePhysicalName, getEnv, getPhysicalName, getResourceArnAttribute, getResourceNameAttribute, getStack, isResource

Methods inherited from class software.amazon.awscdk.core.Construct

getNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize, validate

Methods inherited from class software.constructs.Construct

toString

Methods inherited from class software.amazon.jsii.JsiiObject

jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface software.amazon.awscdk.core.IConstruct

getNode

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Field Details

CORS_ALLOW_ALL_ORIGINS

@Stability(Stable)
public static final IResponseHeadersPolicy CORS_ALLOW_ALL_ORIGINS

Use this managed policy to allow simple CORS requests from any origin.

CORS_ALLOW_ALL_ORIGINS_AND_SECURITY_HEADERS

@Stability(Stable)
public static final IResponseHeadersPolicy CORS_ALLOW_ALL_ORIGINS_AND_SECURITY_HEADERS

Use this managed policy to allow simple CORS requests from any origin and add a set of security headers to all responses that CloudFront sends to viewers.

CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT

@Stability(Stable)
public static final IResponseHeadersPolicy CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT

Use this managed policy to allow CORS requests from any origin, including preflight requests.

CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT_AND_SECURITY_HEADERS

@Stability(Stable)
public static final IResponseHeadersPolicy CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT_AND_SECURITY_HEADERS

Use this managed policy to allow CORS requests from any origin, including preflight requests, and add a set of security headers to all responses that CloudFront sends to viewers.

SECURITY_HEADERS

@Stability(Stable)
public static final IResponseHeadersPolicy SECURITY_HEADERS

Use this managed policy to add a set of security headers to all responses that CloudFront sends to viewers.

Constructor Details

ResponseHeadersPolicy

protected ResponseHeadersPolicy(software.amazon.jsii.JsiiObjectRef objRef)

ResponseHeadersPolicy

protected ResponseHeadersPolicy(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

ResponseHeadersPolicy

@Stability(Stable)
public ResponseHeadersPolicy(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @Nullable
 ResponseHeadersPolicyProps props)

Parameters:

scope - This parameter is required.

id - This parameter is required.

props -

ResponseHeadersPolicy

@Stability(Stable)
public ResponseHeadersPolicy(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id)

Parameters:

scope - This parameter is required.

id - This parameter is required.

Method Details

fromResponseHeadersPolicyId

@Stability(Stable)
@NotNull
public static IResponseHeadersPolicy fromResponseHeadersPolicyId(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 String responseHeadersPolicyId)

Import an existing Response Headers Policy from its ID.

Parameters:

scope - This parameter is required.

id - This parameter is required.

responseHeadersPolicyId - This parameter is required.

getResponseHeadersPolicyId

@Stability(Stable)
@NotNull
public String getResponseHeadersPolicyId()

The ID of the response headers policy.

Specified by:

getResponseHeadersPolicyId in interface IResponseHeadersPolicy