Interface ResponseHeadersPolicyProps
- All Superinterfaces:
software.amazon.jsii.JsiiSerializable
- All Known Implementing Classes:
ResponseHeadersPolicyProps.Jsii$Proxy
@Generated(value="jsii-pacmak/1.103.1 (build bef2dea)",
date="2024-10-25T14:21:11.644Z")
@Stability(Stable)
public interface ResponseHeadersPolicyProps
extends software.amazon.jsii.JsiiSerializable
Properties for creating a Response Headers Policy.
Example:
// Using an existing managed response headers policy S3Origin bucketOrigin; Distribution.Builder.create(this, "myDistManagedPolicy") .defaultBehavior(BehaviorOptions.builder() .origin(bucketOrigin) .responseHeadersPolicy(ResponseHeadersPolicy.CORS_ALLOW_ALL_ORIGINS) .build()) .build(); // Creating a custom response headers policy -- all parameters optional ResponseHeadersPolicy myResponseHeadersPolicy = ResponseHeadersPolicy.Builder.create(this, "ResponseHeadersPolicy") .responseHeadersPolicyName("MyPolicy") .comment("A default policy") .corsBehavior(ResponseHeadersCorsBehavior.builder() .accessControlAllowCredentials(false) .accessControlAllowHeaders(List.of("X-Custom-Header-1", "X-Custom-Header-2")) .accessControlAllowMethods(List.of("GET", "POST")) .accessControlAllowOrigins(List.of("*")) .accessControlExposeHeaders(List.of("X-Custom-Header-1", "X-Custom-Header-2")) .accessControlMaxAge(Duration.seconds(600)) .originOverride(true) .build()) .customHeadersBehavior(ResponseCustomHeadersBehavior.builder() .customHeaders(List.of(ResponseCustomHeader.builder().header("X-Amz-Date").value("some-value").override(true).build(), ResponseCustomHeader.builder().header("X-Amz-Security-Token").value("some-value").override(false).build())) .build()) .securityHeadersBehavior(ResponseSecurityHeadersBehavior.builder() .contentSecurityPolicy(ResponseHeadersContentSecurityPolicy.builder().contentSecurityPolicy("default-src https:;").override(true).build()) .contentTypeOptions(ResponseHeadersContentTypeOptions.builder().override(true).build()) .frameOptions(ResponseHeadersFrameOptions.builder().frameOption(HeadersFrameOption.DENY).override(true).build()) .referrerPolicy(ResponseHeadersReferrerPolicy.builder().referrerPolicy(HeadersReferrerPolicy.NO_REFERRER).override(true).build()) .strictTransportSecurity(ResponseHeadersStrictTransportSecurity.builder().accessControlMaxAge(Duration.seconds(600)).includeSubdomains(true).override(true).build()) .xssProtection(ResponseHeadersXSSProtection.builder().protection(true).modeBlock(false).reportUri("https://example.com/csp-report").override(true).build()) .build()) .removeHeaders(List.of("Server")) .serverTimingSamplingRate(50) .build(); Distribution.Builder.create(this, "myDistCustomPolicy") .defaultBehavior(BehaviorOptions.builder() .origin(bucketOrigin) .responseHeadersPolicy(myResponseHeadersPolicy) .build()) .build();
-
Nested Class Summary
Modifier and TypeInterfaceDescriptionstatic final class
A builder forResponseHeadersPolicyProps
static final class
An implementation forResponseHeadersPolicyProps
-
Method Summary
Modifier and TypeMethodDescriptionbuilder()
default String
A comment to describe the response headers policy.default ResponseHeadersCorsBehavior
A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS).default ResponseCustomHeadersBehavior
A configuration for a set of custom HTTP response headers.A list of HTTP response headers that CloudFront removes from HTTP responses that it sends to viewers.default String
A unique name to identify the response headers policy.default ResponseSecurityHeadersBehavior
A configuration for a set of security-related HTTP response headers.default Number
The percentage of responses that you want CloudFront to add the Server-Timing header to.Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Method Details
-
getComment
A comment to describe the response headers policy.Default: - no comment
-
getCorsBehavior
A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS).Default: - no cors behavior
-
getCustomHeadersBehavior
A configuration for a set of custom HTTP response headers.Default: - no custom headers behavior
-
getRemoveHeaders
A list of HTTP response headers that CloudFront removes from HTTP responses that it sends to viewers.Default: - no headers are removed
-
getResponseHeadersPolicyName
A unique name to identify the response headers policy.Default: - generated from the `id`
-
getSecurityHeadersBehavior
A configuration for a set of security-related HTTP response headers.Default: - no security headers behavior
-
getServerTimingSamplingRate
The percentage of responses that you want CloudFront to add the Server-Timing header to.Default: - no Server-Timing header is added to HTTP responses
-
builder
- Returns:
- a
ResponseHeadersPolicyProps.Builder
ofResponseHeadersPolicyProps
-