--- # generated by https://github.com/hashicorp/terraform-plugin-docs page_title: "awscc_cloudfront_response_headers_policy Data Source - terraform-provider-awscc" subcategory: "" description: |- Data Source schema for AWS::CloudFront::ResponseHeadersPolicy --- # awscc_cloudfront_response_headers_policy (Data Source) Data Source schema for AWS::CloudFront::ResponseHeadersPolicy ## Schema ### Required - `id` (String) Uniquely identifies the resource. ### Read-Only - `last_modified_time` (String) - `response_headers_policy_config` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config)) ### Nested Schema for `response_headers_policy_config` Read-Only: - `comment` (String) - `cors_config` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--cors_config)) - `custom_headers_config` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--custom_headers_config)) - `name` (String) - `security_headers_config` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--security_headers_config)) ### Nested Schema for `response_headers_policy_config.cors_config` Read-Only: - `access_control_allow_credentials` (Boolean) - `access_control_allow_headers` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--cors_config--access_control_allow_headers)) - `access_control_allow_methods` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--cors_config--access_control_allow_methods)) - `access_control_allow_origins` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--cors_config--access_control_allow_origins)) - `access_control_expose_headers` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--cors_config--access_control_expose_headers)) - `access_control_max_age_sec` (Number) - `origin_override` (Boolean) ### Nested Schema for `response_headers_policy_config.cors_config.access_control_allow_headers` Read-Only: - `items` (List of String) ### Nested Schema for `response_headers_policy_config.cors_config.access_control_allow_methods` Read-Only: - `items` (List of String) ### Nested Schema for `response_headers_policy_config.cors_config.access_control_allow_origins` Read-Only: - `items` (List of String) ### Nested Schema for `response_headers_policy_config.cors_config.access_control_expose_headers` Read-Only: - `items` (List of String) ### Nested Schema for `response_headers_policy_config.custom_headers_config` Read-Only: - `items` (Attributes List) (see [below for nested schema](#nestedatt--response_headers_policy_config--custom_headers_config--items)) ### Nested Schema for `response_headers_policy_config.custom_headers_config.items` Read-Only: - `header` (String) - `override` (Boolean) - `value` (String) ### Nested Schema for `response_headers_policy_config.security_headers_config` Read-Only: - `content_security_policy` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--security_headers_config--content_security_policy)) - `content_type_options` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--security_headers_config--content_type_options)) - `frame_options` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--security_headers_config--frame_options)) - `referrer_policy` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--security_headers_config--referrer_policy)) - `strict_transport_security` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--security_headers_config--strict_transport_security)) - `xss_protection` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--security_headers_config--xss_protection)) ### Nested Schema for `response_headers_policy_config.security_headers_config.content_security_policy` Read-Only: - `content_security_policy` (String) - `override` (Boolean) ### Nested Schema for `response_headers_policy_config.security_headers_config.content_type_options` Read-Only: - `override` (Boolean) ### Nested Schema for `response_headers_policy_config.security_headers_config.frame_options` Read-Only: - `frame_option` (String) - `override` (Boolean) ### Nested Schema for `response_headers_policy_config.security_headers_config.referrer_policy` Read-Only: - `override` (Boolean) - `referrer_policy` (String) ### Nested Schema for `response_headers_policy_config.security_headers_config.strict_transport_security` Read-Only: - `access_control_max_age_sec` (Number) - `include_subdomains` (Boolean) - `override` (Boolean) - `preload` (Boolean) ### Nested Schema for `response_headers_policy_config.security_headers_config.xss_protection` Read-Only: - `mode_block` (Boolean) - `override` (Boolean) - `protection` (Boolean) - `report_uri` (String)