--- # generated by https://github.com/hashicorp/terraform-plugin-docs page_title: "awscc_cloudfront_response_headers_policy Resource - terraform-provider-awscc" subcategory: "" description: |- Resource Type definition for AWS::CloudFront::ResponseHeadersPolicy --- # awscc_cloudfront_response_headers_policy (Resource) Resource Type definition for AWS::CloudFront::ResponseHeadersPolicy ## Schema ### Required - `response_headers_policy_config` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config)) ### Read-Only - `id` (String) The ID of this resource. - `last_modified_time` (String) ### Nested Schema for `response_headers_policy_config` Required: - `comment` (String) - `cors_config` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--cors_config)) - `custom_headers_config` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--custom_headers_config)) - `name` (String) - `security_headers_config` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--security_headers_config)) ### Nested Schema for `response_headers_policy_config.cors_config` Required: - `access_control_allow_credentials` (Boolean) - `access_control_allow_headers` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--cors_config--access_control_allow_headers)) - `access_control_allow_methods` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--cors_config--access_control_allow_methods)) - `access_control_allow_origins` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--cors_config--access_control_allow_origins)) - `access_control_expose_headers` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--cors_config--access_control_expose_headers)) - `access_control_max_age_sec` (Number) - `origin_override` (Boolean) ### Nested Schema for `response_headers_policy_config.cors_config.access_control_allow_headers` Required: - `items` (List of String) ### Nested Schema for `response_headers_policy_config.cors_config.access_control_allow_methods` Required: - `items` (List of String) ### Nested Schema for `response_headers_policy_config.cors_config.access_control_allow_origins` Required: - `items` (List of String) ### Nested Schema for `response_headers_policy_config.cors_config.access_control_expose_headers` Required: - `items` (List of String) ### Nested Schema for `response_headers_policy_config.custom_headers_config` Required: - `items` (Attributes List) (see [below for nested schema](#nestedatt--response_headers_policy_config--custom_headers_config--items)) ### Nested Schema for `response_headers_policy_config.custom_headers_config.items` Required: - `header` (String) - `override` (Boolean) - `value` (String) ### Nested Schema for `response_headers_policy_config.security_headers_config` Required: - `content_security_policy` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--security_headers_config--content_security_policy)) - `content_type_options` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--security_headers_config--content_type_options)) - `frame_options` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--security_headers_config--frame_options)) - `referrer_policy` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--security_headers_config--referrer_policy)) - `strict_transport_security` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--security_headers_config--strict_transport_security)) - `xss_protection` (Attributes) (see [below for nested schema](#nestedatt--response_headers_policy_config--security_headers_config--xss_protection)) ### Nested Schema for `response_headers_policy_config.security_headers_config.content_security_policy` Required: - `content_security_policy` (String) - `override` (Boolean) ### Nested Schema for `response_headers_policy_config.security_headers_config.content_type_options` Required: - `override` (Boolean) ### Nested Schema for `response_headers_policy_config.security_headers_config.frame_options` Required: - `frame_option` (String) - `override` (Boolean) ### Nested Schema for `response_headers_policy_config.security_headers_config.referrer_policy` Required: - `override` (Boolean) - `referrer_policy` (String) ### Nested Schema for `response_headers_policy_config.security_headers_config.strict_transport_security` Required: - `access_control_max_age_sec` (Number) - `include_subdomains` (Boolean) - `override` (Boolean) - `preload` (Boolean) ### Nested Schema for `response_headers_policy_config.security_headers_config.xss_protection` Required: - `mode_block` (Boolean) - `override` (Boolean) - `protection` (Boolean) - `report_uri` (String) ## Import Import is supported using the following syntax: ```shell $ terraform import awscc_cloudfront_response_headers_policy.example ```