# CreateResponseHeadersPolicy Creates a response headers policy. A response headers policy contains information about a set of HTTP headers. To create a response headers policy, you provide some metadata about the policy and a set of configurations that specify the headers. After you create a response headers policy, you can use its ID to attach it to one or more cache behaviors in a CloudFront distribution. When it's attached to a cache behavior, the response headers policy affects the HTTP headers that CloudFront includes in HTTP responses to requests that match the cache behavior. CloudFront adds or removes response headers according to the configuration of the response headers policy. For more information, see [Adding or removing HTTP headers in CloudFront responses](https://docs.amazonaws.cn/AmazonCloudFront/latest/DeveloperGuide/modifying-response-headers.html) in the *Amazon CloudFront Developer Guide*. ## Request Syntax ``` POST /2020-05-31/response-headers-policy HTTP/1.1 {{string}} {{boolean}}
{{string}}
 {{integer}} {{string}} {{integer}} {{string}} {{integer}}
{{string}}
 {{integer}} {{integer}} {{boolean}}
{{string}}
{{boolean}} {{string}} {{integer}} {{string}}
{{string}}
 {{integer}} {{string}} {{boolean}} {{boolean}} {{string}} {{boolean}} {{boolean}} {{string}} {{integer}} {{boolean}} {{boolean}} {{boolean}} {{boolean}} {{boolean}} {{boolean}} {{string}} {{boolean}} {{double}} ``` ## URI Request Parameters The request does not use any URI parameters. ## Request Body The request accepts the following data in XML format. ** [ResponseHeadersPolicyConfig](#API_CreateResponseHeadersPolicy_RequestSyntax) ** Root level tag for the ResponseHeadersPolicyConfig parameters. Required: Yes ** [Comment](#API_CreateResponseHeadersPolicy_RequestSyntax) ** A comment to describe the response headers policy. The comment cannot be longer than 128 characters. Type: String Required: No ** [CorsConfig](#API_CreateResponseHeadersPolicy_RequestSyntax) ** A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS). Type: [ResponseHeadersPolicyCorsConfig](API_ResponseHeadersPolicyCorsConfig.md) object Required: No ** [CustomHeadersConfig](#API_CreateResponseHeadersPolicy_RequestSyntax) ** A configuration for a set of custom HTTP response headers. Type: [ResponseHeadersPolicyCustomHeadersConfig](API_ResponseHeadersPolicyCustomHeadersConfig.md) object Required: No ** [Name](#API_CreateResponseHeadersPolicy_RequestSyntax) ** A name to identify the response headers policy. The name must be unique for response headers policies in this Amazon Web Services account. Type: String Required: Yes ** [RemoveHeadersConfig](#API_CreateResponseHeadersPolicy_RequestSyntax) ** A configuration for a set of HTTP headers to remove from the HTTP response. Type: [ResponseHeadersPolicyRemoveHeadersConfig](API_ResponseHeadersPolicyRemoveHeadersConfig.md) object Required: No ** [SecurityHeadersConfig](#API_CreateResponseHeadersPolicy_RequestSyntax) ** A configuration for a set of security-related HTTP response headers. Type: [ResponseHeadersPolicySecurityHeadersConfig](API_ResponseHeadersPolicySecurityHeadersConfig.md) object Required: No ** [ServerTimingHeadersConfig](#API_CreateResponseHeadersPolicy_RequestSyntax) ** A configuration for enabling the `Server-Timing` header in HTTP responses sent from CloudFront. Type: [ResponseHeadersPolicyServerTimingHeadersConfig](API_ResponseHeadersPolicyServerTimingHeadersConfig.md) object Required: No ## Response Syntax ``` HTTP/1.1 201 string timestamp string boolean
string
 integer string integer string integer
string
 integer integer boolean
string
boolean string integer string
string
 integer string boolean boolean string boolean boolean string integer boolean boolean boolean boolean boolean boolean string boolean double ``` ## Response Elements If the action is successful, the service sends back an HTTP 201 response. The following data is returned in XML format by the service. ** [ResponseHeadersPolicy](#API_CreateResponseHeadersPolicy_ResponseSyntax) ** Root level tag for the ResponseHeadersPolicy parameters. Required: Yes ** [Id](#API_CreateResponseHeadersPolicy_ResponseSyntax) ** The identifier for the response headers policy. Type: String ** [LastModifiedTime](#API_CreateResponseHeadersPolicy_ResponseSyntax) ** The date and time when the response headers policy was last modified. Type: Timestamp ** [ResponseHeadersPolicyConfig](#API_CreateResponseHeadersPolicy_ResponseSyntax) ** A response headers policy configuration. Type: [ResponseHeadersPolicyConfig](API_ResponseHeadersPolicyConfig.md) object ## Errors For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md). ** AccessDenied ** Access denied. HTTP Status Code: 403 ** InconsistentQuantities ** The value of `Quantity` and the size of `Items` don't match. HTTP Status Code: 400 ** InvalidArgument ** An argument is invalid. HTTP Status Code: 400 ** ResponseHeadersPolicyAlreadyExists ** A response headers policy with this name already exists. You must provide a unique name. To modify an existing response headers policy, use `UpdateResponseHeadersPolicy`. HTTP Status Code: 409 ** TooLongCSPInResponseHeadersPolicy ** The length of the `Content-Security-Policy` header value in the response headers policy exceeds the maximum. For more information, see [Quotas](https://docs.amazonaws.cn/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html) (formerly known as limits) in the *Amazon CloudFront Developer Guide*. HTTP Status Code: 400 ** TooManyCustomHeadersInResponseHeadersPolicy ** The number of custom headers in the response headers policy exceeds the maximum. For more information, see [Quotas](https://docs.amazonaws.cn/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html) (formerly known as limits) in the *Amazon CloudFront Developer Guide*. HTTP Status Code: 400 ** TooManyRemoveHeadersInResponseHeadersPolicy ** The number of headers in `RemoveHeadersConfig` in the response headers policy exceeds the maximum. For more information, see [Quotas](https://docs.amazonaws.cn/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html) (formerly known as limits) in the *Amazon CloudFront Developer Guide*. HTTP Status Code: 400 ** TooManyResponseHeadersPolicies ** You have reached the maximum number of response headers policies for this Amazon Web Services account. For more information, see [Quotas](https://docs.amazonaws.cn/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html) (formerly known as limits) in the *Amazon CloudFront Developer Guide*. HTTP Status Code: 400 ## See Also For more information about using this API in one of the language-specific Amazon SDKs, see the following: + [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/cloudfront-2020-05-31/CreateResponseHeadersPolicy) + [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/cloudfront-2020-05-31/CreateResponseHeadersPolicy) + [Amazon SDK for C\+\+](https://docs.amazonaws.cn/goto/SdkForCpp/cloudfront-2020-05-31/CreateResponseHeadersPolicy) + [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/cloudfront-2020-05-31/CreateResponseHeadersPolicy) + [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/cloudfront-2020-05-31/CreateResponseHeadersPolicy) + [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/cloudfront-2020-05-31/CreateResponseHeadersPolicy) + [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/cloudfront-2020-05-31/CreateResponseHeadersPolicy) + [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/cloudfront-2020-05-31/CreateResponseHeadersPolicy) + [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/cloudfront-2020-05-31/CreateResponseHeadersPolicy) + [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/cloudfront-2020-05-31/CreateResponseHeadersPolicy)