ResponseHeadersPolicyCorsConfig - Amazon CloudFront
ContentsSee Also
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

ResponseHeadersPolicyCorsConfig

A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS). CloudFront adds these headers to HTTP responses that it sends for CORS requests that match a cache behavior associated with this response headers policy.

For more information about CORS, see Cross-Origin Resource Sharing (CORS) in the MDN Web Docs.

Contents

AccessControlAllowCredentials

A Boolean that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.

For more information about the Access-Control-Allow-Credentials HTTP response header, see Access-Control-Allow-Credentials in the MDN Web Docs.

Type: Boolean

Required: Yes

AccessControlAllowHeaders

A list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.

For more information about the Access-Control-Allow-Headers HTTP response header, see Access-Control-Allow-Headers in the MDN Web Docs.

Type: ResponseHeadersPolicyAccessControlAllowHeaders object

Required: Yes

AccessControlAllowMethods

A list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header.

For more information about the Access-Control-Allow-Methods HTTP response header, see Access-Control-Allow-Methods in the MDN Web Docs.

Type: ResponseHeadersPolicyAccessControlAllowMethods object

Required: Yes

AccessControlAllowOrigins

A list of origins (domain names) that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.

For more information about the Access-Control-Allow-Origin HTTP response header, see Access-Control-Allow-Origin in the MDN Web Docs.

Type: ResponseHeadersPolicyAccessControlAllowOrigins object

Required: Yes

OriginOverride

A Boolean that determines whether CloudFront overrides HTTP response headers received from the origin with the ones specified in this response headers policy.

Type: Boolean

Required: Yes

AccessControlExposeHeaders

A list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.

For more information about the Access-Control-Expose-Headers HTTP response header, see Access-Control-Expose-Headers in the MDN Web Docs.

Type: ResponseHeadersPolicyAccessControlExposeHeaders object

Required: No

AccessControlMaxAgeSec

A number that CloudFront uses as the value for the Access-Control-Max-Age HTTP response header.

For more information about the Access-Control-Max-Age HTTP response header, see Access-Control-Max-Age in the MDN Web Docs.

Type: Integer

Required: No

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: