ResponseHeadersPolicyStrictTransportSecurity
Determines whether CloudFront includes the Strict-Transport-Security
HTTP
response header and the header's value.
For more information about the Strict-Transport-Security
HTTP response
header, see Strict-Transport-Security
Contents
- AccessControlMaxAgeSec
-
A number that CloudFront uses as the value for the
max-age
directive in theStrict-Transport-Security
HTTP response header.Type: Integer
Required: Yes
- Override
-
A Boolean that determines whether CloudFront overrides the
Strict-Transport-Security
HTTP response header received from the origin with the one specified in this response headers policy.Type: Boolean
Required: Yes
- IncludeSubdomains
-
A Boolean that determines whether CloudFront includes the
includeSubDomains
directive in theStrict-Transport-Security
HTTP response header.Type: Boolean
Required: No
- Preload
-
A Boolean that determines whether CloudFront includes the
preload
directive in theStrict-Transport-Security
HTTP response header.Type: Boolean
Required: No
See Also
For more information about using this API in one of the language-specific Amazon SDKs, see the following: