aws-sdk-cloudfront 1.54.0 → 1.58.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -53,25 +53,25 @@ module Aws::CloudFront
53
53
  include Aws::Structure
54
54
  end
55
55
 
56
- # A list of accounts and the active CloudFront key pairs in each account
57
- # that CloudFront can use to verify the signatures of signed URLs and
58
- # signed cookies.
56
+ # A list of Amazon Web Services accounts and the active CloudFront key
57
+ # pairs in each account that CloudFront can use to verify the signatures
58
+ # of signed URLs and signed cookies.
59
59
  #
60
60
  # @!attribute [rw] enabled
61
- # This field is `true` if any of the accounts in the list have active
62
- # CloudFront key pairs that CloudFront can use to verify the
63
- # signatures of signed URLs and signed cookies. If not, this field is
64
- # `false`.
61
+ # This field is `true` if any of the Amazon Web Services accounts in
62
+ # the list have active CloudFront key pairs that CloudFront can use to
63
+ # verify the signatures of signed URLs and signed cookies. If not,
64
+ # this field is `false`.
65
65
  # @return [Boolean]
66
66
  #
67
67
  # @!attribute [rw] quantity
68
- # The number of accounts in the list.
68
+ # The number of Amazon Web Services accounts in the list.
69
69
  # @return [Integer]
70
70
  #
71
71
  # @!attribute [rw] items
72
- # A list of accounts and the identifiers of active CloudFront key
73
- # pairs in each account that CloudFront can use to verify the
74
- # signatures of signed URLs and signed cookies.
72
+ # A list of Amazon Web Services accounts and the identifiers of active
73
+ # CloudFront key pairs in each account that CloudFront can use to
74
+ # verify the signatures of signed URLs and signed cookies.
75
75
  # @return [Array<Types::Signer>]
76
76
  #
77
77
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ActiveTrustedSigners AWS API Documentation
@@ -367,6 +367,7 @@ module Aws::CloudFront
367
367
  # realtime_log_config_arn: "string",
368
368
  # cache_policy_id: "string",
369
369
  # origin_request_policy_id: "string",
370
+ # response_headers_policy_id: "string",
370
371
  # forwarded_values: {
371
372
  # query_string: false, # required
372
373
  # cookies: { # required
@@ -423,17 +424,17 @@ module Aws::CloudFront
423
424
  # @!attribute [rw] trusted_signers
424
425
  # We recommend using `TrustedKeyGroups` instead of `TrustedSigners`.
425
426
  #
426
- # A list of account IDs whose public keys CloudFront can use to
427
- # validate signed URLs or signed cookies.
427
+ # A list of Amazon Web Services account IDs whose public keys
428
+ # CloudFront can use to validate signed URLs or signed cookies.
428
429
  #
429
430
  # When a cache behavior contains trusted signers, CloudFront requires
430
431
  # signed URLs or signed cookies for all requests that match the cache
431
432
  # behavior. The URLs or cookies must be signed with the private key of
432
- # a CloudFront key pair in the trusted signer’s account. The signed
433
- # URL or cookie contains information about which public key CloudFront
434
- # should use to verify the signature. For more information, see
435
- # [Serving private content][1] in the *Amazon CloudFront Developer
436
- # Guide*.
433
+ # a CloudFront key pair in the trusted signer’s Amazon Web Services
434
+ # account. The signed URL or cookie contains information about which
435
+ # public key CloudFront should use to verify the signature. For more
436
+ # information, see [Serving private content][1] in the *Amazon
437
+ # CloudFront Developer Guide*.
437
438
  #
438
439
  #
439
440
  #
@@ -588,6 +589,10 @@ module Aws::CloudFront
588
589
  # [2]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html
589
590
  # @return [String]
590
591
  #
592
+ # @!attribute [rw] response_headers_policy_id
593
+ # The identifier for a response headers policy.
594
+ # @return [String]
595
+ #
591
596
  # @!attribute [rw] forwarded_values
592
597
  # This field is deprecated. We recommend that you use a cache policy
593
598
  # or an origin request policy instead of this field. For more
@@ -703,6 +708,7 @@ module Aws::CloudFront
703
708
  :realtime_log_config_arn,
704
709
  :cache_policy_id,
705
710
  :origin_request_policy_id,
711
+ :response_headers_policy_id,
706
712
  :forwarded_values,
707
713
  :min_ttl,
708
714
  :default_ttl,
@@ -766,6 +772,7 @@ module Aws::CloudFront
766
772
  # realtime_log_config_arn: "string",
767
773
  # cache_policy_id: "string",
768
774
  # origin_request_policy_id: "string",
775
+ # response_headers_policy_id: "string",
769
776
  # forwarded_values: {
770
777
  # query_string: false, # required
771
778
  # cookies: { # required
@@ -1209,7 +1216,7 @@ module Aws::CloudFront
1209
1216
  #
1210
1217
  # @!attribute [rw] type
1211
1218
  # The type of cache policy, either `managed` (created by Amazon Web
1212
- # Services) or `custom` (created in this account).
1219
+ # Services) or `custom` (created in this Amazon Web Services account).
1213
1220
  # @return [String]
1214
1221
  #
1215
1222
  # @!attribute [rw] cache_policy
@@ -1420,13 +1427,14 @@ module Aws::CloudFront
1420
1427
  #
1421
1428
  # @!attribute [rw] quantity
1422
1429
  # The number of CloudFront origin access identities that were created
1423
- # by the current account.
1430
+ # by the current Amazon Web Services account.
1424
1431
  # @return [Integer]
1425
1432
  #
1426
1433
  # @!attribute [rw] items
1427
1434
  # A complex type that contains one
1428
1435
  # `CloudFrontOriginAccessIdentitySummary` element for each origin
1429
- # access identity that was created by the current account.
1436
+ # access identity that was created by the current Amazon Web Services
1437
+ # account.
1430
1438
  # @return [Array<Types::CloudFrontOriginAccessIdentitySummary>]
1431
1439
  #
1432
1440
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/CloudFrontOriginAccessIdentityList AWS API Documentation
@@ -1930,7 +1938,7 @@ module Aws::CloudFront
1930
1938
  # items: [
1931
1939
  # {
1932
1940
  # header_name: "string", # required
1933
- # header_value: "string", # required
1941
+ # header_value: "sensitiveStringType", # required
1934
1942
  # },
1935
1943
  # ],
1936
1944
  # },
@@ -2025,6 +2033,7 @@ module Aws::CloudFront
2025
2033
  # realtime_log_config_arn: "string",
2026
2034
  # cache_policy_id: "string",
2027
2035
  # origin_request_policy_id: "string",
2036
+ # response_headers_policy_id: "string",
2028
2037
  # forwarded_values: {
2029
2038
  # query_string: false, # required
2030
2039
  # cookies: { # required
@@ -2097,6 +2106,7 @@ module Aws::CloudFront
2097
2106
  # realtime_log_config_arn: "string",
2098
2107
  # cache_policy_id: "string",
2099
2108
  # origin_request_policy_id: "string",
2109
+ # response_headers_policy_id: "string",
2100
2110
  # forwarded_values: {
2101
2111
  # query_string: false, # required
2102
2112
  # cookies: { # required
@@ -2226,7 +2236,7 @@ module Aws::CloudFront
2226
2236
  # items: [
2227
2237
  # {
2228
2238
  # header_name: "string", # required
2229
- # header_value: "string", # required
2239
+ # header_value: "sensitiveStringType", # required
2230
2240
  # },
2231
2241
  # ],
2232
2242
  # },
@@ -2321,6 +2331,7 @@ module Aws::CloudFront
2321
2331
  # realtime_log_config_arn: "string",
2322
2332
  # cache_policy_id: "string",
2323
2333
  # origin_request_policy_id: "string",
2334
+ # response_headers_policy_id: "string",
2324
2335
  # forwarded_values: {
2325
2336
  # query_string: false, # required
2326
2337
  # cookies: { # required
@@ -2393,6 +2404,7 @@ module Aws::CloudFront
2393
2404
  # realtime_log_config_arn: "string",
2394
2405
  # cache_policy_id: "string",
2395
2406
  # origin_request_policy_id: "string",
2407
+ # response_headers_policy_id: "string",
2396
2408
  # forwarded_values: {
2397
2409
  # query_string: false, # required
2398
2410
  # cookies: { # required
@@ -3023,6 +3035,112 @@ module Aws::CloudFront
3023
3035
  include Aws::Structure
3024
3036
  end
3025
3037
 
3038
+ # @note When making an API call, you may pass CreateResponseHeadersPolicyRequest
3039
+ # data as a hash:
3040
+ #
3041
+ # {
3042
+ # response_headers_policy_config: { # required
3043
+ # comment: "string",
3044
+ # name: "string", # required
3045
+ # cors_config: {
3046
+ # access_control_allow_origins: { # required
3047
+ # quantity: 1, # required
3048
+ # items: ["string"], # required
3049
+ # },
3050
+ # access_control_allow_headers: { # required
3051
+ # quantity: 1, # required
3052
+ # items: ["string"], # required
3053
+ # },
3054
+ # access_control_allow_methods: { # required
3055
+ # quantity: 1, # required
3056
+ # items: ["GET"], # required, accepts GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD, ALL
3057
+ # },
3058
+ # access_control_allow_credentials: false, # required
3059
+ # access_control_expose_headers: {
3060
+ # quantity: 1, # required
3061
+ # items: ["string"],
3062
+ # },
3063
+ # access_control_max_age_sec: 1,
3064
+ # origin_override: false, # required
3065
+ # },
3066
+ # security_headers_config: {
3067
+ # xss_protection: {
3068
+ # override: false, # required
3069
+ # protection: false, # required
3070
+ # mode_block: false,
3071
+ # report_uri: "string",
3072
+ # },
3073
+ # frame_options: {
3074
+ # override: false, # required
3075
+ # frame_option: "DENY", # required, accepts DENY, SAMEORIGIN
3076
+ # },
3077
+ # referrer_policy: {
3078
+ # override: false, # required
3079
+ # referrer_policy: "no-referrer", # required, accepts no-referrer, no-referrer-when-downgrade, origin, origin-when-cross-origin, same-origin, strict-origin, strict-origin-when-cross-origin, unsafe-url
3080
+ # },
3081
+ # content_security_policy: {
3082
+ # override: false, # required
3083
+ # content_security_policy: "string", # required
3084
+ # },
3085
+ # content_type_options: {
3086
+ # override: false, # required
3087
+ # },
3088
+ # strict_transport_security: {
3089
+ # override: false, # required
3090
+ # include_subdomains: false,
3091
+ # preload: false,
3092
+ # access_control_max_age_sec: 1, # required
3093
+ # },
3094
+ # },
3095
+ # custom_headers_config: {
3096
+ # quantity: 1, # required
3097
+ # items: [
3098
+ # {
3099
+ # header: "string", # required
3100
+ # value: "string", # required
3101
+ # override: false, # required
3102
+ # },
3103
+ # ],
3104
+ # },
3105
+ # },
3106
+ # }
3107
+ #
3108
+ # @!attribute [rw] response_headers_policy_config
3109
+ # Contains metadata about the response headers policy, and a set of
3110
+ # configurations that specify the response headers.
3111
+ # @return [Types::ResponseHeadersPolicyConfig]
3112
+ #
3113
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/CreateResponseHeadersPolicyRequest AWS API Documentation
3114
+ #
3115
+ class CreateResponseHeadersPolicyRequest < Struct.new(
3116
+ :response_headers_policy_config)
3117
+ SENSITIVE = []
3118
+ include Aws::Structure
3119
+ end
3120
+
3121
+ # @!attribute [rw] response_headers_policy
3122
+ # Contains a response headers policy.
3123
+ # @return [Types::ResponseHeadersPolicy]
3124
+ #
3125
+ # @!attribute [rw] location
3126
+ # The URL of the response headers policy.
3127
+ # @return [String]
3128
+ #
3129
+ # @!attribute [rw] etag
3130
+ # The version identifier for the current version of the response
3131
+ # headers policy.
3132
+ # @return [String]
3133
+ #
3134
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/CreateResponseHeadersPolicyResult AWS API Documentation
3135
+ #
3136
+ class CreateResponseHeadersPolicyResult < Struct.new(
3137
+ :response_headers_policy,
3138
+ :location,
3139
+ :etag)
3140
+ SENSITIVE = []
3141
+ include Aws::Structure
3142
+ end
3143
+
3026
3144
  # The request to create a new streaming distribution.
3027
3145
  #
3028
3146
  # @note When making an API call, you may pass CreateStreamingDistributionRequest
@@ -3342,7 +3460,7 @@ module Aws::CloudFront
3342
3460
  # items: [
3343
3461
  # {
3344
3462
  # header_name: "string", # required
3345
- # header_value: "string", # required
3463
+ # header_value: "sensitiveStringType", # required
3346
3464
  # },
3347
3465
  # ],
3348
3466
  # }
@@ -3521,6 +3639,7 @@ module Aws::CloudFront
3521
3639
  # realtime_log_config_arn: "string",
3522
3640
  # cache_policy_id: "string",
3523
3641
  # origin_request_policy_id: "string",
3642
+ # response_headers_policy_id: "string",
3524
3643
  # forwarded_values: {
3525
3644
  # query_string: false, # required
3526
3645
  # cookies: { # required
@@ -3552,17 +3671,17 @@ module Aws::CloudFront
3552
3671
  # @!attribute [rw] trusted_signers
3553
3672
  # We recommend using `TrustedKeyGroups` instead of `TrustedSigners`.
3554
3673
  #
3555
- # A list of account IDs whose public keys CloudFront can use to
3556
- # validate signed URLs or signed cookies.
3674
+ # A list of Amazon Web Services account IDs whose public keys
3675
+ # CloudFront can use to validate signed URLs or signed cookies.
3557
3676
  #
3558
3677
  # When a cache behavior contains trusted signers, CloudFront requires
3559
3678
  # signed URLs or signed cookies for all requests that match the cache
3560
3679
  # behavior. The URLs or cookies must be signed with the private key of
3561
- # a CloudFront key pair in a trusted signer’s account. The signed URL
3562
- # or cookie contains information about which public key CloudFront
3563
- # should use to verify the signature. For more information, see
3564
- # [Serving private content][1] in the *Amazon CloudFront Developer
3565
- # Guide*.
3680
+ # a CloudFront key pair in a trusted signer’s Amazon Web Services
3681
+ # account. The signed URL or cookie contains information about which
3682
+ # public key CloudFront should use to verify the signature. For more
3683
+ # information, see [Serving private content][1] in the *Amazon
3684
+ # CloudFront Developer Guide*.
3566
3685
  #
3567
3686
  #
3568
3687
  #
@@ -3717,6 +3836,10 @@ module Aws::CloudFront
3717
3836
  # [2]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html
3718
3837
  # @return [String]
3719
3838
  #
3839
+ # @!attribute [rw] response_headers_policy_id
3840
+ # The identifier for a response headers policy.
3841
+ # @return [String]
3842
+ #
3720
3843
  # @!attribute [rw] forwarded_values
3721
3844
  # This field is deprecated. We recommend that you use a cache policy
3722
3845
  # or an origin request policy instead of this field. For more
@@ -3831,6 +3954,7 @@ module Aws::CloudFront
3831
3954
  :realtime_log_config_arn,
3832
3955
  :cache_policy_id,
3833
3956
  :origin_request_policy_id,
3957
+ :response_headers_policy_id,
3834
3958
  :forwarded_values,
3835
3959
  :min_ttl,
3836
3960
  :default_ttl,
@@ -4176,6 +4300,38 @@ module Aws::CloudFront
4176
4300
  include Aws::Structure
4177
4301
  end
4178
4302
 
4303
+ # @note When making an API call, you may pass DeleteResponseHeadersPolicyRequest
4304
+ # data as a hash:
4305
+ #
4306
+ # {
4307
+ # id: "string", # required
4308
+ # if_match: "string",
4309
+ # }
4310
+ #
4311
+ # @!attribute [rw] id
4312
+ # The identifier for the response headers policy that you are
4313
+ # deleting.
4314
+ #
4315
+ # To get the identifier, you can use `ListResponseHeadersPolicies`.
4316
+ # @return [String]
4317
+ #
4318
+ # @!attribute [rw] if_match
4319
+ # The version of the response headers policy that you are deleting.
4320
+ #
4321
+ # The version is the response headers policy’s `ETag` value, which you
4322
+ # can get using `ListResponseHeadersPolicies`,
4323
+ # `GetResponseHeadersPolicy`, or `GetResponseHeadersPolicyConfig`.
4324
+ # @return [String]
4325
+ #
4326
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/DeleteResponseHeadersPolicyRequest AWS API Documentation
4327
+ #
4328
+ class DeleteResponseHeadersPolicyRequest < Struct.new(
4329
+ :id,
4330
+ :if_match)
4331
+ SENSITIVE = []
4332
+ include Aws::Structure
4333
+ end
4334
+
4179
4335
  # The request to delete a streaming distribution.
4180
4336
  #
4181
4337
  # @note When making an API call, you may pass DeleteStreamingDistributionRequest
@@ -4258,7 +4414,7 @@ module Aws::CloudFront
4258
4414
  # @!attribute [rw] arn
4259
4415
  # The ARN (Amazon Resource Name) for the distribution. For example:
4260
4416
  # `arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5`,
4261
- # where `123456789012` is your account ID.
4417
+ # where `123456789012` is your Amazon Web Services account ID.
4262
4418
  # @return [String]
4263
4419
  #
4264
4420
  # @!attribute [rw] status
@@ -4285,10 +4441,10 @@ module Aws::CloudFront
4285
4441
  #
4286
4442
  # CloudFront automatically adds this field to the response if you’ve
4287
4443
  # configured a cache behavior in this distribution to serve private
4288
- # content using trusted signers. This field contains a list of account
4289
- # IDs and the active CloudFront key pairs in each account that
4290
- # CloudFront can use to verify the signatures of signed URLs or signed
4291
- # cookies.
4444
+ # content using trusted signers. This field contains a list of Amazon
4445
+ # Web Services account IDs and the active CloudFront key pairs in each
4446
+ # account that CloudFront can use to verify the signatures of signed
4447
+ # URLs or signed cookies.
4292
4448
  # @return [Types::ActiveTrustedSigners]
4293
4449
  #
4294
4450
  # @!attribute [rw] active_trusted_key_groups
@@ -4376,7 +4532,7 @@ module Aws::CloudFront
4376
4532
  # items: [
4377
4533
  # {
4378
4534
  # header_name: "string", # required
4379
- # header_value: "string", # required
4535
+ # header_value: "sensitiveStringType", # required
4380
4536
  # },
4381
4537
  # ],
4382
4538
  # },
@@ -4471,6 +4627,7 @@ module Aws::CloudFront
4471
4627
  # realtime_log_config_arn: "string",
4472
4628
  # cache_policy_id: "string",
4473
4629
  # origin_request_policy_id: "string",
4630
+ # response_headers_policy_id: "string",
4474
4631
  # forwarded_values: {
4475
4632
  # query_string: false, # required
4476
4633
  # cookies: { # required
@@ -4543,6 +4700,7 @@ module Aws::CloudFront
4543
4700
  # realtime_log_config_arn: "string",
4544
4701
  # cache_policy_id: "string",
4545
4702
  # origin_request_policy_id: "string",
4703
+ # response_headers_policy_id: "string",
4546
4704
  # forwarded_values: {
4547
4705
  # query_string: false, # required
4548
4706
  # cookies: { # required
@@ -4807,7 +4965,7 @@ module Aws::CloudFront
4807
4965
  # more information, see [Creating a Signed URL Using a Custom
4808
4966
  # Policy][1] in the *Amazon CloudFront Developer Guide*.
4809
4967
  #
4810
- # If you're using an Route 53 Amazon Web Services Integration alias
4968
+ # If you're using an Route 53 Amazon Web Services Integration alias
4811
4969
  # resource record set to route traffic to your CloudFront
4812
4970
  # distribution, you need to create a second alias resource record set
4813
4971
  # when both of the following are true:
@@ -4817,10 +4975,10 @@ module Aws::CloudFront
4817
4975
  # * You're using alternate domain names in the URLs for your objects
4818
4976
  #
4819
4977
  # For more information, see [Routing Traffic to an Amazon CloudFront
4820
- # Web Distribution by Using Your Domain Name][2] in the *Route 53
4978
+ # Web Distribution by Using Your Domain Name][2] in the *Route 53
4821
4979
  # Amazon Web Services Integration Developer Guide*.
4822
4980
  #
4823
- # If you created a CNAME resource record set, either with Route 53
4981
+ # If you created a CNAME resource record set, either with Route 53
4824
4982
  # Amazon Web Services Integration or with another DNS service, you
4825
4983
  # don't need to make any changes. A CNAME record will route traffic
4826
4984
  # to your distribution regardless of the IP address format of the
@@ -4882,7 +5040,7 @@ module Aws::CloudFront
4882
5040
  # items: [
4883
5041
  # {
4884
5042
  # header_name: "string", # required
4885
- # header_value: "string", # required
5043
+ # header_value: "sensitiveStringType", # required
4886
5044
  # },
4887
5045
  # ],
4888
5046
  # },
@@ -4977,6 +5135,7 @@ module Aws::CloudFront
4977
5135
  # realtime_log_config_arn: "string",
4978
5136
  # cache_policy_id: "string",
4979
5137
  # origin_request_policy_id: "string",
5138
+ # response_headers_policy_id: "string",
4980
5139
  # forwarded_values: {
4981
5140
  # query_string: false, # required
4982
5141
  # cookies: { # required
@@ -5049,6 +5208,7 @@ module Aws::CloudFront
5049
5208
  # realtime_log_config_arn: "string",
5050
5209
  # cache_policy_id: "string",
5051
5210
  # origin_request_policy_id: "string",
5211
+ # response_headers_policy_id: "string",
5052
5212
  # forwarded_values: {
5053
5213
  # query_string: false, # required
5054
5214
  # cookies: { # required
@@ -5208,13 +5368,14 @@ module Aws::CloudFront
5208
5368
  # @return [Boolean]
5209
5369
  #
5210
5370
  # @!attribute [rw] quantity
5211
- # The number of distributions that were created by the current
5212
- # account.
5371
+ # The number of distributions that were created by the current Amazon
5372
+ # Web Services account.
5213
5373
  # @return [Integer]
5214
5374
  #
5215
5375
  # @!attribute [rw] items
5216
5376
  # A complex type that contains one `DistributionSummary` element for
5217
- # each distribution that was created by the current account.
5377
+ # each distribution that was created by the current Amazon Web
5378
+ # Services account.
5218
5379
  # @return [Array<Types::DistributionSummary>]
5219
5380
  #
5220
5381
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/DistributionList AWS API Documentation
@@ -5253,7 +5414,7 @@ module Aws::CloudFront
5253
5414
  # @!attribute [rw] arn
5254
5415
  # The ARN (Amazon Resource Name) for the distribution. For example:
5255
5416
  # `arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5`,
5256
- # where `123456789012` is your account ID.
5417
+ # where `123456789012` is your Amazon Web Services account ID.
5257
5418
  # @return [String]
5258
5419
  #
5259
5420
  # @!attribute [rw] status
@@ -6088,9 +6249,9 @@ module Aws::CloudFront
6088
6249
  include Aws::Structure
6089
6250
  end
6090
6251
 
6091
- # A function with the same name already exists in this account. To
6092
- # create a function, you must provide a unique name. To update an
6093
- # existing function, use `UpdateFunction`.
6252
+ # A function with the same name already exists in this Amazon Web
6253
+ # Services account. To create a function, you must provide a unique
6254
+ # name. To update an existing function, use `UpdateFunction`.
6094
6255
  #
6095
6256
  # @!attribute [rw] message
6096
6257
  # @return [String]
@@ -7184,6 +7345,92 @@ module Aws::CloudFront
7184
7345
  include Aws::Structure
7185
7346
  end
7186
7347
 
7348
+ # @note When making an API call, you may pass GetResponseHeadersPolicyConfigRequest
7349
+ # data as a hash:
7350
+ #
7351
+ # {
7352
+ # id: "string", # required
7353
+ # }
7354
+ #
7355
+ # @!attribute [rw] id
7356
+ # The identifier for the response headers policy.
7357
+ #
7358
+ # If the response headers policy is attached to a distribution’s cache
7359
+ # behavior, you can get the policy’s identifier using
7360
+ # `ListDistributions` or `GetDistribution`. If the response headers
7361
+ # policy is not attached to a cache behavior, you can get the
7362
+ # identifier using `ListResponseHeadersPolicies`.
7363
+ # @return [String]
7364
+ #
7365
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/GetResponseHeadersPolicyConfigRequest AWS API Documentation
7366
+ #
7367
+ class GetResponseHeadersPolicyConfigRequest < Struct.new(
7368
+ :id)
7369
+ SENSITIVE = []
7370
+ include Aws::Structure
7371
+ end
7372
+
7373
+ # @!attribute [rw] response_headers_policy_config
7374
+ # Contains a response headers policy.
7375
+ # @return [Types::ResponseHeadersPolicyConfig]
7376
+ #
7377
+ # @!attribute [rw] etag
7378
+ # The version identifier for the current version of the response
7379
+ # headers policy.
7380
+ # @return [String]
7381
+ #
7382
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/GetResponseHeadersPolicyConfigResult AWS API Documentation
7383
+ #
7384
+ class GetResponseHeadersPolicyConfigResult < Struct.new(
7385
+ :response_headers_policy_config,
7386
+ :etag)
7387
+ SENSITIVE = []
7388
+ include Aws::Structure
7389
+ end
7390
+
7391
+ # @note When making an API call, you may pass GetResponseHeadersPolicyRequest
7392
+ # data as a hash:
7393
+ #
7394
+ # {
7395
+ # id: "string", # required
7396
+ # }
7397
+ #
7398
+ # @!attribute [rw] id
7399
+ # The identifier for the response headers policy.
7400
+ #
7401
+ # If the response headers policy is attached to a distribution’s cache
7402
+ # behavior, you can get the policy’s identifier using
7403
+ # `ListDistributions` or `GetDistribution`. If the response headers
7404
+ # policy is not attached to a cache behavior, you can get the
7405
+ # identifier using `ListResponseHeadersPolicies`.
7406
+ # @return [String]
7407
+ #
7408
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/GetResponseHeadersPolicyRequest AWS API Documentation
7409
+ #
7410
+ class GetResponseHeadersPolicyRequest < Struct.new(
7411
+ :id)
7412
+ SENSITIVE = []
7413
+ include Aws::Structure
7414
+ end
7415
+
7416
+ # @!attribute [rw] response_headers_policy
7417
+ # Contains a response headers policy.
7418
+ # @return [Types::ResponseHeadersPolicy]
7419
+ #
7420
+ # @!attribute [rw] etag
7421
+ # The version identifier for the current version of the response
7422
+ # headers policy.
7423
+ # @return [String]
7424
+ #
7425
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/GetResponseHeadersPolicyResult AWS API Documentation
7426
+ #
7427
+ class GetResponseHeadersPolicyResult < Struct.new(
7428
+ :response_headers_policy,
7429
+ :etag)
7430
+ SENSITIVE = []
7431
+ include Aws::Structure
7432
+ end
7433
+
7187
7434
  # To request to get a streaming distribution configuration.
7188
7435
  #
7189
7436
  # @note When making an API call, you may pass GetStreamingDistributionConfigRequest
@@ -7789,12 +8036,13 @@ module Aws::CloudFront
7789
8036
  #
7790
8037
  # @!attribute [rw] quantity
7791
8038
  # The number of invalidation batches that were created by the current
7792
- # account.
8039
+ # Amazon Web Services account.
7793
8040
  # @return [Integer]
7794
8041
  #
7795
8042
  # @!attribute [rw] items
7796
8043
  # A complex type that contains one `InvalidationSummary` element for
7797
- # each invalidation batch created by the current account.
8044
+ # each invalidation batch created by the current Amazon Web Services
8045
+ # account.
7798
8046
  # @return [Array<Types::InvalidationSummary>]
7799
8047
  #
7800
8048
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/InvalidationList AWS API Documentation
@@ -8169,8 +8417,8 @@ module Aws::CloudFront
8169
8417
  # * `managed` – Returns only the managed policies created by Amazon
8170
8418
  # Web Services.
8171
8419
  #
8172
- # * `custom` – Returns only the custom policies created in your
8173
- # account.
8420
+ # * `custom` – Returns only the custom policies created in your Amazon
8421
+ # Web Services account.
8174
8422
  # @return [String]
8175
8423
  #
8176
8424
  # @!attribute [rw] marker
@@ -8511,6 +8759,55 @@ module Aws::CloudFront
8511
8759
  include Aws::Structure
8512
8760
  end
8513
8761
 
8762
+ # @note When making an API call, you may pass ListDistributionsByResponseHeadersPolicyIdRequest
8763
+ # data as a hash:
8764
+ #
8765
+ # {
8766
+ # marker: "string",
8767
+ # max_items: 1,
8768
+ # response_headers_policy_id: "string", # required
8769
+ # }
8770
+ #
8771
+ # @!attribute [rw] marker
8772
+ # Use this field when paginating results to indicate where to begin in
8773
+ # your list of distribution IDs. The response includes distribution
8774
+ # IDs in the list that occur after the marker. To get the next page of
8775
+ # the list, set this field’s value to the value of `NextMarker` from
8776
+ # the current page’s response.
8777
+ # @return [String]
8778
+ #
8779
+ # @!attribute [rw] max_items
8780
+ # The maximum number of distribution IDs that you want to get in the
8781
+ # response.
8782
+ # @return [Integer]
8783
+ #
8784
+ # @!attribute [rw] response_headers_policy_id
8785
+ # The ID of the response headers policy whose associated distribution
8786
+ # IDs you want to list.
8787
+ # @return [String]
8788
+ #
8789
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ListDistributionsByResponseHeadersPolicyIdRequest AWS API Documentation
8790
+ #
8791
+ class ListDistributionsByResponseHeadersPolicyIdRequest < Struct.new(
8792
+ :marker,
8793
+ :max_items,
8794
+ :response_headers_policy_id)
8795
+ SENSITIVE = []
8796
+ include Aws::Structure
8797
+ end
8798
+
8799
+ # @!attribute [rw] distribution_id_list
8800
+ # A list of distribution IDs.
8801
+ # @return [Types::DistributionIdList]
8802
+ #
8803
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ListDistributionsByResponseHeadersPolicyIdResult AWS API Documentation
8804
+ #
8805
+ class ListDistributionsByResponseHeadersPolicyIdResult < Struct.new(
8806
+ :distribution_id_list)
8807
+ SENSITIVE = []
8808
+ include Aws::Structure
8809
+ end
8810
+
8514
8811
  # The request to list distributions that are associated with a specified
8515
8812
  # WAF web ACL.
8516
8813
  #
@@ -8863,8 +9160,8 @@ module Aws::CloudFront
8863
9160
  # * `managed` – Returns only the managed policies created by Amazon
8864
9161
  # Web Services.
8865
9162
  #
8866
- # * `custom` – Returns only the custom policies created in your
8867
- # account.
9163
+ # * `custom` – Returns only the custom policies created in your Amazon
9164
+ # Web Services account.
8868
9165
  # @return [String]
8869
9166
  #
8870
9167
  # @!attribute [rw] marker
@@ -8987,6 +9284,61 @@ module Aws::CloudFront
8987
9284
  include Aws::Structure
8988
9285
  end
8989
9286
 
9287
+ # @note When making an API call, you may pass ListResponseHeadersPoliciesRequest
9288
+ # data as a hash:
9289
+ #
9290
+ # {
9291
+ # type: "managed", # accepts managed, custom
9292
+ # marker: "string",
9293
+ # max_items: 1,
9294
+ # }
9295
+ #
9296
+ # @!attribute [rw] type
9297
+ # A filter to get only the specified kind of response headers
9298
+ # policies. Valid values are:
9299
+ #
9300
+ # * `managed` – Gets only the managed policies created by Amazon Web
9301
+ # Services.
9302
+ #
9303
+ # * `custom` – Gets only the custom policies created in your Amazon
9304
+ # Web Services account.
9305
+ # @return [String]
9306
+ #
9307
+ # @!attribute [rw] marker
9308
+ # Use this field when paginating results to indicate where to begin in
9309
+ # your list of response headers policies. The response includes
9310
+ # response headers policies in the list that occur after the marker.
9311
+ # To get the next page of the list, set this field’s value to the
9312
+ # value of `NextMarker` from the current page’s response.
9313
+ # @return [String]
9314
+ #
9315
+ # @!attribute [rw] max_items
9316
+ # The maximum number of response headers policies that you want to get
9317
+ # in the response.
9318
+ # @return [Integer]
9319
+ #
9320
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ListResponseHeadersPoliciesRequest AWS API Documentation
9321
+ #
9322
+ class ListResponseHeadersPoliciesRequest < Struct.new(
9323
+ :type,
9324
+ :marker,
9325
+ :max_items)
9326
+ SENSITIVE = []
9327
+ include Aws::Structure
9328
+ end
9329
+
9330
+ # @!attribute [rw] response_headers_policy_list
9331
+ # A list of response headers policies.
9332
+ # @return [Types::ResponseHeadersPolicyList]
9333
+ #
9334
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ListResponseHeadersPoliciesResult AWS API Documentation
9335
+ #
9336
+ class ListResponseHeadersPoliciesResult < Struct.new(
9337
+ :response_headers_policy_list)
9338
+ SENSITIVE = []
9339
+ include Aws::Structure
9340
+ end
9341
+
8990
9342
  # The request to list your streaming distributions.
8991
9343
  #
8992
9344
  # @note When making an API call, you may pass ListStreamingDistributionsRequest
@@ -9315,6 +9667,19 @@ module Aws::CloudFront
9315
9667
  include Aws::Structure
9316
9668
  end
9317
9669
 
9670
+ # The response headers policy does not exist.
9671
+ #
9672
+ # @!attribute [rw] message
9673
+ # @return [String]
9674
+ #
9675
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/NoSuchResponseHeadersPolicy AWS API Documentation
9676
+ #
9677
+ class NoSuchResponseHeadersPolicy < Struct.new(
9678
+ :message)
9679
+ SENSITIVE = []
9680
+ include Aws::Structure
9681
+ end
9682
+
9318
9683
  # The specified streaming distribution does not exist.
9319
9684
  #
9320
9685
  # @!attribute [rw] message
@@ -9371,7 +9736,7 @@ module Aws::CloudFront
9371
9736
  # items: [
9372
9737
  # {
9373
9738
  # header_name: "string", # required
9374
- # header_value: "string", # required
9739
+ # header_value: "sensitiveStringType", # required
9375
9740
  # },
9376
9741
  # ],
9377
9742
  # },
@@ -9525,7 +9890,7 @@ module Aws::CloudFront
9525
9890
  #
9526
9891
  # {
9527
9892
  # header_name: "string", # required
9528
- # header_value: "string", # required
9893
+ # header_value: "sensitiveStringType", # required
9529
9894
  # }
9530
9895
  #
9531
9896
  # @!attribute [rw] header_name
@@ -9548,7 +9913,7 @@ module Aws::CloudFront
9548
9913
  class OriginCustomHeader < Struct.new(
9549
9914
  :header_name,
9550
9915
  :header_value)
9551
- SENSITIVE = []
9916
+ SENSITIVE = [:header_value]
9552
9917
  include Aws::Structure
9553
9918
  end
9554
9919
 
@@ -10066,7 +10431,8 @@ module Aws::CloudFront
10066
10431
  #
10067
10432
  # @!attribute [rw] type
10068
10433
  # The type of origin request policy, either `managed` (created by
10069
- # Amazon Web Services) or `custom` (created in this account).
10434
+ # Amazon Web Services) or `custom` (created in this Amazon Web
10435
+ # Services account).
10070
10436
  # @return [String]
10071
10437
  #
10072
10438
  # @!attribute [rw] origin_request_policy
@@ -10110,17 +10476,19 @@ module Aws::CloudFront
10110
10476
  # @return [Boolean]
10111
10477
  #
10112
10478
  # @!attribute [rw] origin_shield_region
10113
- # The Region for Origin Shield.
10479
+ # The Amazon Web Services Region for Origin Shield.
10114
10480
  #
10115
- # Specify the Region that has the lowest latency to your origin. To
10116
- # specify a region, use the region code, not the region name. For
10117
- # example, specify the US East (Ohio) region as `us-east-2`.
10481
+ # Specify the Amazon Web Services Region that has the lowest latency
10482
+ # to your origin. To specify a region, use the region code, not the
10483
+ # region name. For example, specify the US East (Ohio) region as
10484
+ # `us-east-2`.
10118
10485
  #
10119
10486
  # When you enable CloudFront Origin Shield, you must specify the
10120
- # Region for Origin Shield. For the list of Regions that you can
10121
- # specify, and for help choosing the best Region for your origin, see
10122
- # [Choosing the Region for Origin Shield][1] in the *Amazon CloudFront
10123
- # Developer Guide*.
10487
+ # Amazon Web Services Region for Origin Shield. For the list of Amazon
10488
+ # Web Services Regions that you can specify, and for help choosing the
10489
+ # best Region for your origin, see [Choosing the Amazon Web Services
10490
+ # Region for Origin Shield][1] in the *Amazon CloudFront Developer
10491
+ # Guide*.
10124
10492
  #
10125
10493
  #
10126
10494
  #
@@ -10184,7 +10552,7 @@ module Aws::CloudFront
10184
10552
  # items: [
10185
10553
  # {
10186
10554
  # header_name: "string", # required
10187
- # header_value: "string", # required
10555
+ # header_value: "sensitiveStringType", # required
10188
10556
  # },
10189
10557
  # ],
10190
10558
  # },
@@ -10918,7 +11286,7 @@ module Aws::CloudFront
10918
11286
  end
10919
11287
 
10920
11288
  # The specified real-time log configuration belongs to a different
10921
- # account.
11289
+ # Amazon Web Services account.
10922
11290
  #
10923
11291
  # @!attribute [rw] message
10924
11292
  # @return [String]
@@ -11006,44 +11374,1092 @@ module Aws::CloudFront
11006
11374
  include Aws::Structure
11007
11375
  end
11008
11376
 
11009
- # A complex type that identifies ways in which you want to restrict
11010
- # distribution of your content.
11377
+ # A response headers policy.
11011
11378
  #
11012
- # @note When making an API call, you may pass Restrictions
11013
- # data as a hash:
11379
+ # A response headers policy contains information about a set of HTTP
11380
+ # response headers and their values.
11014
11381
  #
11015
- # {
11016
- # geo_restriction: { # required
11017
- # restriction_type: "blacklist", # required, accepts blacklist, whitelist, none
11018
- # quantity: 1, # required
11019
- # items: ["string"],
11020
- # },
11021
- # }
11382
+ # After you create a response headers policy, you can use its ID to
11383
+ # attach it to one or more cache behaviors in a CloudFront distribution.
11384
+ # When it’s attached to a cache behavior, CloudFront adds the headers in
11385
+ # the policy to HTTP responses that it sends for requests that match the
11386
+ # cache behavior.
11022
11387
  #
11023
- # @!attribute [rw] geo_restriction
11024
- # A complex type that controls the countries in which your content is
11025
- # distributed. CloudFront determines the location of your users using
11026
- # `MaxMind` GeoIP databases.
11027
- # @return [Types::GeoRestriction]
11388
+ # For more information, see [Adding HTTP headers to CloudFront
11389
+ # responses][1] in the *Amazon CloudFront Developer Guide*.
11028
11390
  #
11029
- # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/Restrictions AWS API Documentation
11030
11391
  #
11031
- class Restrictions < Struct.new(
11032
- :geo_restriction)
11033
- SENSITIVE = []
11034
- include Aws::Structure
11035
- end
11036
-
11037
- # A complex type that contains information about the Amazon S3 bucket
11038
- # from which you want CloudFront to get your media files for
11039
- # distribution.
11040
11392
  #
11041
- # @note When making an API call, you may pass S3Origin
11042
- # data as a hash:
11393
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/adding-response-headers.html
11043
11394
  #
11044
- # {
11045
- # domain_name: "string", # required
11046
- # origin_access_identity: "string", # required
11395
+ # @!attribute [rw] id
11396
+ # The identifier for the response headers policy.
11397
+ # @return [String]
11398
+ #
11399
+ # @!attribute [rw] last_modified_time
11400
+ # The date and time when the response headers policy was last
11401
+ # modified.
11402
+ # @return [Time]
11403
+ #
11404
+ # @!attribute [rw] response_headers_policy_config
11405
+ # A response headers policy configuration.
11406
+ #
11407
+ # A response headers policy contains information about a set of HTTP
11408
+ # response headers and their values. CloudFront adds the headers in
11409
+ # the policy to HTTP responses that it sends for requests that match a
11410
+ # cache behavior that’s associated with the policy.
11411
+ # @return [Types::ResponseHeadersPolicyConfig]
11412
+ #
11413
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ResponseHeadersPolicy AWS API Documentation
11414
+ #
11415
+ class ResponseHeadersPolicy < Struct.new(
11416
+ :id,
11417
+ :last_modified_time,
11418
+ :response_headers_policy_config)
11419
+ SENSITIVE = []
11420
+ include Aws::Structure
11421
+ end
11422
+
11423
+ # A list of HTTP header names that CloudFront includes as values for the
11424
+ # `Access-Control-Allow-Headers` HTTP response header.
11425
+ #
11426
+ # For more information about the `Access-Control-Allow-Headers` HTTP
11427
+ # response header, see [Access-Control-Allow-Headers][1] in the MDN Web
11428
+ # Docs.
11429
+ #
11430
+ #
11431
+ #
11432
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers
11433
+ #
11434
+ # @note When making an API call, you may pass ResponseHeadersPolicyAccessControlAllowHeaders
11435
+ # data as a hash:
11436
+ #
11437
+ # {
11438
+ # quantity: 1, # required
11439
+ # items: ["string"], # required
11440
+ # }
11441
+ #
11442
+ # @!attribute [rw] quantity
11443
+ # The number of HTTP header names in the list.
11444
+ # @return [Integer]
11445
+ #
11446
+ # @!attribute [rw] items
11447
+ # The list of HTTP header names. You can specify `*` to allow all
11448
+ # headers.
11449
+ # @return [Array<String>]
11450
+ #
11451
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ResponseHeadersPolicyAccessControlAllowHeaders AWS API Documentation
11452
+ #
11453
+ class ResponseHeadersPolicyAccessControlAllowHeaders < Struct.new(
11454
+ :quantity,
11455
+ :items)
11456
+ SENSITIVE = []
11457
+ include Aws::Structure
11458
+ end
11459
+
11460
+ # A list of HTTP methods that CloudFront includes as values for the
11461
+ # `Access-Control-Allow-Methods` HTTP response header.
11462
+ #
11463
+ # For more information about the `Access-Control-Allow-Methods` HTTP
11464
+ # response header, see [Access-Control-Allow-Methods][1] in the MDN Web
11465
+ # Docs.
11466
+ #
11467
+ #
11468
+ #
11469
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods
11470
+ #
11471
+ # @note When making an API call, you may pass ResponseHeadersPolicyAccessControlAllowMethods
11472
+ # data as a hash:
11473
+ #
11474
+ # {
11475
+ # quantity: 1, # required
11476
+ # items: ["GET"], # required, accepts GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD, ALL
11477
+ # }
11478
+ #
11479
+ # @!attribute [rw] quantity
11480
+ # The number of HTTP methods in the list.
11481
+ # @return [Integer]
11482
+ #
11483
+ # @!attribute [rw] items
11484
+ # The list of HTTP methods. Valid values are:
11485
+ #
11486
+ # * `GET`
11487
+ #
11488
+ # * `DELETE`
11489
+ #
11490
+ # * `HEAD`
11491
+ #
11492
+ # * `OPTIONS`
11493
+ #
11494
+ # * `PATCH`
11495
+ #
11496
+ # * `POST`
11497
+ #
11498
+ # * `PUT`
11499
+ #
11500
+ # * `ALL`
11501
+ #
11502
+ # `ALL` is a special value that includes all of the listed HTTP
11503
+ # methods.
11504
+ # @return [Array<String>]
11505
+ #
11506
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ResponseHeadersPolicyAccessControlAllowMethods AWS API Documentation
11507
+ #
11508
+ class ResponseHeadersPolicyAccessControlAllowMethods < Struct.new(
11509
+ :quantity,
11510
+ :items)
11511
+ SENSITIVE = []
11512
+ include Aws::Structure
11513
+ end
11514
+
11515
+ # A list of origins (domain names) that CloudFront can use as the value
11516
+ # for the `Access-Control-Allow-Origin` HTTP response header.
11517
+ #
11518
+ # For more information about the `Access-Control-Allow-Origin` HTTP
11519
+ # response header, see [Access-Control-Allow-Origin][1] in the MDN Web
11520
+ # Docs.
11521
+ #
11522
+ #
11523
+ #
11524
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
11525
+ #
11526
+ # @note When making an API call, you may pass ResponseHeadersPolicyAccessControlAllowOrigins
11527
+ # data as a hash:
11528
+ #
11529
+ # {
11530
+ # quantity: 1, # required
11531
+ # items: ["string"], # required
11532
+ # }
11533
+ #
11534
+ # @!attribute [rw] quantity
11535
+ # The number of origins in the list.
11536
+ # @return [Integer]
11537
+ #
11538
+ # @!attribute [rw] items
11539
+ # The list of origins (domain names). You can specify `*` to allow all
11540
+ # origins.
11541
+ # @return [Array<String>]
11542
+ #
11543
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ResponseHeadersPolicyAccessControlAllowOrigins AWS API Documentation
11544
+ #
11545
+ class ResponseHeadersPolicyAccessControlAllowOrigins < Struct.new(
11546
+ :quantity,
11547
+ :items)
11548
+ SENSITIVE = []
11549
+ include Aws::Structure
11550
+ end
11551
+
11552
+ # A list of HTTP headers that CloudFront includes as values for the
11553
+ # `Access-Control-Expose-Headers` HTTP response header.
11554
+ #
11555
+ # For more information about the `Access-Control-Expose-Headers` HTTP
11556
+ # response header, see [Access-Control-Expose-Headers][1] in the MDN Web
11557
+ # Docs.
11558
+ #
11559
+ #
11560
+ #
11561
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers
11562
+ #
11563
+ # @note When making an API call, you may pass ResponseHeadersPolicyAccessControlExposeHeaders
11564
+ # data as a hash:
11565
+ #
11566
+ # {
11567
+ # quantity: 1, # required
11568
+ # items: ["string"],
11569
+ # }
11570
+ #
11571
+ # @!attribute [rw] quantity
11572
+ # The number of HTTP headers in the list.
11573
+ # @return [Integer]
11574
+ #
11575
+ # @!attribute [rw] items
11576
+ # The list of HTTP headers. You can specify `*` to expose all headers.
11577
+ # @return [Array<String>]
11578
+ #
11579
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ResponseHeadersPolicyAccessControlExposeHeaders AWS API Documentation
11580
+ #
11581
+ class ResponseHeadersPolicyAccessControlExposeHeaders < Struct.new(
11582
+ :quantity,
11583
+ :items)
11584
+ SENSITIVE = []
11585
+ include Aws::Structure
11586
+ end
11587
+
11588
+ # A response headers policy with this name already exists. You must
11589
+ # provide a unique name. To modify an existing response headers policy,
11590
+ # use `UpdateResponseHeadersPolicy`.
11591
+ #
11592
+ # @!attribute [rw] message
11593
+ # @return [String]
11594
+ #
11595
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ResponseHeadersPolicyAlreadyExists AWS API Documentation
11596
+ #
11597
+ class ResponseHeadersPolicyAlreadyExists < Struct.new(
11598
+ :message)
11599
+ SENSITIVE = []
11600
+ include Aws::Structure
11601
+ end
11602
+
11603
+ # A response headers policy configuration.
11604
+ #
11605
+ # A response headers policy configuration contains metadata about the
11606
+ # response headers policy, and configurations for sets of HTTP response
11607
+ # headers and their values. CloudFront adds the headers in the policy to
11608
+ # HTTP responses that it sends for requests that match a cache behavior
11609
+ # associated with the policy.
11610
+ #
11611
+ # @note When making an API call, you may pass ResponseHeadersPolicyConfig
11612
+ # data as a hash:
11613
+ #
11614
+ # {
11615
+ # comment: "string",
11616
+ # name: "string", # required
11617
+ # cors_config: {
11618
+ # access_control_allow_origins: { # required
11619
+ # quantity: 1, # required
11620
+ # items: ["string"], # required
11621
+ # },
11622
+ # access_control_allow_headers: { # required
11623
+ # quantity: 1, # required
11624
+ # items: ["string"], # required
11625
+ # },
11626
+ # access_control_allow_methods: { # required
11627
+ # quantity: 1, # required
11628
+ # items: ["GET"], # required, accepts GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD, ALL
11629
+ # },
11630
+ # access_control_allow_credentials: false, # required
11631
+ # access_control_expose_headers: {
11632
+ # quantity: 1, # required
11633
+ # items: ["string"],
11634
+ # },
11635
+ # access_control_max_age_sec: 1,
11636
+ # origin_override: false, # required
11637
+ # },
11638
+ # security_headers_config: {
11639
+ # xss_protection: {
11640
+ # override: false, # required
11641
+ # protection: false, # required
11642
+ # mode_block: false,
11643
+ # report_uri: "string",
11644
+ # },
11645
+ # frame_options: {
11646
+ # override: false, # required
11647
+ # frame_option: "DENY", # required, accepts DENY, SAMEORIGIN
11648
+ # },
11649
+ # referrer_policy: {
11650
+ # override: false, # required
11651
+ # referrer_policy: "no-referrer", # required, accepts no-referrer, no-referrer-when-downgrade, origin, origin-when-cross-origin, same-origin, strict-origin, strict-origin-when-cross-origin, unsafe-url
11652
+ # },
11653
+ # content_security_policy: {
11654
+ # override: false, # required
11655
+ # content_security_policy: "string", # required
11656
+ # },
11657
+ # content_type_options: {
11658
+ # override: false, # required
11659
+ # },
11660
+ # strict_transport_security: {
11661
+ # override: false, # required
11662
+ # include_subdomains: false,
11663
+ # preload: false,
11664
+ # access_control_max_age_sec: 1, # required
11665
+ # },
11666
+ # },
11667
+ # custom_headers_config: {
11668
+ # quantity: 1, # required
11669
+ # items: [
11670
+ # {
11671
+ # header: "string", # required
11672
+ # value: "string", # required
11673
+ # override: false, # required
11674
+ # },
11675
+ # ],
11676
+ # },
11677
+ # }
11678
+ #
11679
+ # @!attribute [rw] comment
11680
+ # A comment to describe the response headers policy.
11681
+ #
11682
+ # The comment cannot be longer than 128 characters.
11683
+ # @return [String]
11684
+ #
11685
+ # @!attribute [rw] name
11686
+ # A name to identify the response headers policy.
11687
+ #
11688
+ # The name must be unique for response headers policies in this Amazon
11689
+ # Web Services account.
11690
+ # @return [String]
11691
+ #
11692
+ # @!attribute [rw] cors_config
11693
+ # A configuration for a set of HTTP response headers that are used for
11694
+ # cross-origin resource sharing (CORS).
11695
+ # @return [Types::ResponseHeadersPolicyCorsConfig]
11696
+ #
11697
+ # @!attribute [rw] security_headers_config
11698
+ # A configuration for a set of security-related HTTP response headers.
11699
+ # @return [Types::ResponseHeadersPolicySecurityHeadersConfig]
11700
+ #
11701
+ # @!attribute [rw] custom_headers_config
11702
+ # A configuration for a set of custom HTTP response headers.
11703
+ # @return [Types::ResponseHeadersPolicyCustomHeadersConfig]
11704
+ #
11705
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ResponseHeadersPolicyConfig AWS API Documentation
11706
+ #
11707
+ class ResponseHeadersPolicyConfig < Struct.new(
11708
+ :comment,
11709
+ :name,
11710
+ :cors_config,
11711
+ :security_headers_config,
11712
+ :custom_headers_config)
11713
+ SENSITIVE = []
11714
+ include Aws::Structure
11715
+ end
11716
+
11717
+ # The policy directives and their values that CloudFront includes as
11718
+ # values for the `Content-Security-Policy` HTTP response header.
11719
+ #
11720
+ # For more information about the `Content-Security-Policy` HTTP response
11721
+ # header, see [Content-Security-Policy][1] in the MDN Web Docs.
11722
+ #
11723
+ #
11724
+ #
11725
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
11726
+ #
11727
+ # @note When making an API call, you may pass ResponseHeadersPolicyContentSecurityPolicy
11728
+ # data as a hash:
11729
+ #
11730
+ # {
11731
+ # override: false, # required
11732
+ # content_security_policy: "string", # required
11733
+ # }
11734
+ #
11735
+ # @!attribute [rw] override
11736
+ # A Boolean that determines whether CloudFront overrides the
11737
+ # `Content-Security-Policy` HTTP response header received from the
11738
+ # origin with the one specified in this response headers policy.
11739
+ # @return [Boolean]
11740
+ #
11741
+ # @!attribute [rw] content_security_policy
11742
+ # The policy directives and their values that CloudFront includes as
11743
+ # values for the `Content-Security-Policy` HTTP response header.
11744
+ # @return [String]
11745
+ #
11746
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ResponseHeadersPolicyContentSecurityPolicy AWS API Documentation
11747
+ #
11748
+ class ResponseHeadersPolicyContentSecurityPolicy < Struct.new(
11749
+ :override,
11750
+ :content_security_policy)
11751
+ SENSITIVE = []
11752
+ include Aws::Structure
11753
+ end
11754
+
11755
+ # Determines whether CloudFront includes the `X-Content-Type-Options`
11756
+ # HTTP response header with its value set to `nosniff`.
11757
+ #
11758
+ # For more information about the `X-Content-Type-Options` HTTP response
11759
+ # header, see [X-Content-Type-Options][1] in the MDN Web Docs.
11760
+ #
11761
+ #
11762
+ #
11763
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
11764
+ #
11765
+ # @note When making an API call, you may pass ResponseHeadersPolicyContentTypeOptions
11766
+ # data as a hash:
11767
+ #
11768
+ # {
11769
+ # override: false, # required
11770
+ # }
11771
+ #
11772
+ # @!attribute [rw] override
11773
+ # A Boolean that determines whether CloudFront overrides the
11774
+ # `X-Content-Type-Options` HTTP response header received from the
11775
+ # origin with the one specified in this response headers policy.
11776
+ # @return [Boolean]
11777
+ #
11778
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ResponseHeadersPolicyContentTypeOptions AWS API Documentation
11779
+ #
11780
+ class ResponseHeadersPolicyContentTypeOptions < Struct.new(
11781
+ :override)
11782
+ SENSITIVE = []
11783
+ include Aws::Structure
11784
+ end
11785
+
11786
+ # A configuration for a set of HTTP response headers that are used for
11787
+ # cross-origin resource sharing (CORS). CloudFront adds these headers to
11788
+ # HTTP responses that it sends for CORS requests that match a cache
11789
+ # behavior associated with this response headers policy.
11790
+ #
11791
+ # For more information about CORS, see [Cross-Origin Resource Sharing
11792
+ # (CORS)][1] in the MDN Web Docs.
11793
+ #
11794
+ #
11795
+ #
11796
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
11797
+ #
11798
+ # @note When making an API call, you may pass ResponseHeadersPolicyCorsConfig
11799
+ # data as a hash:
11800
+ #
11801
+ # {
11802
+ # access_control_allow_origins: { # required
11803
+ # quantity: 1, # required
11804
+ # items: ["string"], # required
11805
+ # },
11806
+ # access_control_allow_headers: { # required
11807
+ # quantity: 1, # required
11808
+ # items: ["string"], # required
11809
+ # },
11810
+ # access_control_allow_methods: { # required
11811
+ # quantity: 1, # required
11812
+ # items: ["GET"], # required, accepts GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD, ALL
11813
+ # },
11814
+ # access_control_allow_credentials: false, # required
11815
+ # access_control_expose_headers: {
11816
+ # quantity: 1, # required
11817
+ # items: ["string"],
11818
+ # },
11819
+ # access_control_max_age_sec: 1,
11820
+ # origin_override: false, # required
11821
+ # }
11822
+ #
11823
+ # @!attribute [rw] access_control_allow_origins
11824
+ # A list of origins (domain names) that CloudFront can use as the
11825
+ # value for the `Access-Control-Allow-Origin` HTTP response header.
11826
+ #
11827
+ # For more information about the `Access-Control-Allow-Origin` HTTP
11828
+ # response header, see [Access-Control-Allow-Origin][1] in the MDN Web
11829
+ # Docs.
11830
+ #
11831
+ #
11832
+ #
11833
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
11834
+ # @return [Types::ResponseHeadersPolicyAccessControlAllowOrigins]
11835
+ #
11836
+ # @!attribute [rw] access_control_allow_headers
11837
+ # A list of HTTP header names that CloudFront includes as values for
11838
+ # the `Access-Control-Allow-Headers` HTTP response header.
11839
+ #
11840
+ # For more information about the `Access-Control-Allow-Headers` HTTP
11841
+ # response header, see [Access-Control-Allow-Headers][1] in the MDN
11842
+ # Web Docs.
11843
+ #
11844
+ #
11845
+ #
11846
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers
11847
+ # @return [Types::ResponseHeadersPolicyAccessControlAllowHeaders]
11848
+ #
11849
+ # @!attribute [rw] access_control_allow_methods
11850
+ # A list of HTTP methods that CloudFront includes as values for the
11851
+ # `Access-Control-Allow-Methods` HTTP response header.
11852
+ #
11853
+ # For more information about the `Access-Control-Allow-Methods` HTTP
11854
+ # response header, see [Access-Control-Allow-Methods][1] in the MDN
11855
+ # Web Docs.
11856
+ #
11857
+ #
11858
+ #
11859
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods
11860
+ # @return [Types::ResponseHeadersPolicyAccessControlAllowMethods]
11861
+ #
11862
+ # @!attribute [rw] access_control_allow_credentials
11863
+ # A Boolean that CloudFront uses as the value for the
11864
+ # `Access-Control-Allow-Credentials` HTTP response header.
11865
+ #
11866
+ # For more information about the `Access-Control-Allow-Credentials`
11867
+ # HTTP response header, see [Access-Control-Allow-Credentials][1] in
11868
+ # the MDN Web Docs.
11869
+ #
11870
+ #
11871
+ #
11872
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials
11873
+ # @return [Boolean]
11874
+ #
11875
+ # @!attribute [rw] access_control_expose_headers
11876
+ # A list of HTTP headers that CloudFront includes as values for the
11877
+ # `Access-Control-Expose-Headers` HTTP response header.
11878
+ #
11879
+ # For more information about the `Access-Control-Expose-Headers` HTTP
11880
+ # response header, see [Access-Control-Expose-Headers][1] in the MDN
11881
+ # Web Docs.
11882
+ #
11883
+ #
11884
+ #
11885
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers
11886
+ # @return [Types::ResponseHeadersPolicyAccessControlExposeHeaders]
11887
+ #
11888
+ # @!attribute [rw] access_control_max_age_sec
11889
+ # A number that CloudFront uses as the value for the
11890
+ # `Access-Control-Max-Age` HTTP response header.
11891
+ #
11892
+ # For more information about the `Access-Control-Max-Age` HTTP
11893
+ # response header, see [Access-Control-Max-Age][1] in the MDN Web
11894
+ # Docs.
11895
+ #
11896
+ #
11897
+ #
11898
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age
11899
+ # @return [Integer]
11900
+ #
11901
+ # @!attribute [rw] origin_override
11902
+ # A Boolean that determines whether CloudFront overrides HTTP response
11903
+ # headers received from the origin with the ones specified in this
11904
+ # response headers policy.
11905
+ # @return [Boolean]
11906
+ #
11907
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ResponseHeadersPolicyCorsConfig AWS API Documentation
11908
+ #
11909
+ class ResponseHeadersPolicyCorsConfig < Struct.new(
11910
+ :access_control_allow_origins,
11911
+ :access_control_allow_headers,
11912
+ :access_control_allow_methods,
11913
+ :access_control_allow_credentials,
11914
+ :access_control_expose_headers,
11915
+ :access_control_max_age_sec,
11916
+ :origin_override)
11917
+ SENSITIVE = []
11918
+ include Aws::Structure
11919
+ end
11920
+
11921
+ # An HTTP response header name and its value. CloudFront includes this
11922
+ # header in HTTP responses that it sends for requests that match a cache
11923
+ # behavior that’s associated with this response headers policy.
11924
+ #
11925
+ # @note When making an API call, you may pass ResponseHeadersPolicyCustomHeader
11926
+ # data as a hash:
11927
+ #
11928
+ # {
11929
+ # header: "string", # required
11930
+ # value: "string", # required
11931
+ # override: false, # required
11932
+ # }
11933
+ #
11934
+ # @!attribute [rw] header
11935
+ # The HTTP response header name.
11936
+ # @return [String]
11937
+ #
11938
+ # @!attribute [rw] value
11939
+ # The value for the HTTP response header.
11940
+ # @return [String]
11941
+ #
11942
+ # @!attribute [rw] override
11943
+ # A Boolean that determines whether CloudFront overrides a response
11944
+ # header with the same name received from the origin with the header
11945
+ # specified here.
11946
+ # @return [Boolean]
11947
+ #
11948
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ResponseHeadersPolicyCustomHeader AWS API Documentation
11949
+ #
11950
+ class ResponseHeadersPolicyCustomHeader < Struct.new(
11951
+ :header,
11952
+ :value,
11953
+ :override)
11954
+ SENSITIVE = []
11955
+ include Aws::Structure
11956
+ end
11957
+
11958
+ # A list of HTTP response header names and their values. CloudFront
11959
+ # includes these headers in HTTP responses that it sends for requests
11960
+ # that match a cache behavior that’s associated with this response
11961
+ # headers policy.
11962
+ #
11963
+ # @note When making an API call, you may pass ResponseHeadersPolicyCustomHeadersConfig
11964
+ # data as a hash:
11965
+ #
11966
+ # {
11967
+ # quantity: 1, # required
11968
+ # items: [
11969
+ # {
11970
+ # header: "string", # required
11971
+ # value: "string", # required
11972
+ # override: false, # required
11973
+ # },
11974
+ # ],
11975
+ # }
11976
+ #
11977
+ # @!attribute [rw] quantity
11978
+ # The number of HTTP response headers in the list.
11979
+ # @return [Integer]
11980
+ #
11981
+ # @!attribute [rw] items
11982
+ # The list of HTTP response headers and their values.
11983
+ # @return [Array<Types::ResponseHeadersPolicyCustomHeader>]
11984
+ #
11985
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ResponseHeadersPolicyCustomHeadersConfig AWS API Documentation
11986
+ #
11987
+ class ResponseHeadersPolicyCustomHeadersConfig < Struct.new(
11988
+ :quantity,
11989
+ :items)
11990
+ SENSITIVE = []
11991
+ include Aws::Structure
11992
+ end
11993
+
11994
+ # Determines whether CloudFront includes the `X-Frame-Options` HTTP
11995
+ # response header and the header’s value.
11996
+ #
11997
+ # For more information about the `X-Frame-Options` HTTP response header,
11998
+ # see [X-Frame-Options][1] in the MDN Web Docs.
11999
+ #
12000
+ #
12001
+ #
12002
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
12003
+ #
12004
+ # @note When making an API call, you may pass ResponseHeadersPolicyFrameOptions
12005
+ # data as a hash:
12006
+ #
12007
+ # {
12008
+ # override: false, # required
12009
+ # frame_option: "DENY", # required, accepts DENY, SAMEORIGIN
12010
+ # }
12011
+ #
12012
+ # @!attribute [rw] override
12013
+ # A Boolean that determines whether CloudFront overrides the
12014
+ # `X-Frame-Options` HTTP response header received from the origin with
12015
+ # the one specified in this response headers policy.
12016
+ # @return [Boolean]
12017
+ #
12018
+ # @!attribute [rw] frame_option
12019
+ # The value of the `X-Frame-Options` HTTP response header. Valid
12020
+ # values are `DENY` and `SAMEORIGIN`.
12021
+ #
12022
+ # For more information about these values, see [X-Frame-Options][1] in
12023
+ # the MDN Web Docs.
12024
+ #
12025
+ #
12026
+ #
12027
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
12028
+ # @return [String]
12029
+ #
12030
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ResponseHeadersPolicyFrameOptions AWS API Documentation
12031
+ #
12032
+ class ResponseHeadersPolicyFrameOptions < Struct.new(
12033
+ :override,
12034
+ :frame_option)
12035
+ SENSITIVE = []
12036
+ include Aws::Structure
12037
+ end
12038
+
12039
+ # Cannot delete the response headers policy because it is attached to
12040
+ # one or more cache behaviors in a CloudFront distribution.
12041
+ #
12042
+ # @!attribute [rw] message
12043
+ # @return [String]
12044
+ #
12045
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ResponseHeadersPolicyInUse AWS API Documentation
12046
+ #
12047
+ class ResponseHeadersPolicyInUse < Struct.new(
12048
+ :message)
12049
+ SENSITIVE = []
12050
+ include Aws::Structure
12051
+ end
12052
+
12053
+ # A list of response headers policies.
12054
+ #
12055
+ # @!attribute [rw] next_marker
12056
+ # If there are more items in the list than are in this response, this
12057
+ # element is present. It contains the value that you should use in the
12058
+ # `Marker` field of a subsequent request to continue listing response
12059
+ # headers policies where you left off.
12060
+ # @return [String]
12061
+ #
12062
+ # @!attribute [rw] max_items
12063
+ # The maximum number of response headers policies requested.
12064
+ # @return [Integer]
12065
+ #
12066
+ # @!attribute [rw] quantity
12067
+ # The number of response headers policies returned.
12068
+ # @return [Integer]
12069
+ #
12070
+ # @!attribute [rw] items
12071
+ # The response headers policies in the list.
12072
+ # @return [Array<Types::ResponseHeadersPolicySummary>]
12073
+ #
12074
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ResponseHeadersPolicyList AWS API Documentation
12075
+ #
12076
+ class ResponseHeadersPolicyList < Struct.new(
12077
+ :next_marker,
12078
+ :max_items,
12079
+ :quantity,
12080
+ :items)
12081
+ SENSITIVE = []
12082
+ include Aws::Structure
12083
+ end
12084
+
12085
+ # Determines whether CloudFront includes the `Referrer-Policy` HTTP
12086
+ # response header and the header’s value.
12087
+ #
12088
+ # For more information about the `Referrer-Policy` HTTP response header,
12089
+ # see [Referrer-Policy][1] in the MDN Web Docs.
12090
+ #
12091
+ #
12092
+ #
12093
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
12094
+ #
12095
+ # @note When making an API call, you may pass ResponseHeadersPolicyReferrerPolicy
12096
+ # data as a hash:
12097
+ #
12098
+ # {
12099
+ # override: false, # required
12100
+ # referrer_policy: "no-referrer", # required, accepts no-referrer, no-referrer-when-downgrade, origin, origin-when-cross-origin, same-origin, strict-origin, strict-origin-when-cross-origin, unsafe-url
12101
+ # }
12102
+ #
12103
+ # @!attribute [rw] override
12104
+ # A Boolean that determines whether CloudFront overrides the
12105
+ # `Referrer-Policy` HTTP response header received from the origin with
12106
+ # the one specified in this response headers policy.
12107
+ # @return [Boolean]
12108
+ #
12109
+ # @!attribute [rw] referrer_policy
12110
+ # The value of the `Referrer-Policy` HTTP response header. Valid
12111
+ # values are:
12112
+ #
12113
+ # * `no-referrer`
12114
+ #
12115
+ # * `no-referrer-when-downgrade`
12116
+ #
12117
+ # * `origin`
12118
+ #
12119
+ # * `origin-when-cross-origin`
12120
+ #
12121
+ # * `same-origin`
12122
+ #
12123
+ # * `strict-origin`
12124
+ #
12125
+ # * `strict-origin-when-cross-origin`
12126
+ #
12127
+ # * `unsafe-url`
12128
+ #
12129
+ # For more information about these values, see [Referrer-Policy][1] in
12130
+ # the MDN Web Docs.
12131
+ #
12132
+ #
12133
+ #
12134
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
12135
+ # @return [String]
12136
+ #
12137
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ResponseHeadersPolicyReferrerPolicy AWS API Documentation
12138
+ #
12139
+ class ResponseHeadersPolicyReferrerPolicy < Struct.new(
12140
+ :override,
12141
+ :referrer_policy)
12142
+ SENSITIVE = []
12143
+ include Aws::Structure
12144
+ end
12145
+
12146
+ # A configuration for a set of security-related HTTP response headers.
12147
+ # CloudFront adds these headers to HTTP responses that it sends for
12148
+ # requests that match a cache behavior associated with this response
12149
+ # headers policy.
12150
+ #
12151
+ # @note When making an API call, you may pass ResponseHeadersPolicySecurityHeadersConfig
12152
+ # data as a hash:
12153
+ #
12154
+ # {
12155
+ # xss_protection: {
12156
+ # override: false, # required
12157
+ # protection: false, # required
12158
+ # mode_block: false,
12159
+ # report_uri: "string",
12160
+ # },
12161
+ # frame_options: {
12162
+ # override: false, # required
12163
+ # frame_option: "DENY", # required, accepts DENY, SAMEORIGIN
12164
+ # },
12165
+ # referrer_policy: {
12166
+ # override: false, # required
12167
+ # referrer_policy: "no-referrer", # required, accepts no-referrer, no-referrer-when-downgrade, origin, origin-when-cross-origin, same-origin, strict-origin, strict-origin-when-cross-origin, unsafe-url
12168
+ # },
12169
+ # content_security_policy: {
12170
+ # override: false, # required
12171
+ # content_security_policy: "string", # required
12172
+ # },
12173
+ # content_type_options: {
12174
+ # override: false, # required
12175
+ # },
12176
+ # strict_transport_security: {
12177
+ # override: false, # required
12178
+ # include_subdomains: false,
12179
+ # preload: false,
12180
+ # access_control_max_age_sec: 1, # required
12181
+ # },
12182
+ # }
12183
+ #
12184
+ # @!attribute [rw] xss_protection
12185
+ # Determines whether CloudFront includes the `X-XSS-Protection` HTTP
12186
+ # response header and the header’s value.
12187
+ #
12188
+ # For more information about the `X-XSS-Protection` HTTP response
12189
+ # header, see [X-XSS-Protection][1] in the MDN Web Docs.
12190
+ #
12191
+ #
12192
+ #
12193
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
12194
+ # @return [Types::ResponseHeadersPolicyXSSProtection]
12195
+ #
12196
+ # @!attribute [rw] frame_options
12197
+ # Determines whether CloudFront includes the `X-Frame-Options` HTTP
12198
+ # response header and the header’s value.
12199
+ #
12200
+ # For more information about the `X-Frame-Options` HTTP response
12201
+ # header, see [X-Frame-Options][1] in the MDN Web Docs.
12202
+ #
12203
+ #
12204
+ #
12205
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
12206
+ # @return [Types::ResponseHeadersPolicyFrameOptions]
12207
+ #
12208
+ # @!attribute [rw] referrer_policy
12209
+ # Determines whether CloudFront includes the `Referrer-Policy` HTTP
12210
+ # response header and the header’s value.
12211
+ #
12212
+ # For more information about the `Referrer-Policy` HTTP response
12213
+ # header, see [Referrer-Policy][1] in the MDN Web Docs.
12214
+ #
12215
+ #
12216
+ #
12217
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
12218
+ # @return [Types::ResponseHeadersPolicyReferrerPolicy]
12219
+ #
12220
+ # @!attribute [rw] content_security_policy
12221
+ # The policy directives and their values that CloudFront includes as
12222
+ # values for the `Content-Security-Policy` HTTP response header.
12223
+ #
12224
+ # For more information about the `Content-Security-Policy` HTTP
12225
+ # response header, see [Content-Security-Policy][1] in the MDN Web
12226
+ # Docs.
12227
+ #
12228
+ #
12229
+ #
12230
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
12231
+ # @return [Types::ResponseHeadersPolicyContentSecurityPolicy]
12232
+ #
12233
+ # @!attribute [rw] content_type_options
12234
+ # Determines whether CloudFront includes the `X-Content-Type-Options`
12235
+ # HTTP response header with its value set to `nosniff`.
12236
+ #
12237
+ # For more information about the `X-Content-Type-Options` HTTP
12238
+ # response header, see [X-Content-Type-Options][1] in the MDN Web
12239
+ # Docs.
12240
+ #
12241
+ #
12242
+ #
12243
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
12244
+ # @return [Types::ResponseHeadersPolicyContentTypeOptions]
12245
+ #
12246
+ # @!attribute [rw] strict_transport_security
12247
+ # Determines whether CloudFront includes the
12248
+ # `Strict-Transport-Security` HTTP response header and the header’s
12249
+ # value.
12250
+ #
12251
+ # For more information about the `Strict-Transport-Security` HTTP
12252
+ # response header, see [Strict-Transport-Security][1] in the MDN Web
12253
+ # Docs.
12254
+ #
12255
+ #
12256
+ #
12257
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
12258
+ # @return [Types::ResponseHeadersPolicyStrictTransportSecurity]
12259
+ #
12260
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ResponseHeadersPolicySecurityHeadersConfig AWS API Documentation
12261
+ #
12262
+ class ResponseHeadersPolicySecurityHeadersConfig < Struct.new(
12263
+ :xss_protection,
12264
+ :frame_options,
12265
+ :referrer_policy,
12266
+ :content_security_policy,
12267
+ :content_type_options,
12268
+ :strict_transport_security)
12269
+ SENSITIVE = []
12270
+ include Aws::Structure
12271
+ end
12272
+
12273
+ # Determines whether CloudFront includes the `Strict-Transport-Security`
12274
+ # HTTP response header and the header’s value.
12275
+ #
12276
+ # For more information about the `Strict-Transport-Security` HTTP
12277
+ # response header, see [Strict-Transport-Security][1] in the MDN Web
12278
+ # Docs.
12279
+ #
12280
+ #
12281
+ #
12282
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
12283
+ #
12284
+ # @note When making an API call, you may pass ResponseHeadersPolicyStrictTransportSecurity
12285
+ # data as a hash:
12286
+ #
12287
+ # {
12288
+ # override: false, # required
12289
+ # include_subdomains: false,
12290
+ # preload: false,
12291
+ # access_control_max_age_sec: 1, # required
12292
+ # }
12293
+ #
12294
+ # @!attribute [rw] override
12295
+ # A Boolean that determines whether CloudFront overrides the
12296
+ # `Strict-Transport-Security` HTTP response header received from the
12297
+ # origin with the one specified in this response headers policy.
12298
+ # @return [Boolean]
12299
+ #
12300
+ # @!attribute [rw] include_subdomains
12301
+ # A Boolean that determines whether CloudFront includes the
12302
+ # `includeSubDomains` directive in the `Strict-Transport-Security`
12303
+ # HTTP response header.
12304
+ # @return [Boolean]
12305
+ #
12306
+ # @!attribute [rw] preload
12307
+ # A Boolean that determines whether CloudFront includes the `preload`
12308
+ # directive in the `Strict-Transport-Security` HTTP response header.
12309
+ # @return [Boolean]
12310
+ #
12311
+ # @!attribute [rw] access_control_max_age_sec
12312
+ # A number that CloudFront uses as the value for the `max-age`
12313
+ # directive in the `Strict-Transport-Security` HTTP response header.
12314
+ # @return [Integer]
12315
+ #
12316
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ResponseHeadersPolicyStrictTransportSecurity AWS API Documentation
12317
+ #
12318
+ class ResponseHeadersPolicyStrictTransportSecurity < Struct.new(
12319
+ :override,
12320
+ :include_subdomains,
12321
+ :preload,
12322
+ :access_control_max_age_sec)
12323
+ SENSITIVE = []
12324
+ include Aws::Structure
12325
+ end
12326
+
12327
+ # Contains a response headers policy.
12328
+ #
12329
+ # @!attribute [rw] type
12330
+ # The type of response headers policy, either `managed` (created by
12331
+ # Amazon Web Services) or `custom` (created in this Amazon Web
12332
+ # Services account).
12333
+ # @return [String]
12334
+ #
12335
+ # @!attribute [rw] response_headers_policy
12336
+ # The response headers policy.
12337
+ # @return [Types::ResponseHeadersPolicy]
12338
+ #
12339
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ResponseHeadersPolicySummary AWS API Documentation
12340
+ #
12341
+ class ResponseHeadersPolicySummary < Struct.new(
12342
+ :type,
12343
+ :response_headers_policy)
12344
+ SENSITIVE = []
12345
+ include Aws::Structure
12346
+ end
12347
+
12348
+ # Determines whether CloudFront includes the `X-XSS-Protection` HTTP
12349
+ # response header and the header’s value.
12350
+ #
12351
+ # For more information about the `X-XSS-Protection` HTTP response
12352
+ # header, see [X-XSS-Protection][1] in the MDN Web Docs.
12353
+ #
12354
+ #
12355
+ #
12356
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
12357
+ #
12358
+ # @note When making an API call, you may pass ResponseHeadersPolicyXSSProtection
12359
+ # data as a hash:
12360
+ #
12361
+ # {
12362
+ # override: false, # required
12363
+ # protection: false, # required
12364
+ # mode_block: false,
12365
+ # report_uri: "string",
12366
+ # }
12367
+ #
12368
+ # @!attribute [rw] override
12369
+ # A Boolean that determines whether CloudFront overrides the
12370
+ # `X-XSS-Protection` HTTP response header received from the origin
12371
+ # with the one specified in this response headers policy.
12372
+ # @return [Boolean]
12373
+ #
12374
+ # @!attribute [rw] protection
12375
+ # A Boolean that determines the value of the `X-XSS-Protection` HTTP
12376
+ # response header. When this setting is `true`, the value of the
12377
+ # `X-XSS-Protection` header is `1`. When this setting is `false`, the
12378
+ # value of the `X-XSS-Protection` header is `0`.
12379
+ #
12380
+ # For more information about these settings, see [X-XSS-Protection][1]
12381
+ # in the MDN Web Docs.
12382
+ #
12383
+ #
12384
+ #
12385
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
12386
+ # @return [Boolean]
12387
+ #
12388
+ # @!attribute [rw] mode_block
12389
+ # A Boolean that determines whether CloudFront includes the
12390
+ # `mode=block` directive in the `X-XSS-Protection` header.
12391
+ #
12392
+ # For more information about this directive, see [X-XSS-Protection][1]
12393
+ # in the MDN Web Docs.
12394
+ #
12395
+ #
12396
+ #
12397
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
12398
+ # @return [Boolean]
12399
+ #
12400
+ # @!attribute [rw] report_uri
12401
+ # A reporting URI, which CloudFront uses as the value of the `report`
12402
+ # directive in the `X-XSS-Protection` header.
12403
+ #
12404
+ # You cannot specify a `ReportUri` when `ModeBlock` is `true`.
12405
+ #
12406
+ # For more information about using a reporting URL, see
12407
+ # [X-XSS-Protection][1] in the MDN Web Docs.
12408
+ #
12409
+ #
12410
+ #
12411
+ # [1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
12412
+ # @return [String]
12413
+ #
12414
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ResponseHeadersPolicyXSSProtection AWS API Documentation
12415
+ #
12416
+ class ResponseHeadersPolicyXSSProtection < Struct.new(
12417
+ :override,
12418
+ :protection,
12419
+ :mode_block,
12420
+ :report_uri)
12421
+ SENSITIVE = []
12422
+ include Aws::Structure
12423
+ end
12424
+
12425
+ # A complex type that identifies ways in which you want to restrict
12426
+ # distribution of your content.
12427
+ #
12428
+ # @note When making an API call, you may pass Restrictions
12429
+ # data as a hash:
12430
+ #
12431
+ # {
12432
+ # geo_restriction: { # required
12433
+ # restriction_type: "blacklist", # required, accepts blacklist, whitelist, none
12434
+ # quantity: 1, # required
12435
+ # items: ["string"],
12436
+ # },
12437
+ # }
12438
+ #
12439
+ # @!attribute [rw] geo_restriction
12440
+ # A complex type that controls the countries in which your content is
12441
+ # distributed. CloudFront determines the location of your users using
12442
+ # `MaxMind` GeoIP databases.
12443
+ # @return [Types::GeoRestriction]
12444
+ #
12445
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/Restrictions AWS API Documentation
12446
+ #
12447
+ class Restrictions < Struct.new(
12448
+ :geo_restriction)
12449
+ SENSITIVE = []
12450
+ include Aws::Structure
12451
+ end
12452
+
12453
+ # A complex type that contains information about the Amazon S3 bucket
12454
+ # from which you want CloudFront to get your media files for
12455
+ # distribution.
12456
+ #
12457
+ # @note When making an API call, you may pass S3Origin
12458
+ # data as a hash:
12459
+ #
12460
+ # {
12461
+ # domain_name: "string", # required
12462
+ # origin_access_identity: "string", # required
11047
12463
  # }
11048
12464
  #
11049
12465
  # @!attribute [rw] domain_name
@@ -11136,16 +12552,16 @@ module Aws::CloudFront
11136
12552
  include Aws::Structure
11137
12553
  end
11138
12554
 
11139
- # A list of accounts and the active CloudFront key pairs in each account
11140
- # that CloudFront can use to verify the signatures of signed URLs and
11141
- # signed cookies.
12555
+ # A list of Amazon Web Services accounts and the active CloudFront key
12556
+ # pairs in each account that CloudFront can use to verify the signatures
12557
+ # of signed URLs and signed cookies.
11142
12558
  #
11143
12559
  # @!attribute [rw] aws_account_number
11144
- # An account number that contains active CloudFront key pairs that
11145
- # CloudFront can use to verify the signatures of signed URLs and
11146
- # signed cookies. If the account that owns the key pairs is the same
11147
- # account that owns the CloudFront distribution, the value of this
11148
- # field is `self`.
12560
+ # An Amazon Web Services account number that contains active
12561
+ # CloudFront key pairs that CloudFront can use to verify the
12562
+ # signatures of signed URLs and signed cookies. If the Amazon Web
12563
+ # Services account that owns the key pairs is the same account that
12564
+ # owns the CloudFront distribution, the value of this field is `self`.
11149
12565
  # @return [String]
11150
12566
  #
11151
12567
  # @!attribute [rw] key_pair_ids
@@ -11202,7 +12618,7 @@ module Aws::CloudFront
11202
12618
  # @!attribute [rw] arn
11203
12619
  # The ARN (Amazon Resource Name) for the distribution. For example:
11204
12620
  # `arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5`,
11205
- # where `123456789012` is your account ID.
12621
+ # where `123456789012` is your Amazon Web Services account ID.
11206
12622
  # @return [String]
11207
12623
  #
11208
12624
  # @!attribute [rw] status
@@ -11221,17 +12637,18 @@ module Aws::CloudFront
11221
12637
  # @return [String]
11222
12638
  #
11223
12639
  # @!attribute [rw] active_trusted_signers
11224
- # A complex type that lists the accounts, if any, that you included in
11225
- # the `TrustedSigners` complex type for this distribution. These are
11226
- # the accounts that you want to allow to create signed URLs for
11227
- # private content.
11228
- #
11229
- # The `Signer` complex type lists the account number of the trusted
11230
- # signer or `self` if the signer is the account that created the
11231
- # distribution. The `Signer` element also includes the IDs of any
11232
- # active CloudFront key pairs that are associated with the trusted
11233
- # signer's account. If no `KeyPairId` element appears for a `Signer`,
11234
- # that signer can't create signed URLs.
12640
+ # A complex type that lists the Amazon Web Services accounts, if any,
12641
+ # that you included in the `TrustedSigners` complex type for this
12642
+ # distribution. These are the accounts that you want to allow to
12643
+ # create signed URLs for private content.
12644
+ #
12645
+ # The `Signer` complex type lists the Amazon Web Services account
12646
+ # number of the trusted signer or `self` if the signer is the Amazon
12647
+ # Web Services account that created the distribution. The `Signer`
12648
+ # element also includes the IDs of any active CloudFront key pairs
12649
+ # that are associated with the trusted signer's Amazon Web Services
12650
+ # account. If no `KeyPairId` element appears for a `Signer`, that
12651
+ # signer can't create signed URLs.
11235
12652
  #
11236
12653
  # For more information, see [Serving Private Content through
11237
12654
  # CloudFront][1] in the *Amazon CloudFront Developer Guide*.
@@ -11337,12 +12754,12 @@ module Aws::CloudFront
11337
12754
  # @return [Types::StreamingLoggingConfig]
11338
12755
  #
11339
12756
  # @!attribute [rw] trusted_signers
11340
- # A complex type that specifies any accounts that you want to permit
11341
- # to create signed URLs for private content. If you want the
11342
- # distribution to use signed URLs, include this element; if you want
11343
- # the distribution to use public URLs, remove this element. For more
11344
- # information, see [Serving Private Content through CloudFront][1] in
11345
- # the *Amazon CloudFront Developer Guide*.
12757
+ # A complex type that specifies any Amazon Web Services accounts that
12758
+ # you want to permit to create signed URLs for private content. If you
12759
+ # want the distribution to use signed URLs, include this element; if
12760
+ # you want the distribution to use public URLs, remove this element.
12761
+ # For more information, see [Serving Private Content through
12762
+ # CloudFront][1] in the *Amazon CloudFront Developer Guide*.
11346
12763
  #
11347
12764
  #
11348
12765
  #
@@ -11457,13 +12874,13 @@ module Aws::CloudFront
11457
12874
  #
11458
12875
  # @!attribute [rw] quantity
11459
12876
  # The number of streaming distributions that were created by the
11460
- # current account.
12877
+ # current Amazon Web Services account.
11461
12878
  # @return [Integer]
11462
12879
  #
11463
12880
  # @!attribute [rw] items
11464
12881
  # A complex type that contains one `StreamingDistributionSummary`
11465
- # element for each distribution that was created by the current
11466
- # account.
12882
+ # element for each distribution that was created by the current Amazon
12883
+ # Web Services account.
11467
12884
  # @return [Array<Types::StreamingDistributionSummary>]
11468
12885
  #
11469
12886
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/StreamingDistributionList AWS API Documentation
@@ -11503,7 +12920,7 @@ module Aws::CloudFront
11503
12920
  # The ARN (Amazon Resource Name) for the streaming distribution. For
11504
12921
  # example:
11505
12922
  # `arn:aws:cloudfront::123456789012:streaming-distribution/EDFDVBD632BHDS5`,
11506
- # where `123456789012` is your account ID.
12923
+ # where `123456789012` is your Amazon Web Services account ID.
11507
12924
  # @return [String]
11508
12925
  #
11509
12926
  # @!attribute [rw] status
@@ -11533,18 +12950,18 @@ module Aws::CloudFront
11533
12950
  # @return [Types::Aliases]
11534
12951
  #
11535
12952
  # @!attribute [rw] trusted_signers
11536
- # A complex type that specifies the accounts, if any, that you want to
11537
- # allow to create signed URLs for private content. If you want to
11538
- # require signed URLs in requests for objects in the target origin
11539
- # that match the `PathPattern` for this cache behavior, specify `true`
11540
- # for `Enabled`, and specify the applicable values for `Quantity` and
11541
- # `Items`.If you don't want to require signed URLs in requests for
11542
- # objects that match `PathPattern`, specify `false` for `Enabled` and
11543
- # `0` for `Quantity`. Omit `Items`. To add, change, or remove one or
11544
- # more trusted signers, change `Enabled` to `true` (if it's currently
11545
- # `false`), change `Quantity` as applicable, and specify all of the
11546
- # trusted signers that you want to include in the updated
11547
- # distribution.
12953
+ # A complex type that specifies the Amazon Web Services accounts, if
12954
+ # any, that you want to allow to create signed URLs for private
12955
+ # content. If you want to require signed URLs in requests for objects
12956
+ # in the target origin that match the `PathPattern` for this cache
12957
+ # behavior, specify `true` for `Enabled`, and specify the applicable
12958
+ # values for `Quantity` and `Items`.If you don't want to require
12959
+ # signed URLs in requests for objects that match `PathPattern`,
12960
+ # specify `false` for `Enabled` and `0` for `Quantity`. Omit `Items`.
12961
+ # To add, change, or remove one or more trusted signers, change
12962
+ # `Enabled` to `true` (if it's currently `false`), change `Quantity`
12963
+ # as applicable, and specify all of the trusted signers that you want
12964
+ # to include in the updated distribution.
11548
12965
  #
11549
12966
  # For more information, see [Serving Private Content through
11550
12967
  # CloudFront][1] in the *Amazon CloudFront Developer Guide*.
@@ -11861,7 +13278,7 @@ module Aws::CloudFront
11861
13278
  :function_execution_logs,
11862
13279
  :function_error_message,
11863
13280
  :function_output)
11864
- SENSITIVE = []
13281
+ SENSITIVE = [:function_execution_logs, :function_error_message, :function_output]
11865
13282
  include Aws::Structure
11866
13283
  end
11867
13284
 
@@ -11878,9 +13295,9 @@ module Aws::CloudFront
11878
13295
  include Aws::Structure
11879
13296
  end
11880
13297
 
11881
- # You have reached the maximum number of cache policies for this
11882
- # account. For more information, see [Quotas][1] (formerly known as
11883
- # limits) in the *Amazon CloudFront Developer Guide*.
13298
+ # You have reached the maximum number of cache policies for this Amazon
13299
+ # Web Services account. For more information, see [Quotas][1] (formerly
13300
+ # known as limits) in the *Amazon CloudFront Developer Guide*.
11884
13301
  #
11885
13302
  #
11886
13303
  #
@@ -11976,6 +13393,27 @@ module Aws::CloudFront
11976
13393
  include Aws::Structure
11977
13394
  end
11978
13395
 
13396
+ # The number of custom headers in the response headers policy exceeds
13397
+ # the maximum.
13398
+ #
13399
+ # For more information, see [Quotas][1] (formerly known as limits) in
13400
+ # the *Amazon CloudFront Developer Guide*.
13401
+ #
13402
+ #
13403
+ #
13404
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html
13405
+ #
13406
+ # @!attribute [rw] message
13407
+ # @return [String]
13408
+ #
13409
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/TooManyCustomHeadersInResponseHeadersPolicy AWS API Documentation
13410
+ #
13411
+ class TooManyCustomHeadersInResponseHeadersPolicy < Struct.new(
13412
+ :message)
13413
+ SENSITIVE = []
13414
+ include Aws::Structure
13415
+ end
13416
+
11979
13417
  # Your request contains more CNAMEs than are allowed per distribution.
11980
13418
  #
11981
13419
  # @!attribute [rw] message
@@ -12074,6 +13512,27 @@ module Aws::CloudFront
12074
13512
  include Aws::Structure
12075
13513
  end
12076
13514
 
13515
+ # The maximum number of distributions have been associated with the
13516
+ # specified response headers policy.
13517
+ #
13518
+ # For more information, see [Quotas][1] (formerly known as limits) in
13519
+ # the *Amazon CloudFront Developer Guide*.
13520
+ #
13521
+ #
13522
+ #
13523
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html
13524
+ #
13525
+ # @!attribute [rw] message
13526
+ # @return [String]
13527
+ #
13528
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/TooManyDistributionsAssociatedToResponseHeadersPolicy AWS API Documentation
13529
+ #
13530
+ class TooManyDistributionsAssociatedToResponseHeadersPolicy < Struct.new(
13531
+ :message)
13532
+ SENSITIVE = []
13533
+ include Aws::Structure
13534
+ end
13535
+
12077
13536
  # You have reached the maximum number of distributions that are
12078
13537
  # associated with a CloudFront function. For more information, see
12079
13538
  # [Quotas][1] (formerly known as limits) in the *Amazon CloudFront
@@ -12228,8 +13687,8 @@ module Aws::CloudFront
12228
13687
  end
12229
13688
 
12230
13689
  # You have reached the maximum number of CloudFront functions for this
12231
- # account. For more information, see [Quotas][1] (formerly known as
12232
- # limits) in the *Amazon CloudFront Developer Guide*.
13690
+ # Amazon Web Services account. For more information, see [Quotas][1]
13691
+ # (formerly known as limits) in the *Amazon CloudFront Developer Guide*.
12233
13692
  #
12234
13693
  #
12235
13694
  #
@@ -12311,9 +13770,9 @@ module Aws::CloudFront
12311
13770
  include Aws::Structure
12312
13771
  end
12313
13772
 
12314
- # You have reached the maximum number of key groups for this account.
12315
- # For more information, see [Quotas][1] (formerly known as limits) in
12316
- # the *Amazon CloudFront Developer Guide*.
13773
+ # You have reached the maximum number of key groups for this Amazon Web
13774
+ # Services account. For more information, see [Quotas][1] (formerly
13775
+ # known as limits) in the *Amazon CloudFront Developer Guide*.
12317
13776
  #
12318
13777
  #
12319
13778
  #
@@ -12391,8 +13850,9 @@ module Aws::CloudFront
12391
13850
  end
12392
13851
 
12393
13852
  # You have reached the maximum number of origin request policies for
12394
- # this account. For more information, see [Quotas][1] (formerly known as
12395
- # limits) in the *Amazon CloudFront Developer Guide*.
13853
+ # this Amazon Web Services account. For more information, see
13854
+ # [Quotas][1] (formerly known as limits) in the *Amazon CloudFront
13855
+ # Developer Guide*.
12396
13856
  #
12397
13857
  #
12398
13858
  #
@@ -12507,8 +13967,9 @@ module Aws::CloudFront
12507
13967
  end
12508
13968
 
12509
13969
  # You have reached the maximum number of real-time log configurations
12510
- # for this account. For more information, see [Quotas][1] (formerly
12511
- # known as limits) in the *Amazon CloudFront Developer Guide*.
13970
+ # for this Amazon Web Services account. For more information, see
13971
+ # [Quotas][1] (formerly known as limits) in the *Amazon CloudFront
13972
+ # Developer Guide*.
12512
13973
  #
12513
13974
  #
12514
13975
  #
@@ -12525,6 +13986,27 @@ module Aws::CloudFront
12525
13986
  include Aws::Structure
12526
13987
  end
12527
13988
 
13989
+ # You have reached the maximum number of response headers policies for
13990
+ # this Amazon Web Services account.
13991
+ #
13992
+ # For more information, see [Quotas][1] (formerly known as limits) in
13993
+ # the *Amazon CloudFront Developer Guide*.
13994
+ #
13995
+ #
13996
+ #
13997
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html
13998
+ #
13999
+ # @!attribute [rw] message
14000
+ # @return [String]
14001
+ #
14002
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/TooManyResponseHeadersPolicies AWS API Documentation
14003
+ #
14004
+ class TooManyResponseHeadersPolicies < Struct.new(
14005
+ :message)
14006
+ SENSITIVE = []
14007
+ include Aws::Structure
14008
+ end
14009
+
12528
14010
  # Your request contains more CNAMEs than are allowed per distribution.
12529
14011
  #
12530
14012
  # @!attribute [rw] message
@@ -12628,8 +14110,8 @@ module Aws::CloudFront
12628
14110
  include Aws::Structure
12629
14111
  end
12630
14112
 
12631
- # A list of accounts whose public keys CloudFront can use to verify the
12632
- # signatures of signed URLs and signed cookies.
14113
+ # A list of Amazon Web Services accounts whose public keys CloudFront
14114
+ # can use to verify the signatures of signed URLs and signed cookies.
12633
14115
  #
12634
14116
  # @note When making an API call, you may pass TrustedSigners
12635
14117
  # data as a hash:
@@ -12641,17 +14123,17 @@ module Aws::CloudFront
12641
14123
  # }
12642
14124
  #
12643
14125
  # @!attribute [rw] enabled
12644
- # This field is `true` if any of the accounts have public keys that
12645
- # CloudFront can use to verify the signatures of signed URLs and
12646
- # signed cookies. If not, this field is `false`.
14126
+ # This field is `true` if any of the Amazon Web Services accounts have
14127
+ # public keys that CloudFront can use to verify the signatures of
14128
+ # signed URLs and signed cookies. If not, this field is `false`.
12647
14129
  # @return [Boolean]
12648
14130
  #
12649
14131
  # @!attribute [rw] quantity
12650
- # The number of accounts in the list.
14132
+ # The number of Amazon Web Services accounts in the list.
12651
14133
  # @return [Integer]
12652
14134
  #
12653
14135
  # @!attribute [rw] items
12654
- # A list of account identifiers.
14136
+ # A list of Amazon Web Services account identifiers.
12655
14137
  # @return [Array<String>]
12656
14138
  #
12657
14139
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/TrustedSigners AWS API Documentation
@@ -12871,7 +14353,7 @@ module Aws::CloudFront
12871
14353
  # items: [
12872
14354
  # {
12873
14355
  # header_name: "string", # required
12874
- # header_value: "string", # required
14356
+ # header_value: "sensitiveStringType", # required
12875
14357
  # },
12876
14358
  # ],
12877
14359
  # },
@@ -12966,6 +14448,7 @@ module Aws::CloudFront
12966
14448
  # realtime_log_config_arn: "string",
12967
14449
  # cache_policy_id: "string",
12968
14450
  # origin_request_policy_id: "string",
14451
+ # response_headers_policy_id: "string",
12969
14452
  # forwarded_values: {
12970
14453
  # query_string: false, # required
12971
14454
  # cookies: { # required
@@ -13038,6 +14521,7 @@ module Aws::CloudFront
13038
14521
  # realtime_log_config_arn: "string",
13039
14522
  # cache_policy_id: "string",
13040
14523
  # origin_request_policy_id: "string",
14524
+ # response_headers_policy_id: "string",
13041
14525
  # forwarded_values: {
13042
14526
  # query_string: false, # required
13043
14527
  # cookies: { # required
@@ -13617,6 +15101,121 @@ module Aws::CloudFront
13617
15101
  include Aws::Structure
13618
15102
  end
13619
15103
 
15104
+ # @note When making an API call, you may pass UpdateResponseHeadersPolicyRequest
15105
+ # data as a hash:
15106
+ #
15107
+ # {
15108
+ # response_headers_policy_config: { # required
15109
+ # comment: "string",
15110
+ # name: "string", # required
15111
+ # cors_config: {
15112
+ # access_control_allow_origins: { # required
15113
+ # quantity: 1, # required
15114
+ # items: ["string"], # required
15115
+ # },
15116
+ # access_control_allow_headers: { # required
15117
+ # quantity: 1, # required
15118
+ # items: ["string"], # required
15119
+ # },
15120
+ # access_control_allow_methods: { # required
15121
+ # quantity: 1, # required
15122
+ # items: ["GET"], # required, accepts GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD, ALL
15123
+ # },
15124
+ # access_control_allow_credentials: false, # required
15125
+ # access_control_expose_headers: {
15126
+ # quantity: 1, # required
15127
+ # items: ["string"],
15128
+ # },
15129
+ # access_control_max_age_sec: 1,
15130
+ # origin_override: false, # required
15131
+ # },
15132
+ # security_headers_config: {
15133
+ # xss_protection: {
15134
+ # override: false, # required
15135
+ # protection: false, # required
15136
+ # mode_block: false,
15137
+ # report_uri: "string",
15138
+ # },
15139
+ # frame_options: {
15140
+ # override: false, # required
15141
+ # frame_option: "DENY", # required, accepts DENY, SAMEORIGIN
15142
+ # },
15143
+ # referrer_policy: {
15144
+ # override: false, # required
15145
+ # referrer_policy: "no-referrer", # required, accepts no-referrer, no-referrer-when-downgrade, origin, origin-when-cross-origin, same-origin, strict-origin, strict-origin-when-cross-origin, unsafe-url
15146
+ # },
15147
+ # content_security_policy: {
15148
+ # override: false, # required
15149
+ # content_security_policy: "string", # required
15150
+ # },
15151
+ # content_type_options: {
15152
+ # override: false, # required
15153
+ # },
15154
+ # strict_transport_security: {
15155
+ # override: false, # required
15156
+ # include_subdomains: false,
15157
+ # preload: false,
15158
+ # access_control_max_age_sec: 1, # required
15159
+ # },
15160
+ # },
15161
+ # custom_headers_config: {
15162
+ # quantity: 1, # required
15163
+ # items: [
15164
+ # {
15165
+ # header: "string", # required
15166
+ # value: "string", # required
15167
+ # override: false, # required
15168
+ # },
15169
+ # ],
15170
+ # },
15171
+ # },
15172
+ # id: "string", # required
15173
+ # if_match: "string",
15174
+ # }
15175
+ #
15176
+ # @!attribute [rw] response_headers_policy_config
15177
+ # A response headers policy configuration.
15178
+ # @return [Types::ResponseHeadersPolicyConfig]
15179
+ #
15180
+ # @!attribute [rw] id
15181
+ # The identifier for the response headers policy that you are
15182
+ # updating.
15183
+ # @return [String]
15184
+ #
15185
+ # @!attribute [rw] if_match
15186
+ # The version of the response headers policy that you are updating.
15187
+ #
15188
+ # The version is returned in the cache policy’s `ETag` field in the
15189
+ # response to `GetResponseHeadersPolicyConfig`.
15190
+ # @return [String]
15191
+ #
15192
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/UpdateResponseHeadersPolicyRequest AWS API Documentation
15193
+ #
15194
+ class UpdateResponseHeadersPolicyRequest < Struct.new(
15195
+ :response_headers_policy_config,
15196
+ :id,
15197
+ :if_match)
15198
+ SENSITIVE = []
15199
+ include Aws::Structure
15200
+ end
15201
+
15202
+ # @!attribute [rw] response_headers_policy
15203
+ # A response headers policy.
15204
+ # @return [Types::ResponseHeadersPolicy]
15205
+ #
15206
+ # @!attribute [rw] etag
15207
+ # The current version of the response headers policy.
15208
+ # @return [String]
15209
+ #
15210
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/UpdateResponseHeadersPolicyResult AWS API Documentation
15211
+ #
15212
+ class UpdateResponseHeadersPolicyResult < Struct.new(
15213
+ :response_headers_policy,
15214
+ :etag)
15215
+ SENSITIVE = []
15216
+ include Aws::Structure
15217
+ end
15218
+
13620
15219
  # The request to update a streaming distribution.
13621
15220
  #
13622
15221
  # @note When making an API call, you may pass UpdateStreamingDistributionRequest