Skip to content
/ terraform-aws-cloudfront-security-headers Public

Terraform module to create a Lambda@Edge function to add best practice security headers and support HSTS preload requirements.

registry.terraform.io/modules/lupus-metallum/cloudfront-security-headers/aws/latest

License

Apache-2.0 license
2 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Lupus-Metallum/terraform-aws-cloudfront-security-headers

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
.github
.github
 
 
src
src
 
 
.gitignore
.gitignore
 
 
.terraform-docs.yml
.terraform-docs.yml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
variables.tf
variables.tf
 
 

Repository files navigation

terraform-aws-cloudfront-security-headers

Terraform module to create a Lambda@Edge function to add best practice security headers and support HSTS preload requirements.

Example

module "security_headers" {
  source                             = "Lupus-Metallum/cloudfront-security-headers/aws"
  version                            = "3.0.0"
  name                               = "AddSecurityHeaders"
  access_control_allow_methods       = "POST, GET, OPTIONS"
  access_control_allow_origin        = "https://example.com"
  content_security_policy            = "default-src 'self:'; img-src 'self'; script-src 'unsafe-inline'; style-src 'unsafe-inline'; object-src 'none'"
  referrer_policy                    = "same-origin"
  strict_transport_security          = "max-age=63072000; includeSubdomains; preload"
  x_content_type_options             = "nosniff"
  x_frame_options                    = "DENY"
  x_xss_protection                   = "1; mode=block"
  feature_policy                     = ""
}

Providers

Name Version
aws n/a

Resources

Name Type
aws_cloudfront_function.this resource
aws_partition.current data source

Inputs

Name Description Type Default Required
name Name to use for resource names created by this module string n/a yes
access_control_allow_methods Value to use for the Access-Control-Allow-Methods header, when not provided this header is omitted. string "" no
access_control_allow_origin Value to use for the Access-Control-Allow-Origin header, when not provided this header is omitted. string "" no
content_security_policy Value to use for the Content-Security-Policy header, when not provided this header is omitted. string "" no
description Description to use for resource description created by this module string "Adds security headers for Cloudfront" no
feature_policy Value to use for the Feature-Policy header, when not provided this header is omitted. string "" no
referrer_policy Value to use for the Referrer-Policy header, when not provided this header is omitted. string "" no
strict_transport_security Value to use for the Strict-Transport-Security header, when not provided this header is omitted. string "" no
x_content_type_options Value to use for the X-Content-Type-Options header, when not provided this header is omitted. string "" no
x_frame_options Value to use for the X-Frame-Options header, when not provided this header is omitted. string "" no
x_xss_protection Value to use for the X-XSS-Protection header, when not provided this header is omitted. string "" no

Outputs

Name Description
arn n/a

About

Terraform module to create a Lambda@Edge function to add best practice security headers and support HSTS preload requirements.

registry.terraform.io/modules/Lupus-Metallum/cloudfront-security-headers/aws/latest

Topics

aws security aws-lambda terraform web-security cloudfront lambda-edge terraform-module

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

2 stars

Watchers

0 watching

Forks

2 forks
Report repository

Releases 9

3.0.2 Latest
Oct 22, 2021
+ 8 releases

Sponsor this project

Contributors 2

  •  
  •  

Languages