Is it possible to view the cloudformation of managed Response Headers Policies?


I need to enhance a ManagedSecurityPolicy and add more to it, but I can't view the actual cloudformation. Is it possible to do this?

I am looking at the policy Policy ID: 67f7725c-6f97-4210-82d7-5512b31e9d03 at

This managed one is good but it is missing Content Security Policy items which I want to add on.

1 Answer
Accepted Answer

You will need to create your own custom policy. You can describe the managed policy in the CLI to get the JSON output that you can use in your custom policy in CloudFormation


aws cloudfront get-response-headers-policy --id 67f7725c-6f97-4210-82d7-5512b31e9d03

    "ETag": "E23ZP02F085DFQ",
    "ResponseHeadersPolicy": {
        "Id": "67f7725c-6f97-4210-82d7-5512b31e9d03",
        "LastModifiedTime": "1970-01-01T00:00:00+00:00",
        "ResponseHeadersPolicyConfig": {
            "Comment": "Adds a set of security headers to every response",
            "Name": "Managed-SecurityHeadersPolicy",
            "SecurityHeadersConfig": {
                "XSSProtection": {
                    "Override": false,
                    "Protection": true,
                    "ModeBlock": true
                "FrameOptions": {
                    "Override": false,
                    "FrameOption": "SAMEORIGIN"
                "ReferrerPolicy": {
                    "Override": false,
                    "ReferrerPolicy": "strict-origin-when-cross-origin"
                "ContentSecurityPolicy": {},
                "ContentTypeOptions": {
                    "Override": true
                "StrictTransportSecurity": {
                    "Override": false,
                    "AccessControlMaxAgeSec": 31536000
profile pictureAWS
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions