Posted On: Dec 22, 2021

Amazon CloudFront announces a redesigned console experience that is easier to use while still feeling familiar in the Amazon Web Services China (Ningxia) Region, operated by NWCD. The new console makes it easier to create and configure distributions with simplified forms and improved default settings. Updated reporting visualizations enable you to get more information at a glance, and selecting a distribution in the reporting section now supports a browse option that makes it easy to find the right distribution with full search, filtering, and pagination capabilities. Additionally, Amazon CloudFront now supports Response Header Policies in the Amazon Web Services China (Ningxia) Region, operated by NWCD.

Response Header Policies allow you to add cross-origin resource sharing (CORS), security, and custom headers to HTTP responses returned by your CloudFront distributions. You no longer need to modify your origins to insert these headers – you can configure them directly in CloudFront. You can use CloudFront response headers policies to secure your application’s communications and customize its behavior. With CORS headers, you can specify which origins a web application is allowed to access resources from. You can insert any of the following security headers to exchange security-related information between web applications and servers: HTTP Strict Transport Security (HSTS), X-XSS-Protection, X-Content-Type-Options, X-Frame-Options, Referrer-Policy and Content-Security-Policy. You can also add customizable key-value pairs to response headers using response headers policies, to modify a web applications behavior.

With this release, CloudFront is providing several pre-configured response headers policies. These include policies for default security headers, a CORS policy allowing resource sharing from any origin, a pre-flight CORS policy allowing all HTTP methods, and policies combining default security headers with CORS or pre-flight CORS. You can also create your own custom policies for various content and application profiles and apply them to any CloudFront distribution’s cache behavior that may have similar characteristics.

Response Header Policies are available for immediate use for Amazon CloudFront customers in the Amazon Web Services China (Ningxia) Region, operated by NWCD, using the CloudFront Console, APIs, CloudFormation, and CLI. For additional information on this feature, please see the CloudFront Developer Guide. To get started with Amazon CloudFront, visit our webpage.