cloudfront

In November 2021, AWS announced Response Headers Policies — native support of response headers in CloudFront. You can read the full announcement here: Amazon CloudFront introduces Response Headers Policies I said “native” because previously you could set response headers either using CloudFront Functions or Lambda@Edge. And one of the common use cases for that was to set security headers. Now you don’t need to add intermediate requests processing to modify the headers: CloudFront does that for you with no additional fee....

In November 2021, AWS has added this functionality as a native CloudFront feature. I suggest switching to the native implementation. I have described how to configure Security Response Headers for CloudFront in the following article: Apply Cloudfront Security Headers With Terraform A couple of weeks ago, AWS released CloudFront Functions — a “true edge” compute capability for the CloudFront. It is “true edge” because Functions work on 200+ edge locations (link to doc) while its predecessor, the Lambda@Edge, runs on a small number of regional edge caches....