[DeployHQ](https://www.deployhq.com) supports deploying your code to [Amazon S3 buckets](https://www.deployhq.com/blog/setting-up-deployments-from-git-to-amazon-s3), and you can configure custom HTTP request headers to include useful metadata along with the files that are uploaded. When configuring your S3 bucket in [DeployHQ](https://www.deployhq.com), you'll find an **S3 Request Headers** section below the bucket configuration. You can add any headers you like here, in a **Header Key** → **Header Value** → **Pattern** format. This is intended to be as flexible as possible, so you can do anything from adding a _Cache-Control_ header that is only applied to a specific file, to a _Content-Disposition_ header for all files of a certain type. ![S3 directives](https://blog.deployhq.com/attachment/104c8d6a-57de-431d-9d73-60154e9c855c/thumb1400.png) Once you've configured these, the headers will be sent with any files matching the set pattern. ## Common examples Here are some common header configurations you might find useful: | Header Key | Header Value | Pattern | Purpose | | --- | --- | --- | --- | | `Cache-Control` | `max-age=31536000, public` | `*.css` | Cache CSS files for 1 year | | `Cache-Control` | `max-age=31536000, public` | `*.js` | Cache JavaScript files for 1 year | | `Cache-Control` | `no-cache` | `*.html` | Always revalidate HTML files | | `Content-Disposition` | `attachment` | `*.zip` | Force download for ZIP files | | `Content-Type` | `application/json` | `*.json` | Set correct MIME type for JSON | The **Pattern** field supports wildcards, so `*.css` matches all CSS files and `assets/*` matches everything inside the `assets` directory. ## Server-side encryption As of January 2023, Amazon S3 automatically encrypts all new uploads with SSE-S3 at no additional cost. However, if you need to use a specific encryption method, you can configure it via request headers: | Encryption Method | Header Key | Header Value | | --- | --- | --- | | SSE-S3 (default) | `x-amz-server-side-encryption` | `AES256` | | SSE-KMS | `x-amz-server-side-encryption` | `aws:kms` | For more details on S3 encryption options, see the [AWS documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/serv-side-encryption.html). ## Setting up S3 deployments If you haven't set up S3 deployments yet, we have step-by-step guides for each major repository host: - [Deploy from GitHub to Amazon S3](https://www.deployhq.com/blog/deploying-code-from-your-github-repository-to-an-amazon-s3-b) - [Deploy from GitLab to Amazon S3](https://www.deployhq.com/blog/how-to-deploy-a-gitlab-repository-to-an-amazon-s3-bucket) - [Deploy from Bitbucket to Amazon S3](https://www.deployhq.com/blog/how-to-deploy-from-bitbucket-to-amazon-s3) You can find the full documentation for S3 request headers in [our support article](https://www.deployhq.com/support/servers/adding-a-server/amazon-s3#file-headers). For broader guidance on securing your deployment pipeline, see [Practical Security Tips for Smarter Deployments](https://www.deployhq.com/blog/protect-your-environments-practical-security-tips-for-smarte). * * * Ready to deploy to S3? [Sign up for DeployHQ](https://www.deployhq.com/signup) and get started in minutes. If you have any questions, reach out to us at [support@deployhq.com](mailto:support@deployhq.com) or on [Twitter/X @deployhq](https://x.com/deployhq).