From 2f202bc0882f6f8573848d1c974165b5eaf2db5f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andrei=20Ioni=C8=9B=C4=83?= <hi@andrei.io>
Date: Sat, 30 Nov 2024 12:35:08 +0200
Subject: [PATCH] infra: update cloudfront origin request policy (#116)

---
 terraform/cloudfront.tf | 26 ++------------------------
 1 file changed, 2 insertions(+), 24 deletions(-)

diff --git a/terraform/cloudfront.tf b/terraform/cloudfront.tf
index 05ed621..9d66183 100644
--- a/terraform/cloudfront.tf
+++ b/terraform/cloudfront.tf
@@ -112,7 +112,7 @@ resource "aws_cloudfront_distribution" "main" {
 
     # cache_policy_id          = "4135ea2d-6df8-44a3-9df3-4b5a84be39ad" #Managed-CachingDisabled
     cache_policy_id          = aws_cloudfront_cache_policy.default.id
-    origin_request_policy_id = aws_cloudfront_origin_request_policy.admin.id
+    origin_request_policy_id = aws_cloudfront_origin_request_policy.default.id
 
     function_association {
       event_type   = "viewer-request"
@@ -185,7 +185,7 @@ resource "aws_cloudfront_cache_policy" "default" {
     enable_accept_encoding_gzip   = true
 
     cookies_config {
-      cookie_behavior = "none"
+      cookie_behavior = "all"
     }
 
     headers_config {
@@ -201,28 +201,6 @@ resource "aws_cloudfront_cache_policy" "default" {
 resource "aws_cloudfront_origin_request_policy" "default" {
   name = "${local.namespace}-origin-request-policy"
 
-  cookies_config {
-    cookie_behavior = "none"
-  }
-
-  headers_config {
-    header_behavior = "allViewerAndWhitelistCloudFront"
-
-    headers {
-      items = [
-        "CloudFront-Forwarded-Proto",
-      ]
-    }
-  }
-
-  query_strings_config {
-    query_string_behavior = "all"
-  }
-}
-
-resource "aws_cloudfront_origin_request_policy" "admin" {
-  name = "${local.namespace}-admin-origin-request-policy"
-
   cookies_config {
     cookie_behavior = "all"
   }