Posted On: Dec 28, 2015

You can now configure CloudFront to add custom headers or override the value of existing request headers when CloudFront forwards requests to your origin. You can use these headers to help validate that requests made to your origin were sent from CloudFront (shared secret) and configure your origin to only allow requests that contain the custom header values that you specify. This feature also helps with setting up Cross-Origin Request Sharing (CORS) for your CloudFront distribution - you can configure CloudFront to always add custom headers to your origin to accommodate viewers that don't automatically include those headers in requests. It also allows you to disable varying on the Origin header, which improves your cache hit ratio, yet forward the appropriate headers so that your origin can respond with the CORS header. For more information, see Forwarding Custom Headers to Your Origin in the Amazon CloudFront Developer Guide.