CloudFront not forwarding query parameters when using route parameters

Question

My setup is: CloudFront -> HTTP API -> Lambda

API has two routes:
`/route1`
and
`/route2/{param}`

The cache policy has `myquery` parameter included.

When I call `/route1?myquery=foo` I can find `myquery` in the Lambda payload.
When I call `/route2/something?myquery=foo` I cannot find `myquery` in the payload.

When I call directly the API, skipping CloudFront - then `myquery` is always in the payload.

What could be the reason?

Accepted Answer

Hi Martin, thanks for providing the details.

Here is what you need to change at your Cloudfront distribution.

1) Create a behavior and set the Path Pattern to "foo/*" 
make sure you include the / and the asterisks.
 
2) Create a custom 'Origin Request Policy' that excludes the 'Host' header. For simplicity, I only used the 'Accept' header in my lab . Then apply this policy to the behavior in the previous step. Make sure you set the 'Query strings' to 'all '.

Here is the outputs from my lab:

API Gateway Response:

```
{
    "version": "2.0",
    "routeKey": "ANY /foo/{id}",
    "rawPath": "/foo/123",
    "rawQueryString": "one=two",
    "headers": {
        "accept": "*/*",
        "accept-encoding": "gzip, deflate, br",
        "content-length": "0",
        "host": "fjmwwrrzv7.execute-api.eu-west-1.amazonaws.com",
        "postman-token": "988b16f3-a171-4e8e-9453-00ef6534b5bc",
        "user-agent": "PostmanRuntime/7.30.0",
        "x-amzn-trace-id": "Root=1-63b0b6a8-17db418f57a7e4c1650d61f8",
        "x-forwarded-for": "51.38.214.163",
        "x-forwarded-port": "443",
        "x-forwarded-proto": "https"
    },
    "queryStringParameters": {
        "one": "two"
    },
    "requestContext": {
        "accountId": "687732141706",
        "apiId": "fjmwwrrzv7",
        "domainName": "fjmwwrrzv7.execute-api.eu-west-1.amazonaws.com",
        "domainPrefix": "fjmwwrrzv7",
        "http": {
            "method": "GET",
            "path": "/foo/123",
            "protocol": "HTTP/1.1",
            "sourceIp": "51.38.214.163",
            "userAgent": "PostmanRuntime/7.30.0"
        },
        "requestId": "eCF6Vg2ajoEEP5g=",
        "routeKey": "ANY /foo/{id}",
        "stage": "$default",
        "time": "31/Dec/2022:22:24:40 +0000",
        "timeEpoch": 1672525480366
    },
    "pathParameters": {
        "id": "123"
    },
    "isBase64Encoded": false
}
```

CloudFront Response:

```
{
    "version": "2.0",
    "routeKey": "ANY /foo/{id}",
    "rawPath": "/foo/123",
    "rawQueryString": "one=two",
    "headers": {
        "accept": "*/*",
        "content-length": "0",
        "host": "fjmwwrrzv7.execute-api.eu-west-1.amazonaws.com",
        "user-agent": "Amazon CloudFront",
        "via": "1.1 c000bcf50af6babd5b4e98a9c6198f04.cloudfront.net (CloudFront)",
        "x-amz-cf-id": "9tJHL1cAR3M9gB5YUmLbgB4CtG5Er7rat3a59m2vTKc_Os_V0Btfng==",
        "x-amzn-trace-id": "Root=1-63b0b6a1-02aab142769ccff63b4a262f",
        "x-forwarded-for": "51.38.214.165, 15.158.56.86",
        "x-forwarded-port": "443",
        "x-forwarded-proto": "https"
    },
    "queryStringParameters": {
        "one": "two"
    },
    "requestContext": {
        "accountId": "687732141706",
        "apiId": "fjmwwrrzv7",
        "domainName": "fjmwwrrzv7.execute-api.eu-west-1.amazonaws.com",
        "domainPrefix": "fjmwwrrzv7",
        "http": {
            "method": "GET",
            "path": "/foo/123",
            "protocol": "HTTP/1.1",
            "sourceIp": "51.38.214.165",
            "userAgent": "Amazon CloudFront"
        },
        "requestId": "eCF5UjfhjoEEMSg=",
        "routeKey": "ANY /foo/{id}",
        "stage": "$default",
        "time": "31/Dec/2022:22:24:33 +0000",
        "timeEpoch": 1672525473811
    },
    "pathParameters": {
        "id": "123"
    },
    "isBase64Encoded": false
}
```

Answer

I have "Query strings - All" in the origin request policy and in the cache policy as well.

Answer

How is your CloudFront Origin Request policy configured? Is it set to "All" for Query strings?
I'm referring to the Origin Request policy and not the Cache Policy.

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-understand-origin-request-policy

Answer

If you want to reproduce it, here are the steps:

**Lambda**
1. Go to Lambda > Functions
2. Click “Create function”
3. Enter function name
4. Click “Create function”
5. Click “index.mjs”
6. Enter:

```
export const handler = async(event) => {
    return event;
};
```

7. Click “Deploy”

**HTTP API**
1. Go to API Gateway
2. Click “Create API”
3. In “HTTP API” click “Build” 
4. Under “Integrations” choose "Lambda".
5. Find the lambda
6. Add “API name”
7. Click “next”
8. In “Resources path” write “/foo/{id}”
9. Click “Next” > “Next” > “Create”
10. Copy the url under “Invoke URL” for later.

**CloudFront**
1. Go to CloudFront
2. Click “Create Distribution”
3. Under “Origin domain” add the URL of the API
4. Click “Create distribution”
5. Copy the distribution domain name for later
6. Go to “Behaviors”
7. Click “Create behavior”
8. Under “Path name” add “/foo”
9. Under “Origin and origin groups” choose the only option
10. Under “Cache policy” choose “CachingDisabled”
11. Under “Origin request policy” choose “AllViewer”
12. Click “Create behavior”

**Send HTTP requests**
1. Download [Postman](https://www.postman.com/downloads/) or another tool for making HTTP requests.
2. Send a request to {API URL}/foo/123?one=two
3. Send a request to https://{cloudfront domain}/foo/123?one=two

You will see that the query strings are missing from the second requests’ response.

CloudFront not forwarding query parameters when using route parameters

Relevant content