Trying to enable CORS

Question

I have:

- A lambda function
- API gateway pointing to it
- This API gateway has a custom domain `subdomain.mydomain.com`, which is associated with .cloudfront.net

When I access the API gateway directly with its API id (.execute-api.us-east-2.amazonaws.com/latest) CORS works as expected (I will get the `access-control-allow-origin: *` header).

However, if I access the API gateway with the custom domain (`subdomain.mydomain.com`), I will not get that header and CORS will not work. Instead I get some CloudFront errors:

```
x-amzn-errortype: ForbiddenException
x-cache: Error from cloudfront
```

If I go to AWS services/CloudFront, there is no distribution for this CloudFront domain at all. So I cannot edit any settings there, because it doesn't even exist. I don't think I can create it either, since it offers only S3 buckets as a source, when I try to create a distribution.

What to do? How to get CORS working?

Thank you.

Answer

It looks like `x-amzn-errortype` tells that request from CloudFront has not been authorized by API GW. 
You can configure CloudFront to convey API in the custom header sent to Origin (API GW in this case): 
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/add-origin-custom-headers.html

Trying to enable CORS

Relevant content