CloudFront Functions With Dynamic Origin Pointing to Another CloudFront

At re:Invent 2024, CloudFront Functions introduced new features, including the ability to dynamically change the origin host.

Previously, this wasn’t possible as the Host header was read-only for CloudFront viewer requests.

To address this, they introduced the updateRequestOrigin function.

Then I encountered an issue where it worked fine for ALB or non-AWS endpoints, but when pointing to another CloudFront distribution, it caused a 400 Bad Request error.

It turns out that in this use case, the Host header for the origin request needs to be removed. Therefore, using AllViewerExceptHostHeader is required.