Document 'use_forwarded_values'

[firestonem]

Description

There is an undocumented variable use_forwarded_values within each cache behavior object that defaults to true. I had to set it to false to make my configs work. But I only found this out by digging into the module. It is not mentioned anywhere in the docs.

If your request is for a new feature, please use the Feature request template.

• [x] ✋ I have searched the open/closed issues and my issue is not listed.

Versions

• Module version [Required]: 3.2.1

• Terraform version: 1.3.9

• Provider version(s):

• provider registry.terraform.io/hashicorp/aws v4.67.0

• provider registry.terraform.io/hashicorp/external v2.3.1

• provider registry.terraform.io/hashicorp/local v2.4.0

• provider registry.terraform.io/hashicorp/null v3.2.1

Reproduction Code [Required]

module "cdn" {
  source  = "terraform-aws-modules/cloudfront/aws"
  version = "~> 3.2"

  depends_on = [ module.redirector_lambda, module.cert ]

  aliases = [var.domain_name]

  comment             = "Redirect URL"
  enabled             = true
  is_ipv6_enabled     = true
  price_class         = "PriceClass_All"
  retain_on_delete    = false
  wait_for_deployment = true

  create_origin_access_identity = true

  origin = {
    lambda = {
      domain_name = module.redirector_lambda.lambda_function_url
      custom_origin_config = {
        http_port              = 80
        https_port             = 443
        origin_protocol_policy = "https-only"
        origin_ssl_protocols   = ["TLSv1.2"]
      }
    }
  }

  default_cache_behavior = {
    target_origin_id         = "lambda"
    viewer_protocol_policy   = "redirect-to-https"
    cache_policy_id          = "4135ea2d-6df8-44a3-9df3-4b5a84be39ad" #CachingDisabled
    origin_request_policy_id = "216adef6-5c7f-47e4-b989-5492eafa07d3" #AllViewer
    #use_forwarded_values     = false

    allowed_methods = ["GET", "HEAD"]
    cached_methods  = ["GET", "HEAD"]
    compress        = true
    query_string    = true

    lambda_function_association = {
      viewer-request = {
        lambda_arn = module.redirector_lambda.lambda_function_qualified_arn
      }
    }
  }

  viewer_certificate = {
    acm_certificate_arn      = module.cert.acm_certificate_arn
    minimum_protocol_version = "TLSv1.2_2021"
    ssl_support_method       = "sni-only"
  }
}

Steps to reproduce the behavior:

Expected behavior

use_forwarded_values should be documented for cases where it is not used

Actual behavior

╷
│ Error: creating CloudFront Distribution: InvalidArgument: The parameter ForwardedValues cannot be used when a cache policy is associated to the cache behavior.
│   status code: 400, request id: ce2ae5da-0f71-4d87-8d18-d3b0a4dd1801
│ 
│   with module.cdn.aws_cloudfront_distribution.this[0],
│   on .terraform/modules/cdn/main.tf line 27, in resource "aws_cloudfront_distribution" "this":
│   27: resource "aws_cloudfront_distribution" "this" {
│ 

[firestonem]

Sorry, I submitted this to the wrong repo. Moving it over there

[github-actions[bot]]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.